Overview

URLdood.re/d/6mx8nyi7vyab'
IP 172.67.68.226 (United States)
ASN#13335 CLOUDFLARENET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-09 04:36:48 UTC
StatusLoading report..
IDS alerts0
Blocklist alert26
urlquery alerts No alerts detected
Tags None

Domain Summary (47)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
nanouwho.com (3) 0 2022-07-09 20:30:29 UTC 2022-12-09 03:35:13 UTC 139.45.197.242 Unknown ranking
unseenreport.com (2) 0 2022-03-30 14:33:17 UTC 2022-12-08 15:59:13 UTC 192.243.59.20 Unknown ranking
upgulpinon.com (4) 83187 2020-06-05 12:59:18 UTC 2022-12-08 15:06:03 UTC 139.45.197.242
interstitial-07.com (5) 36198 2017-03-09 00:00:07 UTC 2022-12-08 20:12:54 UTC 139.45.197.152
youradexchange.com (1) 273384 2013-02-04 16:25:46 UTC 2022-12-08 17:12:10 UTC 35.190.41.116
la3c05lr3o.com (3) 0 2022-07-20 13:27:09 UTC 2022-12-02 07:29:51 UTC 62.122.171.6 Unknown ranking
swelltomatoesguess.com (4) 0 2022-12-05 01:42:20 UTC 2022-12-08 20:15:59 UTC 173.233.137.44 Unknown ranking
blockadsnot.com (1) 32896 2020-04-28 15:35:52 UTC 2022-12-09 02:00:43 UTC 208.95.112.254
cdn.barscreative1.com (1) 25648 2021-09-16 11:14:42 UTC 2022-12-08 15:59:12 UTC 45.133.44.3
fonts.googleapis.com (1) 8877 2012-05-23 12:41:44 UTC 2022-12-08 17:12:12 UTC 142.250.74.74
ocsp.sectigo.com (6) 487 2018-12-17 11:31:55 UTC 2022-12-08 17:18:07 UTC 104.18.32.68
resetoccultkeeper.com (2) 0 2022-07-26 09:49:59 UTC 2022-12-01 06:54:05 UTC 173.233.137.36 Unknown ranking
4.adsco.re (1) 19179 2021-01-04 16:47:52 UTC 2022-12-08 18:23:31 UTC 162.252.214.5
www.blockadsnot.com (1) 75043 2020-04-18 18:59:38 UTC 2022-12-08 22:05:27 UTC 185.76.9.26
ocsp.pki.goog (7) 175 2017-06-14 07:23:31 UTC 2022-12-08 17:12:01 UTC 142.250.74.131
cdnjs.cloudflare.com (1) 235 2012-05-23 12:49:49 UTC 2022-12-08 17:12:31 UTC 104.17.24.14
e1.o.lencr.org (8) 6159 2021-08-20 07:36:30 UTC 2022-12-08 17:11:00 UTC 23.36.76.226
acacdn.com (1) 63449 2020-05-08 17:56:16 UTC 2022-12-06 00:44:16 UTC 172.67.200.105
my.rtmark.net (1) 9054 2015-02-04 09:54:57 UTC 2022-12-08 17:42:48 UTC 139.45.195.8
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-12-08 15:50:00 UTC 34.120.237.76
adsco.re (1) 8541 2017-04-03 03:11:30 UTC 2022-12-08 18:23:31 UTC 162.252.214.5
cdn.creative-bars1.com (4) 0 2022-11-15 16:46:22 UTC 2022-12-08 15:59:13 UTC 172.64.108.13 Unknown ranking
firefox.settings.services.mozilla.com (2) 867 2020-05-25 20:06:39 UTC 2022-12-08 17:12:32 UTC 35.241.9.150
c.adsco.re (1) 16577 2017-11-29 18:42:15 UTC 2022-12-08 18:23:30 UTC 104.17.166.186
cujdroxjqdhl.s4.adsco.re (1) 0 No data No data 185.200.116.90 Domain (adsco.re) ranked at: 8541
tzegilo.com (1) 0 2022-01-14 15:27:15 UTC 2022-12-08 17:42:48 UTC 104.21.84.149 Unknown ranking
simplewebanalysis.com (3) 0 2022-02-25 04:06:25 UTC 2022-12-08 17:33:26 UTC 52.28.211.11 Unknown ranking
cagothie.net (2) 198368 2021-07-06 02:00:26 UTC 2022-12-09 00:06:51 UTC 139.45.197.238
cujdroxjqdhl.n4.adsco.re (1) 0 No data No data 38.132.109.186 Domain (adsco.re) ranked at: 8541
unphionetor.com (6) 54035 2022-02-11 12:53:49 UTC 2022-12-08 15:13:37 UTC 139.45.197.236
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-12-08 17:21:04 UTC 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-08 17:14:01 UTC 34.117.237.239
ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-12-08 17:15:52 UTC 93.184.220.29
hygieneretorted.com (1) 0 2022-12-07 02:20:39 UTC 2022-12-09 00:16:04 UTC 173.233.137.44 Unknown ranking
cdn.cloudimagesb.com (1) 23099 2021-02-12 16:15:41 UTC 2022-12-08 13:17:38 UTC 45.133.44.10
glizauvo.net (3) 0 2022-05-04 17:35:51 UTC 2022-12-09 03:01:28 UTC 139.45.197.236 Unknown ranking
r3.o.lencr.org (27) 344 2020-12-02 08:52:13 UTC 2022-12-08 17:12:06 UTC 23.36.76.226
i.doodcdn.co (3) 0 2022-05-04 14:24:43 UTC 2022-12-08 23:44:12 UTC 104.26.6.74 Unknown ranking
i.doodcdn.com (2) 56705 2020-04-06 15:51:16 UTC 2022-12-03 20:08:25 UTC 172.67.208.102
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-12-08 17:20:00 UTC 54.148.213.75
ocsp.sca1b.amazontrust.com (2) 1015 2016-02-14 02:37:56 UTC 2019-03-27 04:05:54 UTC 143.204.42.156
banquetunarmedgrater.com (1) 0 2022-08-04 15:12:50 UTC 2022-12-08 17:33:27 UTC 173.233.137.36 Unknown ranking
fonts.gstatic.com (2) 0 2014-04-02 10:51:04 UTC 2022-12-08 17:14:55 UTC 216.58.207.227 Domain (gstatic.com) ranked at: 540
dood.re (2) 0 2022-02-05 05:54:55 UTC 2022-12-09 02:34:58 UTC 172.67.68.226 Unknown ranking
betotodilea.com (3) 52465 2021-08-17 07:55:50 UTC 2022-12-09 04:16:49 UTC 139.45.197.237
dood.re (2) 0 2022-02-05 05:54:55 UTC 2022-12-09 02:34:58 UTC 104.26.5.50 Unknown ranking
friendshipmale.com (1) 0 2022-10-21 12:15:25 UTC 2022-12-08 15:59:11 UTC 172.64.163.31 Unknown ranking

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-09 2 cdn.barscreative1.com/sb/au/18/52/6a/18526a6becad408914fcf53d946360f0/16511 (...) Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-12-09 2 resetoccultkeeper.com Sinkholed
2022-12-09 2 resetoccultkeeper.com Sinkholed
2022-12-09 2 la3c05lr3o.com Sinkholed
2022-12-09 2 hygieneretorted.com Sinkholed
2022-12-08 2 banquetunarmedgrater.com Sinkholed
2022-12-08 2 swelltomatoesguess.com Sinkholed
2022-12-08 2 swelltomatoesguess.com Sinkholed
2022-12-08 2 nanouwho.com Sinkholed
2022-12-09 2 unseenreport.com Sinkholed
2022-12-09 2 unseenreport.com Sinkholed
2022-12-08 2 nanouwho.com Sinkholed
2022-12-08 2 swelltomatoesguess.com Sinkholed
2022-12-08 2 swelltomatoesguess.com Sinkholed
2022-12-09 2 unphionetor.com Sinkholed
2022-12-09 2 unphionetor.com Sinkholed
2022-12-09 2 unphionetor.com Sinkholed
2022-12-09 2 unphionetor.com Sinkholed
2022-12-09 2 glizauvo.net Sinkholed
2022-12-09 2 glizauvo.net Sinkholed
2022-12-09 2 la3c05lr3o.com Sinkholed
2022-12-09 2 glizauvo.net Sinkholed
2022-12-09 2 unphionetor.com Sinkholed
2022-12-09 2 la3c05lr3o.com Sinkholed
2022-12-09 2 unphionetor.com Sinkholed
2022-12-08 2 nanouwho.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.67.68.226
Date UQ / IDS / BL URL IP
2023-01-15 06:19:25 +0000 0 - 4 - 4 dood.re/d/dfyjf7q1t01u 172.67.68.226
2023-01-08 14:47:34 +0000 0 - 2 - 4 dood.re/d/x3id6bok0kr6 172.67.68.226
2023-01-07 22:18:45 +0000 0 - 2 - 1 dood.re/d/eqyt9k5spi0n 172.67.68.226
2023-01-05 22:17:34 +0000 0 - 6 - 11 dood.re/for7liwq65uc 172.67.68.226
2022-12-21 20:52:50 +0000 0 - 0 - 1 dood.re/d/qbr93ciugzfp 172.67.68.226


Last 5 reports on ASN: CLOUDFLARENET
Date UQ / IDS / BL URL IP
2023-01-29 13:25:57 +0000 0 - 0 - 1 b.dowgmeb.com/gamexyz/2203/6d063e51bca46afdf1 (...) 188.114.96.1
2023-01-29 13:25:44 +0000 0 - 0 - 3 newsstrate.com/download/8Yako7F3Cv9ixML/QjiZG (...) 172.67.206.225
2023-01-29 13:25:39 +0000 0 - 1 - 0 cdn.discordapp.com/attachments/87315649137121 (...) 162.159.129.233
2023-01-29 13:25:23 +0000 0 - 0 - 10 tiqany.net/blog/Attn_XXXXXX_12222022.zip 188.114.97.1
2023-01-29 13:24:57 +0000 0 - 0 - 3 psychologistsindia.net/way/Cancellation_24772 (...) 188.114.97.1


Last 5 reports on domain: dood.re
Date UQ / IDS / BL URL IP
2023-01-15 06:19:25 +0000 0 - 4 - 4 dood.re/d/dfyjf7q1t01u 172.67.68.226
2023-01-08 22:37:10 +0000 0 - 2 - 4 dood.re/d/q8hqvwp7v1ls 104.26.5.50
2023-01-08 14:47:34 +0000 0 - 2 - 4 dood.re/d/x3id6bok0kr6 172.67.68.226
2023-01-07 22:18:45 +0000 0 - 2 - 1 dood.re/d/eqyt9k5spi0n 172.67.68.226
2023-01-06 18:38:50 +0000 0 - 2 - 4 dood.re/d/8jqauhr4c6tf 104.26.4.50


No other reports with similar screenshot

JavaScript

Executed Scripts (36)

Executed Evals (140)
#1 JavaScript::Eval (size: 25) - SHA256: 02665a4c106fc96e71ef5a17511cf353ec3f5cccb82ec9fce719b23967728897
typeof window.WebAssembly
#2 JavaScript::Eval (size: 17) - SHA256: 51c1083130407a8772738aa2380eb5a583240a47d98f2204b124c06fd11aabd5
top.frames.length
#3 JavaScript::Eval (size: 16) - SHA256: cd74e6a3b779a514972758fa195725f40176261af18fbcd246e5f401a3ecf849
screen.availLeft
#4 JavaScript::Eval (size: 6) - SHA256: 4cd6c2914887dd4a68e4c9ffbed8b077f048cf795d6cfa0b801d43e0ea5a1560
screen
#5 JavaScript::Eval (size: 22) - SHA256: 6e880572810251d722d33109fc0420864f46d69522d25a1df47338c553e38e07
window.isSecureContext
#6 JavaScript::Eval (size: 33) - SHA256: 511e9d231c9360fcb7670f7cbaffb35bf8180f124fc080ebbfa5962d4c8bb089
window.screenX || window.screenLeft
#7 JavaScript::Eval (size: 13) - SHA256: 56e57af29d4af8b1fb7008dbfdf84a764970a6673f1f19165f1a8498ce903d93
screen.height
#8 JavaScript::Eval (size: 30) - SHA256: 55ef02d9591328210e59a68fcd1945791f4d0f70cdc7cd3999eb4ba175adbafb
performance.timing.redirectEnd
#9 JavaScript::Eval (size: 36) - SHA256: a7dc60bd6993c201941ea0bfc5218f7fea0bc015ee5dc88e658db78d98f8d98a
performance.timing.domainLookupStart
#10 JavaScript::Eval (size: 27) - SHA256: 1c82db5b05628505080952437a7fd64f03942b6e8ec97f799f4f867eaf492134
typeof window.ondevicelight
#11 JavaScript::Eval (size: 17) - SHA256: 9094a3d888951e5671f4b6dce42ef291cd071cb196d8761fef42c010ecf5b142
navigator.plugins
#12 JavaScript::Eval (size: 27) - SHA256: bc9c06f981e7daa0478c449324d4010cdbc3c83c9a95879b99a0b531f5cabb87
window.navigator.standalone
#13 JavaScript::Eval (size: 17) - SHA256: 5c5bb18e544cb67f765d8a6d2c774838d3ae95df9b62f25660c64554a7302d8e
document.referrer
#14 JavaScript::Eval (size: 27) - SHA256: c66fd00bf884bbcc3f43284fb1c86bcea447ce653124ca7b7202d0e5fd30ae08
window.opener.location.href
#15 JavaScript::Eval (size: 20) - SHA256: a5e2bc908c3bd3196d273564d073484f9905d13817490eca5aa249e701139cdc
typeof window.chrome
#16 JavaScript::Eval (size: 17) - SHA256: c66ced51cafdeb3a9e3544b0b2e7de4c955a4cd347c4d7b5d74f36923df5a7bd
navigator.product
#17 JavaScript::Eval (size: 15) - SHA256: de7f7b137340e1d218833d7afef73ea711325f139a4428eed317ca0374f67c91
navigator.oscpu
#18 JavaScript::Eval (size: 52) - SHA256: b218e02bbc9cda846447b2e8fff62bc41f7f5b0e12ad8adfc05380f8df3288a4
window.external.getHostEnvironmentValue("os-build");
#19 JavaScript::Eval (size: 24) - SHA256: 89e4c05e12e12f5bdf85a4fb89bad572dd85256091add09fdb9c6e42e703e2bb
document.visibilityState
#20 JavaScript::Eval (size: 19) - SHA256: b37d024d71bdbd575b951acfa9a59a5e84dc2f9d7c89748081ccb862ff3c9033
navigator.vendorSub
#21 JavaScript::Eval (size: 22) - SHA256: 4b14cf9e41e192a741c1cb8ec58f13b0495941f984f312bec01ab28807fe99ab
navigator.deviceMemory
#22 JavaScript::Eval (size: 47) - SHA256: 423946cdca01d4915fdc795bb03491ce4251b32ed1717a7c0146ce14c838d373
window.opener.screenX || window.opener.screenLeft
#23 JavaScript::Eval (size: 32) - SHA256: 8d8003d5d1afbb2b7118b1f14afe89138588ed08982c3e8ff31dd4123e7cb076
performance.timing.responseStart
#24 JavaScript::Eval (size: 29) - SHA256: 12c1e4b959357815447bdfe9fde3665a628e0cd4bbd622c9915820ea57fe01e3
window.InstallTrigger.install
#25 JavaScript::Eval (size: 17) - SHA256: f8b516a2a0538b8599ab0452be3f3aa473cf3b0c510275d0a30565cefd564701
screen.pixelDepth
#26 JavaScript::Eval (size: 40) - SHA256: ba8f16658b19940e1168ca8394756fb18272a9ef95d5fb11442ba56601568687
performance.timing.secureConnectionStart
#27 JavaScript::Eval (size: 28) - SHA256: ef184af14e9e4c14bc286dcbd2a00161c209ce5cf6f9e30c4e7de6d929e9aa4d
typeof document.ontouchstart
#28 JavaScript::Eval (size: 25) - SHA256: cfab5312f1cfff1e8162225ab27453306ff627f512bcf18225c0a305ca093e1c
window.scrollbars.visible
#29 JavaScript::Eval (size: 18) - SHA256: addd231a2f2807fb0b4ebdadd2bc23ae2a1cb93a92b07fa6e20ee9af832a8b47
navigator.platform
#30 JavaScript::Eval (size: 46) - SHA256: b1101545a9bed4591a67166c932701b5ec44cb1976bb9df3d584fa2ab8ba8245
window.opener.screenY || window.opener.screenTop
#31 JavaScript::Eval (size: 30) - SHA256: b6a3c0492b8e7ae0ff680b4806058d22f740029707c1f7dda3cad6f985020ba3
(new Date).getTimezoneOffset()
#32 JavaScript::Eval (size: 34) - SHA256: de98f45cade0178e1fd1a8257ab99e8431b3d5b35a393217e74ad6caa4efed60
performance.timing.domainLookupEnd
#33 JavaScript::Eval (size: 32) - SHA256: 1138f8c1bb11f4a5f7d8354b8c8a642ef94c9c741d76a7f476bac6473b7de085
window.screenY || window.screenTop
#34 JavaScript::Eval (size: 34) - SHA256: 9e0e45f2f824eefaed5af40bcadf2c0ce7943df52cda4c3d67ddb03583418dab
window.ScriptEngineMinorVersion();
#35 JavaScript::Eval (size: 21) - SHA256: 61e43d202b6cd0ebf29ac8014115fcb890eb5593c4160b9ae285206ca911bce6
window.history.length
#36 JavaScript::Eval (size: 33) - SHA256: 0b543b4a53bd5beb9a294e018ea9a8c704e5487af1227121d60699a5ec715c5d
navigator.connection.effectieType
#37 JavaScript::Eval (size: 29) - SHA256: cb6f5b3573826ffd9a881e026fd85eb842d31266833666399582737149c5fc14
navigator.connection.saveData
#38 JavaScript::Eval (size: 30) - SHA256: 44e10caa26e37d5f8678a008f0d667c1975fbaec0f613439eb60694249001780
navigator.languages.toString()
#39 JavaScript::Eval (size: 24) - SHA256: 893fe12669f916947d99616b788aa245f8b45c5b8b34544df4114a6a789217ab
navigator.systemLanguage
#40 JavaScript::Eval (size: 36) - SHA256: 4105e0401cf30138cd3ec66def6e14b091f0617777c14cd703ba3e8be17d5777
performance.navigation.redirectCount
#41 JavaScript::Eval (size: 26) - SHA256: e495f8780d35a18d80e09be6211760313cd30ac601a5c7478f9ddf4ebf8536ba
navigator.pdfViewerEnabled
#42 JavaScript::Eval (size: 23) - SHA256: 76fae4cd7853897c738cd23148b2ebab825379d6ba153e245965183cc3304082
navigator.battery.level
#43 JavaScript::Eval (size: 18) - SHA256: 17720ad70d18a072962c7509a9e8f79d6227be2728fb0e89dafb5a1edbc19f40
window.console.log
#44 JavaScript::Eval (size: 19) - SHA256: 9b078b8e24e4655c21a5876570daac97f2ddc241bfdb259644582b6a7a60930b
navigator.userAgent
#45 JavaScript::Eval (size: 20) - SHA256: 6b612f597a0ed972ce30182713c197e510528ac68ff1711b560641d5f47afefa
navigator.productSub
#46 JavaScript::Eval (size: 18) - SHA256: 793401a4baa2fb67b2049b633d5ebb8c25d2dc67d41071aabd7c180ddbdd2599
navigator.cpuClass
#47 JavaScript::Eval (size: 21) - SHA256: 023250096bcba5a18a624685884b3126896db722289f3281cea8ec5cc63476e7
navigator.appCodeName
#48 JavaScript::Eval (size: 16) - SHA256: d17194a96291e963420dd3361221101c8fdb7d8d382fc8993563576d3fd29dd6
navigator.vendor
#49 JavaScript::Eval (size: 24) - SHA256: a097c9a52546fb53f0340afda7f34b4e47b836e551135e5ad0b5339ebb314a30
window.opener.outerWidth
#50 JavaScript::Eval (size: 32) - SHA256: 90190e51d410f9862884d5984262f9e1b8e46dd1010b50f1c22c9ef3fa1565fc
window.opener.offscreenBuffering
#51 JavaScript::Eval (size: 34) - SHA256: 3db042ba8dbf234b0ba7ed8b47e5c8cb58b267af983635a41652258f1e282c0c
window.ScriptEngineBuildVersion();
#52 JavaScript::Eval (size: 12) - SHA256: 5191a526bd66a118a4a51956503fdcf4555cc92b48b9a426d04a7af25d3980e1
window.brave
#53 JavaScript::Eval (size: 26) - SHA256: e5a13721b456c9e090f80944728fc91767f5ae01b01f59160e73ff2c7cacc587
window.locationbar.visible
#54 JavaScript::Eval (size: 24) - SHA256: 38be2b1c1c886666cd4ac85d71bb8b65e51d95c7c5f40b0c575f7d196a0442cd
window.statusbar.visible
#55 JavaScript::Eval (size: 20) - SHA256: dfafe4f2e08c006ec277e8042267c6237512a1a93bfcf57657420d4becc0a97b
window.mozPaintCount
#56 JavaScript::Eval (size: 24) - SHA256: ebca0f427d949e5889ac01faf63de6370743bddd0169c9354c84bc47e3e8a0b1
window.opener.innerWidth
#57 JavaScript::Eval (size: 6) - SHA256: 44ff7b02c80d38b26dd6aa31d9470aed81b32e10331a3c994fb1a9945fd847ba
window
#58 JavaScript::Eval (size: 9) - SHA256: ebf49dcd836f810084c14e0f2dab4dc1768bbdc5980481bf201fcf76771dff7a
navigator
#59 JavaScript::Eval (size: 36) - SHA256: 436179ef4964c80a03e62015696ba10c5ae70602c6538d07f50b75f35bd72a27
document.documentElement.clientWidth
#60 JavaScript::Eval (size: 24) - SHA256: 6b5c93eab3b74dadfbe0f6c5949ab9f1ec8f012df8f49495664b96b51881ed85
window.RTCPeerConnection
#61 JavaScript::Eval (size: 17) - SHA256: b4a3a83fe09d48db0c0b4416fefb19af5f9e069c12d2af8793a18f159574bb79
window.outerWidth
#62 JavaScript::Eval (size: 18) - SHA256: c1fcce173bd0b08415367c934d5db7c4ed130c7f83a485c91682873bff2954ee
screen.availHeight
#63 JavaScript::Eval (size: 23) - SHA256: fac21d8a86a99b88e4eb395a35aa2970ffb8ffdac1b12280959be2c117e3a09c
window.devicePixelRatio
#64 JavaScript::Eval (size: 22) - SHA256: 526c9d85cebcd21526a3b7ffdb87a9c2b6229e00b0bf210634abf6c84e0ad143
navigator.msDoNotTrack
#65 JavaScript::Eval (size: 32) - SHA256: d0ea77c33d12565615b751dd5d753895e6287577bc0cfe0522961048b211daa6
navigator.connection.downlinkMax
#66 JavaScript::Eval (size: 29) - SHA256: a9dc93ae3dc52ac584bff8e382bf1db1f87b8e3a54243eae8d1e3badb180e834
navigator.connection.downlink
#67 JavaScript::Eval (size: 11) - SHA256: 2c6631ee0cabea9afb499cec860aab5fcf40ed956651a0b0ea7b3411e1a31cd9
window.open
#68 JavaScript::Eval (size: 41) - SHA256: af18ee7d06fe2ee2da28af260ea0c78923664ecbc220f3ce395c50b1822dab7a
window.performance.memory.jsHeapSizeLimit
#69 JavaScript::Eval (size: 23) - SHA256: 2ef7ca07ed70c4ffbc59b1d3fa8df8cd2be1bfc66d1604246926066c9f44fd0c
screen.orientation.type
#70 JavaScript::Eval (size: 17) - SHA256: e5ee82e31ec94cc385b3637227b4435f0547b3d0a4aa60cdda1d8fada4779df3
screen.availWidth
#71 JavaScript::Eval (size: 31) - SHA256: df3486f2ca74e18e1c81ba55663a8dd4e668e36fed82949b9cca595051bd5064
performance.timing.requestStart
#72 JavaScript::Eval (size: 31) - SHA256: 7f96f13e41030d403da6d3c41ed3e161053572b43346d4e7c6ade69c0861d6ca
typeof document.visibilityState
#73 JavaScript::Eval (size: 29) - SHA256: 95b2bbef556b3dc3b807638cb7b08274af9b8998def0c82d81e3a1517100d68f
performance.timing.fetchStart
#74 JavaScript::Eval (size: 22) - SHA256: 42c1dc825c7afb2edca4a8bca3f669784ae08b69226a5ec5044ee7600fccb397
window.mozInnerScreenY
#75 JavaScript::Eval (size: 22) - SHA256: c49e342522959187d587f89ed7dde961d8df29cec6b02dce869f4aa1ac3ef254
window.mozInnerScreenX
#76 JavaScript::Eval (size: 25) - SHA256: 0098b3fb5f82abbebff8c293e42863b93e210b01f0032c4147fe1457f5b48a93
window.offscreenBuffering
#77 JavaScript::Eval (size: 11) - SHA256: c42b2a75055edd538c357b5923a7eca102ebf4e63f14d7d8b6fa2778d6b1cdd2
screen.left
#78 JavaScript::Eval (size: 25) - SHA256: 791b28f4c489619d78906b8af22fbc11b48c0576134d36470ef92468e47da29c
navigator.appMinorVersion
#79 JavaScript::Eval (size: 20) - SHA256: 6af0594857ab3b4e97420ca6bf7e098fc0901e86860d2e6a26cdf1d176c37dec
navigator.doNotTrack
#80 JavaScript::Eval (size: 27) - SHA256: d411f352f2428265f0fc9f43b7429dafafad74f69cf4022cd51d9df23a67f157
performance.navigation.type
#81 JavaScript::Eval (size: 19) - SHA256: c26c62a09a687d08a3ef9d9a960c5ae2ad47fecc853b4fb0380d71586d260a1b
window.opener == null
#82 JavaScript::Eval (size: 34) - SHA256: fa103a26e90f8e37ab2371d0dd320ca199c0ff194f4ded9cee3ccfa85c22f713
window.ScriptEngineMajorVersion();
#83 JavaScript::Eval (size: 19) - SHA256: fc5a1ffc9513896711ec2c788490995715c8d32ccda8c4e2c68a9bd8cb214e77
document.innerWidth
#84 JavaScript::Eval (size: 10) - SHA256: f73e4e03067983dd5196907f86c9020b174651f1bd0b5d291b217dc927ff068f
screen.top
#85 JavaScript::Eval (size: 15) - SHA256: 4f61f9e962c8c1d90b453b461dd9431c1d3a6a706e61ab5c2a9faf6a71aea93f
screen.availTop
#86 JavaScript::Eval (size: 22) - SHA256: e924fcaf65b8ea057cb30e32bbdf04fdafe2bde622539d6d1abc466b050917d5
navigator.userLanguage
#87 JavaScript::Eval (size: 31) - SHA256: 043b61c407c6f51e3a4ee18efee76fac227501d805df309988fc1494ae0a30dc
performance.timing.connectStart
#88 JavaScript::Eval (size: 29) - SHA256: 9c27754d9297bf8d4022ded2628940ae5a837c7d7d130b197c3dc80627a453e2
HTMLElement.prototype.animate
#89 JavaScript::Eval (size: 22) - SHA256: 28be88d787b6e773eaf5d0818a6c62446ce628dd8ec0659c6f78410588838337
window.toolbar.visible
#90 JavaScript::Eval (size: 15) - SHA256: da82a56eb8524f5d12a2afcf2c5d0cb6184f26995167212a0ccb3bc2ba0def36
document.hidden
#91 JavaScript::Eval (size: 17) - SHA256: 13e19bbb45d0bb1d1915240763b5bca4ddef99d01edd749954115168c7842c9c
navigator.buildID
#92 JavaScript::Eval (size: 29) - SHA256: 876f3c9374f7069c7cabd0907ddad5466010a649a0f34984e5e2cc72f64878a5
navigator.hardwareConcurrency
#93 JavaScript::Eval (size: 16) - SHA256: d6b5ca1760fc8b29e007efc9c8d2cf7e8a2395825f6f77dada95483fc3171bdf
navigator.onLine
#94 JavaScript::Eval (size: 48) - SHA256: e7678fa8be4ae3ca69e517858903bb107391f9de7ae346a75288b81b57630269
Intl.DateTimeFormat().resolvedOptions().timeZone
#95 JavaScript::Eval (size: 15) - SHA256: 2daa1a91b2430e9867296c9cb26d1483785954a9bdd66f79b2c754bab7092cae
typeof __gCrWeb
#96 JavaScript::Eval (size: 25) - SHA256: 11ae4500086472eb307c6d2459f0d1446b2cc02b1afda7925d800e2d49f1c9d1
window.opener.outerHeight
#97 JavaScript::Eval (size: 4) - SHA256: 1bbd174404efbce95f1af489ef93f4aa0f4d55718f24c3504682216afa7b7fb1
eval
#98 JavaScript::Eval (size: 17) - SHA256: d204422e9d49293ab422bfabae9607635876cb30f77215f133603bac691f6f4b
document.location
#99 JavaScript::Eval (size: 18) - SHA256: 0200f755a2c13b9335fe39b3a88f696c334e518e8407780c4731d8e6be966c4e
window.outerHeight
#100 JavaScript::Eval (size: 19) - SHA256: 63fd63a33ca43f07ce872672d604657ec0fbfbe24bec43f4b322c0f7a1c2ce25
document.hasFocus()
#101 JavaScript::Eval (size: 17) - SHA256: 031688cb60b9631e34bc623cf81a9eeef73de67ca290d15cccfaa65399420932
screen.colorDepth
#102 JavaScript::Eval (size: 18) - SHA256: 318e5db431b7c9515f38ae97da21d7c4e75ec281aea96271c0d0f4e22b35df92
navigator.language
#103 JavaScript::Eval (size: 24) - SHA256: ae3766b014bf6a5b6452d14a9f1de103d584e98933db2577122c136bfb9eb0c6
navigator.connection.rtt
#104 JavaScript::Eval (size: 12) - SHA256: 20dbc48604a9afee27f0eaf4b84634fabbf1b2c09f78e795896b6fa1747b154a
window.alert
#105 JavaScript::Eval (size: 37) - SHA256: 6530649612f535f1adde48ecf8b5de0677e9b5d77db12eb3dfd90b79b363559e
HTMLCanvasElement.prototype.toDataURL
#106 JavaScript::Eval (size: 13) - SHA256: 32c6c6c6d07bb5224356b89b5de1adc4c02b1f7b2f464830005443afc6624e85
window.google
#107 JavaScript::Eval (size: 30) - SHA256: c2ea2223b59cfea384b15228f4cdc0f7337d4909e20e97e2fa42648ef8ecf610
window.webkitRTCPeerConnection
#108 JavaScript::Eval (size: 46) - SHA256: 30f73e7f08c8e6a25fec00672f75fa725d3fa7a30bf847fb1dcb0115ec2f8607
Intl.DateTimeFormat().resolvedOptions().locale
#109 JavaScript::Eval (size: 50) - SHA256: 203d92af34680f7fe84b0047f738fae4e2d401f5d28af8d70f067dc77f5acb6a
window.external.getHostEnvironmentValue("os-sku");
#110 JavaScript::Eval (size: 17) - SHA256: c03ab22471edc55763f012b82b8d32f981b31ca921a55cc4a663b8bd953b96e7
screen.deviceYDPI
#111 JavaScript::Eval (size: 24) - SHA256: 15dde2f8fcb5a8a423088da92307a50f6ba6c59577490e49e2ae24a15c75c2bd
window.clientInformation
#112 JavaScript::Eval (size: 12) - SHA256: bc1a6bd7f4ddbcd78987ea609d4595bdf2422cb1be9e85af5d6c199f62000d6c
screen.width
#113 JavaScript::Eval (size: 26) - SHA256: 2638f8c5d74932a6dfe72bc21a585ef3525f7e26bd3dbb1f480071141c325af1
navigator.msMaxTouchPoints
#114 JavaScript::Eval (size: 29) - SHA256: d01a385e50e8e57c5f15bc18b82e1304ed42dcbe38967d66a30a786e39ed847b
performance.timing.connectEnd
#115 JavaScript::Eval (size: 30) - SHA256: ca1a06e2314f272f03bc401a7ae0f4056692895b060fd13c00280536b6c56e85
performance.timing.responseEnd
#116 JavaScript::Eval (size: 17) - SHA256: 13871edf9ac7e58046d0f0d03811464e388c3f2323eebc6b61954c79dc883459
screen.deviceXDPI
#117 JavaScript::Eval (size: 26) - SHA256: 92f68565a2781a0fbd595ff5c54717d6b87c6cf19d42c7f3d3d4c81193bb2cb4
navigator.battery.charging
#118 JavaScript::Eval (size: 12) - SHA256: 27f88609267c27a6f4e778dcb686f1f2fdf0f4f7cd29ad34826b916266ae45a8
window.close
#119 JavaScript::Eval (size: 17) - SHA256: b18f7c2e4dbfe2926b0413634f7cd6781be55e27b4b885dc68a8f740a80d72e1
window.innerWidth
#120 JavaScript::Eval (size: 23) - SHA256: c5d184acbefde172c402f1100cb756d11e8a1c83484977f1d5975bc65a79a7c5
navigator.cookieEnabled
#121 JavaScript::Eval (size: 21) - SHA256: 561f7f2574775993811ac7bc852a2054ede9fb58a62eb0804030e1ff877f4350
document.webkitHidden
#122 JavaScript::Eval (size: 27) - SHA256: e94a47b072c1a87127e88c17e992124bcf93c5d0d6b4e96c73a909444a7cd0d6
window.mozRTCPeerConnection
#123 JavaScript::Eval (size: 51) - SHA256: 8c6276b2ab288fa398c4bc128bf765ffc10696c7adb7b2db18019870fa29cbdd
window.external.getHostEnvironmentValue("os-mode");
#124 JavaScript::Eval (size: 24) - SHA256: 15eb7e222abfc64660d0f94c04053839498df20ea9ac9a13a201701a56ce3bf6
typeof window.chrome.csi
#125 JavaScript::Eval (size: 26) - SHA256: 7510742fba4d25113b6124987e97cba40776bc5030a6a3678974dc8ba075bf81
window.personalbar.visible
#126 JavaScript::Eval (size: 17) - SHA256: e0bc19473df9795cd42be5da545b5a6828d31527b4ffa3769564f735abec0deb
document.hasFocus
#127 JavaScript::Eval (size: 20) - SHA256: 1b0f9a28e673c21b9a668e2973157b075ac420eda7f39fd5727a77bb32b45ffe
navigator.appVersion
#128 JavaScript::Eval (size: 22) - SHA256: b19d05a8d492320ab4db4d74ea0e9e90374bed47a18e805f8018ebb00af0c23c
window.menubar.visible
#129 JavaScript::Eval (size: 37) - SHA256: 998158f6df4183edd82539e6dc971d32f50bc7ee075f64d4abc46d3011a9da27
document.documentElement.clientHeight
#130 JavaScript::Eval (size: 25) - SHA256: de1b699e93a44c66a069974d1603aee656a6e063b19b8bbf5b09946a3a1b9904
window.opener.innerHeight
#131 JavaScript::Eval (size: 20) - SHA256: 3f3d3b81e8706983e30a63da7389e8cd3e70bd7778063d63f748984c42007425
IntersectionObserver
#132 JavaScript::Eval (size: 59) - SHA256: f8aac102dc71390ed9b53b485b34d036f4c871e18d7015b307b95c8f1dcd9fa1
window.external.getHostEnvironmentValue("os-architecture");
#133 JavaScript::Eval (size: 14) - SHA256: 28d9693460ce57dd4e01742e50a1baa10cbed3fa6c20c2a69f02424f80fb9a2e
!(top == window)
#134 JavaScript::Eval (size: 20) - SHA256: 3688d7e88d248ea850c456f0233738d10695a410a3dec97785ca7422c3f562c1
document.innerHeight
#135 JavaScript::Eval (size: 37) - SHA256: 0e27576eb1e9c067b58d47b8749be97d9e94c1e3d67cdf541784148cd80a04b1
MouseEvent.WEBKIT_FORCE_AT_MOUSE_DOWN
#136 JavaScript::Eval (size: 24) - SHA256: 4b653dda0da63fbe970902ed9a8dc33f1f0555edd3d9f2ae1ad8ed9284632d72
navigator.maxTouchPoints
#137 JavaScript::Eval (size: 25) - SHA256: 63d0de96ffe6e24d709e64517f883a6e6a72e3629aea379ee43b727541794c64
navigator.browserLanguage
#138 JavaScript::Eval (size: 25) - SHA256: 329a9b85817fb7d3bb2492cbcb23f12b14cf9abd181473b838250e3b745fab50
navigator.connection.type
#139 JavaScript::Eval (size: 108) - SHA256: 8eab171b0d256cf386d222b71fbf5380f2051b67452dbd83f41401a6216a789c
!!document.fullscreen || !!document.mozFullscreen || !!document.webkitIsFullScreen || !!document.fullScreenElement
#140 JavaScript::Eval (size: 18) - SHA256: 64e360e85164e7675724c7fe1ed681b25a138c51d437bac5ff97e8910ccf2aa7
window.innerHeight

Executed Writes (0)


HTTP Transactions (135)


Request Response
                                        
                                            GET /d/6mx8nyi7vyab' HTTP/1.1 
Host: dood.re
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         172.67.68.226
HTTP/1.1 301 Moved Permanently
                                        
Date: Fri, 09 Dec 2022 04:36:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 09 Dec 2022 05:36:35 GMT
Location: https://dood.re/d/6mx8nyi7vyab'
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FYg3Wg2s4upPb0NbmbWwkWZyJrghbiMKyokCRvqc4eSgOIzNDYbgELjxPWvpCt4VA0GLoL4V85SZontZDSw8caZBpjK6gTeyxA7o55S2FFNrRLmcVKJLk6w%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776b0a69ff22b523-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5160
Expires: Fri, 09 Dec 2022 06:02:35 GMT
Date: Fri, 09 Dec 2022 04:36:35 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2652
Expires: Fri, 09 Dec 2022 05:20:47 GMT
Date: Fri, 09 Dec 2022 04:36:35 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 04:08:17 GMT
age: 1698
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2317
Expires: Fri, 09 Dec 2022 05:15:12 GMT
Date: Fri, 09 Dec 2022 04:36:35 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: bo+ZCOLnYTqR+nXA99EvwsujI9k2NJ3TWPc+VTV6pUMsh46WNYnU3tEJ+XIFqrFV9ZuLvQ1XjAA=
x-amz-request-id: F9PA67H3V4XKGRFS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 03:50:06 GMT
age: 2789
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            POST /s/gts1p5/CdZu0duK_F8 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:36:35 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 09 Dec 2022 04:36:35 GMT
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST /s/gts1p5/CdZu0duK_F8 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:36:35 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 09 Dec 2022 04:36:36 GMT
content-length: 27748
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 124085
expires: Wed, 29 Nov 2023 04:36:36 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bw2lqHKGymg6CcvY%2Ft3PgqmfGIN%2BxyZvIZ9gzTbdl8GT7yQkRwx7YBCl8ayd6EiwwzQ9A5XAVFzCC2DGHX3OGrLkuPt0CSv%2Fvlsyp1yDj%2FfK2KbXeRbHk4u7pgHTonjInqzqUxMV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 776b0a6d49afb4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   27748
Md5:    638a4990025383a0f83ebf29bdb84a68
Sha1:   153e8818dc42f598e47fde8cf398f1447649a4d0
Sha256: 878e34b89800bb271d3588e526eb3598eb3822e263f3bdaf53645847d39d0ad6
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "F0BAACC9910D8314D1ACD2A35A551666E1971F53E8667D790E240C5CF19DC9FC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3152
Expires: Fri, 09 Dec 2022 05:29:08 GMT
Date: Fri, 09 Dec 2022 04:36:36 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "F0BAACC9910D8314D1ACD2A35A551666E1971F53E8667D790E240C5CF19DC9FC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3152
Expires: Fri, 09 Dec 2022 05:29:08 GMT
Date: Fri, 09 Dec 2022 04:36:36 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "687F3927ECAC66FA8B3109B233D6C0913EDB933AEC34D44E7F120B69A39F7BA6"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8833
Expires: Fri, 09 Dec 2022 07:03:49 GMT
Date: Fri, 09 Dec 2022 04:36:36 GMT
Connection: keep-alive

                                        
                                            GET /img/no_video_3.svg HTTP/1.1 
Host: i.doodcdn.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.6.74
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Fri, 09 Dec 2022 04:36:36 GMT
content-length: 2812
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
etag: "61d3187c-afc"
expires: Sat, 07 Jan 2023 08:12:16 GMT
cache-control: public, max-age=2592000, no-transform
access-control-allow-origin: *
cf-cache-status: HIT
age: 25143
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxHPGdMaYsRRvqBWoDaQyuCrS2FCWk6crdssliUTmBY1SNWJY%2B%2BcDdR7E9ffPP%2B8c8Jm%2Bjwp%2Ft%2BlISfzSk%2FLjALaC%2BJ4z9JNiMSMv88DlWnC16HGxMKpih%2F9%2BUqDVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776b0a6d9e1fb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (2789)
Size:   2812
Md5:    077bfdaa49ae4877a42611b739ec4752
Sha1:   a2f9e1222b7af9abc05122411ab8902efcc08ead
Sha256: 70d6a17097a8c27edfaad6740e11359d9363f3f04bff1b93483e29c25609fa6c
                                        
                                            GET /theme_2/css/style.css HTTP/1.1 
Host: i.doodcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.208.102
HTTP/2 301 Moved Permanently
                                        
date: Fri, 09 Dec 2022 04:36:36 GMT
location: https://i.doodcdn.co/theme_2/css/style.css
cache-control: max-age=3600
expires: Fri, 09 Dec 2022 05:36:36 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJE9Nx6Xx7FlTO9NEr4UBpMwNHq5PXJW6j%2Fo0NC%2BI%2FCog2pjq62vRnSSmFpPI0iv5ekCDvCw2ajhzlBG%2FJFDYdl5Wos897%2BKGH%2BVjSj1oCZNQRtv0PeukXoM%2BcFXXC73"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776b0a6d89d10b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "687F3927ECAC66FA8B3109B233D6C0913EDB933AEC34D44E7F120B69A39F7BA6"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8833
Expires: Fri, 09 Dec 2022 07:03:49 GMT
Date: Fri, 09 Dec 2022 04:36:36 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2518
Cache-Control: max-age=123474
Date: Fri, 09 Dec 2022 04:36:36 GMT
Etag: "6391f0d0-118"
Expires: Sat, 10 Dec 2022 14:54:30 GMT
Last-Modified: Thu, 08 Dec 2022 14:12:32 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /script/suv4.js HTTP/1.1 
Host: acacdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.200.105
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 09 Dec 2022 04:36:36 GMT
x-guploader-uploadid: ADPycdsa0kWv_m4fDoeBr2GW94C4wN_euw5XsRJIM5U6eweLO6G63BWjDR_FaNedEAF5NLnNG46AdHKaGJkf0Qh1_c7olg
x-goog-generation: 1669191527960820
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 100584
x-goog-hash: crc32c=mktFgA==, md5=WKNwY2lJNJOzygA6Intvpg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Fri, 09 Dec 2022 04:04:06 GMT
cache-control: public, max-age=14400
age: 3461
last-modified: Wed, 23 Nov 2022 08:18:48 GMT
etag: W/"58a3706369493493b3ca003a227b6fa6"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucHNTiKPmC71zwiNbhYRdX1Gs9BVbRhJBLuNLMOp0Wz3IZNoaPRuAf37HUheukBEQ0PWfseLoNuCGTYuDMnC2W7TNVw%2BzU8sTpA3fX2MdAnEpr3sR7UurQR3T3Bo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776b0a6df81bb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (37814), with NEL line terminators
Size:   34711
Md5:    11b06c9baf8491c3da044cb18adc4e63
Sha1:   db112235fdf7a8b17282d248e6f39031f7e51b81
Sha256: 261374ec02e229c6fc8b9a8a49effd40f84d8a502216fa20297f4bfd5155f253
                                        
                                            GET /theme_2/fonts/avertastd-black-webfont.woff2 HTTP/1.1 
Host: i.doodcdn.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dood.re
Connection: keep-alive
Referer: https://i.doodcdn.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.26.6.74
HTTP/2 200 OK
                                        
date: Fri, 09 Dec 2022 04:36:36 GMT
content-length: 22820
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
cache-control: max-age=2592000
expires: Sat, 07 Jan 2023 05:33:09 GMT
vary: User-Agent,Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 61696
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtoLoHulEN9ow9xO1JVDtiC%2FIzO%2FGlxZTzKPMqn%2Bf9p6BGzjUSCeTWUjBg1Og41g0DJnIbKXClORBoPVnXBlLA4kmBazHbXsjBWaN%2FBZgRNcCfBzRVIle%2BnxI4WAKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776b0a6e7b3ab4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 22820, version 1.0\012- data
Size:   22820
Md5:    1e976387cb594982692bdbdffde86f91
Sha1:   9546836a7d80c17d85cdd37a9553852f00af031b
Sha256: 4dc982a61a00481f4c9545f9f2da64098428b4aec96838de3c194fa82373ce1d
                                        
                                            GET /theme_2/css/bootstrap.min.css HTTP/1.1 
Host: i.doodcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.208.102
HTTP/2 301 Moved Permanently
                                        
date: Fri, 09 Dec 2022 04:36:36 GMT
location: https://i.doodcdn.co/theme_2/css/bootstrap.min.css
cache-control: max-age=3600
expires: Fri, 09 Dec 2022 05:36:36 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVl1djcj1Q5EEQsiR0qK9sX54gI1mScMh6VhCeEa0tu%2FTh1hKXCTDLPyGmlh7ByUf2IWzdVnZIMcB51T%2FzClSM2M%2BAd5Ib6HACygBAYbeRbCKLKdKkC8YKvWes%2BhjNbv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776b0a6d89d00b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   48596
Md5:    523bb0883828d4cb8754cb4085c584be
Sha1:   c95e131c7611505b8eb83ce10c83cf5ac2b7fab3
Sha256: 2b66beda71a649cea28e1920f3812365bed9de0cd9f3ab92ded80de803a03eb0
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 04:07:55 GMT
age: 1721
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "43B87ECB9A68F375B6ED93F04578BD292CDD39450BF2F733EA37D83A3585A9F6"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1399
Expires: Fri, 09 Dec 2022 04:59:55 GMT
Date: Fri, 09 Dec 2022 04:36:36 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "158978C4001B0782979033629419680B6EBA44511601BA0FDA7A4ABEC53AF654"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9171
Expires: Fri, 09 Dec 2022 07:09:27 GMT
Date: Fri, 09 Dec 2022 04:36:36 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3BDCF63B73394337DA025589D58A7B7EC93F9168EF2BD41D74173DD538E08C56"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13362
Expires: Fri, 09 Dec 2022 08:19:18 GMT
Date: Fri, 09 Dec 2022 04:36:36 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6250
Cache-Control: max-age=108866
Date: Fri, 09 Dec 2022 04:36:36 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:51:02 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /ed/b8/70/edb8703573695076feb99cb156693613.js HTTP/1.1 
Host: resetoccultkeeper.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         173.233.137.36
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 04:36:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9d231c223e34e44dd201893f55cb335e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (32110), with no line terminators
Size:   10746
Md5:    e50b399951f7d707843fc094cd840e10
Sha1:   842de18c442610aa2f88b906a8bed9aec4eb3f1d
Sha256: f17fff131099125a23d6aad0e011e292520a9a5d1036d8393cbd3a36821db75f

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /f0/6f/53/f06f53688194268edaf23d2b44a59e27.js HTTP/1.1 
Host: resetoccultkeeper.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         173.233.137.36
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 04:36:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0643812ee11562e1c4af6a7ecc7f24fb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (60146), with no line terminators
Size:   20706
Md5:    b63de9bd93f09a106d6f21167aebffba
Sha1:   a330ee15e641db506f9960185ef566ce1d7d0cf3
Sha256: 28d62af2b792ea1971650cf57ce73f9908e9da871c9c27001ad64dd35e30c380

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "70A2CA6AE9B2777AAD1261C935A075C256A7D920C98AFFA64C8AFFEF5D5FF85B"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6688
Expires: Fri, 09 Dec 2022 06:28:04 GMT
Date: Fri, 09 Dec 2022 04:36:36 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:36:36 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 08 Dec 2022 12:52:25 GMT
Expires: Thu, 15 Dec 2022 12:52:24 GMT
Etag: "ed6371e6e48962c53d3dbe969b2ed37f18f0583b"
Cache-Control: max-age=547547,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776b0a7209f91c0e-OSL

                                        
                                            POST /solid.gif?z=1799975&abvar=0 HTTP/1.1 
Host: la3c05lr3o.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

search
                                         62.122.171.6
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Fri, 09 Dec 2022 04:36:36 GMT
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    28e463819a210071de3b45ebe7633613
Sha1:   6dccd571828ec0912629119cf7eabfea9f33ddbc
Sha256: 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lzHzABLagun7611nktRaqQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.148.213.75
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: d55b3b1Cz5iA+8AOT8w1azhxd24=

                                        
                                            GET /stattag.js HTTP/1.1 
Host: tzegilo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.84.149
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 09 Dec 2022 04:36:36 GMT
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 498
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4AFZdVmj2JxrdgbG1IpZAfRnJyUWdVSJbtSCOr0LnTbhJ%2BWbcNMHW4d%2FdwfdhvoHvLQwnPyCbv8JBFmXkxpdu8dsrQK6%2BjaIBsoGnRUiPPqy48mCBoslIiVqYbfzeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776b0a70ceedb518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12966), with no line terminators
Size:   5244
Md5:    f3e75a80cf35519bffa38d2e3525a331
Sha1:   1e95dd231bb9a4730c6625d6390541c578238e71
Sha256: c5824757801131dd7c4122bc08c6f9287dfbfd924939d43fc8f64a6bb2ef5d66
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C3623E5E4AE68C94EFCD8AE5A14911B82F321DDD6B37629BDDFAD7118131B1B1"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9785
Expires: Fri, 09 Dec 2022 07:19:41 GMT
Date: Fri, 09 Dec 2022 04:36:36 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 09 Dec 2022 04:36:36 GMT
Last-Modified: Fri, 09 Dec 2022 03:18:14 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RTLXMJ0g39ZnRiYXawmLdE7N8zIsfvODwhCCsUh0lmLSSAQUdYGcQA==
Age: 4702

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=123522
Date: Fri, 09 Dec 2022 04:36:36 GMT
Etag: "6391e720-1d7"
Expires: Sat, 10 Dec 2022 14:55:18 GMT
Last-Modified: Thu, 08 Dec 2022 13:31:12 GMT
Server: ECS (nyb/1D06)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 11WKf5Y8RIO12BEXVXPKwstkKtG7CyUUvv_mzEFkpXzUjxjqK51VLg==
Age: 5046

                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         52.28.211.11
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Fri, 09 Dec 2022 04:36:36 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://dood.re
access-control-allow-credentials: true
set-cookie: uid_id2=5421e83a-2ba5-4c6c-b259-71233e979b73:3:1; expires=Mon, 06 Dec 2032 04:36:36 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    fd816630ad3b1d0b86f45b51e556a169
Sha1:   a8c5db709bcdbdd1faf8bd867d50d78cefb3def9
Sha256: 5c5898b19f565766218a4ba72b311dc329e79f5a9ffff906899f5ebb5368a594
                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         52.28.211.11
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Fri, 09 Dec 2022 04:36:36 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://dood.re
access-control-allow-credentials: true
set-cookie: uid_id2=a7a4b821-6ba9-4769-9ef8-1ccdb78f9273:1:1; expires=Mon, 06 Dec 2032 04:36:36 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    d3d0fd1b1b1d5a76083721fb7cd47e87
Sha1:   132338b870d2717db47bcff03ee6c6af95b42a37
Sha256: 127d8e2f3db98801e359992f13c0e9aed5f138a2d41c95616e0391f3c3b28669
                                        
                                            GET /tag.min.js HTTP/1.1 
Host: cagothie.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.238
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
server: nginx
date: Fri, 09 Dec 2022 04:36:36 GMT
content-length: 23393
content-encoding: br
x-trace-id: 34090e1a75bb562778cfe1bba138c77f
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Fri, 02 Dec 2022 10:19:16 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   23393
Md5:    391a9fe961c74a035ed5ac424bfc5fb2
Sha1:   65bf15f254531c80c76212bb6d3c5f33d6a501ee
Sha256: 73f16b3e042c5e5f34570279688fb08577d95105d0707d1a21b11c0c1524dcfb
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "70A2CA6AE9B2777AAD1261C935A075C256A7D920C98AFFA64C8AFFEF5D5FF85B"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6687
Expires: Fri, 09 Dec 2022 06:28:04 GMT
Date: Fri, 09 Dec 2022 04:36:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:36:37 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 05:22:25 GMT
Expires: Wed, 14 Dec 2022 05:22:24 GMT
Etag: "7cdf3864b9821329e81bd0fc1c861e5fe3a73d92"
Cache-Control: max-age=434146,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776b0a726a141c0e-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A4F3EC1DA255D3BA7DBE15F0303882A664E194B725C084174E5EAC68592115B0"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17246
Expires: Fri, 09 Dec 2022 09:24:03 GMT
Date: Fri, 09 Dec 2022 04:36:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F4ACF997266ABD6CBCFDA90BF4CA4F653D392F130B7E2C999D21DAFBC6A0FE2"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15898
Expires: Fri, 09 Dec 2022 09:01:35 GMT
Date: Fri, 09 Dec 2022 04:36:37 GMT
Connection: keep-alive

                                        
                                            GET /pixel/purst?dl=0&th=0&sc=0&rs=1305&rd=1305&fd=791&bv=22.10.v.9&tmpl=70 HTTP/1.1 
Host: hygieneretorted.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         173.233.137.44
HTTP/1.1 200 OK
                                        
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 04:36:37 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:36:37 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Dec 2022 00:04:30 GMT
Expires: Thu, 15 Dec 2022 00:04:29 GMT
Etag: "5089dd182697ecc3248dff76614cf6b80b7f5466"
Cache-Control: max-age=501471,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776b0a735de6b50f-OSL

                                        
                                            GET /advertisers.js HTTP/1.1 
Host: banquetunarmedgrater.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         173.233.137.36
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 04:36:37 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7455fe8c2022df62f749f955cd48a6af
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:36:37 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 05:22:25 GMT
Expires: Wed, 14 Dec 2022 05:22:24 GMT
Etag: "7cdf3864b9821329e81bd0fc1c861e5fe3a73d92"
Cache-Control: max-age=434146,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776b0a74dab81c0e-OSL

                                        
                                            GET /sfp.js HTTP/1.1 
Host: friendshipmale.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.64.163.31
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 09 Dec 2022 04:36:36 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: e7327629acd68c0ea7822d4b071398c3
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 09 Dec 2022 04:36:36 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Udkt1xkng9VndkuGdzfgDrdJinPqCC59zoBMOwOBwX5xn%2FCHOemSGiasjgDQ4dVEwoMJfsU7wWAUOIW%2BSy3sJha1pzPsDCmEPH00zDhj1w4%2Bu28boahozhlpiH7Rk10RQhZ3keA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776b0a726cde75a5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size:   27119
Md5:    249d5bb8f8d5fd948efc1354d88c6817
Sha1:   7c912d3b06643207404fedefff09fafa13366c0d
Sha256: f3bfe89639b988ecb00f0cfee2f14749541d67e96bd6b6308d6e934031db1352
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1AD4AF0A15673FD0ACD02535F25DC9E91012DB08EF518ADCC38F1A8A2BA7A352"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3348
Expires: Fri, 09 Dec 2022 05:32:25 GMT
Date: Fri, 09 Dec 2022 04:36:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:36:37 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Dec 2022 00:04:30 GMT
Expires: Thu, 15 Dec 2022 00:04:29 GMT
Etag: "5089dd182697ecc3248dff76614cf6b80b7f5466"
Cache-Control: max-age=501471,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776b0a756ea9b50f-OSL


--- Additional Info ---
Magic:  data
Size:   15537
Md5:    f596a5ba1e25e6714e1c6b3e9c880553
Sha1:   8d9750d57620d204d720396dd41e7ee89f8b96ed
Sha256: 2d6524015c051b7384ca09fdf93f5fe862cb1d46ef789359a3b49d598fb7dabe
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:36:37 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Dec 2022 00:04:30 GMT
Expires: Thu, 15 Dec 2022 00:04:29 GMT
Etag: "5089dd182697ecc3248dff76614cf6b80b7f5466"
Cache-Control: max-age=501471,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776b0a76cb4d1c0e-OSL

                                        
                                            GET / HTTP/1.1 
Host: 4.adsco.re
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         162.252.214.5
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 09 Dec 2022 04:36:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://dood.re
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   62
Md5:    adde5febc7b5b6c2c759ec735cce83a0
Sha1:   77ec17be8a9970ff04663294d41c590d0d24fde4
Sha256: ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Cookie: uid_id2=a7a4b821-6ba9-4769-9ef8-1ccdb78f9273:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         52.28.211.11
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Fri, 09 Dec 2022 04:36:37 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://dood.re
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    d3d0fd1b1b1d5a76083721fb7cd47e87
Sha1:   132338b870d2717db47bcff03ee6c6af95b42a37
Sha256: 127d8e2f3db98801e359992f13c0e9aed5f138a2d41c95616e0391f3c3b28669
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4C0D144B20AB8CF7FEC972A66E08ED2B993121E9C4B6C88BBF0F3E7388F2B058"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1851
Expires: Fri, 09 Dec 2022 05:07:28 GMT
Date: Fri, 09 Dec 2022 04:36:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4DE9DBB278C8A27194B4813014D3A3F03D0C309C379576372088053EFB39A858"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=952
Expires: Fri, 09 Dec 2022 04:52:29 GMT
Date: Fri, 09 Dec 2022 04:36:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D81CEF793EC794C496BD16A53DAE237F2A45D32C5757146D421D32FEC095E2F2"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5435
Expires: Fri, 09 Dec 2022 06:07:12 GMT
Date: Fri, 09 Dec 2022 04:36:37 GMT
Connection: keep-alive

                                        
                                            GET /gid.js?userId=0c4ae0a1a4344b9d9f55b9ce1f646435 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Fri, 09 Dec 2022 04:36:37 GMT
content-length: 65
access-control-allow-origin: https://dood.re
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0c4ae0a1a4344b9d9f55b9ce1f646435; expires=Sat, 09 Dec 2023 04:36:37 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    337e9e37033f6a82ae30189365afdede
Sha1:   477c09d91768288e3443f8dcbeef37ff2cc3e93b
Sha256: 8a17fd4a0f7c856adc64bfbea003a85af1b804af1d5a40f8f7811adbba801866
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F61F64C91AED0910EA20C1B3CF030F219D080A3BB2087A1FE2B80A403074EDB9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7489
Expires: Fri, 09 Dec 2022 06:41:26 GMT
Date: Fri, 09 Dec 2022 04:36:37 GMT
Connection: keep-alive

                                        
                                            GET /sbar.json?key=edb8703573695076feb99cb156693613 HTTP/1.1 
Host: swelltomatoesguess.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         173.233.137.44
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 04:36:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://dood.re
Access-Control-Allow-Origin: https://dood.re
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15754608; expires=Sat, 10 Dec 2022 04:36:37 GMT; secure; SameSite=None pdhtkv=true; expires=Sat, 10 Dec 2022 04:36:37 GMT; secure; SameSite=None uncs=1; expires=Sat, 10 Dec 2022 04:36:37 GMT; secure; SameSite=None pdhtkv29=true; expires=Sat, 10 Dec 2022 04:36:37 GMT; secure; SameSite=None uncs29=1; expires=Sat, 10 Dec 2022 04:36:37 GMT; secure; SameSite=None slecedb8703573695076feb99cb156693613=[3842224]; expires=Fri, 09 Dec 2022 04:36:42 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 84cd27049d4acd2718743535b6c22ad0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (5752), with no line terminators
Size:   4060
Md5:    cf724ca678dab0318f080b01dd930b8a
Sha1:   d78306009338e19b77ed1a6d1c3cec04ee43a92b
Sha256: 20481ad89d025b6137868a032bd3c4bc4691bc953596c91ff453d9474b600cfa

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: cujdroxjqdhl.n4.adsco.re
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         38.132.109.186
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Fri, 09 Dec 2022 04:36:37 GMT
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes

                                        
                                            GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3t0fP9GLK148iHMRFGTSPT09k95FFtc1EoxJ3A9yrq%2BelKnuaqq6pyc5BRdkDx5GTx47zyQb1GXZPYsgEy8SEHY8aA7mbxCFPctMBkZfqHrfp5738DxvvZ8flOfER0nPNj82e0pruhQ1%2FcZbWyoTpnKN9buNwG%2F61xtbKuu0rzcG08v2rwV%2B1PTfbnwo%2BY5ZavmB7wd%2B0FhRViZmsDRjofJHcdCM%2FWa71QyiNgb2v9iVHhz1IPrn5BUoMfnf9s9PofgYWfrklnQ7hcnf%2BSAtNS2MRV8c38t2MlNlSBdlYj0k2fG8G8ZNCPn6Ekx2PHcA0z%2BcOgBTE%2BL9FoBlx3OZYP2jC6VMQ2Zg4iVU%2FTGkHkPRMbi5DyWeEYALrG8gSx%2BuG1vR3QuWTtkJufL8b6hqQq788Sqy9PFNrQaNO0aXhTKZwyCpoQZjqN4YeXmCYs%2BDqk7Ai8%2BgxC9k6fkasvRww2kDJeqZe6XGUMkYWg5BnYdyepSHMvFQ5h5ScdagUZz4fjdhSRgutznnYch5tNwRkQjby4mPkk%2FlDVHkQ3A9BLf7yO0%2BdtQQtvwRbruGEx5cMSHeJ%2FvoixqVJKgcQUUJKkVQFQRVvz4S2rVc%2FVBoV7JgnlvzHNYjU%2FQO6JEpejIjB%2Fk5uTqby58yx448a0jBlrt%2BGHXDThz53U4iWRxzFkSdThx2ghBO1VDu0szqnpqQqy9T5OrZ%2FwswegKnT8DVm6Dl66DVqNvyQbdH7WUfe9ljYYxwhZU0bXKTQpgaeXEFxa53oM%2FJazMd1%2BonkPz0xl%2FJLMBtjdzW%2BFT9RNDTD0a3TUUOb5vKkacbeaFStUenf3enoIW8%2FO1HcrcyVqzecsNv3uNTYlo%2BuitdsUYzobKeI9%2FdVEJIu2Isl%2BSHVbcl2Wbptm%2BWNivztc33V1bT3ErnlMnGoNM9fOFdcDUhL9a%2Fz%2FbyDfkFlB3DljXS8pTMA8qcgOf7cPlCvzMEVi96WO6hKuuRbbHFo1YEWi4wZTXcvzBb1AfuAXrWAy3uI0tr9G2Nvq5B9RCuvDwqcnt649dwFmDaGzFtvUOmrf7yYrhOnTVklPiJ9FuSJTFLutQXcdKOGY0D2WURDVC4Cf%2Fq%2B3v%2FAAAA%2F%2F8BAAD%2F%2F6mZEcBvBAAA HTTP/1.1 
Host: swelltomatoesguess.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Cookie: u_pl=15754608; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecedb8703573695076feb99cb156693613=[3842224]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         173.233.137.44
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 04:36:37 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1a23d08211495d21df29f26dca46e47c
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6246
Expires: Fri, 09 Dec 2022 06:20:44 GMT
Date: Fri, 09 Dec 2022 04:36:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6246
Expires: Fri, 09 Dec 2022 06:20:44 GMT
Date: Fri, 09 Dec 2022 04:36:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6246
Expires: Fri, 09 Dec 2022 06:20:44 GMT
Date: Fri, 09 Dec 2022 04:36:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6246
Expires: Fri, 09 Dec 2022 06:20:44 GMT
Date: Fri, 09 Dec 2022 04:36:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A71B25190BB6FF84EECA8DA0A090A7F51E6C703F190EFB94BEC0DD7AB5F272DA"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4180
Expires: Fri, 09 Dec 2022 05:46:18 GMT
Date: Fri, 09 Dec 2022 04:36:38 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7b1b2f1-0b18-4097-a282-a7ddd9b33b97.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6637
x-amzn-requestid: a1b14c0b-ceb5-4a3e-9dec-2503a0841bd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZPMEQJoAMF6uQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2d-1aec46bb5d73f0c47c824174;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rft2LEct9jDCAiIawPp0pGAg7S-bDRqXWxzM4H28FFqN2bS6TYwV7A==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:59:55 GMT
age: 23803
etag: "4946fcab2a99d926c45abaecf8f97b6214dee0cd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6637
Md5:    3cb7655c8fe89a83f0096c51684aa21c
Sha1:   4946fcab2a99d926c45abaecf8f97b6214dee0cd
Sha256: 60a3066f2dcc2f696413ecec56ef1d0c1a9392f6845fac5c4319b8b9e02074fd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8204
x-amzn-requestid: cf54b5f8-ede8-49d5-aa56-5d9de98e3ab8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjtKfEiToAMFSXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af576-6ddfe35c0b31074d6a07076f;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:06:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UfqFAlLedF6ZkfbGXhyYDcvu0porNJb6LPaeQ8p4dqWqsFD6iRgWLw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 15:12:28 GMT
age: 48250
etag: "6cee6b1828c709f68b995197ca943a5c393f86fb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8204
Md5:    9cb76c68a8cd472600106cc118067868
Sha1:   6cee6b1828c709f68b995197ca943a5c393f86fb
Sha256: 009d9ba19043b03b5aceeb80b69bf249f19a0a225bdbfef7ab8691669cb64130
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7960
x-amzn-requestid: beadd240-39d0-407d-a890-6a095657cac3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEd8HC0oAMFUag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb459-44d4f63c62f58684782ef14a;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kTEbkncBnAJmQE8cdAqvDtejiwaetpRBsVcpLXy1h52lO4iUkzmOGA==
via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 16:28:48 GMT
age: 43670
etag: "cfb1e5bcab2148a777889680e6e36b9d7e8917ec"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7960
Md5:    eb00a2a503a690cee3e4dd729b5bc9bd
Sha1:   cfb1e5bcab2148a777889680e6e36b9d7e8917ec
Sha256: 7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10205
x-amzn-requestid: c5704c7a-60c4-402b-8018-5885a8dae971
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F9BIAMF3ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-3e9573d900714e3250f43e17;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mLTL7L808-OguYGrl3FUvwmFmPQjBPRj7PVfgEheFHWg4g4skoBvOg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 00:33:39 GMT
age: 14579
etag: "1e492807c665e6e6b24ec6ce19035fdfc6f23b92"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10205
Md5:    45e0c1638ad919bde19731f7987ab064
Sha1:   1e492807c665e6e6b24ec6ce19035fdfc6f23b92
Sha256: f0d3738ec8406958470c8fd152a02a123d7654c30f974c1df5c4977a380c2d62
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c8ed2c5-144c-4fce-bb57-7d9918c1ab31.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4049
x-amzn-requestid: dbde9a26-7609-43b7-a9a5-6e4d2f559989
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwRFHIooAMFVmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-5f5131b8315a458d18cdc70f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6_KiAcPwtB6XJyanlunX6qvT9jdlEgMPMdGHM10HmJwQ2Ue_pDsCXg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 12:37:33 GMT
age: 57545
etag: "0b3fe77e142178561b28c93b94b1aea2e1c395a5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4049
Md5:    44ed82780732ed682ee46b2df52b3ca2
Sha1:   0b3fe77e142178561b28c93b94b1aea2e1c395a5
Sha256: 383da5ca2927044c69ff1d10b630fe3439ca48f1845031ef1b6607fcd054c54b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xi-bshsYa4LlKbJgAt0h-lPnB_5uQbqln5JGBRE8io2Fp1y41cS9xg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:08:48 GMT
age: 1670
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5169
Md5:    06514ce96ae21cb01f526a5febdcbeb4
Sha1:   ebb97e5b97f394e8c67098f55581d5329ce819a2
Sha256: 4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e
                                        
                                            POST /p HTTP/1.1 
Host: adsco.re
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2007
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         162.252.214.5
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 09 Dec 2022 04:36:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://dood.re
Access-Control-Allow-Credentials: true
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   171
Md5:    0d751907bcba7fc61f88f96712d5a770
Sha1:   955aef1b74202081c138c1c5ceb820a7a0d90d3d
Sha256: 2312a5b652abc859c32ca3cd2fe67ad967ca263c5ffad2eacfe9441f8135af17
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "96BBDD0CDE532FE8BC92563774920B1D279A48E85A9DBF75BA33DDA2E97037D6"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13547
Expires: Fri, 09 Dec 2022 08:22:25 GMT
Date: Fri, 09 Dec 2022 04:36:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FF348F0F8947E883866AA8F1CAB9B98EEB0EBCD4BE85550D780C6282018F08C5"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13033
Expires: Fri, 09 Dec 2022 08:13:51 GMT
Date: Fri, 09 Dec 2022 04:36:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FF348F0F8947E883866AA8F1CAB9B98EEB0EBCD4BE85550D780C6282018F08C5"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13033
Expires: Fri, 09 Dec 2022 08:13:51 GMT
Date: Fri, 09 Dec 2022 04:36:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "FBD9C5239531D5FFBC1CC788A87F98B91E7B05B4DACAFFEBCE2CA7370215AFE3"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7462
Expires: Fri, 09 Dec 2022 06:41:00 GMT
Date: Fri, 09 Dec 2022 04:36:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "FBD9C5239531D5FFBC1CC788A87F98B91E7B05B4DACAFFEBCE2CA7370215AFE3"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3248
Expires: Fri, 09 Dec 2022 05:30:46 GMT
Date: Fri, 09 Dec 2022 04:36:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8692A6F9A9C4CEE43D492EE34B1FB891CF41B6AE98893E5B9C7827AAC788A044"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13335
Expires: Fri, 09 Dec 2022 08:18:53 GMT
Date: Fri, 09 Dec 2022 04:36:38 GMT
Connection: keep-alive

                                        
                                            GET /1?z=3203051 HTTP/1.1 
Host: nanouwho.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.242
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Fri, 09 Dec 2022 04:36:37 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 8377b350319d3e80451607131b0d67a6
access-control-expose-headers: X-Sc
x-sc: HIYwfLRAiKRVV3MnnZCpbQM1bnqL1S7MaPx6TRAVVCANMAv3caUoEymG2TLNduyimKj7ixm2nEF95izkZlufM670mqA=
set-cookie: scm=1; expires=Sat, 09 Dec 2023 04:36:37 GMT; secure; SameSite=None OAID=0000e28608fa4a738ac2b666ed5390d7; expires=Sat, 09 Dec 2023 04:36:37 GMT; secure; SameSite=None oaidts=1670560597; expires=Sat, 09 Dec 2023 04:36:37 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   7176
Md5:    6053db266d3aea62b3582752405cdbcd
Sha1:   48bbd7e652fe861752cdcb9041f9c3f85fdf6533
Sha256: 48d6de25c5e09e46356c1e3c7702120f6221e6f3b3171a591a4e554a4327f5ef

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /sb/ssp/utility/live-message/3-2/css/animate.css HTTP/1.1 
Host: cdn.creative-bars1.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         172.64.108.13
HTTP/2 200 OK
content-type: text/css
                                        
date: Fri, 09 Dec 2022 04:36:38 GMT
last-modified: Thu, 28 Apr 2022 08:29:13 GMT
etag: W/"626a5059-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 342859
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tz5Yo0Rgb6eOkHR%2B7MU7g6g%2BdOeBM6XmrbWV2EH%2BLrRzUR6nEuA8M8gCsRlEohvfwWhMaa83RUuXRxHp%2FpGzdu9zIY%2BkineFSxPShSUvjPzKltA1GM7EQCPvddu%2F4ZHdSqMR0oU7wi%2Bu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776b0a7adbcf23b9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   4847
Md5:    c91016401e0a0b7b3d7572de48c76597
Sha1:   12fb634abb5e708b4f55d1489055b4f626d3cdd1
Sha256: 2472e286e0bf6f54cef9d99e9c63301c873fa02bc4e3979e1a18587a6d973120
                                        
                                            OPTIONS /500/4245378?excludes=&oaid=0c4ae0a1a4344b9d9f55b9ce1f646435&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=898&wfc=4&pl=https%3A%2F%2Fdood.re%2Fd%2F6mx8nyi7vyab%27&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: betotodilea.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://dood.re/
Origin: https://dood.re
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.237
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 09 Dec 2022 04:36:38 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://dood.re
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /sb/ssp/utility/live-message/3-2/img/close.png HTTP/1.1 
Host: cdn.creative-bars1.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.64.108.13
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 09 Dec 2022 04:36:38 GMT
content-length: 5982
last-modified: Thu, 28 Apr 2022 08:29:14 GMT
etag: "626a505a-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 342882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5lRppbjifBtUoed8EmXURiXYrx1VRARZutA4bxxVfYuGzW6Ef2MT0qPYuEvACsBU08QU0i%2FrPb2WFBPPh6k4LiAxwzvh6Kc1jhqh7v2I%2B16WE0A2Lzgv5msLTINNZC43LOKdSAzJPNy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776b0a7b9c2a23b9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Size:   5982
Md5:    c489ce2c491a22ee37a55e26a92dfd73
Sha1:   2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
Sha256: 1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
                                        
                                            GET /pxf.gif?uuid=a7a4b821-6ba9-4769-9ef8-1ccdb78f9273&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=f06f53688194268edaf23d2b44a59e27&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4 HTTP/1.1 
Host: unseenreport.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         192.243.59.20
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.9
Date: Fri, 09 Dec 2022 04:36:38 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bade38a927d283b1047f9f86e1260b06
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    93b885adfe0da089cdf634904fd59f71
Sha1:   5ba93c9db0cff93f52b521d7420e43f6eda2784f
Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:36:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pxf.gif?uuid=a7a4b821-6ba9-4769-9ef8-1ccdb78f9273&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=edb8703573695076feb99cb156693613&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4 HTTP/1.1 
Host: unseenreport.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         192.243.59.20
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.9
Date: Fri, 09 Dec 2022 04:36:38 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fc4288efe1fc8cd98f7e4bbd0b474f5e
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    93b885adfe0da089cdf634904fd59f71
Sha1:   5ba93c9db0cff93f52b521d7420e43f6eda2784f
Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /9?z=3203051&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdood.re%2Fd%2F6mx8nyi7vyab%27&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=898&wfc=4&sah=1002&drf=&hil=1&ist=0&oaid=0c4ae0a1a4344b9d9f55b9ce1f646435 HTTP/1.1 
Host: nanouwho.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 71
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Cookie: scm=1; OAID=0000e28608fa4a738ac2b666ed5390d7; oaidts=1670560597
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.242
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 09 Dec 2022 04:36:38 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://dood.re
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 7484fcf101647a034c1e08a47bb711aa
access-control-expose-headers: X-Sc
set-cookie: OAID=0c4ae0a1a4344b9d9f55b9ce1f646435; expires=Sat, 09 Dec 2023 04:36:38 GMT; secure; SameSite=None oaidts=1670560597; expires=Sat, 09 Dec 2023 04:36:38 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (6390), with no line terminators
Size:   2673
Md5:    474bc7ad742ad26ccbceb13503d87c85
Sha1:   efcf9464a1f23740b8fde7b7ed3711f179bae29b
Sha256: 3361bc38c7196de8788eb6d7b389e9f365874e8a5dee2c650dc6c312b09b08d8

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D8904E4CC9A407E7C154CBBF6AFE3985A55ADCB878DACFB80A0E3CD92EA9703E"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=658
Expires: Fri, 09 Dec 2022 04:47:36 GMT
Date: Fri, 09 Dec 2022 04:36:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D8904E4CC9A407E7C154CBBF6AFE3985A55ADCB878DACFB80A0E3CD92EA9703E"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=658
Expires: Fri, 09 Dec 2022 04:47:36 GMT
Date: Fri, 09 Dec 2022 04:36:38 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:36:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            OPTIONS /9?z=5030496&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdood.re%2Fd%2F6mx8nyi7vyab%27&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=898&wfc=4&sah=1002&drf=&hil=1&ist=0&oaid=0c4ae0a1a4344b9d9f55b9ce1f646435 HTTP/1.1 
Host: upgulpinon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dood.re/
Origin: https://dood.re
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.242
HTTP/2 204 No Content
                                        
server: nginx
date: Fri, 09 Dec 2022 04:36:38 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://dood.re
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "789B12B51DBB5D5A945E9A4F927CE33E4B3BB852320BB7BB8F904B83CC414C85"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20366
Expires: Fri, 09 Dec 2022 10:16:04 GMT
Date: Fri, 09 Dec 2022 04:36:38 GMT
Connection: keep-alive

                                        
                                            GET /1?z=5030496 HTTP/1.1 
Host: upgulpinon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.242
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Fri, 09 Dec 2022 04:36:38 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 4a5b5bf303b25cf6e0a7f0a500789424
access-control-expose-headers: X-Sc
x-sc: MioBWFZh4BvyfoaXAbNR1nVuAtC14MDX7NdbagVSTuzAMTYFmidSAwCH8bOG019Uah4pZ6deO_aCF01iTpq-QCisBtI=
set-cookie: scm=1; expires=Sat, 09 Dec 2023 04:36:38 GMT; secure; SameSite=None OAID=aa3d3d1fe9ad414c9a9b4e0351a0bfeb; expires=Sat, 09 Dec 2023 04:36:38 GMT; secure; SameSite=None oaidts=1670560598; expires=Sat, 09 Dec 2023 04:36:38 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   85394
Md5:    369e20295a25596d4b91ebe372162d7d
Sha1:   d5312b34dac302797be30e84a41703f546ae6dd3
Sha256: e90ad2845af4c7231a529db732a6564cb1b40d83ada6f45b159abea82938fad2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5105
Cache-Control: 'max-age=158059'
Date: Fri, 09 Dec 2022 04:36:38 GMT
Last-Modified: Fri, 09 Dec 2022 03:11:33 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /si/7f/85/7f/7f857f52ec0313ee26f4aa5b075a3b20/1670417315.png HTTP/1.1 
Host: cdn.cloudimagesb.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         45.133.44.10
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 09 Dec 2022 04:36:38 GMT
content-length: 67928
server: nginx/1.17.6
last-modified: Wed, 07 Dec 2022 12:48:44 GMT
etag: "63908bac-10958"
expires: Sun, 11 Dec 2022 04:36:38 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   67928
Md5:    cee9d197f40adc6e2a7302cc42f740f2
Sha1:   824b0a24ac21233a3d7343b204136a3137f60fa2
Sha256: bd058c2e010ebc52cda3116b5363f61c063485ad1ae3045ffb2ead63172d8f16
                                        
                                            GET /sb/ssp/utility/live-message/3-2/js/script.js HTTP/1.1 
Host: cdn.creative-bars1.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.64.108.13
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 09 Dec 2022 04:36:38 GMT
last-modified: Thu, 28 Apr 2022 08:29:16 GMT
etag: W/"626a505c-495"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 342854
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IhPcs0u2qeOwRGzfGvs7iPm4j3%2BtAwsBKkw6ZPIKKcKGTY4TrNKNBHJqwu4SfEIFfMYM0W1MeWb5frozf9POdUtoi05jPEYBezX%2BbBXiz8LqIEjpgJIpPkNbVvZqN6NRoBxEne0%2Bkdzj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776b0a7c4c8923b9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   16689
Md5:    2df84999f29f6c75851799a604e785f7
Sha1:   830ab22ed6d38f4d7bd9585bbbed119731d6ddd2
Sha256: b0a3f426fc08fb3c329a2ee06609b3e732f68d1aaf51151ba15a4457f0786972
                                        
                                            GET /11?rnd=2583630906&z=5030496&b=15978141&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=YgO-55CqHwVdj6M0F2eY3NSr5moBX3dRJboN7f1ds4bOQT4XndQce6HzSJO0BsP83CvZrDWPoOi6dDZHqxx9j5njHcXLjX_o1a4pcGlu6k1u9zJyxSFtEb3pPe_qpHQ6wR5xdiOjpWbLL6UubsqvBSIz07Lsn1kmYKn0u8StxcBSzneXsIFJ5YBrf2WWjfvODyX-nd2yVhtdWiZtKKGMbl0CQm5KbqDkl33h8Fzn0fih99EuGoUZNs2NIcP01u-BMRGXE2tKz_ffcjSvuq_S8Bl-40fBcnAr0XQyD99UdSrEH2aDYoXC4bvzvXvT8oLcATzP9hG5sAkVqcZQVytN2CJeqCt1_ALt0RZLHIcO3nP6tcfBjsSFAswrzooh84xUwxB0j7uFC77k2T2h-cm4juLNquiPOUDNy98GHrfY9VdaKAOb0Ca0u2WmMPElPUxw_-wG7OItgl0uLiGyJ1KilDUczDbmf7CMyZD-QCy360EL0Ad73hZ_PWL4Tfa7ubBxtfRNa1XAVXe37VVotmlksn9szulG0Xcx4_PXt9lx2B2FTSSJpI4ZG3CO3B_B2RVO9bjWyAZrusJSW-H8nohF93ulQkUQbU8_D-V00ZjLCyygfvmDDYu_HwZdLUTZ083ULpNxyXmZVUNEBP9risKbilMaGcM=&ruid=89d2043c-1495-4d1a-b195-c5aed7e935b1&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdood.re%2Fd%2F6mx8nyi7vyab%27&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=898&wfc=4&sah=1002&drf=&hil=1&ist=0&ot=216 HTTP/1.1 
Host: upgulpinon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Cookie: scm=1; OAID=0c4ae0a1a4344b9d9f55b9ce1f646435; oaidts=1670560598
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.242
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Fri, 09 Dec 2022 04:36:38 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://dood.re
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: d703630bcd843c18f6a4cc73261cc8d2
access-control-expose-headers: X-Sc
set-cookie: OAID=0c4ae0a1a4344b9d9f55b9ce1f646435; expires=Sat, 09 Dec 2023 04:36:38 GMT; secure; SameSite=None oaidts=1670560598; expires=Sat, 09 Dec 2023 04:36:38 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /sb/ssp/utility/live-message/3-2/js/jquery.min.js HTTP/1.1 
Host: cdn.creative-bars1.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.64.108.13
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 09 Dec 2022 04:36:38 GMT
last-modified: Thu, 28 Apr 2022 08:29:17 GMT
etag: W/"626a505d-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 342882
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPR0lb2gqjP13%2FNQQt%2Fcxi18w1CHFJlFruZJ0LflcN4M4nu%2BRkN3GIRzrRo1NX5ebXiYUS1DpYUE%2FiOQbbEWZefN2Iyo1ebntC7HKdEq%2BCw4GOFzutOS%2B8b1yeErxYNQrfJUcnX1B3sT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776b0a7b9c2b23b9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   32435
Md5:    05e18fe1e71bcec287aa5d651e63cfac
Sha1:   86d37597f1f30f851f315bf5a4ee25bd1fa45853
Sha256: 3459adb004699bc8fc2de5eefc77e9579219f46b56191a9681466661e69caa92
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:36:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:36:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dood.re
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:54 GMT
expires: Thu, 07 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 118964
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dood.re
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:34:15 GMT
expires: Thu, 07 Dec 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 118943
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3s2Pn%2BjFFS8exL4ICjLpnp7PXWQxrpFgTOJ%2BkHN1VfWkTHVXU1U9PckpuCB78DB68th5JtmgLsvuWQSZeJGAsONBczB%2FgyjsWWYyMPpC1fs%2B9byH53nr%2FfywuCABCnq%2B9bHel0rR5WYt8N%2FalhnXpfU37vphUAtu%2BNsyazVu%2BIPpZfrXw6BZC972PxRsVy%2FXgzAIwiD0V6URiR4sz1jI%2FFE3rHWDWqNeC5sNDMx%2FsS08WOqB9y%2FIK5B88r%2Bdn59CsjGy9MktYXedzt%2F5IC0Uddqgz0%2FuZbuZLjOkizIxHpLsZN4NbSeEfH0FOjuZO4DuH00dIJYT4v0WIs5O5jIR948vlcYKIkPMX0LZH0OoMSQdg%2Bn7kPwZARjHxiay9OGGNiXdu2TplJ2Qped%2FQ5YTsvTHq8jSxytKDvw7WhVO6sxikFSQgzFkb4y8OIXb9yDLUzD3GST%2FhSw%2FX0eWHm1apSF5NXMv5RgyGUOJIaj1UEyP9FAkHorcQ8rPfdrsJkHQTuIkijoNxlgUMdbstHiTR41OEqBgU3lDuHwIpoZg5gC5OcCuHMIUP8LuVLDcg3UT4n1ygD6vUAqC0hKUlKCUBKUjKPvVMVe2bquHXNkiDue5Ps9RNdKud0iPteuJjBzmF%2BTabC5%2Fihy74twXPO60g6jZjlrdZtBuJSLudlkcNlutbtQKI1hZQdorM6v7ckKuvUyRy2f%2Fd4jpKaw6BZNvghavg5ajdj0A3Rk1OgH2s8dca26dETStMZ2C6wq5W4Lb8w7VBXltpuN69QSCnd38K5kFmKmQmwqfyp8IeurB6LYuydFtXVrydDN3MpX7dPp3dxx14uq3H4m9Uhu%2BdssOv3mPTYlp%2BeiusG6dZlxmPUu%2BW5GcC7OqDRPkhzW7LeKtwu6sFCYr8vWt91fX0twIa6XOxqDTPXzhXTA5IS9Wv8%2F28g3xBaQZwxQV0uKMzANSn4LlB7D5Qr%2FVBEYteuLcQ1lUI1OPF49KEiixwDSuYP%2BF40V9aB%2BgZzxQdx9ZWqFvKvRVBaqGsMXVkcvN2c1fo1kgVt4oVsY7ipVRX14O18pzvxk2RCfutBnnsWA8bNejThQEdc4b7a4Iu3B2wr76%2Ft4%2FAAAA%2F%2F8BAAD%2F%2F72RnyZvBAAA HTTP/1.1 
Host: swelltomatoesguess.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Cookie: u_pl=15754608; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecedb8703573695076feb99cb156693613=[3842224]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         173.233.137.44
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 04:36:38 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: afe5a32415bb487529adaf6ecb487bf8
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /contents/s/b3/f6/f1/b5df954598f7bc8916af3f9c8f/0856949380779.png HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=Q8m1zw0DFUIrvfv&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D1834730986%26z%3D3203051%26b%3D15699230%26c%3D6316018%26var%3D%26d%3Dhttps%253A%252F%252Fwww.bybit.com%252Fen-US%252Fregister%253Faffiliate_id%253D46217%2526group_id%253D0%2526group_type%253D1%26cln%3D1%26btp%3D7%26rb%3DcBhpHoxUTKaz5s7_7NrcSt_gpF_hwC-lpNnnIAh98qBoEQDxU9vF3e2emtHZeHs2VhVPtMGfhwJRdcpdzyIA4VG4VSZ-1joGfHZ_BSqKeXGqn3y0Xw82gfGj9oep2ePM1A1O_40X1UulKrj479_X1k8XihJZQQtZ8QNTGAi_a4K3uWj2yLgrT_T8tUZfAdaC1DKzTbAoKsCqT7FyoQPVh2zNNVlzQhPMISzjQE2g-zo5pKBZrIJMKUqlWbZ1TL7Mg3ib85sSeuTcWCPPZa_YMtNdjgrf96g4WKIXcbxx_mUxSOFU9SyIJFDM1HDmyCPlM-7NbuLZgrtz1LdcoxQDsR4Btajle0d_eAZjZWqGh2nDnPxYO9XdCyCTl7ChXgQH1AuZDJJLqLD5Zk9l4Y-XQ8YYQweCdzRWyb0s2OxohnB7ky9HALWmhMzQg9SDko8qWKol6vpr9r2F4xHVklCiuYPxX0ah0R2tRUBYiDAOnQJbXbqG_wfZk1moVkarByg3o9c5OJsJQmb0zm7pzCKSDXxXDWsbUvJL52XNzsgCvLUt7BpBdbM6y5a3KVs2VcE7c22QN9-bnTMd4YZ0_eKD5mc2fdJ-d4uGRnPluRfuvlQSVrFPtwraAL_2LsgpXQkVfxDkGt8_gq2FBzHjdzzAQz9tSmU%3D%26bag%3De5WiNa3QjVf4u1jVtO_1dw%3D%3D%26ruid%3D98722bf8-21e3-45d9-82d6-2f93af7e37e3%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fdood.re%252Fd%252F6mx8nyi7vyab%27%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D898%26wfc%3D4%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         139.45.197.152
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Fri, 09 Dec 2022 04:36:38 GMT
content-length: 38625
last-modified: Fri, 11 Nov 2022 17:13:30 GMT
vary: Accept-Encoding
etag: "636e82ba-96e1"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size:   38625
Md5:    b3f6f1b5df954598f7bc8916af3f9c8f
Sha1:   1d4b7f5f40e1fa8c9811532082870f82dcc954ed
Sha256: bacbe8e9cc313cad0c29bfb06669fd8cdb25c7e3167c952dbe2e4b0956279d9f
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A486D199F675DC6E68D8D0D5FA2E79F7534942F75E423E6A5822FF245BBA4F0F"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14731
Expires: Fri, 09 Dec 2022 08:42:09 GMT
Date: Fri, 09 Dec 2022 04:36:38 GMT
Connection: keep-alive

                                        
                                            GET /KVvTLu.htm?_=BAYAY5K7VgFjkrtWgAGBAsAAIJzoWnwlHJdzk4Oh6MEJ3oLgxLGQjN5lRaw5elXHObk_wQBHMEUCIG_8DgLBhl37gjEzneEfCqSqUmMrO3eXlKxXHuIag0dVAiEAw_CP9i1DypzxBiQYO3bzB1NQ-oTsIHl_Ib_ouOhw5EM&v=4&uKVqracH=4091021&minBid=&DaESoUZI=0,0&xVjXcBWd=&EcywfIVg=&s=1280,1024,1,1280,1024,0 HTTP/1.1 
Host: blockadsnot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         208.95.112.254
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
                                        
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-length: 44
date: Fri, 09 Dec 2022 04:36:38 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   44
Md5:    d5f0a25e4d3522d56d48ce7bc3e518fb
Sha1:   86794caff58f7fee6e684c2ba7195f970a8d6f4c
Sha256: 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:36:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: cujdroxjqdhl.s4.adsco.re
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.200.116.90
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Fri, 09 Dec 2022 04:36:38 GMT
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes

                                        
                                            GET /pixel/sbs?c=1 HTTP/1.1 
Host: swelltomatoesguess.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Cookie: u_pl=15754608; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecedb8703573695076feb99cb156693613=[3842224]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         173.233.137.44
HTTP/1.1 200 OK
                                        
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 04:36:38 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /vctx?t=72747 HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.236
HTTP/2 204 No Content
                                        
server: nginx
date: Fri, 09 Dec 2022 04:36:38 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: bab4989e2d6057c6e32134b2bd1a5e6e
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /500/4245378?excludes=&oaid=0c4ae0a1a4344b9d9f55b9ce1f646435&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=898&wfc=4&pl=https%3A%2F%2Fdood.re%2Fd%2F6mx8nyi7vyab%27&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: betotodilea.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Cookie: OAID=c8be35d13c5c4b23b5b43cf56e22fa85
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 09 Dec 2022 04:36:38 GMT
x-trace-id: 48d43dfbf9724671908b2e8a12c711e2
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://dood.re
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=0c4ae0a1a4344b9d9f55b9ce1f646435; expires=Sat, 09 Dec 2023 04:36:38 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   306192
Md5:    15cc0dbc91803ca02865894aa205f297
Sha1:   7a88510c2cdf1ef52bb3980fff64ee89faeab66a
Sha256: 79ec619137594008902fea178afcbc7c51c28a37a17eb8efe747077fc7c1bf38
                                        
                                            GET /vctx?t=72747 HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.236
HTTP/2 204 No Content
                                        
server: nginx
date: Fri, 09 Dec 2022 04:36:38 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: de5c623ba31d511a08546833dcb278a2
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /contents/s/5b/db/59/3e88deda22455216ceff7e1964/01080807273596.jpeg HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=0k0ojXSIFRSZ6Bo&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D1005827497%26z%3D5030496%26b%3D15978141%26c%3D6390329%26var%3D%26d%3Dhttp%253A%252F%252Fsinglewomenmeet.com%252Fbase.php%253Fc%253D3142%2526key%253Dc7ee83eaf299fa8429c6281a4e5b6621%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DYgO-55CqHwVdj6M0F2eY3NSr5moBX3dRJboN7f1ds4bOQT4XndQce6HzSJO0BsP83CvZrDWPoOi6dDZHqxx9j5njHcXLjX_o1a4pcGlu6k1u9zJyxSFtEb3pPe_qpHQ6wR5xdiOjpWbLL6UubsqvBSIz07Lsn1kmYKn0u8StxcBSzneXsIFJ5YBrf2WWjfvODyX-nd2yVhtdWiZtKKGMbl0CQm5KbqDkl33h8Fzn0fih99EuGoUZNs2NIcP01u-BMRGXE2tKz_ffcjSvuq_S8Bl-40fBcnAr0XQyD99UdSrEH2aDYoXC4bvzvXvT8oLcATzP9hG5sAkVqcZQVytN2CJeqCt1_ALt0RZLHIcO3nP6tcfBjsSFAswrzooh84xUwxB0j7uFC77k2T2h-cm4juLNquiPOUDNy98GHrfY9VdaKAOb0Ca0u2WmMPElPUxw_-wG7OItgl0uLiGyJ1KilDUczDbmf7CMyZD-QCy360EL0Ad73hZ_PWL4Tfa7ubBxtfRNa1XAVXe37VVotmlksn9szulG0Xcx4_PXt9lx2B2FTSSJpI4ZG3CO3B_B2RVO9bjWyAZrusJSW-H8nohF93ulQkUQbU8_D-V00ZjLCyygfvmDDYu_HwZdLUTZ083ULpNxyXmZVUNEBP9risKbilMaGcM%3D%26bag%3Dn5q6Q4ThVhDb8re4AbfXuQ%3D%3D%26ruid%3D89d2043c-1495-4d1a-b195-c5aed7e935b1%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fdood.re%252Fd%252F6mx8nyi7vyab%27%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D898%26wfc%3D4%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         139.45.197.152
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Fri, 09 Dec 2022 04:36:38 GMT
content-length: 23969
last-modified: Tue, 16 Nov 2021 02:07:49 GMT
vary: Accept-Encoding
etag: "61931275-5da1"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Size:   23969
Md5:    5bdb593e88deda22455216ceff7e1964
Sha1:   fb8330815602c4f7cdc72b9667f05ca01634af57
Sha256: 26500390cd8ed06d780e9efdf67696e2fb99195c7d0ed7b4c154ec029691e21e
                                        
                                            GET /contents/s/f0/06/41/217febc2051ba5e4f5a5711765/0492403167591.jpeg HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=0k0ojXSIFRSZ6Bo&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D1005827497%26z%3D5030496%26b%3D15978141%26c%3D6390329%26var%3D%26d%3Dhttp%253A%252F%252Fsinglewomenmeet.com%252Fbase.php%253Fc%253D3142%2526key%253Dc7ee83eaf299fa8429c6281a4e5b6621%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DYgO-55CqHwVdj6M0F2eY3NSr5moBX3dRJboN7f1ds4bOQT4XndQce6HzSJO0BsP83CvZrDWPoOi6dDZHqxx9j5njHcXLjX_o1a4pcGlu6k1u9zJyxSFtEb3pPe_qpHQ6wR5xdiOjpWbLL6UubsqvBSIz07Lsn1kmYKn0u8StxcBSzneXsIFJ5YBrf2WWjfvODyX-nd2yVhtdWiZtKKGMbl0CQm5KbqDkl33h8Fzn0fih99EuGoUZNs2NIcP01u-BMRGXE2tKz_ffcjSvuq_S8Bl-40fBcnAr0XQyD99UdSrEH2aDYoXC4bvzvXvT8oLcATzP9hG5sAkVqcZQVytN2CJeqCt1_ALt0RZLHIcO3nP6tcfBjsSFAswrzooh84xUwxB0j7uFC77k2T2h-cm4juLNquiPOUDNy98GHrfY9VdaKAOb0Ca0u2WmMPElPUxw_-wG7OItgl0uLiGyJ1KilDUczDbmf7CMyZD-QCy360EL0Ad73hZ_PWL4Tfa7ubBxtfRNa1XAVXe37VVotmlksn9szulG0Xcx4_PXt9lx2B2FTSSJpI4ZG3CO3B_B2RVO9bjWyAZrusJSW-H8nohF93ulQkUQbU8_D-V00ZjLCyygfvmDDYu_HwZdLUTZ083ULpNxyXmZVUNEBP9risKbilMaGcM%3D%26bag%3Dn5q6Q4ThVhDb8re4AbfXuQ%3D%3D%26ruid%3D89d2043c-1495-4d1a-b195-c5aed7e935b1%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fdood.re%252Fd%252F6mx8nyi7vyab%27%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D898%26wfc%3D4%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         139.45.197.152
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Fri, 09 Dec 2022 04:36:38 GMT
content-length: 47428
last-modified: Thu, 14 Oct 2021 09:49:57 GMT
vary: Accept-Encoding
etag: "6167fd45-b944"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Size:   47428
Md5:    f00641217febc2051ba5e4f5a5711765
Sha1:   9809e390e42e4b3f3878cc39f2d0132ee40af382
Sha256: 7d665f80122468e50f4027ac302c9b4e72d36fbf4d04d4e626a6e2a9293fc5e5
                                        
                                            POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

search
                                         139.45.197.236
HTTP/2 204 No Content
                                        
server: nginx
date: Fri, 09 Dec 2022 04:36:38 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: b16ef4e2aec3fec27a13db3abe275219
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

search
                                         139.45.197.236
HTTP/2 204 No Content
                                        
server: nginx
date: Fri, 09 Dec 2022 04:36:38 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: a6af7466e4e2668bb624f283c9c74bd6
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            OPTIONS /500/4857535?excludes=&oaid=0c4ae0a1a4344b9d9f55b9ce1f646435&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=898&wfc=6&pl=https%3A%2F%2Fdood.re%2Fd%2F6mx8nyi7vyab%27&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: glizauvo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://dood.re/
Origin: https://dood.re
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.236
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 09 Dec 2022 04:36:41 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://dood.re
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /500/4857535?excludes=&oaid=0c4ae0a1a4344b9d9f55b9ce1f646435&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=898&wfc=6&pl=https%3A%2F%2Fdood.re%2Fd%2F6mx8nyi7vyab%27&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: glizauvo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Cookie: OAID=cb83e577c79f4a4f916f866990266837
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.236
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 09 Dec 2022 04:36:41 GMT
x-trace-id: be3b757d35c644e54086d1d564f333dc
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: https://dood.re
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=0c4ae0a1a4344b9d9f55b9ce1f646435; expires=Sat, 09 Dec 2023 04:36:41 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   17336
Md5:    a664f758365ff8a3524fb2fa7c0944a6
Sha1:   b772b7b1076524d07213f51c747cffd483f1f830
Sha256: 34acc99859fc27251d7414d8db75cc0af88d64b1395d3e6cc65430e32119184c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /script/suurl4.php?r=2964355&cbur=0.6335686243659876&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=Video%20not%20found%20%7C%20DoodStream&cbpage=https%3A%2F%2Fdood.re%2Fd%2F6mx8nyi7vyab%27&cbref=&cbdescription=&cbkeywords=&cbcdn=acacdn.com&aggr=0 HTTP/1.1 
Host: youradexchange.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dood.re/
Origin: https://dood.re
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.190.41.116
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: openresty
date: Fri, 09 Dec 2022 04:36:37 GMT
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /theme_2/css/style.css HTTP/1.1 
Host: i.doodcdn.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dood.re/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.6.74
HTTP/2 200 OK
content-type: text/css
                                        
date: Fri, 09 Dec 2022 04:36:36 GMT
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=249272
expires: Fri, 08 Dec 2023 19:03:11 GMT
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 6102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=01vDdrsUvubFcFgoRZJhNokohq2TeFdHOISX9PXVtqqDegJqXpIjvSPkajSL%2F9BLzl0vqf%2B76Whk99wGEukiwZtGBC%2BL6oKmlHd4A7WkRdl3mO0ixyQ3RrNr5xOO7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776b0a6dce29b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /jsoneditor.min.js HTTP/1.1 
Host: www.blockadsnot.com