dood.re/d/4vk5poznx3rh
104.26.4.50301 Moved Permanently 0 B IP 104.26.4.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /d/4vk5poznx3rh HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 18:35:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 02 Feb 2023 19:35:14 GMT
Location: https://dood.re/d/4vk5poznx3rh
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=et3JSG7HC4GY44E31WcIn4f4WPT6F6tv43YDos47gjYBSt%2FO7nSQ5dSknBq0TiNwM5C5eEiJhuawK%2BGO0XIix%2B28nZ5uYaTNUhWnUkuHKEPlYwvFeQ9D83k%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793506871bc01bfa-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4208
Expires: Thu, 02 Feb 2023 19:45:22 GMT
Date: Thu, 02 Feb 2023 18:35:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2667
Expires: Thu, 02 Feb 2023 19:19:41 GMT
Date: Thu, 02 Feb 2023 18:35:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2194
Expires: Thu, 02 Feb 2023 19:11:48 GMT
Date: Thu, 02 Feb 2023 18:35:14 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 17:36:06 GMT
content-type: application/json
age: 3548
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: eutVKVhE/6b5O9iUdOAS03W7u+eP76yxWomPDS0zrueS6gIfqmfD/DtasOII1s6nw2Sl0naTv8WXKcsR/stIdw==
x-amz-request-id: PTR992DZ15A2N9W9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 18:23:13 GMT
age: 721
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/zrkYX0N7LYA
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/zrkYX0N7LYA
IP 216.58.211.3:0
Hash 43ff4e8f3873bb818266acf342d8a685
550f0b0542825939f481fef8c3e7e25017312c7d
1d0a884fb9539aafa1b94a3f51573fecc60f5bded42a6599ca22d28c0e63aaf2
POST /s/gts1p5/zrkYX0N7LYA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 18:35:14 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/zrkYX0N7LYA
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/zrkYX0N7LYA
IP 216.58.211.3:0
Hash 43ff4e8f3873bb818266acf342d8a685
550f0b0542825939f481fef8c3e7e25017312c7d
1d0a884fb9539aafa1b94a3f51573fecc60f5bded42a6599ca22d28c0e63aaf2
POST /s/gts1p5/zrkYX0N7LYA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 18:35:14 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 18:35:14 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
dood.re/d/4vk5poznx3rh
104.26.5.50200 OK 31 kB IP 104.26.5.50:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7097), with no line terminators
Hash e6c4e12e240baff70d5a3c063d83a0f4
9da355f906375d7ae15af1f1ccf177ae20cd02a3
ba86999133a5e350bc64b56db3afe9ea4cd5d906b79487fdd873f54ffd3bba25
GET /d/4vk5poznx3rh HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 02 Feb 2023 18:35:14 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 01 Feb 2023 18:35:14 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FMTOgwHnrgpdzjJoJ53PKvY%2FtAM3w%2FBl3o4Ngyup8RCtPMK3E7ZeXxruj%2BvHxWUSNebGLhYcVVIGKnVX%2BjseYxZpPNTaOnpjYhCWaDQu4a7o4XUXIWeXGYs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793506890b6ab527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
104.17.24.14200 OK 591 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (1266)
Hash 414869f16aa77a65b4928a018f7f1abb
cea521f7a2958a50239526ed6b068f0937527653
afee364ce513c6517247b81cce5eb5eadb1dbbb35e439eb3fa97bbc15fac2cd3
GET /ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 18:35:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 591
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-514"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 7956808
expires: Tue, 23 Jan 2024 18:35:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d6LYCw3C8zE3QeghUPOtNSwLtwr9g2Zi1%2BpnJDzfhRCEY40yisF1bDRQJO99l3P19ISugr63tcsw8oTCO5avQMe7%2BrvIXpcmMchxwAPPMQKvERT2BI9yfZRMu2%2FjAmo755CNPdva"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7935068accbb0b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ee001503201078eaff97ec1c938b757d
dfd9dde31c54a9e5f64c61a47b00f029797326df
9d929e37105b15f190b103d68c75d606a1e5fe5010cf16bbf642b9305aedcb5f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9D929E37105B15F190B103D68C75D606A1E5FE5010CF16BBF642B9305AEDCB5F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5585
Expires: Thu, 02 Feb 2023 20:08:20 GMT
Date: Thu, 02 Feb 2023 18:35:15 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ee001503201078eaff97ec1c938b757d
dfd9dde31c54a9e5f64c61a47b00f029797326df
9d929e37105b15f190b103d68c75d606a1e5fe5010cf16bbf642b9305aedcb5f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9D929E37105B15F190B103D68C75D606A1E5FE5010CF16BBF642B9305AEDCB5F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5585
Expires: Thu, 02 Feb 2023 20:08:20 GMT
Date: Thu, 02 Feb 2023 18:35:15 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ee001503201078eaff97ec1c938b757d
dfd9dde31c54a9e5f64c61a47b00f029797326df
9d929e37105b15f190b103d68c75d606a1e5fe5010cf16bbf642b9305aedcb5f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9D929E37105B15F190B103D68C75D606A1E5FE5010CF16BBF642B9305AEDCB5F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5585
Expires: Thu, 02 Feb 2023 20:08:20 GMT
Date: Thu, 02 Feb 2023 18:35:15 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 18:35:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.doodcdn.co/img/no_video_3.svg
172.67.70.190200 OK 2.8 kB URL HTTP/2 i.doodcdn.co/img/no_video_3.svg
IP 172.67.70.190:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (2789)
Hash 077bfdaa49ae4877a42611b739ec4752
a2f9e1222b7af9abc05122411ab8902efcc08ead
70d6a17097a8c27edfaad6740e11359d9363f3f04bff1b93483e29c25609fa6c
GET /img/no_video_3.svg HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 18:35:15 GMT
content-type: image/svg+xml
content-length: 2812
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
etag: "61d3187c-afc"
expires: Fri, 03 Mar 2023 08:24:29 GMT
cache-control: public, max-age=2592000, no-transform
access-control-allow-origin: *
cf-cache-status: HIT
age: 75230
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BG%2BUh58VZs1u4jgFtUCsqb5rskT25QD%2BGBjF5w54y5j8k3%2FhaDDVf9HuPDrEGtc7dBIZmLBjQ91S7WCST79EYdY5cfp7YFdTs%2FLvF1Tn4U6b%2F6HZjONls4a4fx4qw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7935068b2d74b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ee001503201078eaff97ec1c938b757d
dfd9dde31c54a9e5f64c61a47b00f029797326df
9d929e37105b15f190b103d68c75d606a1e5fe5010cf16bbf642b9305aedcb5f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9D929E37105B15F190B103D68C75D606A1E5FE5010CF16BBF642B9305AEDCB5F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5585
Expires: Thu, 02 Feb 2023 20:08:20 GMT
Date: Thu, 02 Feb 2023 18:35:15 GMT
Connection: keep-alive
alas4kanmfa6a4mubte.com/lv/esnk/1841679/code.js
62.122.171.6200 OK 45 kB URL HTTP/2 alas4kanmfa6a4mubte.com/lv/esnk/1841679/code.js
IP 62.122.171.6:0
Hash 4907729362a2047d1121f35ea223de6b
1a414896d55ef058a6d084c61cbd36e87ed817ec
4a3b7d3bdacc45cab5ec8ffbbef24b5fdc46bcbe6389437433c3744e13654259
GET /lv/esnk/1841679/code.js HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 18:35:15 GMT
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 12:19:58 GMT
vary: Accept-Encoding
etag: W/"63d9076e-1aea4"
x-js-ab1: var1
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a7b3ec31956bd63e650eb415142c058e
9ec3e8bb87920b77d15eebff1fec01abe75b8d09
ee671d136e466ae0390e96752dca2e391d638bd841c2bd3a0829d0fdabb281ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE671D136E466AE0390E96752DCA2E391D638BD841C2BD3A0829D0FDABB281BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15498
Expires: Thu, 02 Feb 2023 22:53:33 GMT
Date: Thu, 02 Feb 2023 18:35:15 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 17:49:05 GMT
age: 2770
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.pncloudfl.com/pn/71a/dd2/7d5/71add27d5bb61aab24af91ebe2af7f4205a35feb.jpg
104.22.58.221200 OK 49 kB URL HTTP/2 cdn.pncloudfl.com/pn/71a/dd2/7d5/71add27d5bb61aab24af91ebe2af7f4205a35feb.jpg
IP 104.22.58.221:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash eedf689c4a33b79c440062e703d60ff6
a8300edf1b950a50086eb44165a6f6ae278e5057
b8b368d98eb9d04ce213fa62fa781f3bad8d48e5a57f98359cb880ab9600579f
GET /pn/71a/dd2/7d5/71add27d5bb61aab24af91ebe2af7f4205a35feb.jpg HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 18:35:15 GMT
content-type: image/webp
content-length: 48676
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=83221
content-disposition: inline; filename="71add27d5bb61aab24af91ebe2af7f4205a35feb.webp"
etag: 1df69ad2c9b78c9186aaa33fa40c237f
expires: Fri, 03 Feb 2023 22:19:00 GMT
last-modified: Thu, 06 Oct 2022 02:00:51 GMT
vary: Accept
x-openstack-request-id: txe73bad396e604f28ab17d-00633e3eef
x-proxy-cache: HIT
x-timestamp: 1665021650.87526
x-trans-id: txe73bad396e604f28ab17d-00633e3eef
cf-cache-status: HIT
age: 72975
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 7935068cd9bdfab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 375fcf046cc64ed71c33e1e4e4ee6391
a5dfce2d39c986c2c0fe094a08d7ba691ca26bc0
691c314ae5eeda6be06f901377292f0bca4a859c9ed736ca3391b6fe00417717
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "691C314AE5EEDA6BE06F901377292F0BCA4A859C9ED736CA3391B6FE00417717"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3878
Expires: Thu, 02 Feb 2023 19:39:53 GMT
Date: Thu, 02 Feb 2023 18:35:15 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash db328390b1e37573a0a01ed4b8b87976
5a47437b409dd86a2f8b7a4a384aa76df24ff074
3c62ab843b5b918f339b80d8ad188b2e70b821c066bc981c665e896aa1bea5e2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5345
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 18:35:15 GMT
Last-Modified: Thu, 02 Feb 2023 17:06:10 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
alas4kanmfa6a4mubte.com/chicken.gif?z=1841679&pb=47f3cc3a72896fa4dd78063bfa61f3291675370115&psp=ntuLgXBd5oLpR_qWXfQifE7k0eIRbbdbB1lE7_lK8HYWui-MukRD2OpticrUQLQgbfZ3cJKDCWDvYGUT8pToC4O7Hh8n9YZ6g3oz93AkXEgdLdjYmd7apJqHQ9KX5XBWCqGm2w_FtyFKrdwhU6qUrl0ZFdEbl7aCG8K-c8zYacDbMSVtFmZQTvr1Dh5FzYPRQOHt9BoSUV409e022nZOIunHY6FjRjLj9yAT8WyNGSqY_QdcmFQQRWlqYGZIdt79w27UbT9bx4TqSDAaC4ajKxflO7wJCEE6H_hfBNyjdWurp08z6sUML_h_FXFoAPd94Tv1AZADM3hHlGeGOFZDoOfsnSGwgUgTqH-R33eMEC-4MqIZbh8c7PP-MneZkOVzuc_RNxnDfLG3QfOmf4cTxg8cryJgt3jWnvpbPdxKS6TvyTYvtyagX-XG6zI77O5rzoADGoJUNMhWS_9hSmMKMhlnwkChjCwYJ9sU3w03kKvGqlEV-F8pJlCnjsp6b2Adu3__QhWy_a6boDy7xU4RCFYOABv24n5AWpS5PgNyppha8iUV1QlHPuR2N1ZsDaJws9eAHOS04AN9CMCoFvePJTQm8KZVPPdntXJsU-zj2e54-z3jnbE5WvskWgrkIv4ZCSmaiYVcFFCp4kXSn5G0QFkaob2L2eagn-E9BdfRRwM3APQo2M6Q37jHllWTvB_KB3Sov6PyiTjRQsO8JDDCKaPTgj2vnz4sHtZoTIcp40yQ46xDHXJquSEFAHf4JShNtKjp4OYz8YpvSZCmhiIFH8aNWNtR4rao8lklCZZnXK42n8kHJTkbTEe2J5riS1Ob_XE6h_j3U1SlszLakrJd5I_oamsVeggT&abvar=1&os=0
62.122.171.6200 OK 43 B URL HTTP/2 alas4kanmfa6a4mubte.com/chicken.gif?z=1841679&pb=47f3cc3a72896fa4dd78063bfa61f3291675370115&psp=ntuLgXBd5oLpR_qWXfQifE7k0eIRbbdbB1lE7_lK8HYWui-MukRD2OpticrUQLQgbfZ3cJKDCWDvYGUT8pToC4O7Hh8n9YZ6g3oz93AkXEgdLdjYmd7apJqHQ9KX5XBWCqGm2w_FtyFKrdwhU6qUrl0ZFdEbl7aCG8K-c8zYacDbMSVtFmZQTvr1Dh5FzYPRQOHt9BoSUV409e022nZOIunHY6FjRjLj9yAT8WyNGSqY_QdcmFQQRWlqYGZIdt79w27UbT9bx4TqSDAaC4ajKxflO7wJCEE6H_hfBNyjdWurp08z6sUML_h_FXFoAPd94Tv1AZADM3hHlGeGOFZDoOfsnSGwgUgTqH-R33eMEC-4MqIZbh8c7PP-MneZkOVzuc_RNxnDfLG3QfOmf4cTxg8cryJgt3jWnvpbPdxKS6TvyTYvtyagX-XG6zI77O5rzoADGoJUNMhWS_9hSmMKMhlnwkChjCwYJ9sU3w03kKvGqlEV-F8pJlCnjsp6b2Adu3__QhWy_a6boDy7xU4RCFYOABv24n5AWpS5PgNyppha8iUV1QlHPuR2N1ZsDaJws9eAHOS04AN9CMCoFvePJTQm8KZVPPdntXJsU-zj2e54-z3jnbE5WvskWgrkIv4ZCSmaiYVcFFCp4kXSn5G0QFkaob2L2eagn-E9BdfRRwM3APQo2M6Q37jHllWTvB_KB3Sov6PyiTjRQsO8JDDCKaPTgj2vnz4sHtZoTIcp40yQ46xDHXJquSEFAHf4JShNtKjp4OYz8YpvSZCmhiIFH8aNWNtR4rao8lklCZZnXK42n8kHJTkbTEe2J5riS1Ob_XE6h_j3U1SlszLakrJd5I_oamsVeggT&abvar=1&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1841679&pb=47f3cc3a72896fa4dd78063bfa61f3291675370115&psp=ntuLgXBd5oLpR_qWXfQifE7k0eIRbbdbB1lE7_lK8HYWui-MukRD2OpticrUQLQgbfZ3cJKDCWDvYGUT8pToC4O7Hh8n9YZ6g3oz93AkXEgdLdjYmd7apJqHQ9KX5XBWCqGm2w_FtyFKrdwhU6qUrl0ZFdEbl7aCG8K-c8zYacDbMSVtFmZQTvr1Dh5FzYPRQOHt9BoSUV409e022nZOIunHY6FjRjLj9yAT8WyNGSqY_QdcmFQQRWlqYGZIdt79w27UbT9bx4TqSDAaC4ajKxflO7wJCEE6H_hfBNyjdWurp08z6sUML_h_FXFoAPd94Tv1AZADM3hHlGeGOFZDoOfsnSGwgUgTqH-R33eMEC-4MqIZbh8c7PP-MneZkOVzuc_RNxnDfLG3QfOmf4cTxg8cryJgt3jWnvpbPdxKS6TvyTYvtyagX-XG6zI77O5rzoADGoJUNMhWS_9hSmMKMhlnwkChjCwYJ9sU3w03kKvGqlEV-F8pJlCnjsp6b2Adu3__QhWy_a6boDy7xU4RCFYOABv24n5AWpS5PgNyppha8iUV1QlHPuR2N1ZsDaJws9eAHOS04AN9CMCoFvePJTQm8KZVPPdntXJsU-zj2e54-z3jnbE5WvskWgrkIv4ZCSmaiYVcFFCp4kXSn5G0QFkaob2L2eagn-E9BdfRRwM3APQo2M6Q37jHllWTvB_KB3Sov6PyiTjRQsO8JDDCKaPTgj2vnz4sHtZoTIcp40yQ46xDHXJquSEFAHf4JShNtKjp4OYz8YpvSZCmhiIFH8aNWNtR4rao8lklCZZnXK42n8kHJTkbTEe2J5riS1Ob_XE6h_j3U1SlszLakrJd5I_oamsVeggT&abvar=1&os=0 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2302021335855ec49753da47e294d8ba5df7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 18:35:15 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACQ6xAAAAAAAAAAB; Path=/; Expires=Sat, 04 Mar 2023 18:35:15 GMT; Secure; SameSite=None
OACIBLOCK=ACQ6xAAAAABj20NQ; Path=/; Expires=Sat, 04 Mar 2023 18:35:15 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Fri, 03 Feb 2023 18:35:15 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
alas4kanmfa6a4mubte.com/chicken.gif?z=1841674&pb=47f3cc3a72896fa4dd78063bfa61f3291675370115&psp=T8iSxILcCwC8X8h_LZwjwdbIKT7bRFNB-WS5qPx7cmfM7MSDvoi_SND-nQu6ypo7heZf9vanildeLJzooRdXME-C2cACCBwtsJc4kJV-FVXSPUsjAgd8zhS0DHdgM1536mldTPpeOJQCvrcwIw8j-SHc4xMfmJFbkDPR4lnY0uWcWBHwnVI-6uvKfhIyN0QumNba_15-6m4_8zncuGDsemAhyTVSuol5U6tH6nt8vfXa5B3oRuuPwilcc7zGVi3uUtkFFMGyask6G_beyGw7dMo-smvAVSNd9ZFtqsc_HQEL1yd6Xi6rr2T5aqrmJP8jOETvRg8cHoGHuE7a3U4wNZl3guE0NcEIZUQLu03aae3e0P7dE4ncYZwff3Qf2Ijpfg16Vj8PBiGbYYooN7-0tmO5Dh6WO8-T_cYtyhACB8ecrIAMFsEISjJggQ1EnS9GCYojtE__RbZAYQ6dcnE6wGC0dwxObDaW-WZQ5Nv0x46u2xW7Otf7hPOYqTgWwFAWQ-Ho8N6VlwaEUOJ-4NbaAAIvM8PcaXgUxVIj12nfNDnYWLwp-g-zclnBNcS-bSqWvQwnVN2On-llp7-8ctxd2sUiCyzSaufZYCPUi3riDNwZzAnLiJyC23BRBJmX3y_NHWzCz0NyLia-5m6LbISiqkmlFXZxEbrCjT237Mc1RD14_DFaxyH1-sXE0Z_HafxUNcaYzXpvKCQZ1vH8dwrwCmuahLNlweEhWjq5N-c=&abvar=4&os=0
62.122.171.6200 OK 43 B URL HTTP/2 alas4kanmfa6a4mubte.com/chicken.gif?z=1841674&pb=47f3cc3a72896fa4dd78063bfa61f3291675370115&psp=T8iSxILcCwC8X8h_LZwjwdbIKT7bRFNB-WS5qPx7cmfM7MSDvoi_SND-nQu6ypo7heZf9vanildeLJzooRdXME-C2cACCBwtsJc4kJV-FVXSPUsjAgd8zhS0DHdgM1536mldTPpeOJQCvrcwIw8j-SHc4xMfmJFbkDPR4lnY0uWcWBHwnVI-6uvKfhIyN0QumNba_15-6m4_8zncuGDsemAhyTVSuol5U6tH6nt8vfXa5B3oRuuPwilcc7zGVi3uUtkFFMGyask6G_beyGw7dMo-smvAVSNd9ZFtqsc_HQEL1yd6Xi6rr2T5aqrmJP8jOETvRg8cHoGHuE7a3U4wNZl3guE0NcEIZUQLu03aae3e0P7dE4ncYZwff3Qf2Ijpfg16Vj8PBiGbYYooN7-0tmO5Dh6WO8-T_cYtyhACB8ecrIAMFsEISjJggQ1EnS9GCYojtE__RbZAYQ6dcnE6wGC0dwxObDaW-WZQ5Nv0x46u2xW7Otf7hPOYqTgWwFAWQ-Ho8N6VlwaEUOJ-4NbaAAIvM8PcaXgUxVIj12nfNDnYWLwp-g-zclnBNcS-bSqWvQwnVN2On-llp7-8ctxd2sUiCyzSaufZYCPUi3riDNwZzAnLiJyC23BRBJmX3y_NHWzCz0NyLia-5m6LbISiqkmlFXZxEbrCjT237Mc1RD14_DFaxyH1-sXE0Z_HafxUNcaYzXpvKCQZ1vH8dwrwCmuahLNlweEhWjq5N-c=&abvar=4&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1841674&pb=47f3cc3a72896fa4dd78063bfa61f3291675370115&psp=T8iSxILcCwC8X8h_LZwjwdbIKT7bRFNB-WS5qPx7cmfM7MSDvoi_SND-nQu6ypo7heZf9vanildeLJzooRdXME-C2cACCBwtsJc4kJV-FVXSPUsjAgd8zhS0DHdgM1536mldTPpeOJQCvrcwIw8j-SHc4xMfmJFbkDPR4lnY0uWcWBHwnVI-6uvKfhIyN0QumNba_15-6m4_8zncuGDsemAhyTVSuol5U6tH6nt8vfXa5B3oRuuPwilcc7zGVi3uUtkFFMGyask6G_beyGw7dMo-smvAVSNd9ZFtqsc_HQEL1yd6Xi6rr2T5aqrmJP8jOETvRg8cHoGHuE7a3U4wNZl3guE0NcEIZUQLu03aae3e0P7dE4ncYZwff3Qf2Ijpfg16Vj8PBiGbYYooN7-0tmO5Dh6WO8-T_cYtyhACB8ecrIAMFsEISjJggQ1EnS9GCYojtE__RbZAYQ6dcnE6wGC0dwxObDaW-WZQ5Nv0x46u2xW7Otf7hPOYqTgWwFAWQ-Ho8N6VlwaEUOJ-4NbaAAIvM8PcaXgUxVIj12nfNDnYWLwp-g-zclnBNcS-bSqWvQwnVN2On-llp7-8ctxd2sUiCyzSaufZYCPUi3riDNwZzAnLiJyC23BRBJmX3y_NHWzCz0NyLia-5m6LbISiqkmlFXZxEbrCjT237Mc1RD14_DFaxyH1-sXE0Z_HafxUNcaYzXpvKCQZ1vH8dwrwCmuahLNlweEhWjq5N-c=&abvar=4&os=0 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2302021335855ec49753da47e294d8ba5df7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 18:35:15 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACQ6xAAAAAAAAAAB; Path=/; Expires=Sat, 04 Mar 2023 18:35:15 GMT; Secure; SameSite=None
OACIBLOCK=ACQ6xAAAAABj20NQ; Path=/; Expires=Sat, 04 Mar 2023 18:35:15 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Fri, 03 Feb 2023 18:35:15 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
cdn.bncloudfl.com/bn/d72/57c/872/d7257c872cf09e6feb0eb555b20920ff28aea08f.gif
104.22.14.198200 OK 270 kB URL HTTP/2 cdn.bncloudfl.com/bn/d72/57c/872/d7257c872cf09e6feb0eb555b20920ff28aea08f.gif
IP 104.22.14.198:0
File type GIF image data, version 89a, 300 x 100\012- data
Size 270 kB (269988 bytes)
Hash bf697efd67c7bc916699a5cfe1dd005f
d7257c872cf09e6feb0eb555b20920ff28aea08f
39fce10f59ebb9da307d8f32d1b3827cc7a580a31dfe2e2a4397d595ff1badba
GET /bn/d72/57c/872/d7257c872cf09e6feb0eb555b20920ff28aea08f.gif HTTP/1.1
Host: cdn.bncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 18:35:15 GMT
content-type: image/gif
content-length: 269988
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=432000
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: bf697efd67c7bc916699a5cfe1dd005f
expires: Fri, 03 Feb 2023 16:37:27 GMT
last-modified: Thu, 12 Jan 2023 16:20:25 GMT
x-openstack-request-id: txca243b4299ce4be1b000e-0063c033b3
x-proxy-cache: HIT
x-timestamp: 1673540424.69581
x-trans-id: txca243b4299ce4be1b000e-0063c033b3
cf-cache-status: HIT
age: 93468
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7935068d6e25b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 285 B IP 93.184.220.29:0
Hash fb522a0e64161b40192a0930034a9a93
f0b7d6262713e650e42932d80ff5e1269c8f8570
1ae8774727579d3dbf93afd5ef19a3a444ee22c360a8c08c70b4f09e018e421a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5345
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 18:35:15 GMT
Last-Modified: Thu, 02 Feb 2023 17:06:10 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
alas4kanmfa6a4mubte.com/chicken.gif?z=1841679&pb=47f3cc3a72896fa4dd78063bfa61f3291675370115&psp=FHdkSTyfLAMIu1K3sgLP8aB2-987x8IJXxaVxXx7OVGDdAulmbPbA6uH8gX0aPM4k9g4fAN2Ta61vRMpZWvTdWDr3MadliEKtJw8ObCNJzf5lTucKush69p4ZvN12m1aCUlBcr_HTHgcaY2ifx76b1s5Oliuc0WPkbpf75o4pKbcv0lh2KJ2nMqavTFWP9EFj3KYbAtkCDZG2DdOpefoBY35IHBsQRXpLpQYG8irSlt5tyg9w-K_hTpOhfDsradOxzOBWtH8uZmppAnP-BQ6P_-NZsGMuV46ma8omDL_Yhnl1X0xr_hA2boNgpwPBFvzGInB99dtW14YokvdcpUS_AmTDAaZB6bLqJ2JwID_4CNYDLVoqEJGBFaKPvqa2sexYZJG8OUTLGo_VDOQZHP0WKmmGikvf4z8caNMd-ADwXoWrwwEow7gyOr34FGs9TPd4w_HxGPA7fmAAScDWO60NaGQaXUrOsCQ73w2KEYZ_3C7-aFWHA2QdytyBrE5ypcU20GxOMX5uEpkZIl0Apq2ZjZFCbcReY-aln5lSyqKHqNVTMbj4GlclgGgL5v-hFcdvvOZ4jKxVsEEsEuaC4ObUYS3lYJbt_AWOniAZ5pVQs-qKEeFvqc41FXgAc7loakCaO3qdGg7GTDGjcgIL0ZwbXzoXOWMSQEpbAP515YNfTbbiBhZZI1OQfETLGY3n213yQo5SllfbSGQ3gc9Nlwn44gHuUZlzX2ao6DIeBKaFMbEdzpHPVGPYuqqALYDfjVB_UnxOnITA-vaYOLGuKoTHphywBiOkOgbTZ01Rcf1fuRzvsutdRnwzr6ZqrUv-r_2KqesTQJSGDKIdRdWXosFd6EHsESKCyBVmQw=&abvar=1&os=0
62.122.171.6200 OK 43 B URL HTTP/2 alas4kanmfa6a4mubte.com/chicken.gif?z=1841679&pb=47f3cc3a72896fa4dd78063bfa61f3291675370115&psp=FHdkSTyfLAMIu1K3sgLP8aB2-987x8IJXxaVxXx7OVGDdAulmbPbA6uH8gX0aPM4k9g4fAN2Ta61vRMpZWvTdWDr3MadliEKtJw8ObCNJzf5lTucKush69p4ZvN12m1aCUlBcr_HTHgcaY2ifx76b1s5Oliuc0WPkbpf75o4pKbcv0lh2KJ2nMqavTFWP9EFj3KYbAtkCDZG2DdOpefoBY35IHBsQRXpLpQYG8irSlt5tyg9w-K_hTpOhfDsradOxzOBWtH8uZmppAnP-BQ6P_-NZsGMuV46ma8omDL_Yhnl1X0xr_hA2boNgpwPBFvzGInB99dtW14YokvdcpUS_AmTDAaZB6bLqJ2JwID_4CNYDLVoqEJGBFaKPvqa2sexYZJG8OUTLGo_VDOQZHP0WKmmGikvf4z8caNMd-ADwXoWrwwEow7gyOr34FGs9TPd4w_HxGPA7fmAAScDWO60NaGQaXUrOsCQ73w2KEYZ_3C7-aFWHA2QdytyBrE5ypcU20GxOMX5uEpkZIl0Apq2ZjZFCbcReY-aln5lSyqKHqNVTMbj4GlclgGgL5v-hFcdvvOZ4jKxVsEEsEuaC4ObUYS3lYJbt_AWOniAZ5pVQs-qKEeFvqc41FXgAc7loakCaO3qdGg7GTDGjcgIL0ZwbXzoXOWMSQEpbAP515YNfTbbiBhZZI1OQfETLGY3n213yQo5SllfbSGQ3gc9Nlwn44gHuUZlzX2ao6DIeBKaFMbEdzpHPVGPYuqqALYDfjVB_UnxOnITA-vaYOLGuKoTHphywBiOkOgbTZ01Rcf1fuRzvsutdRnwzr6ZqrUv-r_2KqesTQJSGDKIdRdWXosFd6EHsESKCyBVmQw=&abvar=1&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1841679&pb=47f3cc3a72896fa4dd78063bfa61f3291675370115&psp=FHdkSTyfLAMIu1K3sgLP8aB2-987x8IJXxaVxXx7OVGDdAulmbPbA6uH8gX0aPM4k9g4fAN2Ta61vRMpZWvTdWDr3MadliEKtJw8ObCNJzf5lTucKush69p4ZvN12m1aCUlBcr_HTHgcaY2ifx76b1s5Oliuc0WPkbpf75o4pKbcv0lh2KJ2nMqavTFWP9EFj3KYbAtkCDZG2DdOpefoBY35IHBsQRXpLpQYG8irSlt5tyg9w-K_hTpOhfDsradOxzOBWtH8uZmppAnP-BQ6P_-NZsGMuV46ma8omDL_Yhnl1X0xr_hA2boNgpwPBFvzGInB99dtW14YokvdcpUS_AmTDAaZB6bLqJ2JwID_4CNYDLVoqEJGBFaKPvqa2sexYZJG8OUTLGo_VDOQZHP0WKmmGikvf4z8caNMd-ADwXoWrwwEow7gyOr34FGs9TPd4w_HxGPA7fmAAScDWO60NaGQaXUrOsCQ73w2KEYZ_3C7-aFWHA2QdytyBrE5ypcU20GxOMX5uEpkZIl0Apq2ZjZFCbcReY-aln5lSyqKHqNVTMbj4GlclgGgL5v-hFcdvvOZ4jKxVsEEsEuaC4ObUYS3lYJbt_AWOniAZ5pVQs-qKEeFvqc41FXgAc7loakCaO3qdGg7GTDGjcgIL0ZwbXzoXOWMSQEpbAP515YNfTbbiBhZZI1OQfETLGY3n213yQo5SllfbSGQ3gc9Nlwn44gHuUZlzX2ao6DIeBKaFMbEdzpHPVGPYuqqALYDfjVB_UnxOnITA-vaYOLGuKoTHphywBiOkOgbTZ01Rcf1fuRzvsutdRnwzr6ZqrUv-r_2KqesTQJSGDKIdRdWXosFd6EHsESKCyBVmQw=&abvar=1&os=0 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2302021335855ec49753da47e294d8ba5df7; OACICAP=ACQ6xAAAAAAAAAAB; OACIBLOCK=ACQ6xAAAAABj20NQ; ppucnt=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 18:35:15 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACQ6xAAAAAAAAAABACQzCgAAAAAAAAAB; Path=/; Expires=Sat, 04 Mar 2023 18:35:15 GMT; Secure; SameSite=None
OACIBLOCK=ACQ6xAAAAABj20NQACQzCgAAAABj2%2Fog; Path=/; Expires=Sat, 04 Mar 2023 18:35:15 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Fri, 03 Feb 2023 18:35:15 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
alas4kanmfa6a4mubte.com/chicken.gif?z=1841674&pb=47f3cc3a72896fa4dd78063bfa61f3291675370115&psp=HSPzwV76C_e0GGGI2yMSouaXeDBJGvap9GSUMP_HBlOd0WVYlgIgsKEvIiqCWiqSP1S0yr5iPGe_PT94NDoNGZLbnhqFK_IMLXsyjk_4VEqmYBsi6vY2UL0WYMcohPumrzikSKfD7v5KK0U6ltpnyWEPCIAAkMQDFjhdxuLgZfBZ_TbxRXck_7SHAEwnTytCh1WJbm75KkWa2ZED0agoEZ60943a7gBi9wrzeRooZwEFzBE3WSWCq1f3YVwp0FdY7gROkpHMRijv2lcCFxCgPR3nZmPAYBxFbytxHZGurRHq_NoPV4BCrywofGzSAIsyBIDar0XD1iuNLkrPP6j4AmyqTfQ7j-g5J3t1npUu9SdAkXWDuaAD2IzguERRhXXgFH2o3yYoSm1h4VgBLUOUEvJnQbuy9_KnYTpolUr2W9-wr_0a97Khe40sZRTVFf9oT6G-sTIr49IcpsxZSl1tuw-V68nalnm-kYasBYcdwdnR6D5nixUVs2yTJTYNnWrJ7R7V7rel8vXiwxpBJhDbFlNOwpiFX_aRauUe-SU1ahtg8j6G-31gdB6L8lacFWzqH6AUtQf0r6_YfLVrRKgOzhed0WybehwPs2h9VSFWEB0apiT1aTLOQ6IjoS3vA0uniNagGThlvNdltKOM0SpXrfAUY0o_PRZtNacLOUz5u7pvu6ILEfEZkz9zivC17qbTz7WyLmfPC8u52oioKqBH9EIKARLOCcdhNOsCil575lXXy89v_s2HeYSyz4X_cSaHYM6B0XOiQ6opwxd9k0L-LflzN2TTbevOzXs2VahzuLR0s2GNc8_jwe-OIpztSJ1kcftTcHdDJDMz7bvx_q-TwsTsgCe74yfL0EYcLNOnUbBV4IvghupCLkQYZSDnpH52tVTqU5-O3GYqwEI2sDF-LZPzE_eF-5eky4OnGzJ8-l7z23hkOqmQrxQT0-iBWSMfkPUd3UCwSIS4owgByuMbB6aCnc3T&abvar=4&os=0
62.122.171.6200 OK 43 B URL HTTP/2 alas4kanmfa6a4mubte.com/chicken.gif?z=1841674&pb=47f3cc3a72896fa4dd78063bfa61f3291675370115&psp=HSPzwV76C_e0GGGI2yMSouaXeDBJGvap9GSUMP_HBlOd0WVYlgIgsKEvIiqCWiqSP1S0yr5iPGe_PT94NDoNGZLbnhqFK_IMLXsyjk_4VEqmYBsi6vY2UL0WYMcohPumrzikSKfD7v5KK0U6ltpnyWEPCIAAkMQDFjhdxuLgZfBZ_TbxRXck_7SHAEwnTytCh1WJbm75KkWa2ZED0agoEZ60943a7gBi9wrzeRooZwEFzBE3WSWCq1f3YVwp0FdY7gROkpHMRijv2lcCFxCgPR3nZmPAYBxFbytxHZGurRHq_NoPV4BCrywofGzSAIsyBIDar0XD1iuNLkrPP6j4AmyqTfQ7j-g5J3t1npUu9SdAkXWDuaAD2IzguERRhXXgFH2o3yYoSm1h4VgBLUOUEvJnQbuy9_KnYTpolUr2W9-wr_0a97Khe40sZRTVFf9oT6G-sTIr49IcpsxZSl1tuw-V68nalnm-kYasBYcdwdnR6D5nixUVs2yTJTYNnWrJ7R7V7rel8vXiwxpBJhDbFlNOwpiFX_aRauUe-SU1ahtg8j6G-31gdB6L8lacFWzqH6AUtQf0r6_YfLVrRKgOzhed0WybehwPs2h9VSFWEB0apiT1aTLOQ6IjoS3vA0uniNagGThlvNdltKOM0SpXrfAUY0o_PRZtNacLOUz5u7pvu6ILEfEZkz9zivC17qbTz7WyLmfPC8u52oioKqBH9EIKARLOCcdhNOsCil575lXXy89v_s2HeYSyz4X_cSaHYM6B0XOiQ6opwxd9k0L-LflzN2TTbevOzXs2VahzuLR0s2GNc8_jwe-OIpztSJ1kcftTcHdDJDMz7bvx_q-TwsTsgCe74yfL0EYcLNOnUbBV4IvghupCLkQYZSDnpH52tVTqU5-O3GYqwEI2sDF-LZPzE_eF-5eky4OnGzJ8-l7z23hkOqmQrxQT0-iBWSMfkPUd3UCwSIS4owgByuMbB6aCnc3T&abvar=4&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1841674&pb=47f3cc3a72896fa4dd78063bfa61f3291675370115&psp=HSPzwV76C_e0GGGI2yMSouaXeDBJGvap9GSUMP_HBlOd0WVYlgIgsKEvIiqCWiqSP1S0yr5iPGe_PT94NDoNGZLbnhqFK_IMLXsyjk_4VEqmYBsi6vY2UL0WYMcohPumrzikSKfD7v5KK0U6ltpnyWEPCIAAkMQDFjhdxuLgZfBZ_TbxRXck_7SHAEwnTytCh1WJbm75KkWa2ZED0agoEZ60943a7gBi9wrzeRooZwEFzBE3WSWCq1f3YVwp0FdY7gROkpHMRijv2lcCFxCgPR3nZmPAYBxFbytxHZGurRHq_NoPV4BCrywofGzSAIsyBIDar0XD1iuNLkrPP6j4AmyqTfQ7j-g5J3t1npUu9SdAkXWDuaAD2IzguERRhXXgFH2o3yYoSm1h4VgBLUOUEvJnQbuy9_KnYTpolUr2W9-wr_0a97Khe40sZRTVFf9oT6G-sTIr49IcpsxZSl1tuw-V68nalnm-kYasBYcdwdnR6D5nixUVs2yTJTYNnWrJ7R7V7rel8vXiwxpBJhDbFlNOwpiFX_aRauUe-SU1ahtg8j6G-31gdB6L8lacFWzqH6AUtQf0r6_YfLVrRKgOzhed0WybehwPs2h9VSFWEB0apiT1aTLOQ6IjoS3vA0uniNagGThlvNdltKOM0SpXrfAUY0o_PRZtNacLOUz5u7pvu6ILEfEZkz9zivC17qbTz7WyLmfPC8u52oioKqBH9EIKARLOCcdhNOsCil575lXXy89v_s2HeYSyz4X_cSaHYM6B0XOiQ6opwxd9k0L-LflzN2TTbevOzXs2VahzuLR0s2GNc8_jwe-OIpztSJ1kcftTcHdDJDMz7bvx_q-TwsTsgCe74yfL0EYcLNOnUbBV4IvghupCLkQYZSDnpH52tVTqU5-O3GYqwEI2sDF-LZPzE_eF-5eky4OnGzJ8-l7z23hkOqmQrxQT0-iBWSMfkPUd3UCwSIS4owgByuMbB6aCnc3T&abvar=4&os=0 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2302021335855ec49753da47e294d8ba5df7; OACICAP=ACQ6xAAAAAAAAAAB; OACIBLOCK=ACQ6xAAAAABj20NQ; ppucnt=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 18:35:15 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACQ6xAAAAAAAAAABACQzCgAAAAAAAAAB; Path=/; Expires=Sat, 04 Mar 2023 18:35:15 GMT; Secure; SameSite=None
OACIBLOCK=ACQ6xAAAAABj20NQACQzCgAAAABj2%2Fog; Path=/; Expires=Sat, 04 Mar 2023 18:35:15 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Fri, 03 Feb 2023 18:35:15 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 18efe1eb41f84ec335ba867826e3dcf3
d732bbb2a07f714b8513c86533553e423edfe030
82f020755a311b2b169cc584aadda54ed7b4536b0ad138eb134255d6204f0d61
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5164
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 18:35:15 GMT
Last-Modified: Thu, 02 Feb 2023 17:09:11 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 18efe1eb41f84ec335ba867826e3dcf3
d732bbb2a07f714b8513c86533553e423edfe030
82f020755a311b2b169cc584aadda54ed7b4536b0ad138eb134255d6204f0d61
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5164
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 18:35:15 GMT
Last-Modified: Thu, 02 Feb 2023 17:09:11 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7000
Expires: Thu, 02 Feb 2023 20:31:55 GMT
Date: Thu, 02 Feb 2023 18:35:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0baee5a717fe2ab9fba53fbe9c7d8221
4492924555efc4f7657d59dc8c3b8c784243082d
33225ad1cbab08a9591797f9d938c7e9cc8a991efc423d64bd6f8e249cc6c94e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "33225AD1CBAB08A9591797F9D938C7E9CC8A991EFC423D64BD6F8E249CC6C94E"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7912
Expires: Thu, 02 Feb 2023 20:47:07 GMT
Date: Thu, 02 Feb 2023 18:35:15 GMT
Connection: keep-alive
alas4kanmfa6a4mubte.com/whob.gif?z=1841679&pb=47f3cc3a72896fa4dd78063bfa61f3291675370115&psp=ntuLgXBd5oLpR_qWXfQifE7k0eIRbbdbB1lE7_lK8HYWui-MukRD2OpticrUQLQgbfZ3cJKDCWDvYGUT8pToC4O7Hh8n9YZ6g3oz93AkXEgdLdjYmd7apJqHQ9KX5XBWCqGm2w_FtyFKrdwhU6qUrl0ZFdEbl7aCG8K-c8zYacDbMSVtFmZQTvr1Dh5FzYPRQOHt9BoSUV409e022nZOIunHY6FjRjLj9yAT8WyNGSqY_QdcmFQQRWlqYGZIdt79w27UbT9bx4TqSDAaC4ajKxflO7wJCEE6H_hfBNyjdWurp08z6sUML_h_FXFoAPd94Tv1AZADM3hHlGeGOFZDoOfsnSGwgUgTqH-R33eMEC-4MqIZbh8c7PP-MneZkOVzuc_RNxnDfLG3QfOmf4cTxg8cryJgt3jWnvpbPdxKS6TvyTYvtyagX-XG6zI77O5rzoADGoJUNMhWS_9hSmMKMhlnwkChjCwYJ9sU3w03kKvGqlEV-F8pJlCnjsp6b2Adu3__QhWy_a6boDy7xU4RCFYOABv24n5AWpS5PgNyppha8iUV1QlHPuR2N1ZsDaJws9eAHOS04AN9CMCoFvePJTQm8KZVPPdntXJsU-zj2e54-z3jnbE5WvskWgrkIv4ZCSmaiYVcFFCp4kXSn5G0QFkaob2L2eagn-E9BdfRRwM3APQo2M6Q37jHllWTvB_KB3Sov6PyiTjRQsO8JDDCKaPTgj2vnz4sHtZoTIcp40yQ46xDHXJquSEFAHf4JShNtKjp4OYz8YpvSZCmhiIFH8aNWNtR4rao8lklCZZnXK42n8kHJTkbTEe2J5riS1Ob_XE6h_j3U1SlszLakrJd5I_oamsVeggT&abvar=1&os=0
62.122.171.6200 OK 43 B URL HTTP/2 alas4kanmfa6a4mubte.com/whob.gif?z=1841679&pb=47f3cc3a72896fa4dd78063bfa61f3291675370115&psp=ntuLgXBd5oLpR_qWXfQifE7k0eIRbbdbB1lE7_lK8HYWui-MukRD2OpticrUQLQgbfZ3cJKDCWDvYGUT8pToC4O7Hh8n9YZ6g3oz93AkXEgdLdjYmd7apJqHQ9KX5XBWCqGm2w_FtyFKrdwhU6qUrl0ZFdEbl7aCG8K-c8zYacDbMSVtFmZQTvr1Dh5FzYPRQOHt9BoSUV409e022nZOIunHY6FjRjLj9yAT8WyNGSqY_QdcmFQQRWlqYGZIdt79w27UbT9bx4TqSDAaC4ajKxflO7wJCEE6H_hfBNyjdWurp08z6sUML_h_FXFoAPd94Tv1AZADM3hHlGeGOFZDoOfsnSGwgUgTqH-R33eMEC-4MqIZbh8c7PP-MneZkOVzuc_RNxnDfLG3QfOmf4cTxg8cryJgt3jWnvpbPdxKS6TvyTYvtyagX-XG6zI77O5rzoADGoJUNMhWS_9hSmMKMhlnwkChjCwYJ9sU3w03kKvGqlEV-F8pJlCnjsp6b2Adu3__QhWy_a6boDy7xU4RCFYOABv24n5AWpS5PgNyppha8iUV1QlHPuR2N1ZsDaJws9eAHOS04AN9CMCoFvePJTQm8KZVPPdntXJsU-zj2e54-z3jnbE5WvskWgrkIv4ZCSmaiYVcFFCp4kXSn5G0QFkaob2L2eagn-E9BdfRRwM3APQo2M6Q37jHllWTvB_KB3Sov6PyiTjRQsO8JDDCKaPTgj2vnz4sHtZoTIcp40yQ46xDHXJquSEFAHf4JShNtKjp4OYz8YpvSZCmhiIFH8aNWNtR4rao8lklCZZnXK42n8kHJTkbTEe2J5riS1Ob_XE6h_j3U1SlszLakrJd5I_oamsVeggT&abvar=1&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /whob.gif?z=1841679&pb=47f3cc3a72896fa4dd78063bfa61f3291675370115&psp=ntuLgXBd5oLpR_qWXfQifE7k0eIRbbdbB1lE7_lK8HYWui-MukRD2OpticrUQLQgbfZ3cJKDCWDvYGUT8pToC4O7Hh8n9YZ6g3oz93AkXEgdLdjYmd7apJqHQ9KX5XBWCqGm2w_FtyFKrdwhU6qUrl0ZFdEbl7aCG8K-c8zYacDbMSVtFmZQTvr1Dh5FzYPRQOHt9BoSUV409e022nZOIunHY6FjRjLj9yAT8WyNGSqY_QdcmFQQRWlqYGZIdt79w27UbT9bx4TqSDAaC4ajKxflO7wJCEE6H_hfBNyjdWurp08z6sUML_h_FXFoAPd94Tv1AZADM3hHlGeGOFZDoOfsnSGwgUgTqH-R33eMEC-4MqIZbh8c7PP-MneZkOVzuc_RNxnDfLG3QfOmf4cTxg8cryJgt3jWnvpbPdxKS6TvyTYvtyagX-XG6zI77O5rzoADGoJUNMhWS_9hSmMKMhlnwkChjCwYJ9sU3w03kKvGqlEV-F8pJlCnjsp6b2Adu3__QhWy_a6boDy7xU4RCFYOABv24n5AWpS5PgNyppha8iUV1QlHPuR2N1ZsDaJws9eAHOS04AN9CMCoFvePJTQm8KZVPPdntXJsU-zj2e54-z3jnbE5WvskWgrkIv4ZCSmaiYVcFFCp4kXSn5G0QFkaob2L2eagn-E9BdfRRwM3APQo2M6Q37jHllWTvB_KB3Sov6PyiTjRQsO8JDDCKaPTgj2vnz4sHtZoTIcp40yQ46xDHXJquSEFAHf4JShNtKjp4OYz8YpvSZCmhiIFH8aNWNtR4rao8lklCZZnXK42n8kHJTkbTEe2J5riS1Ob_XE6h_j3U1SlszLakrJd5I_oamsVeggT&abvar=1&os=0 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2302021335855ec49753da47e294d8ba5df7; OACICAP=ACQ6xAAAAAAAAAABACQzCgAAAAAAAAAB; OACIBLOCK=ACQ6xAAAAABj20NQACQzCgAAAABj2%2Fog; ppucnt=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 18:35:15 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.banner.view
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
racterdeet.com/utx?tid=926820&top=dood.re&cb=me9jG25qbRrg
143.204.55.70204 No Content 0 B URL HTTP/2 racterdeet.com/utx?tid=926820&top=dood.re&cb=me9jG25qbRrg
IP 143.204.55.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=926820&top=dood.re&cb=me9jG25qbRrg HTTP/1.1
Host: racterdeet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 18:35:15 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://dood.re
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 02 Feb 2023 18:36:15 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KLWiOC_zE_NhtSRhJFWf4EuXWp_Hrczrw_Xv6gesMyS33fGZr1-BJA==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6b21f87e54b10ba719e15dc390c48701
7da5a76ac948ba52b23e19b4d857efddef75313e
178a5d6a627ac741af8a057c542d308bdc88802d07f1aeb41af37ff997cd90df
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "178A5D6A627AC741AF8A057C542D308BDC88802D07F1AEB41AF37FF997CD90DF"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14704
Expires: Thu, 02 Feb 2023 22:40:19 GMT
Date: Thu, 02 Feb 2023 18:35:15 GMT
Connection: keep-alive
alas4kanmfa6a4mubte.com/whob.gif?z=1841674&pb=47f3cc3a72896fa4dd78063bfa61f3291675370115&psp=HSPzwV76C_e0GGGI2yMSouaXeDBJGvap9GSUMP_HBlOd0WVYlgIgsKEvIiqCWiqSP1S0yr5iPGe_PT94NDoNGZLbnhqFK_IMLXsyjk_4VEqmYBsi6vY2UL0WYMcohPumrzikSKfD7v5KK0U6ltpnyWEPCIAAkMQDFjhdxuLgZfBZ_TbxRXck_7SHAEwnTytCh1WJbm75KkWa2ZED0agoEZ60943a7gBi9wrzeRooZwEFzBE3WSWCq1f3YVwp0FdY7gROkpHMRijv2lcCFxCgPR3nZmPAYBxFbytxHZGurRHq_NoPV4BCrywofGzSAIsyBIDar0XD1iuNLkrPP6j4AmyqTfQ7j-g5J3t1npUu9SdAkXWDuaAD2IzguERRhXXgFH2o3yYoSm1h4VgBLUOUEvJnQbuy9_KnYTpolUr2W9-wr_0a97Khe40sZRTVFf9oT6G-sTIr49IcpsxZSl1tuw-V68nalnm-kYasBYcdwdnR6D5nixUVs2yTJTYNnWrJ7R7V7rel8vXiwxpBJhDbFlNOwpiFX_aRauUe-SU1ahtg8j6G-31gdB6L8lacFWzqH6AUtQf0r6_YfLVrRKgOzhed0WybehwPs2h9VSFWEB0apiT1aTLOQ6IjoS3vA0uniNagGThlvNdltKOM0SpXrfAUY0o_PRZtNacLOUz5u7pvu6ILEfEZkz9zivC17qbTz7WyLmfPC8u52oioKqBH9EIKARLOCcdhNOsCil575lXXy89v_s2HeYSyz4X_cSaHYM6B0XOiQ6opwxd9k0L-LflzN2TTbevOzXs2VahzuLR0s2GNc8_jwe-OIpztSJ1kcftTcHdDJDMz7bvx_q-TwsTsgCe74yfL0EYcLNOnUbBV4IvghupCLkQYZSDnpH52tVTqU5-O3GYqwEI2sDF-LZPzE_eF-5eky4OnGzJ8-l7z23hkOqmQrxQT0-iBWSMfkPUd3UCwSIS4owgByuMbB6aCnc3T&abvar=4&os=0
62.122.171.6200 OK 43 B URL HTTP/2 alas4kanmfa6a4mubte.com/whob.gif?z=1841674&pb=47f3cc3a72896fa4dd78063bfa61f3291675370115&psp=HSPzwV76C_e0GGGI2yMSouaXeDBJGvap9GSUMP_HBlOd0WVYlgIgsKEvIiqCWiqSP1S0yr5iPGe_PT94NDoNGZLbnhqFK_IMLXsyjk_4VEqmYBsi6vY2UL0WYMcohPumrzikSKfD7v5KK0U6ltpnyWEPCIAAkMQDFjhdxuLgZfBZ_TbxRXck_7SHAEwnTytCh1WJbm75KkWa2ZED0agoEZ60943a7gBi9wrzeRooZwEFzBE3WSWCq1f3YVwp0FdY7gROkpHMRijv2lcCFxCgPR3nZmPAYBxFbytxHZGurRHq_NoPV4BCrywofGzSAIsyBIDar0XD1iuNLkrPP6j4AmyqTfQ7j-g5J3t1npUu9SdAkXWDuaAD2IzguERRhXXgFH2o3yYoSm1h4VgBLUOUEvJnQbuy9_KnYTpolUr2W9-wr_0a97Khe40sZRTVFf9oT6G-sTIr49IcpsxZSl1tuw-V68nalnm-kYasBYcdwdnR6D5nixUVs2yTJTYNnWrJ7R7V7rel8vXiwxpBJhDbFlNOwpiFX_aRauUe-SU1ahtg8j6G-31gdB6L8lacFWzqH6AUtQf0r6_YfLVrRKgOzhed0WybehwPs2h9VSFWEB0apiT1aTLOQ6IjoS3vA0uniNagGThlvNdltKOM0SpXrfAUY0o_PRZtNacLOUz5u7pvu6ILEfEZkz9zivC17qbTz7WyLmfPC8u52oioKqBH9EIKARLOCcdhNOsCil575lXXy89v_s2HeYSyz4X_cSaHYM6B0XOiQ6opwxd9k0L-LflzN2TTbevOzXs2VahzuLR0s2GNc8_jwe-OIpztSJ1kcftTcHdDJDMz7bvx_q-TwsTsgCe74yfL0EYcLNOnUbBV4IvghupCLkQYZSDnpH52tVTqU5-O3GYqwEI2sDF-LZPzE_eF-5eky4OnGzJ8-l7z23hkOqmQrxQT0-iBWSMfkPUd3UCwSIS4owgByuMbB6aCnc3T&abvar=4&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /whob.gif?z=1841674&pb=47f3cc3a72896fa4dd78063bfa61f3291675370115&psp=HSPzwV76C_e0GGGI2yMSouaXeDBJGvap9GSUMP_HBlOd0WVYlgIgsKEvIiqCWiqSP1S0yr5iPGe_PT94NDoNGZLbnhqFK_IMLXsyjk_4VEqmYBsi6vY2UL0WYMcohPumrzikSKfD7v5KK0U6ltpnyWEPCIAAkMQDFjhdxuLgZfBZ_TbxRXck_7SHAEwnTytCh1WJbm75KkWa2ZED0agoEZ60943a7gBi9wrzeRooZwEFzBE3WSWCq1f3YVwp0FdY7gROkpHMRijv2lcCFxCgPR3nZmPAYBxFbytxHZGurRHq_NoPV4BCrywofGzSAIsyBIDar0XD1iuNLkrPP6j4AmyqTfQ7j-g5J3t1npUu9SdAkXWDuaAD2IzguERRhXXgFH2o3yYoSm1h4VgBLUOUEvJnQbuy9_KnYTpolUr2W9-wr_0a97Khe40sZRTVFf9oT6G-sTIr49IcpsxZSl1tuw-V68nalnm-kYasBYcdwdnR6D5nixUVs2yTJTYNnWrJ7R7V7rel8vXiwxpBJhDbFlNOwpiFX_aRauUe-SU1ahtg8j6G-31gdB6L8lacFWzqH6AUtQf0r6_YfLVrRKgOzhed0WybehwPs2h9VSFWEB0apiT1aTLOQ6IjoS3vA0uniNagGThlvNdltKOM0SpXrfAUY0o_PRZtNacLOUz5u7pvu6ILEfEZkz9zivC17qbTz7WyLmfPC8u52oioKqBH9EIKARLOCcdhNOsCil575lXXy89v_s2HeYSyz4X_cSaHYM6B0XOiQ6opwxd9k0L-LflzN2TTbevOzXs2VahzuLR0s2GNc8_jwe-OIpztSJ1kcftTcHdDJDMz7bvx_q-TwsTsgCe74yfL0EYcLNOnUbBV4IvghupCLkQYZSDnpH52tVTqU5-O3GYqwEI2sDF-LZPzE_eF-5eky4OnGzJ8-l7z23hkOqmQrxQT0-iBWSMfkPUd3UCwSIS4owgByuMbB6aCnc3T&abvar=4&os=0 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2302021335855ec49753da47e294d8ba5df7; OACICAP=ACQ6xAAAAAAAAAABACQzCgAAAAAAAAAB; OACIBLOCK=ACQ6xAAAAABj20NQACQzCgAAAABj2%2Fog; ppucnt=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 18:35:15 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.banner.view
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
i.doodcdn.co/theme_2/css/bootstrap.min.css
172.67.70.190200 OK 25 kB URL HTTP/2 i.doodcdn.co/theme_2/css/bootstrap.min.css
IP 172.67.70.190:0
File type ASCII text, with very long lines (65324)
Hash 59b2a08dbe983864b1282169ed44d587
55a4b388951aa496c790ed2c264c6ea8bdcdf49f
643254f9ea3311ad024ae0ed83c78be1c62776024fae5bb4bb129ba552f775c2
GET /theme_2/css/bootstrap.min.css HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 18:35:15 GMT
content-type: text/css
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=2592000
expires: Thu, 01 Feb 2024 08:27:35 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 45597
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6rSfhBCyMU%2BPUNrNJU%2ByclBvZ6jPBas7hlgOZ2Mk0rQGZkOqW5vdDk0hv%2FYzE%2Bc7mI9US%2FkZaCCJLkdO0vlplHCNpYHSJtctCPdCJ%2Fw4eJhhsh5NtGQS04ryni6AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7935068b2d71b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.itskiddien.club/apu.php?zoneid=5609943
139.45.197.236200 OK 34 kB URL HTTP/2 cdn.itskiddien.club/apu.php?zoneid=5609943
IP 139.45.197.236:0
Hash d0281a7f350251601f6f62c2b3051c85
b58e040d5d72f0e0c0ffd0db1b37fd79c31b59ee
a00b7a1551baa8b651eda61289a7326f738bc4c53ae8c8057fe5ec53e7078b23
GET /apu.php?zoneid=5609943 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 18:35:15 GMT
content-type: application/javascript
x-trace-id: c09ee067f2f2ca63f29d66fe4a8ceb39
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=f896129aea0c46c0a1bd80b873228815; expires=Fri, 02 Feb 2024 18:35:15 GMT; path=/; secure; SameSite=None
oaidts=1675362915; expires=Fri, 02 Feb 2024 18:35:15 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=f896129aea0c46c0a1bd80b873228815
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=f896129aea0c46c0a1bd80b873228815
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 6b027ac609f145683b6cd094b69abf33
750b1d08ca17c5d425e20aa4f6d2f4e48ee25a1e
766ad850e54659a7fbb099ffbdc7a4b6812a7a814692b6573ff7ce8c398e7d62
GET /gid.js?userId=f896129aea0c46c0a1bd80b873228815 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 18:35:15 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://dood.re
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f896129aea0c46c0a1bd80b873228815; expires=Fri, 02 Feb 2024 18:35:15 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 901
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 02 Feb 2023 18:35:18 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://dood.re
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b9e9b1439c8e6764117a8f50745def3f
ac345640cf283ba8293cbfa4f65a025e36890dc7
163ed4e300af6d95c5fcda3606d058e3e70ecb59f9ef98df0b582d2729f90949
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "163ED4E300AF6D95C5FCDA3606D058E3E70ECB59F9EF98DF0B582D2729F90949"
Last-Modified: Thu, 02 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2673
Expires: Thu, 02 Feb 2023 19:19:49 GMT
Date: Thu, 02 Feb 2023 18:35:16 GMT
Connection: keep-alive
manisation.org/
52.20.131.174200 OK 0 B IP 52.20.131.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: manisation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 379
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
manisation.org/Zm5tZVk9TFRXb15cXUd1RExBRz9TClxcalEMQFdqAgxAUTgAXUBcP1deQFRtAl5bXGlRD1sHa0RCTwQ%2EBQtfXWxUQ1tVOl5DWVQ7VEMMVjpTQ1VTaFVYVAZpXl8MAHtKTB4Se0pMAAQ3Dx0METAJAEMKKwFMQUdoVkBYR3UADwEWPEoIDAkqA0ILBDUVCzA
52.20.131.174200 OK 13 kB URL HTTP/2 manisation.org/Zm5tZVk9TFRXb15cXUd1RExBRz9TClxcalEMQFdqAgxAUTgAXUBcP1deQFRtAl5bXGlRD1sHa0RCTwQ%2EBQtfXWxUQ1tVOl5DWVQ7VEMMVjpTQ1VTaFVYVAZpXl8MAHtKTB4Se0pMAAQ3Dx0METAJAEMKKwFMQUdoVkBYR3UADwEWPEoIDAkqA0ILBDUVCzA
IP 52.20.131.174:0
File type ASCII text, with very long lines (33859), with no line terminators
Hash 11f2ee10ba258efb76d03a00b5fdf2fd
7056b8713d0120c6346b1f07328e091c6129aecc
40be1fe61859715b43d205ecf39dc4a29b0eef03a737df3a6149f778b5ff8d82
GET /Zm5tZVk9TFRXb15cXUd1RExBRz9TClxcalEMQFdqAgxAUTgAXUBcP1deQFRtAl5bXGlRD1sHa0RCTwQ%2EBQtfXWxUQ1tVOl5DWVQ7VEMMVjpTQ1VTaFVYVAZpXl8MAHtKTB4Se0pMAAQ3Dx0METAJAEMKKwFMQUdoVkBYR3UADwEWPEoIDAkqA0ILBDUVCzA HTTP/1.1
Host: manisation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: 3b8d393da16c4b06c31b309fcdbd4a72=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8443-AYggdT/rC0q4iktrkN3NzKRUbkU"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
manisation.org/
52.20.131.174200 OK 0 B IP 52.20.131.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: manisation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dood.re/
Content-Type: text/plain;charset=UTF-8
Origin: https://dood.re
Content-Length: 355
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6962
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 18:35:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6962
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 18:35:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6962
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 18:35:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6962
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 18:35:17 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 395bb0f71f9eba82f5ca23548d08900f
b1fada280c7ea3eb775a6fa46ce173a51eb045f5
7443babb69532e1ee3ee779e05ad4f62de2c5bf62548bcb5702f8290a527664c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11367
x-amzn-requestid: 67702c15-9a68-46ec-95e5-efb57f08e2f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5OGfBoAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6e-033182ba55fdd0230ad5a270;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Ybz4mmNUwsKOkpz6GFm4nLz7iGX5gJ--EiUjqrs8G92GBLn6qaF7IQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:57:51 GMT
age: 74246
etag: "b1fada280c7ea3eb775a6fa46ce173a51eb045f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df4a4906103a8f409c066b1cded71384
22847e3926db3e3d5f6b529297a4abe8b377c3a6
84a14b73b2cc7f4641eaa5539cbee0a109ae2b05cf88d06797a2b00c8d4f0c43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9221
x-amzn-requestid: 209c2ad4-7a1f-4867-bf98-4ca8621111a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTBFv5IAMFgqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-1627a9d603c69f7760ad013b;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kAkcQOKAvuq3k-X081MLCqon-cnQJqGryVeE0fwX0a7bcXgJlySIvg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 72819
etag: "22847e3926db3e3d5f6b529297a4abe8b377c3a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i697kJpdT4ZPeMLWIftWf16pWCic0-v4tL4GDKfVfTZLo-E4-3FwDQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 72819
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0f85742f336de59ca88f7f964a8b33f4
0fc7177f8cb06421a8807e93989f651bda743567
fbd5fd39c39c218b0fa956f8cb8050cbdbfcb109a92303f6175d73cc8c339526
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8642
x-amzn-requestid: f47f7616-41aa-4983-8ada-20f6f0b6856b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frfXtHkUoAMFr1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadf64-083a903959cdab540bd38265;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:53:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UqoeSWse0jZAC3IEIWk5fj9q_4xsAoZRkn67U4m2L5NkayHxsAYmlA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:00:35 GMT
age: 74082
etag: "0fc7177f8cb06421a8807e93989f651bda743567"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C1kqthy0eZop0UZfG3_op5xeBOVGiPLYfia4uS1l4-kchEzV6ccE9w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 07:16:08 GMT
age: 40749
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d910c24f5a6108cb74103cd70692a703
9fe648fa464e46d16f685aca1704f3414eda4107
5cbe5e571e62555225621440203ae24a3b8c41ac7f49b6b731bc2c94e620797f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5561
x-amzn-requestid: 76ca969b-a840-4d5c-97c1-2dfd93b8f630
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKYE3-IAMFqbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-2729fe22420bcc0563c39aff;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: E91BIw8QT3vXXQY8GIPpnRqnTZV4paZ3wynf7UjLnjeIfwS0tiC1Gg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 72819
etag: "9fe648fa464e46d16f685aca1704f3414eda4107"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
betotodilea.com/500/4857535?excludes=&oaid=f896129aea0c46c0a1bd80b873228815&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fdood.re%2Fd%2F4vk5poznx3rh&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/4857535?excludes=&oaid=f896129aea0c46c0a1bd80b873228815&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fdood.re%2Fd%2F4vk5poznx3rh&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/4857535?excludes=&oaid=f896129aea0c46c0a1bd80b873228815&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fdood.re%2Fd%2F4vk5poznx3rh&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://dood.re/
Origin: https://dood.re
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 18:35:20 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://dood.re
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
offerimage.com/www/images/7c65132825d8c56754651571318f165f.jpeg
104.22.32.172200 OK 14 kB URL HTTP/2 offerimage.com/www/images/7c65132825d8c56754651571318f165f.jpeg
IP 104.22.32.172:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 7c65132825d8c56754651571318f165f
65c92310f21bc48bd9fc9acc4f6e26e08bbbe939
3d8a468fa58373dfee8c4ffe93c3573f7ec6e302a8f5ab19d91d2b5bf225e4fb
GET /www/images/7c65132825d8c56754651571318f165f.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 18:35:20 GMT
content-type: image/jpeg
content-length: 13981
cache-control: max-age=86400
cf-bgj: h2pri
etag: "639a0945-369d"
expires: Thu, 02 Feb 2023 23:28:03 GMT
last-modified: Wed, 14 Dec 2022 17:35:01 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 68837
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 793506afab2b9918-ARN
X-Firefox-Spdy: h2
i.doodcdn.co/theme_2/css/style.css?v=0.1
172.67.70.190200 OK 0 B URL HTTP/2 i.doodcdn.co/theme_2/css/style.css?v=0.1
IP 172.67.70.190:0
GET /theme_2/css/style.css?v=0.1 HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 18:35:15 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=249272
expires: Fri, 02 Feb 2024 08:54:42 GMT
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 3816
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXhOJwsFtzgoUcOfEwtz3yuZ%2FoTioP5Jy91knvsS0L0uOKtQYL3hERYfyd1N1v1BttF%2BKNAT7Q2ilnlwcst%2FQJWeoaQZB%2F3dwvPfsDv7P8bwPHt7f30FK8A9V2a5QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7935068b2d78b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
alas4kanmfa6a4mubte.com/lv/esnk/1841674/code.js
62.122.171.6200 OK 0 B URL HTTP/2 alas4kanmfa6a4mubte.com/lv/esnk/1841674/code.js
IP 62.122.171.6:0
GET /lv/esnk/1841674/code.js HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 18:35:15 GMT
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 12:41:59 GMT
vary: Accept-Encoding
etag: W/"63d90c97-1a459"
x-js-ab1: var4
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
alas4kanmfa6a4mubte.com/get/1841674?zoneid=1841674&jp=_clcmy12yoequ7z8x3pt95t&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=4331921236435462
62.122.171.6200 OK 0 B URL HTTP/2 alas4kanmfa6a4mubte.com/get/1841674?zoneid=1841674&jp=_clcmy12yoequ7z8x3pt95t&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=4331921236435462
IP 62.122.171.6:0
GET /get/1841674?zoneid=1841674&jp=_clcmy12yoequ7z8x3pt95t&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=4331921236435462 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 18:35:15 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2302021335855ec49753da47e294d8ba5df7; Path=/; Expires=Fri, 02 Feb 2024 18:35:15 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
172.67.141.224200 OK 0 B IP 172.67.141.224:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 18:35:15 GMT
content-type: application/javascript
last-modified: Thu, 29 Dec 2022 16:01:28 GMT
etag: W/"63adb9d8-3341"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3634
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCs8831CdADAk9COIvVp6bkl3Y%2FT%2FcIQb%2Brr3m2lzUGnipK1k4WEhkC%2FO0jaRqmBcbGllKtCBjCs6mU%2BawdTRuP5kxBpYfrMI%2FxugfLm66PwWe1t5x1JzwCvzdmBvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7935068dca5eb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
betotodilea.com/500/4857535?excludes=&oaid=f896129aea0c46c0a1bd80b873228815&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fdood.re%2Fd%2F4vk5poznx3rh&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/4857535?excludes=&oaid=f896129aea0c46c0a1bd80b873228815&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fdood.re%2Fd%2F4vk5poznx3rh&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
GET /500/4857535?excludes=&oaid=f896129aea0c46c0a1bd80b873228815&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fdood.re%2Fd%2F4vk5poznx3rh&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Cookie: OAID=2b492584195948f2b1dae47440b01142
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 18:35:20 GMT
content-type: application/javascript
x-trace-id: d0ab5a27ace7af98d09598ef9b7755bf
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://dood.re
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=f896129aea0c46c0a1bd80b873228815; expires=Fri, 02 Feb 2024 18:35:20 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
challenges.cloudflare.com/turnstile/v0/b/925b3ffa/api.js
104.18.7.185200 OK 0 B URL HTTP/2 challenges.cloudflare.com/turnstile/v0/b/925b3ffa/api.js
IP 104.18.7.185:0
GET /turnstile/v0/b/925b3ffa/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dood.re/
Connection: keep-alive
Cookie: __cf_bm=itLFFIwFf3S87YDqedA7IcKGBIzrdfe248iHGBDiPrE-1675362915-0-Adj25/33qNAauJPqwJkxYA/LnTe7yZvUjvZSRnmJ+lJE3t9uAE9V3deUscb5jXORmXJ7pE3IDNEPISf+EnwBc1M=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 18:35:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7935068e2f99b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pringed.space/d2hvYVUMShwWCgIaA0NvVQAbFSUEUkBOMRgHC08nEkccFnsdG01NdwQFCUNvRkRNEjgBSlVDYVlYTU13AwkIPjwTSlVDbEVeV1NlVURNEiAVNwYFZ1VSTQdgE1lWUmIVRV1SMRVFWwAzREVWB2RHRV5VMUdeVlFiFl4NU3cK
52.20.131.174200 OK 0 B URL HTTP/2 pringed.space/d2hvYVUMShwWCgIaA0NvVQAbFSUEUkBOMRgHC08nEkccFnsdG01NdwQFCUNvRkRNEjgBSlVDYVlYTU13AwkIPjwTSlVDbEVeV1NlVURNEiAVNwYFZ1VSTQdgE1lWUmIVRV1SMRVFWwAzREVWB2RHRV5VMUdeVlFiFl4NU3cK
IP 52.20.131.174:0
GET /d2hvYVUMShwWCgIaA0NvVQAbFSUEUkBOMRgHC08nEkccFnsdG01NdwQFCUNvRkRNEjgBSlVDYVlYTU13AwkIPjwTSlVDbEVeV1NlVURNEiAVNwYFZ1VSTQdgE1lWUmIVRV1SMRVFWwAzREVWB2RHRV5VMUdeVlFiFl4NU3cK HTTP/1.1
Host: pringed.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: 304d5c410d18114bc4b8f5a9352ce025=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"e0e6-rHUz3oWN8zbOdCSGCBgC1GQHFEM"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Nunito:200,300,300i,400,600,600i,700,700i,800,900&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Nunito:200,300,300i,400,600,600i,700,700i,800,900&display=swap
IP 142.250.74.106:0
GET /css?family=Nunito:200,300,300i,400,600,600i,700,700i,800,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Feb 2023 18:35:15 GMT
date: Thu, 02 Feb 2023 18:35:15 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
alas4kanmfa6a4mubte.com/get/1841679?zoneid=1841679&jp=_clryfvpryvzsk5jj5195h&nojs=0&ix=0&abvar=1&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=5739296119983316
62.122.171.6200 OK 0 B URL HTTP/2 alas4kanmfa6a4mubte.com/get/1841679?zoneid=1841679&jp=_clryfvpryvzsk5jj5195h&nojs=0&ix=0&abvar=1&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=5739296119983316
IP 62.122.171.6:0
GET /get/1841679?zoneid=1841679&jp=_clryfvpryvzsk5jj5195h&nojs=0&ix=0&abvar=1&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=5739296119983316 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 18:35:15 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2302021335a2175592b688477ebffd15ff1a; Path=/; Expires=Fri, 02 Feb 2024 18:35:15 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
betotodilea.com/400/4857535
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/400/4857535
IP 139.45.197.237:0
GET /400/4857535 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 18:35:15 GMT
content-type: application/javascript
x-trace-id: 5ba1f7bb51428dba493676ecc0be916d
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=2b492584195948f2b1dae47440b01142; expires=Fri, 02 Feb 2024 18:35:15 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
challenges.cloudflare.com/turnstile/v0/api.js
104.18.7.185302 Found 0 B URL HTTP/2 challenges.cloudflare.com/turnstile/v0/api.js
IP 104.18.7.185:0
GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 02 Feb 2023 18:35:15 GMT
vary: accept-encoding
location: /turnstile/v0/b/925b3ffa/api.js
cache-control: max-age=300, public
set-cookie: __cf_bm=itLFFIwFf3S87YDqedA7IcKGBIzrdfe248iHGBDiPrE-1675362915-0-Adj25/33qNAauJPqwJkxYA/LnTe7yZvUjvZSRnmJ+lJE3t9uAE9V3deUscb5jXORmXJ7pE3IDNEPISf+EnwBc1M=; path=/; expires=Thu, 02-Feb-23 19:05:15 GMT; domain=.challenges.cloudflare.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7935068dff61b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2