Report - frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar

Report Overview

Visited public
2024-07-10 12:03:10
Tags
Submit Tags
URL
frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Finishing URL
frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
IP / ASN
172.67.139.217
#13335 CLOUDFLARENET
Title
Download ANIDOU3328 part1 rar

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-07-08 18:12:20	2.3 kB	6.2 kB	23.36.77.32
freedl.ink	unknown	2023-08-15	2023-08-22 12:58:35	2023-11-27 15:34:06	436 B	4.8 kB	104.21.31.46
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-07-08 18:24:16	1.3 kB	2.8 kB	216.58.211.3
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2024-07-09 07:30:00	414 B	105 kB	142.250.74.40
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-07-08 21:59:01	977 B	31 kB	142.250.74.106
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2024-07-09 08:04:42	431 B	7.7 kB	104.17.25.14
frdl.to	unknown	unknown	2023-11-15 03:52:48	2024-02-21 19:03:04	6.5 kB	651 kB	172.67.139.217
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-07-09 03:52:49	520 B	34 kB	142.250.74.99
t.dtscout.com	11951	2013-11-01	2017-01-30 05:52:42	2024-07-06 22:19:24	952 B	13 kB	141.101.120.11
waust.at	38137	unknown	2016-01-28 19:24:33	2024-07-09 15:55:31	381 B	16 kB	172.67.71.57

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-07-10	medium	freedl.ink	Sinkholed

ThreatFox

No alerts detected

JavaScript (21)

	URL	From	Size	First Seen	Last Seen
	t.dtscout.com/pv/?_a=v&_h=frdl.to&_ss=6jtit38c6m&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=34wz&_cb=_dtspv.c	ScriptElement	51 B	2024-08-19	2024-08-19
Pretty URL t.dtscout.com/pv/?_a=v&_h=frdl.to&_ss=6jtit38c6m&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=34wz&_cb=_dtspv.c IP 141.101.120.11 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 17:23 Last Seen2024-08-19 17:23 Times Seen1 Hash dc7a0aa3054cca3525866360d9ffc0f2 72a5fee18489b51c483921d656efb0e17d7a3f38 b3f7a7c8e8120d2bbdf2bc2ef0ac908ab03357f42f1936d2c793dcd2282c4114 Loading...

	frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar	ScriptElement	286 B	2023-03-08	2025-06-30
Pretty URL frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar IP 172.67.139.217 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 05:15 Last Seen2025-06-30 02:47 Times Seen287 Hash a10faca4ada9bbdcb1b350c8d4fdbceb acb8f3cfe394c96d40e8bc0a300ab889811849b9 cd39142e37a1c495b80ad9e423875277b29731e29a0538ce4c256e4b36eb9910 Loading...

	frdl.to/xfst_theme2/js/countdown.js	ScriptElement	640 B	2023-03-08	2025-04-09
Pretty URL frdl.to/xfst_theme2/js/countdown.js IP 172.67.139.217 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:47 Last Seen2025-04-09 22:24 Times Seen57 Hash 2b7d7af4d020e0a541c394db405aa666 d6c812e5a842fb7df84301f45a69d9001d040b2e 6b1116dbdcc8665059c0163cb6cd034a949402f5bc6294390e8ffee39952f6ae Loading...

	frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar	ScriptElement	853 B	2023-03-07	2025-06-30
Pretty URL frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar IP 172.67.139.217 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 21:43 Last Seen2025-06-30 03:58 Times Seen219 Hash 971ccce1cb82f9abada60a82500d22d6 79952a68530d1833179499a4dd44bca7437e1afb 0863118d0e302374e73b965a0c757374322b4edbe07b5dafd7f109b048bdc3b0 Loading...

	frdl.to/js/pop.js?=1	ScriptElement	56 B	2024-04-15	2024-08-20
Pretty URL frdl.to/js/pop.js?=1 IP 172.67.139.217 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-15 01:23 Last Seen2024-08-20 04:32 Times Seen9 Hash e430f83bc61ee6d4c0eac2c1c32d0162 3baf4ef4554ea9f1518713c504ca41e2d5d4fb7d b8570b25846d0a739b755af846fa5c94bfd1fe16237a6676bcba7bd60c5f81ef Loading...

	frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar	ScriptElement	943 B	2024-08-19	2024-08-19
Pretty URL frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar IP 172.67.139.217 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 17:23 Last Seen2024-08-19 17:23 Times Seen1 Hash cdca086df0a48b7390c05cd06a315704 91575b42d010cb51d275a373a5513e0329870774 56568a841a72a5ba19be4aa84a32c9766aee6bb7b3f1060b335a2e26c9f1734b Loading...

	frdl.to/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	ScriptElement	1.2 kB	2023-03-07	2025-06-30
Pretty URL frdl.to/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 172.67.139.217 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-30 21:58 Times Seen82057 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js	ScriptElement	21 kB	2023-03-07	2025-06-30
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06 Last Seen2025-06-30 21:30 Times Seen10313 Hash 56456db9d72a4b380ed3cb63095e6022 6dbce88aee15b42f29083df7a07513cf3b486ba0 66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2 Loading...

	frdl.to/xfst_theme2/js/jquery-1.9.1.min.js	ScriptElement	93 kB	2023-03-07	2025-06-30
Pretty URL frdl.to/xfst_theme2/js/jquery-1.9.1.min.js IP 172.67.139.217 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-30 21:20 Times Seen16848 Hash 397754ba49e9e0cf4e7c190da78dda05 ae49e56999d82802727455f0ba83b63acd90a22b c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Loading...

	frdl.to/xfst_theme2/js/bootstrap.min.js	ScriptElement	58 kB	2023-03-07	2025-06-30
Pretty URL frdl.to/xfst_theme2/js/bootstrap.min.js IP 172.67.139.217 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-30 21:53 Times Seen12904 Hash e1d98d47689e00f8ecbc5d9f61bdb42e 6778fed3cf095a318141a31f455c8f4663885bde 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b Loading...

	frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar	ScriptElement	719 B	2023-05-21	2024-09-19
Pretty URL frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar IP 172.67.139.217 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-21 18:27 Last Seen2024-09-19 19:46 Times Seen23 Hash 0b32aa13a9034c1e872c80ffa4516c0f 3b8b39b975dd5aff2a5e5c2d8a94b69efb37bd28 fce3fbaa4c6872a36dc16cd321cb51e50ceb1dccfac1628f314452e3730170ea Loading...

	www.googletagmanager.com/gtag/js?id=G-RL652D9SYS	ScriptElement	314 kB	2024-08-19	2024-08-19
Pretty URL www.googletagmanager.com/gtag/js?id=G-RL652D9SYS IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 17:23 Last Seen2024-08-19 17:23 Times Seen1 Hash 7a16d55cc31b35e69f1e08aae06267d7 c66acb1fe0179105bc64321855dc33040cb1033f 1b2d59b6546f8ec5981cf77536a7eba9971b17925a0807fb6f87f7043210ebc6 Loading...

	frdl.to/xfst_theme2/js/jquery.cookie.js	ScriptElement	3.1 kB	2023-03-07	2025-06-30
Pretty URL frdl.to/xfst_theme2/js/jquery.cookie.js IP 172.67.139.217 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23 Last Seen2025-06-30 04:25 Times Seen2790 Hash ff14e4812b7f512e620b1ad35542bcfc c40c5f777e7a2f63e7b731b3cdb1fe9c806b23ae c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96 Loading...

	frdl.to/xfst_theme2/js/clipboard.min.js	ScriptElement	9.2 kB	2023-03-07	2025-06-30
Pretty URL frdl.to/xfst_theme2/js/clipboard.min.js IP 172.67.139.217 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23 Last Seen2025-06-30 18:24 Times Seen3161 Hash 15f52a1ee547f2bdd46e56747332ca2d 9a7cb405f9beed005891587d41f76a0720893ffc e17a1d816e13c0826e0ed7febfabc3277f45571234bde0bf9120829a7169edc9 Loading...

	frdl.to/xfst_theme2/js/script.js	ScriptElement	520 B	2023-03-26	2025-06-30
Pretty URL frdl.to/xfst_theme2/js/script.js IP 172.67.139.217 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 07:35 Last Seen2025-06-30 02:47 Times Seen50 Hash 774b7f6797df59430d993d008f270f84 bbcb6da966acf2b5d9bc10ac424688b847cb67ca 3653640dd81b2b40edab3d87bc89dfa5ebd5cc4a8bdd439b996fcefccce972a5 Loading...

	waust.at/d.js	ScriptElement	15 kB	2023-03-08	2025-04-10
Pretty URL waust.at/d.js IP 172.67.71.57 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22 Last Seen2025-04-10 09:23 Times Seen1874 Hash 38cdedd658fa41770f607c0b117c1f82 3f3c9c6c330ab649e27ec56a8d852e9d41b0edf4 951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c Loading...

	frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar	ScriptElement	212 B	2024-04-15	2024-08-20
Pretty URL frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar IP 172.67.139.217 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-15 01:23 Last Seen2024-08-20 04:32 Times Seen9 Hash 61b6d93fb531cb2e11113388ab3a49bb 819e4c76271e0bbbedcc668d14610979dbe5a3d9 c68650528723a0fcf2308a7993e08c2944f989c17992fcbfe5efe828e154f258 Loading...

	frdl.to/xfst_theme2/js/share.js	ScriptElement	354 B	2023-03-07	2025-06-30
Pretty URL frdl.to/xfst_theme2/js/share.js IP 172.67.139.217 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03 Last Seen2025-06-30 04:25 Times Seen968 Hash 693471dd93ac22bed38732ee725edff1 470693b6fb525d9391c6530ba8e22edf2a3cdfe0 37ddc3df628de7dbb35e49b0eef020d9fe1613acbbfc77418bb7e69566395aa5 Loading...

	frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar	ScriptElement	92 B	2024-03-02	2024-08-20
Pretty URL frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar IP 172.67.139.217 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-02 01:04 Last Seen2024-08-20 08:32 Times Seen13 Hash 0bd36aa737278bebbda7c8101850171a c1a7cbaab5a0168f99f4e68b21ffbb52cd30c240 ad2efe7e6c16f82e3313a3b7353cf8f7aa334542cd3fd764e4cef48afa8a4522 Loading...

	frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar	ScriptElement	153 B	2024-01-20	2025-06-30
Pretty URL frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar IP 172.67.139.217 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-20 20:07 Last Seen2025-06-30 02:47 Times Seen37 Hash 4e288bf9ef9df7872869765c8c51d7ef ce861f6bb920ef4866d2a8f0d0e6004798d12a2c 8687cb084628e582a9cec888aacdc2fcf5daecc227a0d700cf2ed13542a1dc26 Loading...

	t.dtscout.com/i/?l=https%3A%2F%2Ffrdl.to%2Fwit1zt2wzbf0%2FANIDOU3328.part1.rar&j=	ScriptElement	2.1 kB	2023-03-07	2025-06-30
Pretty URL t.dtscout.com/i/?l=https%3A%2F%2Ffrdl.to%2Fwit1zt2wzbf0%2FANIDOU3328.part1.rar&j= IP 141.101.120.11 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-30 20:55 Times Seen4374 Hash 51bd741af3fcc4984d1a753eebfa1141 534664acf69cbbb5c9b97c96b63dd37bdc580da2 3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c Loading...

HTTP Transactions (34)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
b34ca6af54e2b9fea57d418f5d1928f7
510b69f4470789a573217726d6f1a3d6ee765460
41e6a348aac9e9db44bfa14b3aa29d411f4489b375ae1f1be6b0d280af98541d

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "41E6A348AAC9E9DB44BFA14B3AA29D411F4489B375AE1F1BE6B0D280AF98541D"
Last-Modified: Mon, 08 Jul 2024 01:53:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5190
Expires: Wed, 10 Jul 2024 13:29:14 GMT
Date: Wed, 10 Jul 2024 12:02:44 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
e08576e0904dc9903a9c20fa9e3d15b8
74feff76140500fd4a61e89c7e9d8d0a60df1183
ee690bacddf55fd12ae0c9c39e330e0a1a18776b9edc91b4aa6c5bae28824f1e

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "EE690BACDDF55FD12AE0C9C39E330E0A1A18776B9EDC91B4AA6C5BAE28824F1E"
Last-Modified: Tue, 09 Jul 2024 15:28:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20997
Expires: Wed, 10 Jul 2024 17:52:41 GMT
Date: Wed, 10 Jul 2024 12:02:44 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
e7492695b5254a3a63fcffb4f1ee8cec
0361713c6d8129210245347284c7c6babfd28fb7
5d1bc1c01894fd88a0d4680490977488d6458bb58a98ace24ef8aa103538bc1f

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5D1BC1C01894FD88A0D4680490977488D6458BB58A98ACE24EF8AA103538BC1F"
Last-Modified: Tue, 09 Jul 2024 23:47:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16437
Expires: Wed, 10 Jul 2024 16:36:41 GMT
Date: Wed, 10 Jul 2024 12:02:44 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
fc076d7a99abd74b9da6b35304bb93e9
9d541501d5141dcf7b4d839d6fcffabec81e1a14
c86804eff01a7bb9ff866508bfdb1b071cfa4a26617d11094b9f5226e1a4b970

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C86804EFF01A7BB9FF866508BFDB1B071CFA4A26617D11094B9F5226E1A4B970"
Last-Modified: Tue, 09 Jul 2024 16:18:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16820
Expires: Wed, 10 Jul 2024 16:43:04 GMT
Date: Wed, 10 Jul 2024 12:02:44 GMT
Connection: keep-alive

GET freedl.ink/xfst_theme2/img/logo.png

104.21.31.46

200 OK

3.8 kB

URL GET HTTP/2
freedl.ink/xfst_theme2/img/logo.png
IP
104.21.31.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Certificate
IssuerGoogle Trust Services
Subjectfreedl.ink
FingerprintE3:37:8E:CA:D2:CE:F0:CC:AA:10:17:41:FC:63:34:DA:CE:3E:9B:A1
ValidityWed, 12 Jun 2024 23:08:06 GMT - Tue, 10 Sep 2024 23:08:05 GMT

File type
PNG image data, 150 x 31, 8-bit/color RGBA, non-interlaced
Size
3.8 kB (3800 bytes)
Hash
121681b32d247dbd68a1c690158d2db5
b0d36efd38510f568a61ec6313afbdef205055fe
552b9587003fbf5fd875cc5f070b43639751b15e624782059cb3168d4c36b6b0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /xfst_theme2/img/logo.png HTTP/1.1
Host: freedl.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://frdl.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:02:45 GMT
content-type: image/png
content-length: 3800
last-modified: Thu, 08 Feb 2024 12:41:50 GMT
etag: "ed8-610de22a09f80"
access-control-allow-origin: *, *
access-control-allow-headers: X-Requested-With, X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS, GET,POST,OPTIONS
access-control-allow-credentials: true, true
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block, 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 4683
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E07iGFIEgxQFBvmF%2BXfsPqaW6EpqFTG1qI%2FrHSgjAdNomu3b%2FSYc6%2FSsuNOf3uGLZV52jdfzEiDKbDmKOF2Sq6dGh4TqQgE%2BBox1H%2FebM8lvZD0YPcvLXQkP4uZA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a1068181ba0569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

104.17.25.14

200 OK

6.6 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Certificate
IssuerLet's Encrypt
Subjectcdnjs.cloudflare.com
Fingerprint3B:5B:7C:DD:19:E8:16:5A:09:22:D6:1E:03:84:8D:B9:A1:32:BF:8E
ValiditySun, 02 Jun 2024 00:47:32 GMT - Sat, 31 Aug 2024 00:47:31 GMT

File type
JavaScript source, ASCII text, with very long lines (20831)
Size
6.6 kB (6646 bytes)
Hash
56456db9d72a4b380ed3cb63095e6022
6dbce88aee15b42f29083df7a07513cf3b486ba0
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

HTTP Headers

GET /ajax/libs/popper.js/1.14.7/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://frdl.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:02:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 6646
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-520c"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 37672
expires: Mon, 30 Jun 2025 12:02:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AuYKQR3RRd3f%2FDkK9tWkOL6wk7onyQOYcK6cdwyQEwsFmlIBC7VZDzQ7EO%2BGIaU%2BwAScBS3XYDjooXskzrsv2XwL2OtbDcZmag56LQ9TQqdb1W8kyaItaRynDngWjxz8DZ%2FsBHE0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8a1068183a3d712f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

o.pki.goog/wr2

216.58.211.3

472 B

URL
o.pki.goog/wr2
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f43ac803ddaed04e157d8f4cc47f9d30
3b124d1a4787acb012f8dba86c2682286225e6ec
fcc49c4f85feed0addfb35ac975528e62fd12609e78afb3acab0451051523e88

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 10 Jul 2024 12:02:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET frdl.to/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

172.67.139.217

200 OK

1.1 kB

URL GET HTTP/3
frdl.to/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
172.67.139.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Certificate
IssuerGoogle Trust Services
Subjectfrdl.to
Fingerprint01:C5:9B:71:5F:FB:21:0A:CA:14:6B:7F:B9:E8:E9:FC:79:2D:A6:07
ValidityTue, 18 Jun 2024 23:21:27 GMT - Mon, 16 Sep 2024 23:21:26 GMT

File type
gzip compressed data, from Unix
Size
1.1 kB (1127 bytes)
Hash
5e907ff5bbaf79ae568a3e80cf24cbec
5d8974a689bdfc6c33b9ad54706e16c2dc67fe4d
32c44515a06b45faf3c08bcde779e2c34ee352278d21facbcc415cdbad9d4c12

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: frdl.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 10 Jul 2024 12:02:45 GMT
content-type: application/javascript
last-modified: Fri, 05 Jul 2024 14:30:09 GMT
etag: W/"66880371-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AryJ4hHMjNgXEpKgQKhkiBGV%2FuPib079KpbUPTNQ%2FGYMGzxYyaHP6B5%2FdEbIKyJCIozkFTbEJpF0qBnUJKi8zjokQs%2FXAD4ybhlQWLsJ2d2Ekjoc9%2B1thg4T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a106817ceec56c9-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Fri, 12 Jul 2024 12:02:45 GMT
cache-control: max-age=172800, public
content-encoding: gzip

GET frdl.to/xfst_theme2/js/jquery.cookie.js

172.67.139.217

200 OK

1.8 kB

URL GET HTTP/3
frdl.to/xfst_theme2/js/jquery.cookie.js
IP
172.67.139.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Certificate
IssuerGoogle Trust Services
Subjectfrdl.to
Fingerprint01:C5:9B:71:5F:FB:21:0A:CA:14:6B:7F:B9:E8:E9:FC:79:2D:A6:07
ValidityTue, 18 Jun 2024 23:21:27 GMT - Mon, 16 Sep 2024 23:21:26 GMT

File type
gzip compressed data, from Unix
Size
1.8 kB (1837 bytes)
Hash
64271ac95d5f957207f36d64a490d042
3426ed3cf28b091da20003a35d8c2525ca3f950a
16b72660366ec590d85ffccdfc521ba0ef7882931ee5d222b50f6fa19408869f

HTTP Headers

GET /xfst_theme2/js/jquery.cookie.js HTTP/1.1
Host: frdl.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 10 Jul 2024 12:02:45 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 14 Oct 2022 10:01:15 GMT
vary: Accept-Encoding
etag: W/"6349336b-c31"
expires: Sun, 04 Aug 2024 09:11:54 GMT
cache-control: max-age=2592000
access-control-allow-origin: *, *
access-control-allow-headers: X-Requested-With, X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS, GET,POST,OPTIONS
access-control-allow-credentials: true, true
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block, 1; mode=block
content-encoding: gzip
cf-cache-status: HIT
age: 442251
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=da%2BEW3EZhyQS2BU7Yk1YXbYdQ4TkNgIimffH54LNYGFIZTOiozDn%2B8b6QkI0BkpT78WjUzWYJ5JdcWmHGlhrSy4OIafW7NU5RgglUrPlcTUb3enGk70omSR0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a106817cedc56c9-OSL
alt-svc: h3=":443"; ma=86400

GET www.googletagmanager.com/gtag/js?id=G-RL652D9SYS

142.250.74.40

200 OK

104 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-RL652D9SYS
IP
142.250.74.40:443
ASN
#15169 GOOGLE

Requested by
https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintBA:5D:A9:7F:41:46:B0:37:01:9E:05:B0:92:BA:41:C9:31:5B:4B:4A
ValidityThu, 13 Jun 2024 15:27:14 GMT - Thu, 05 Sep 2024 15:27:13 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
104 kB (104169 bytes)
Hash
7a16d55cc31b35e69f1e08aae06267d7
c66acb1fe0179105bc64321855dc33040cb1033f
1b2d59b6546f8ec5981cf77536a7eba9971b17925a0807fb6f87f7043210ebc6

HTTP Headers

GET /gtag/js?id=G-RL652D9SYS HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://frdl.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 10 Jul 2024 12:02:45 GMT
expires: Wed, 10 Jul 2024 12:02:45 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 104169
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

216.58.211.3

472 B

URL
o.pki.goog/wr2
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f43ac803ddaed04e157d8f4cc47f9d30
3b124d1a4787acb012f8dba86c2682286225e6ec
fcc49c4f85feed0addfb35ac975528e62fd12609e78afb3acab0451051523e88

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 10 Jul 2024 12:02:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET frdl.to/xfst_theme2/js/countdown.js

172.67.139.217

200 OK

796 B

URL GET HTTP/3
frdl.to/xfst_theme2/js/countdown.js
IP
172.67.139.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Certificate
IssuerGoogle Trust Services
Subjectfrdl.to
Fingerprint01:C5:9B:71:5F:FB:21:0A:CA:14:6B:7F:B9:E8:E9:FC:79:2D:A6:07
ValidityTue, 18 Jun 2024 23:21:27 GMT - Mon, 16 Sep 2024 23:21:26 GMT

File type
JavaScript source, ASCII text
Size
796 B (796 bytes)
Hash
2b7d7af4d020e0a541c394db405aa666
d6c812e5a842fb7df84301f45a69d9001d040b2e
6b1116dbdcc8665059c0163cb6cd034a949402f5bc6294390e8ffee39952f6ae

HTTP Headers

GET /xfst_theme2/js/countdown.js HTTP/1.1
Host: frdl.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 10 Jul 2024 12:02:45 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 14 Oct 2022 10:01:14 GMT
etag: W/"6349336a-280"
expires: Sun, 04 Aug 2024 09:11:54 GMT
cache-control: max-age=2592000
access-control-allow-origin: *, *
access-control-allow-headers: X-Requested-With, X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS, GET,POST,OPTIONS
access-control-allow-credentials: true, true
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block, 1; mode=block
cf-cache-status: HIT
age: 442251
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PUx2tfDCPvEjhiZkMzEGXqElwJLO6PgmMiRNCgp1eIITuoXnrzZvs97f89SSXyGyPLAqyNDoDyNLu756ZCLcHxmL7nrC9i8CMahcwd2673gqu4RC1TxKxnuV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a106817cee656c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

o.pki.goog/wr2

216.58.211.3

471 B

URL
o.pki.goog/wr2
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b81a0d10d099d65f5219d27dd10ef348
bcc52c3d9058a8ca4649e0ecc46ec799a9e5b802
c7dc7a3340a428d3ec5eb279657c90e9a2a377db05b92e38f68f97cf8376297d

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 10 Jul 2024 12:02:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

216.58.211.3

471 B

URL
o.pki.goog/wr2
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b81a0d10d099d65f5219d27dd10ef348
bcc52c3d9058a8ca4649e0ecc46ec799a9e5b802
c7dc7a3340a428d3ec5eb279657c90e9a2a377db05b92e38f68f97cf8376297d

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 10 Jul 2024 12:02:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET frdl.to/xfst_theme2/js/bootstrap.min.js

172.67.139.217

200 OK

48 kB

URL GET HTTP/3
frdl.to/xfst_theme2/js/bootstrap.min.js
IP
172.67.139.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Certificate
IssuerGoogle Trust Services
Subjectfrdl.to
Fingerprint01:C5:9B:71:5F:FB:21:0A:CA:14:6B:7F:B9:E8:E9:FC:79:2D:A6:07
ValidityTue, 18 Jun 2024 23:21:27 GMT - Mon, 16 Sep 2024 23:21:26 GMT

File type
gzip compressed data, from Unix
Size
48 kB (48526 bytes)
Hash
644e3139c5bc681584854e8291d4f108
70b42356a33b590523be1774fd1079207813f498
cf012b0124e23677eb6f03e50cf71e6a55922eca2fb135527efd9c1fd9e59bd2

HTTP Headers

GET /xfst_theme2/js/bootstrap.min.js HTTP/1.1
Host: frdl.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 10 Jul 2024 12:02:45 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 14 Oct 2022 10:01:13 GMT
vary: Accept-Encoding
etag: W/"63493369-e2d8"
expires: Mon, 22 Jul 2024 13:31:33 GMT
cache-control: max-age=2592000
access-control-allow-origin: *, *
access-control-allow-headers: X-Requested-With, X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS, GET,POST,OPTIONS
access-control-allow-credentials: true, true
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block, 1; mode=block
content-encoding: gzip
cf-cache-status: HIT
age: 1549872
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pGSIEWoiud4DIrPqB%2B9kqAi2C%2BXFCgV1CkH3l7yepwdexmE6iNEcVlJKvKQd8WK8FANRc5%2BO3oTWDXPhIXEKwhPasrAkC%2BTII8KK%2FkEqNQimCnj84P%2FxVHV6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a106817defb56c9-OSL
alt-svc: h3=":443"; ma=86400

GET fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.99

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintC4:9C:27:09:1C:F7:14:C9:86:F0:B5:42:0B:8A:D2:AE:5E:AE:98:04
ValidityThu, 13 Jun 2024 16:31:03 GMT - Thu, 05 Sep 2024 16:31:02 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://frdl.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 03 Jul 2024 15:10:08 GMT
expires: Thu, 03 Jul 2025 15:10:08 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
age: 593557
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET frdl.to/xfst_theme2/js/share.js

172.67.139.217

200 OK

33 kB

URL GET HTTP/3
frdl.to/xfst_theme2/js/share.js
IP
172.67.139.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Certificate
IssuerGoogle Trust Services
Subjectfrdl.to
Fingerprint01:C5:9B:71:5F:FB:21:0A:CA:14:6B:7F:B9:E8:E9:FC:79:2D:A6:07
ValidityTue, 18 Jun 2024 23:21:27 GMT - Mon, 16 Sep 2024 23:21:26 GMT

File type
ASCII text
Size
33 kB (33215 bytes)
Hash
693471dd93ac22bed38732ee725edff1
470693b6fb525d9391c6530ba8e22edf2a3cdfe0
37ddc3df628de7dbb35e49b0eef020d9fe1613acbbfc77418bb7e69566395aa5

HTTP Headers

GET /xfst_theme2/js/share.js HTTP/1.1
Host: frdl.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 10 Jul 2024 12:02:45 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 14 Oct 2022 10:01:18 GMT
etag: W/"6349336e-162"
expires: Mon, 22 Jul 2024 13:31:32 GMT
cache-control: max-age=2592000
access-control-allow-origin: *, *
access-control-allow-headers: X-Requested-With, X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS, GET,POST,OPTIONS
access-control-allow-credentials: true, true
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block, 1; mode=block
cf-cache-status: HIT
age: 1549873
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uQBAqeo8f%2BC%2BrobOCD5tDUvn89s1MAypsObDrbMr2NHI54UVHPNzY6Nop9nBx1DBIBPaMUfK6xyf6pNIAueBfRTkmy98V09AlY7abubh68X3yxRm%2FvCUKYS3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a106817cee356c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET frdl.to/xfst_theme2/fa/webfonts/fa-brands-400.woff2

172.67.139.217

200 OK

75 kB

URL GET HTTP/3
frdl.to/xfst_theme2/fa/webfonts/fa-brands-400.woff2
IP
172.67.139.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Certificate
IssuerGoogle Trust Services
Subjectfrdl.to
Fingerprint01:C5:9B:71:5F:FB:21:0A:CA:14:6B:7F:B9:E8:E9:FC:79:2D:A6:07
ValidityTue, 18 Jun 2024 23:21:27 GMT - Mon, 16 Sep 2024 23:21:26 GMT

File type
Web Open Font Format (Version 2), TrueType, length 74652, version 330.15859
Size
75 kB (75123 bytes)
Hash
c6bc75d4949e1bc9b7442b24c3af6324
3702434c97216b56b6cbd7630a7f904a1c23b45c
f808525c9a562a4ee998e33c90c903bdd3ef9ae43e70970713da4e1b1c964ff1

HTTP Headers

GET /xfst_theme2/fa/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: frdl.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://frdl.to/xfst_theme2/css/style.min.css?t=5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 10 Jul 2024 12:02:45 GMT
content-type: text/html; charset=utf-8
last-modified: Fri, 14 Oct 2022 10:01:02 GMT
vary: Accept-Encoding
expires: Sun, 04 Aug 2024 09:22:40 GMT
cache-control: max-age=2592000
access-control-allow-origin: *, *
access-control-allow-headers: X-Requested-With, X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS, GET,POST,OPTIONS
access-control-allow-credentials: true, true
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block, 1; mode=block
cf-cache-status: HIT
age: 441605
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hUPbQMdZmL7suR2U5qlA2MPnYKDc4HdiItitJTacRlIqpmZ8tlyDkwx2WxHblTO%2Ba1FtC28eqgosi0wYGvsX6%2FaeNBctCwdg9ssldqd9VtJIlo56y7kx7I40"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a10681a5a0156c9-OSL
alt-svc: h3=":443"; ma=86400

GET frdl.to/js/pop.js?=1

172.67.139.217

200 OK

561 B

URL GET HTTP/3
frdl.to/js/pop.js?=1
IP
172.67.139.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Certificate
IssuerGoogle Trust Services
Subjectfrdl.to
Fingerprint01:C5:9B:71:5F:FB:21:0A:CA:14:6B:7F:B9:E8:E9:FC:79:2D:A6:07
ValidityTue, 18 Jun 2024 23:21:27 GMT - Mon, 16 Sep 2024 23:21:26 GMT

File type
ASCII text
Size
561 B (561 bytes)
Hash
e430f83bc61ee6d4c0eac2c1c32d0162
3baf4ef4554ea9f1518713c504ca41e2d5d4fb7d
b8570b25846d0a739b755af846fa5c94bfd1fe16237a6676bcba7bd60c5f81ef

HTTP Headers

GET /js/pop.js?=1 HTTP/1.1
Host: frdl.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 10 Jul 2024 12:02:45 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 27 Dec 2022 01:53:54 GMT
etag: W/"63aa5032-38"
expires: Fri, 09 Aug 2024 12:02:45 GMT
cache-control: max-age=2592000
access-control-allow-origin: *, *
access-control-allow-headers: X-Requested-With, X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS, GET,POST,OPTIONS
access-control-allow-credentials: true, true
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block, 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tkv8W98IFe9wZ266Kwu%2BeFDjCd9Oho3RinAv2sZQERm0VQNWj9jkZXpvZLNbsFfEGYyH%2Fl6KxYywPq4tfOTP2ktiZ5RhLnXol50xNb9Pu5FpV8%2FU0E%2BAFEmh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a106817cee856c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

r10.o.lencr.org/

23.33.119.57

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
d7b2c37e4b6c062d80ad32046f42d3d8
131cd5c2ca2a258c3cf11746f94cfd43a6a4f04c
317f60a1498c7b52833955e8a54a0ba66b5b8dc9e9862c2ac262b874d491fce2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "317F60A1498C7B52833955E8A54A0BA66B5B8DC9E9862C2AC262B874D491FCE2"
Last-Modified: Mon, 08 Jul 2024 05:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6267
Expires: Wed, 10 Jul 2024 13:47:13 GMT
Date: Wed, 10 Jul 2024 12:02:46 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.57

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
d7b2c37e4b6c062d80ad32046f42d3d8
131cd5c2ca2a258c3cf11746f94cfd43a6a4f04c
317f60a1498c7b52833955e8a54a0ba66b5b8dc9e9862c2ac262b874d491fce2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "317F60A1498C7B52833955E8A54A0BA66B5B8DC9E9862C2AC262B874D491FCE2"
Last-Modified: Mon, 08 Jul 2024 05:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6267
Expires: Wed, 10 Jul 2024 13:47:13 GMT
Date: Wed, 10 Jul 2024 12:02:46 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.57

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
d7b2c37e4b6c062d80ad32046f42d3d8
131cd5c2ca2a258c3cf11746f94cfd43a6a4f04c
317f60a1498c7b52833955e8a54a0ba66b5b8dc9e9862c2ac262b874d491fce2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "317F60A1498C7B52833955E8A54A0BA66B5B8DC9E9862C2AC262B874D491FCE2"
Last-Modified: Mon, 08 Jul 2024 05:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6267
Expires: Wed, 10 Jul 2024 13:47:13 GMT
Date: Wed, 10 Jul 2024 12:02:46 GMT
Connection: keep-alive

GET t.dtscout.com/i/?l=https%3A%2F%2Ffrdl.to%2Fwit1zt2wzbf0%2FANIDOU3328.part1.rar&j=

141.101.120.11

200 OK

12 kB

URL GET HTTP/2
t.dtscout.com/i/?l=https%3A%2F%2Ffrdl.to%2Fwit1zt2wzbf0%2FANIDOU3328.part1.rar&j=
IP
141.101.120.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Certificate
IssuerGoogle Trust Services LLC
Subjectdtscout.com
Fingerprint66:24:0A:22:22:C6:B9:75:79:CD:A9:A3:78:A2:89:16:CD:0F:2F:4A
ValidityWed, 15 May 2024 16:12:47 GMT - Tue, 13 Aug 2024 16:12:46 GMT

File type
ASCII text, with very long lines (2077)
Size
12 kB (11480 bytes)
Hash
51bd741af3fcc4984d1a753eebfa1141
534664acf69cbbb5c9b97c96b63dd37bdc580da2
3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c

HTTP Headers

GET /i/?l=https%3A%2F%2Ffrdl.to%2Fwit1zt2wzbf0%2FANIDOU3328.part1.rar&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://frdl.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:02:45 GMT
content-type: application/javascript
x-s: mtl1
set-cookie: m=1; Domain=dtscout.com; Expires=Wed, 10-Jul-2024 13:26:05 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
df=1720612965; Domain=dtscout.com; Expires=Fri, 18-Oct-2024 12:02:45 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
x-t: 0.328
expires: Wed, 10 Jul 2024 12:02:44 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z2hCqdn8LyHZU%2FKO6Ln%2FYPAzePjsbysQvMYXiawZUUV30e5stQV%2F8A3%2BCI7q1sERZohe%2BhZ4bXoLxqe5g%2By9TZd1CNDR80gkC%2FTANdUuQNU1Z7RF39LWbENGP7uWIp4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a10681bdf848d62-HEL
content-encoding: br
X-Firefox-Spdy: h2

GET frdl.to/xfst_theme2/js/clipboard.min.js

172.67.139.217

200 OK

8.5 kB

URL GET HTTP/3
frdl.to/xfst_theme2/js/clipboard.min.js
IP
172.67.139.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Certificate
IssuerGoogle Trust Services
Subjectfrdl.to
Fingerprint01:C5:9B:71:5F:FB:21:0A:CA:14:6B:7F:B9:E8:E9:FC:79:2D:A6:07
ValidityTue, 18 Jun 2024 23:21:27 GMT - Mon, 16 Sep 2024 23:21:26 GMT

File type
gzip compressed data, from Unix
Size
8.5 kB (8452 bytes)
Hash
05b1cb94f733eca668439f5192fb9297
d2c4fec007ef7400ce6cf73d0b36f40e8d2ed087
e701a9a1a42449ad0226f2d6657be509522870b69a13ece7893684f329520d0d

HTTP Headers

GET /xfst_theme2/js/clipboard.min.js HTTP/1.1
Host: frdl.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 10 Jul 2024 12:02:45 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 10 Dec 2022 15:13:04 GMT
vary: Accept-Encoding
etag: W/"6394a200-23c8"
expires: Mon, 22 Jul 2024 13:31:33 GMT
cache-control: max-age=2592000
access-control-allow-origin: *, *
access-control-allow-headers: X-Requested-With, X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS, GET,POST,OPTIONS
access-control-allow-credentials: true, true
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block, 1; mode=block
content-encoding: gzip
cf-cache-status: HIT
age: 1549872
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FHGmWyNpS2GT%2FKqr5Cba0tbZF0rp7EGpu7MU5on3zqRx55F00kcbesfZEJi%2BQq%2FcufV6cICARRQRaTe1A0SYU6skQtbwBgHs4eVd9KPhWMFPj8iXcQalODy2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a106817defd56c9-OSL
alt-svc: h3=":443"; ma=86400

GET frdl.to/xfst_theme2/js/jquery-1.9.1.min.js

172.67.139.217

200 OK

93 kB

URL GET HTTP/3
frdl.to/xfst_theme2/js/jquery-1.9.1.min.js
IP
172.67.139.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Certificate
IssuerGoogle Trust Services
Subjectfrdl.to
Fingerprint01:C5:9B:71:5F:FB:21:0A:CA:14:6B:7F:B9:E8:E9:FC:79:2D:A6:07
ValidityTue, 18 Jun 2024 23:21:27 GMT - Mon, 16 Sep 2024 23:21:26 GMT

File type
JavaScript source, ASCII text, with very long lines (32089)
Size
93 kB (92629 bytes)
Hash
397754ba49e9e0cf4e7c190da78dda05
ae49e56999d82802727455f0ba83b63acd90a22b
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

HTTP Headers

GET /xfst_theme2/js/jquery-1.9.1.min.js HTTP/1.1
Host: frdl.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 10 Jul 2024 12:02:45 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 14 Oct 2022 10:01:15 GMT
vary: Accept-Encoding
etag: W/"6349336b-169d5"
expires: Sun, 04 Aug 2024 09:11:54 GMT
cache-control: max-age=2592000
access-control-allow-origin: *, *
access-control-allow-headers: X-Requested-With, X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS, GET,POST,OPTIONS
access-control-allow-credentials: true, true
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block, 1; mode=block
content-encoding: gzip
cf-cache-status: HIT
age: 442251
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qzPgu3fMLOaOk5Ruud1mLXZVTtYHIcU04cwxjkQOh0jQHKaE10rb8fpP6ut9W5wlp9mqamRQEqdDWKX3qZ2ADEFO7sJbgZBt6CWokE6fQjPl5g2zspvnRTK1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a106817cedb56c9-OSL
alt-svc: h3=":443"; ma=86400

GET frdl.to/wit1zt2wzbf0/favicon.ico

172.67.139.217

200 OK

14 kB

URL GET HTTP/3
frdl.to/wit1zt2wzbf0/favicon.ico
IP
172.67.139.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Certificate
IssuerGoogle Trust Services
Subjectfrdl.to
Fingerprint01:C5:9B:71:5F:FB:21:0A:CA:14:6B:7F:B9:E8:E9:FC:79:2D:A6:07
ValidityTue, 18 Jun 2024 23:21:27 GMT - Mon, 16 Sep 2024 23:21:26 GMT

File type
JavaScript source, ASCII text, with very long lines (736)
Size
14 kB (14334 bytes)
Hash
51701539bc2b0997609aa06eb4974928
b4a084f61b91224317cc6931ed72e620bec57301
e4b1e89f4ee46cf35d65dcc65fcbdf6b077f8cd4941df48e960af22c99fed38e

HTTP Headers

GET /wit1zt2wzbf0/favicon.ico HTTP/1.1
Host: frdl.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Cookie: _ga_RL652D9SYS=GS1.1.1720612965.1.0.1720612965.0.0.0; _ga=GA1.1.953054974.1720612966
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 10 Jul 2024 12:02:46 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=0;includeSubDomains;
x-content-type-options: nosniff, nosniff, nosniff
x-frame-options: SAMEORIGIN
expires: Tue, 09 Jul 2024 12:02:46 GMT
access-control-allow-origin: *, *
access-control-allow-headers: X-Requested-With, X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS, GET,POST,OPTIONS
access-control-allow-credentials: true, true
x-xss-protection: 1; mode=block, 1; mode=block
cf-cache-status: BYPASS
set-cookie: affiliate=n7F7Jrl%2FEo2MryqFH%2BBkooSX1Ga6m0j7i5epkk%2FkNkH0by8GBelG7%2FaSwdiJne%2BxUmLtjg%2F5wWMjyhdj1p78VviX3WJNlBu2BZT1ZZYdE2JcFgbaXp9gPRCCY6Kp3hWiHgd1z72cAIZ4gjaP21mNHUNVUodKjw%3D%3D; domain=.freedl.ink; path=/; expires=Wed, 24-Jul-2024 12:02:46 GMT
lang=english; domain=.freedl.ink; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7lQkmyfWYgvwmH%2BKC2HkjCWPEFKLGl4%2FKSKEHFLIigBMQHoIiCt8LhArlsgONS7itdi2imbB3k7nZx8a7zgmgd1gpL62eK0njcnmW%2BKuTwj6K6C7v7DbjNV2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a10681c7c8c56c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap

142.250.74.106

200 OK

16 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintC7:12:52:3A:BD:E0:73:20:AD:A8:5F:DF:12:DB:C6:DE:AF:63:88:6B
ValidityThu, 13 Jun 2024 16:32:33 GMT - Thu, 05 Sep 2024 16:32:32 GMT

File type
ASCII text
Size
16 kB (16470 bytes)
Hash
32091ddc804c12b484f20b93e3d78669
3f95d2b1dccf36f2048ead1088acbccd6033f119
f1e4c18549167223af672ff319ac7293d52e09fd02544d08d4166078b5f36c4d

HTTP Headers

GET /css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://frdl.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 10 Jul 2024 12:02:45 GMT
date: Wed, 10 Jul 2024 12:02:45 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET frdl.to/xfst_theme2/css/style.min.css?t=5

172.67.139.217

200 OK

189 kB

URL GET HTTP/3
frdl.to/xfst_theme2/css/style.min.css?t=5
IP
172.67.139.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Certificate
IssuerGoogle Trust Services
Subjectfrdl.to
Fingerprint01:C5:9B:71:5F:FB:21:0A:CA:14:6B:7F:B9:E8:E9:FC:79:2D:A6:07
ValidityTue, 18 Jun 2024 23:21:27 GMT - Mon, 16 Sep 2024 23:21:26 GMT

File type
assembler source, ASCII text, with very long lines (61504)
Size
189 kB (189007 bytes)
Hash
4f2ada6a62b3df6773a827d16d2180a9
2e5dd23ba5f792a18477ffbdfe4c4561c34301bd
1c78e7aba432bfb05b65f1c37fcf2a4f3438c20b3c2a727af462834e9567ccb0

HTTP Headers

GET /xfst_theme2/css/style.min.css?t=5 HTTP/1.1
Host: frdl.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 10 Jul 2024 12:02:45 GMT
content-type: text/css
last-modified: Fri, 14 Oct 2022 10:01:01 GMT
vary: Accept-Encoding
etag: W/"6349335d-2e24f"
expires: Fri, 09 Aug 2024 12:02:45 GMT
cache-control: max-age=2592000
access-control-allow-origin: *, *
access-control-allow-headers: X-Requested-With, X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS, GET,POST,OPTIONS
access-control-allow-credentials: true, true
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block, 1; mode=block
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SxWWV0n4O8AuOddjib1VUB0jXIV%2BkPCXzWoQCvkLEO9NGCrDzBXyGXHgBA%2BhdVun%2BpmCp%2BfzMjuFsIV1qqmpINgYSQrNpnhNazoY4JVAMbIuf5ollwBDG6%2FZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a106817cedd56c9-OSL
alt-svc: h3=":443"; ma=86400

GET frdl.to/xfst_theme2/js/script.js

172.67.139.217

200 OK

520 B

URL GET HTTP/3
frdl.to/xfst_theme2/js/script.js
IP
172.67.139.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Certificate
IssuerGoogle Trust Services
Subjectfrdl.to
Fingerprint01:C5:9B:71:5F:FB:21:0A:CA:14:6B:7F:B9:E8:E9:FC:79:2D:A6:07
ValidityTue, 18 Jun 2024 23:21:27 GMT - Mon, 16 Sep 2024 23:21:26 GMT

File type
JavaScript source, ASCII text, with very long lines (536), with no line terminators
Size
520 B (520 bytes)
Hash
b9cdd1474f5d47f47a96607e273a190f
9370173f06f31b9da130fac79fb6e5d6366d9200
1ea4d89f08efe3652210b7e481611751102a962a7b2f8d4436d2c43da7feffa2

HTTP Headers

GET /xfst_theme2/js/script.js HTTP/1.1
Host: frdl.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 10 Jul 2024 12:02:45 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 14 Oct 2022 10:01:17 GMT
etag: W/"6349336d-208"
expires: Mon, 22 Jul 2024 13:31:33 GMT
cache-control: max-age=2592000
access-control-allow-origin: *, *
access-control-allow-headers: X-Requested-With, X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS, GET,POST,OPTIONS
access-control-allow-credentials: true, true
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block, 1; mode=block
cf-cache-status: HIT
age: 1549872
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OWxlNp54W08JCcQkspkn0grAmexYcWmrzu5kP06fujqqOI0LQrKX%2BfHeNxEnG69EfCArJCHM0FdC7upLeB0e65Nw93ZKi1g%2BBZQwsHgH4SkQt9EgxBI5TrCp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a106817df0356c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar

172.67.139.217

200 OK

14 kB

URL User Request GET HTTP/2
frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
IP
172.67.139.217:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectfrdl.to
Fingerprint01:C5:9B:71:5F:FB:21:0A:CA:14:6B:7F:B9:E8:E9:FC:79:2D:A6:07
ValidityTue, 18 Jun 2024 23:21:27 GMT - Mon, 16 Sep 2024 23:21:26 GMT

File type
JavaScript source, ASCII text, with very long lines (736)
Size
14 kB (14285 bytes)
Hash
519ac6203e39e58c276d83c86c05ecdb
77304f82c741c288ce012a965e525f8fb49bed2d
29a0fc45893cad9dc978e7361849b15ab933e20bb2f64be6c9690408897eada3

HTTP Headers

GET /wit1zt2wzbf0/ANIDOU3328.part1.rar HTTP/1.1
Host: frdl.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:02:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=0;includeSubDomains;
x-content-type-options: nosniff, nosniff, nosniff
x-frame-options: SAMEORIGIN
expires: Tue, 09 Jul 2024 12:02:44 GMT
access-control-allow-origin: *, *
access-control-allow-headers: X-Requested-With, X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS, GET,POST,OPTIONS
access-control-allow-credentials: true, true
x-xss-protection: 1; mode=block, 1; mode=block
cf-cache-status: BYPASS
set-cookie: lang=english; domain=.freedl.ink; path=/
affiliate=xhZF6E9ft2eMryqFH%2BBkonXyDejPG70faluuU3e02223sKBiMNXi6Cby9OAelX4%2BfJvK1kSpa57TBlHXLvsQoq8i2ybTPfc%3D; domain=.freedl.ink; path=/; expires=Wed, 24-Jul-2024 12:02:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TJrU9PhfPIjr%2FmqyfLYHfCeIhlZvYBcJq2V9Np5gMw9Htk785OGp0du8z5HVoSWrIEW3StRQQnzJSXolSIGp1dUyaxI9iPD%2FiEJjuuV5M0Yb180obGaX5SNi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a1068143f0856ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css2?family=Karla:wght@200;300;400;500&family=Source+Sans+Pro:wght@200;300;400;600&display=swap

142.250.74.106

200 OK

13 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Karla:wght@200;300;400;500&family=Source+Sans+Pro:wght@200;300;400;600&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintC7:12:52:3A:BD:E0:73:20:AD:A8:5F:DF:12:DB:C6:DE:AF:63:88:6B
ValidityThu, 13 Jun 2024 16:32:33 GMT - Thu, 05 Sep 2024 16:32:32 GMT

File type
ASCII text
Size
13 kB (13204 bytes)
Hash
6317433d4cca5d9db0f0324b17870827
65130a4dd2d832b5f19f342844a81c23b1813d83
43a52c7b1448ea0192fe12c6b2b2c5fd14c079f7254e71ea49e0db5a5dbbf832

HTTP Headers

GET /css2?family=Karla:wght@200;300;400;500&family=Source+Sans+Pro:wght@200;300;400;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://frdl.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 10 Jul 2024 12:02:45 GMT
date: Wed, 10 Jul 2024 12:02:45 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET waust.at/d.js

172.67.71.57

200 OK

15 kB

URL GET HTTP/2
waust.at/d.js
IP
172.67.71.57:443
ASN
#13335 CLOUDFLARENET

Requested by
https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Certificate
IssuerGoogle Trust Services
Subjectwaust.at
Fingerprint23:97:A9:BF:8A:3F:8F:7E:DD:39:FB:28:55:22:37:0A:6E:8E:9F:1B
ValidityTue, 02 Jul 2024 02:16:40 GMT - Mon, 30 Sep 2024 02:16:39 GMT

File type
JavaScript source, ASCII text, with very long lines (14706), with no line terminators
Size
15 kB (14706 bytes)
Hash
38cdedd658fa41770f607c0b117c1f82
3f3c9c6c330ab649e27ec56a8d852e9d41b0edf4
951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c

HTTP Headers

GET /d.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://frdl.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:02:45 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Jan 2023 17:19:44 GMT
etag: W/"63c04130-3972"
expires: Thu, 11 Jul 2024 11:48:27 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 858
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=52kmO2Ij9PCsxem9pbMToKNy7glEatZjI1%2FvlVwquL2Jt8kut4Wky25CdP54qtymo%2B%2FdDvheCMNly9Aw9JrRM2REnABHVjf8w40FjIQVbnRsFJEMMAwK4zt4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a1068182e337130-OSL
X-Firefox-Spdy: h2

GET frdl.to/xfst_theme2/css/bootstrap.min.css

172.67.139.217

200 OK

156 kB

URL GET HTTP/3
frdl.to/xfst_theme2/css/bootstrap.min.css
IP
172.67.139.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Certificate
IssuerGoogle Trust Services
Subjectfrdl.to
Fingerprint01:C5:9B:71:5F:FB:21:0A:CA:14:6B:7F:B9:E8:E9:FC:79:2D:A6:07
ValidityTue, 18 Jun 2024 23:21:27 GMT - Mon, 16 Sep 2024 23:21:26 GMT

File type
ASCII text, with very long lines (65324)
Size
156 kB (155758 bytes)
Hash
a15c2ac3234aa8f6064ef9c1f7383c37
6e10354828454898fda80f55f3decb347fd9ed21
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

HTTP Headers

GET /xfst_theme2/css/bootstrap.min.css HTTP/1.1
Host: frdl.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://frdl.to/xfst_theme2/css/style.min.css?t=5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 10 Jul 2024 12:02:45 GMT
content-type: text/css
last-modified: Fri, 14 Oct 2022 10:00:59 GMT
vary: Accept-Encoding
etag: W/"6349335b-2606e"
expires: Mon, 22 Jul 2024 13:31:33 GMT
cache-control: max-age=2592000
access-control-allow-origin: *, *
access-control-allow-headers: X-Requested-With, X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS, GET,POST,OPTIONS
access-control-allow-credentials: true, true
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block, 1; mode=block
content-encoding: gzip
cf-cache-status: HIT
age: 1549872
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FZFvYIxcL%2BPazUusrm8qoVBlWGxVqjJQmlmwaYj%2FF95cGZcuBq9L4DaeZbjyHEIFUsax%2BtGQc%2F7OK4QoOHS%2BqNt257OJGDP0jNvoWyN4LZkMS4%2BdsXpKTU8s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a106819b93756c9-OSL
alt-svc: h3=":443"; ma=86400

GET t.dtscout.com/pv/?_a=v&_h=frdl.to&_ss=6jtit38c6m&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=34wz&_cb=_dtspv.c

141.101.120.11

200 OK

51 B

URL GET HTTP/2
t.dtscout.com/pv/?_a=v&_h=frdl.to&_ss=6jtit38c6m&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=34wz&_cb=_dtspv.c
IP
141.101.120.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://frdl.to/wit1zt2wzbf0/ANIDOU3328.part1.rar
Certificate
IssuerGoogle Trust Services LLC
Subjectdtscout.com
Fingerprint66:24:0A:22:22:C6:B9:75:79:CD:A9:A3:78:A2:89:16:CD:0F:2F:4A
ValidityWed, 15 May 2024 16:12:47 GMT - Tue, 13 Aug 2024 16:12:46 GMT

File type
ASCII text, with no line terminators
Size
51 B (51 bytes)
Hash
86f5d423382435793ccebfeb12e81507
307c81f2e952e0c7e1b47b744e1af550cf569f42
a712e44557437d558ff3435e81687ca88dbddb4de6360f57a34eacde808553f6

HTTP Headers

GET /pv/?_a=v&_h=frdl.to&_ss=6jtit38c6m&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=34wz&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://frdl.to/
Cookie: m=1; df=1720612965
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:02:46 GMT
content-type: application/javascript
x-t: 0.16
x-c: 0
expires: Wed, 10 Jul 2024 12:02:45 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4clMBjNXWrEybBbi%2BXk6vFb0D%2FWtWgrN3Zxz2jWYZenVS35FT1Nu88PCMLJ0d9kZymjC7l3u82aG%2FsjKh4mA631EJe1Mgs2UJ6i9eQQKE9G010yF2foO7eevgFyCIvA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a10681db8ec8d62-HEL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by