GET cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
200 OK 28 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (65451)
Hash 220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 16 Sep 2023 19:59:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 27755
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64942b1e-6c6b"
last-modified: Thu, 22 Jun 2023 11:06:06 GMT
cf-cdnjs-via: cfworker/r2
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1406938
expires: Thu, 05 Sep 2024 19:59:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JutMndsLfnFxvpAc6O82%2BvA1pd%2F%2FW3mbrRZ%2BfOMaZMtv8oD4Q38Lzgq5lkzs7hb5HD6oPdgh5ex1vU7iFxZIoDQlJ4ui1NTLONx22KvKQ05cSvgz4gP2zdAzM9h2Po4OghQOxEiv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 807bb0018c2ab4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
200 OK 591 B URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (1266)
Hash 4412bf8023109ee9eb1f1f226d391329
c273960aa874a87dd022b5e597887142f1b8e34f
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
GET /ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 16 Sep 2023 19:59:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 591
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-514"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 272655
expires: Thu, 05 Sep 2024 19:59:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98qFYopKU9kqWmwqTENraJdLGBDcN%2FZeyYM8Sgxc%2BwypuNRVS6koFhRRG%2F1KXLJCiDRm45XIodE3%2FKQv8zoumwfpEl3vGL0GrC81lLiRVhwOfh0RfGaF4b7Bf5rbaEkB7khqSyFO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 807bb001dc69b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET i.doodcdn.co/img/no_video_3.svg
200 OK 2.8 kB URL GET HTTP/2 i.doodcdn.co/img/no_video_3.svg
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint95:79:36:28:82:A7:27:27:28:6B:8B:F8:02:2B:6E:BE:EC:06:A5:C3
ValiditySun, 12 Feb 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (2789)
Hash 077bfdaa49ae4877a42611b739ec4752
a2f9e1222b7af9abc05122411ab8902efcc08ead
70d6a17097a8c27edfaad6740e11359d9363f3f04bff1b93483e29c25609fa6c
GET /img/no_video_3.svg HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 16 Sep 2023 19:59:01 GMT
content-type: image/svg+xml
content-length: 2812
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
etag: "61d3187c-afc"
expires: Sun, 15 Oct 2023 20:23:35 GMT
cache-control: public, max-age=2592000, no-transform
access-control-allow-origin: *
cf-cache-status: HIT
age: 84874
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jnjTnD438DNw8vdIOMVHsV01WRZaJ%2Fs%2Fo0dKQq%2BfGyukoX8xid84YPzSsuXD3se7T8DogYWtHpFnc%2F7wr95vg7NIcxq8Unv6jSEOvsKbtn2MVWzJay0pqAheAdo2Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 807bb001db6a0b06-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
471 B IP
Hash 9d3e0edc89ef77a62aa1284158e42482
805904e533f75c32c925e34779ec24aa55f5edad
5cc20af05ca0b8932aa70b4e5df4c1bbb38103e29782e67c9b03fe8d2d84bf60
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 16 Sep 2023 19:59:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.7 kB IP
ASN #20940 Akamai International B.V.
Hash 7e21115e9562f24ca4df6ea161ca481e
c02143f68b58f9078cfdad523633aed23d879aee
6cb959b39b61468b41aabb650963b70edb18d98fdd4ca2219fd643ee82656a77
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 29fe8fba-7e49-433d-ae69-c33405d275c3
Content-Length: 1701
Date: Sat, 16 Sep 2023 19:59:01 GMT
Connection: keep-alive
1.7 kB IP
ASN #20940 Akamai International B.V.
Hash 009cde6c7d2bddfcc9c91dea0248101a
7033c6e4390e0de490d9b8c34a6ca0daa899890c
32b124fb50a359a9db402cc02292757659230bb9a3a25b442b8dea131fde6882
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 5f5096a6-6f29-4749-a125-94fd241e2d76
Content-Length: 1701
Date: Sat, 16 Sep 2023 19:59:01 GMT
Connection: keep-alive
GET i.doodcdn.co/theme_2/css/style.css?v=0.1
200 OK 38 kB URL GET HTTP/2 i.doodcdn.co/theme_2/css/style.css?v=0.1
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint95:79:36:28:82:A7:27:27:28:6B:8B:F8:02:2B:6E:BE:EC:06:A5:C3
ValiditySun, 12 Feb 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (65465)
Hash 6ff549c82309fe93cb6f38f8fcf60e49
c5621629b2a258c7fb572ab9d03517c7d60896fd
668326f298c9701a6422f5b7f229966fd87ae68940381a9c0c898197667a8c4c
GET /theme_2/css/style.css?v=0.1 HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 16 Sep 2023 19:59:01 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=249272
expires: Sat, 14 Sep 2024 20:23:36 GMT
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 84376
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3Czldy4iqTqJ49B4xLp1nwdbUyy%2BWM1ynkTQIcaV%2Bnpdxneou7BEitdihDw8BNvT%2FKNLZ04cyEUFaO%2B4T2ON4NVCCmvO%2BqnrX34bIl6kN1dh2fycAyMOHl4YYjWmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 807bb001db690b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET i.doodcdn.co/theme_2/css/fontawesome/webfonts/fa-duotone-900.woff2
200 OK 184 kB URL GET HTTP/3 i.doodcdn.co/theme_2/css/fontawesome/webfonts/fa-duotone-900.woff2
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint95:79:36:28:82:A7:27:27:28:6B:8B:F8:02:2B:6E:BE:EC:06:A5:C3
ValiditySun, 12 Feb 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 184476, version 330.-16253\012- data
Size 184 kB (184476 bytes)
Hash 2a6dec1227f9970376f578270a642d06
150a6a7ffdec6e2e2ff4c712d7cee8bd9b930284
e228b909313044a18dec1a674cfd4935071c36eb3eb6a0cd38a45afac6ae3996
GET /theme_2/css/fontawesome/webfonts/fa-duotone-900.woff2 HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dood.yt
DNT: 1
Connection: keep-alive
Referer: https://i.doodcdn.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 16 Sep 2023 19:59:01 GMT
content-type: font/woff2
content-length: 184476
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
cache-control: max-age=2592000
expires: Sun, 15 Oct 2023 20:23:56 GMT
vary: User-Agent,Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81587
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2JeUoXk8kv2T%2FGpuwXue7LNqSU2uM2yn%2BfOMxr7zjasZRIsuvb8OLgBNywjiaT10dhsHYKA97lHlHPJFpGzc9QeGNVksX7bC4FqdNg3QRkxB58GnJcbwQW9BGRbZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 807bb0045fd10b02-OSL
alt-svc: h3=":443"; ma=86400
GET alas4kanmfa6a4mubte.com/lv/esnk/1841674/code.js
200 OK 71 kB URL GET HTTP/2 alas4kanmfa6a4mubte.com/lv/esnk/1841674/code.js
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerBuypass AS-983163327
Subject
FingerprintED:B9:EC:CE:41:67:3E:5C:94:1B:96:F4:D1:B9:7B:F3:39:50:35:EE
ValidityWed, 31 May 2023 12:01:56 GMT - Sun, 26 Nov 2023 22:59:00 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash 9e9441780773384e36e528268bfc98ef
5a363ed67f1dc270fd03e09298f14d9b8dd54400
2539014fde26e0e815e9e8ced219c7cf22ea556d9c20f6f3e49763ecc1d262ee
GET /lv/esnk/1841674/code.js HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 16 Sep 2023 19:59:01 GMT
content-type: application/javascript
last-modified: Thu, 14 Sep 2023 12:16:28 GMT
vary: Accept-Encoding
etag: W/"6502f99c-1d148"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
GET fonts.googleapis.com/css?family=Nunito:200,300,300i,400,600,600i,700,700i,800,900&display=swap
200 OK 24 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Nunito:200,300,300i,400,600,600i,700,700i,800,900&display=swap
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint09:AB:BF:F5:D0:04:69:59:E1:EA:AC:DA:8B:68:CF:62:94:2E:50:38
ValidityMon, 14 Aug 2023 08:22:09 GMT - Mon, 06 Nov 2023 08:22:08 GMT
File type gzip compressed data, max compression\012- data
Hash c25db2422969b38c5838330df64f73a5
ed46523324aae6601d6c70dfc0b5ab31c509689f
1c90407aaaa84705364251aa5cb92d3a7a0c05209872c5ff32c935932ecce125
GET /css?family=Nunito:200,300,300i,400,600,600i,700,700i,800,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 16 Sep 2023 19:59:01 GMT
date: Sat, 16 Sep 2023 19:59:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
200 OK 28 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
Requested by https://dood.yt/e/tko6r5f4vaj8
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (65451)
Hash dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 16 Sep 2023 19:59:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 28007
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64942b1e-6d67"
last-modified: Thu, 22 Jun 2023 11:06:06 GMT
cf-cdnjs-via: cfworker/r2
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 863804
expires: Thu, 05 Sep 2024 19:59:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jT3G9rRyWsSxEHJ3uUoQU8E87ZpVth5ilsZ%2F9%2BccgbkgNz%2FCOegnlzsmuL7Qq10ShkVLPcosb7s2EeXecm688UE%2B5V%2BH6ZIvkJUB4YF22yVzmJZNNX9UD4hnH%2Fpjm%2FLaCizAUaX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 807bb004eb28569b-OSL
alt-svc: h3=":443"; ma=86400
GET cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
200 OK 591 B URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (1266)
Hash 4412bf8023109ee9eb1f1f226d391329
c273960aa874a87dd022b5e597887142f1b8e34f
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
GET /ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 16 Sep 2023 19:59:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 591
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-514"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 272655
expires: Thu, 05 Sep 2024 19:59:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HlfcUaco4qZypSHw4nD6l9vEvnQXglz4ZZYBRaT1sDAkqKNtCbfN%2FqbviGE0TE%2FrNkNTgJK1qZEEXcImn7WHGVKe1FGUo5vCcp6%2FAKZiY252Advj9g8UEXvus1XkyvgTllVoPw1I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 807bb004eb29569b-OSL
alt-svc: h3=":443"; ma=86400
GET i.doodcdn.co/ads/ad.js
200 OK 18 B IP
Requested by https://dood.yt/e/tko6r5f4vaj8
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint95:79:36:28:82:A7:27:27:28:6B:8B:F8:02:2B:6E:BE:EC:06:A5:C3
ValiditySun, 12 Feb 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 071c641b229d2bfadd243b8fa2a9c88d
4048ed3ad506f9bb9052c23283912d0cfea8bcc6
3716878d3ceb2042b22c092b31c6f43cc862f8464e92ddde416a49624b32716e
GET /ads/ad.js HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 16 Sep 2023 19:59:01 GMT
content-type: application/javascript
content-length: 18
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=20
expires: Sat, 14 Sep 2024 20:23:35 GMT
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
vary: User-Agent,Accept-Encoding
cf-cache-status: HIT
age: 84881
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpmBchN%2Bkv4em9mMWVjJKxTfn%2FSn%2FAvIjA529Bhz6TQky4FyfBXpQolqJGLaA6K8AfiB9jG31ISwiuvBAryWIMi4UYoPvLZx96ejzaUJ9bGnqFd7Q33UQYa4%2FDJizA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 807bb004ed8456bf-OSL
alt-svc: h3=":443"; ma=86400
GET i.doodcdn.co/css/embed.css
200 OK 80 kB URL GET HTTP/3 i.doodcdn.co/css/embed.css
IP
Requested by https://dood.yt/e/tko6r5f4vaj8
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint95:79:36:28:82:A7:27:27:28:6B:8B:F8:02:2B:6E:BE:EC:06:A5:C3
ValiditySun, 12 Feb 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash 010e9740f2148647b93ae896d452119c
888e44accbd7e78a0654fd4eaf7541269d95e4e9
d33d9d5fc2eef77dd7cda0770e9bc8213f058f2ead19b7d9b7ed731bcd081a47
GET /css/embed.css HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 16 Sep 2023 19:59:01 GMT
content-type: text/css
content-length: 79720
access-control-allow-origin: *
cache-control: public, max-age=2592000, no-transform
cf-bgj: minify
cf-polished: origSize=79890
etag: "61d3187c-13812"
expires: Sun, 15 Oct 2023 20:23:35 GMT
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
cf-cache-status: HIT
age: 84881
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDha9Y7PwuJsIVSjzVeXhEZlWxWathmS%2Brez%2Blq8q3ZdLtkH7iHAq3IhdWeQ8rLVe9oVz4ZjiUFwgMXqIi8wQTJJ8Sj3tpO78nv%2BdNzFIaa%2FoFJnsZEM7pzkhXmy8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 807bb004fd8656bf-OSL
alt-svc: h3=":443"; ma=86400
GET i.doodcdn.co/js/embed2.js
200 OK 339 kB URL GET HTTP/3 i.doodcdn.co/js/embed2.js
IP
Requested by https://dood.yt/e/tko6r5f4vaj8
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint95:79:36:28:82:A7:27:27:28:6B:8B:F8:02:2B:6E:BE:EC:06:A5:C3
ValiditySun, 12 Feb 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Size 339 kB (339271 bytes)
Hash cac27d72c22014f70500e507a7a82231
edcac36287bfc654b2ee6c0fe0727cdc725a9fe5
01c49e02b98bc8a4275650b65787cdd100c362abc7e54e8b9e99396b6117c2c6
GET /js/embed2.js HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 16 Sep 2023 19:59:01 GMT
content-type: application/javascript
content-length: 339271
access-control-allow-origin: *
cache-control: public, max-age=2592000, no-transform
cf-bgj: minify
cf-polished: origSize=339527
etag: "61d3187c-52e47"
expires: Sun, 15 Oct 2023 20:23:35 GMT
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
cf-cache-status: HIT
age: 84896
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sude1AyU8O1xcraNRp0vnCNchM71CJd69yUr8r7dJyeB1qBF7UUOXAHxbVvSwR4PCeXLZ%2F62QoRbDtfbNQMUzzE4FAxcwB5ULfwoD35k3nFKTSSLRvJbDDMw%2Bw%2Fffw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 807bb004fd8956bf-OSL
alt-svc: h3=":443"; ma=86400
GET img.doodcdn.co/splash/b39nqo1zp26a95a3.jpg
200 OK 90 kB URL GET HTTP/3 img.doodcdn.co/splash/b39nqo1zp26a95a3.jpg
IP
Requested by https://dood.yt/e/tko6r5f4vaj8
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint95:79:36:28:82:A7:27:27:28:6B:8B:F8:02:2B:6E:BE:EC:06:A5:C3
ValiditySun, 12 Feb 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1204x715, components 3\012- data
Hash fb179588b837d238b11f832255d310ee
7343062ee110c1a2025e65f841f943fdfdabc994
92c1f4263ecb9476449ad3a8989d9ad0378453f8398fb2a9510b46fa3e809004
GET /splash/b39nqo1zp26a95a3.jpg HTTP/1.1
Host: img.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 16 Sep 2023 19:59:01 GMT
content-type: image/jpeg
content-length: 90253
access-control-allow-origin: *
cache-control: max-age=1209600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=91701
etag: "643a0ae5-16635"
expires: Sat, 30 Sep 2023 10:31:16 GMT
last-modified: Sat, 15 Apr 2023 02:24:37 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGY7BWawXaVpqeFZRlKgPeaZIK0fRf%2B6qbPEwj83F2%2FjP7orM81cfT%2Fc3leO7jnCRb2AWbHnRHm0Z0jLMQRWkavgtZmccL0iOdqvzQo6w78Zq42Qg%2BDwql4%2FHV%2FLTGm%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 807bb0052da556bf-OSL
alt-svc: h3=":443"; ma=86400
GET dood.yt/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
200 OK 10 kB URL GET HTTP/3 dood.yt/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerGoogle Trust Services LLC
Subjectdood.yt
Fingerprint78:FC:96:CF:41:7A:7F:5B:E2:2F:F3:C8:5D:ED:CB:40:0D:87:BA:5E
ValidityWed, 13 Sep 2023 00:54:45 GMT - Tue, 12 Dec 2023 00:54:44 GMT
File type ASCII text, with very long lines (7374), with no line terminators
Hash c2e5d92ac095a8822ff1a2f7c60b1c49
1b0a8c65bc06a40638df4220cbcf0cc27fe7b167
26e53ab40148f30a7ad3e9c647545c918366acb1f095f76fd99e03c93658adc1
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js HTTP/1.1
Host: dood.yt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: dref_url=none; lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 16 Sep 2023 19:59:01 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
cache-control: max-age=14400, public
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMpBqDdR%2Brg4J%2FfJT3eqmMds%2BLJmhSlQFNoQ0RV9MHJCJLloIMa%2FtiTLirj8oJDlNVbwtS2CplzK01VHSJyLw8l4W9KNOhJ0Q%2BPrWHu4%2FrGnxMZB873%2ForE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 807bb004e808b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET dood.yt/favicon.ico
200 OK 15 kB IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerGoogle Trust Services LLC
Subjectdood.yt
Fingerprint78:FC:96:CF:41:7A:7F:5B:E2:2F:F3:C8:5D:ED:CB:40:0D:87:BA:5E
ValidityWed, 13 Sep 2023 00:54:45 GMT - Tue, 12 Dec 2023 00:54:44 GMT
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 30d3656f43c817e38c3e7d70b2bfbdad
1aa43b43755e7cba5e145d0978517f7bedad7da6
a558a4796f60f07743027eec96b538b2e7758cca8c544ed796ff745837478555
GET /favicon.ico HTTP/1.1
Host: dood.yt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/d/tko6r5f4vaj8
Cookie: dref_url=none; lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 16 Sep 2023 19:59:02 GMT
content-type: image/x-icon
content-length: 15406
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
etag: "61d3187c-3c2e"
expires: Tue, 19 Sep 2023 09:00:42 GMT
cache-control: public, max-age=2592000, no-transform
access-control-allow-origin: *
cf-cache-status: HIT
age: 1422904
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YpG9iYjBlwtQrmLZx1D1vZk9gvoeCWW4QY0nsQAr3kWtBAMgr8VDEa8%2Fl0FijvskrqcygLwNtEb%2Fvtsyyx%2F8vfiJa4%2B6aaV%2F3Gr%2FSMWEpoxmVRPL3MPG4Zk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 807bb006595db518-OSL
alt-svc: h3=":443"; ma=86400
471 B IP
Hash 30028a276357e8a953dbce6ad1f4d4e7
8a118fa65b5c361ab69eaeb334834f5ccf8eca5d
e1d95024f3b52f4e529edd65026bdc68d9ece6d359da98726ca77bb7d0532683
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 16 Sep 2023 19:59:02 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 13 Sep 2023 17:08:45 GMT
Expires: Wed, 20 Sep 2023 17:08:44 GMT
Etag: "8a118fa65b5c361ab69eaeb334834f5ccf8eca5d"
Cache-Control: max-age=603686,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 621
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 807bb006dc4c56aa-OSL
1.7 kB IP
ASN #20940 Akamai International B.V.
Hash 7b5ea533d6bd92c3085edc2e4820a163
bc9890904e7e16ce64fda1a2239760377cd3e6a3
23d2096cf961387096837f8a0644989259e67565c0c9d39a5f17385df4633d49
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 92825f4e-d2fa-48dc-9090-de3288d309af
Content-Length: 1701
Date: Sat, 16 Sep 2023 19:59:02 GMT
Connection: keep-alive
GET fvcwqkkqmuv.com/aas/r45d/vki/1941940/bb844794.js
200 OK 32 kB URL GET HTTP/2 fvcwqkkqmuv.com/aas/r45d/vki/1941940/bb844794.js
IP
Requested by https://dood.yt/e/tko6r5f4vaj8
Certificate IssuerBuypass AS-983163327
Subject
Fingerprint9A:2F:14:29:BF:3A:F6:04:3C:73:42:7B:73:9F:C1:FE:76:C6:D5:0F
ValidityWed, 31 May 2023 13:01:06 GMT - Sun, 26 Nov 2023 22:59:00 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash feef2e658edb3b82a808011b66dc7212
2440c1ad43c9a3189ff0a8369ff8741c14f3d968
0e8b96644efa26fae10d6f9f94c9e5b0fc06c8418d44672fe5f2d350cf2e9bec
GET /aas/r45d/vki/1941940/bb844794.js HTTP/1.1
Host: fvcwqkkqmuv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 16 Sep 2023 19:59:02 GMT
content-type: application/javascript
last-modified: Thu, 14 Sep 2023 12:16:28 GMT
vary: Accept-Encoding
etag: W/"6502f99c-1494f"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
GET i.doodcdn.co/theme_2/css/bootstrap.min.css
200 OK 44 kB URL GET HTTP/2 i.doodcdn.co/theme_2/css/bootstrap.min.css
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint95:79:36:28:82:A7:27:27:28:6B:8B:F8:02:2B:6E:BE:EC:06:A5:C3
ValiditySun, 12 Feb 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (65324)
Hash 7cc40c199d128af6b01e74a28c5900b0
d305110fb79113a961394b433d851a3410342b8c
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
GET /theme_2/css/bootstrap.min.css HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 16 Sep 2023 19:59:01 GMT
content-type: text/css
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
cache-control: public, max-age=2592000
expires: Sat, 14 Sep 2024 20:23:35 GMT
vary: Accept-Encoding,User-Agent
access-control-allow-origin: *
cf-cache-status: HIT
age: 84752
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2M6al5GMG0XWpKM8H71h8iog6dV6BvDUvHPNO6s7N4ll4DrmHklMsnexN9JKR7yh3xXXWOYnzoBna62vnGJNaMyinB8778zQBgAd%2FABBbOomcq0q9kdl17C2tUJy6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 807bb001db700b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET i.doodcdn.co/img/no_video_3.svg
200 OK 2.8 kB URL GET HTTP/2 i.doodcdn.co/img/no_video_3.svg
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint95:79:36:28:82:A7:27:27:28:6B:8B:F8:02:2B:6E:BE:EC:06:A5:C3
ValiditySun, 12 Feb 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (2789)
Hash 077bfdaa49ae4877a42611b739ec4752
a2f9e1222b7af9abc05122411ab8902efcc08ead
70d6a17097a8c27edfaad6740e11359d9363f3f04bff1b93483e29c25609fa6c
GET /img/no_video_3.svg HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 16 Sep 2023 19:59:02 GMT
content-type: image/svg+xml
content-length: 2812
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
etag: "61d3187c-afc"
expires: Sun, 15 Oct 2023 20:23:35 GMT
cache-control: public, max-age=2592000, no-transform
access-control-allow-origin: *
cf-cache-status: HIT
age: 84875
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHmVN0Yh6Zqz9OIdK9a8HOcViw77delUrbuGjk1HxHsJuy6FxxM%2FkiNV58EYZsOMk7WW%2B62UJqCPdjLyO4tTCC%2FBP3uZ8%2FhrumVEPi8y2KuNjidRXvr9X1XrL9pYsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 807bb008289356bf-OSL
alt-svc: h3=":443"; ma=86400
GET cdn.bncloudfl.com/bn/eac/8e8/369/eac8e8369f822993a74bcd42cff79241c50fd011.gif
200 OK 60 kB URL GET HTTP/2 cdn.bncloudfl.com/bn/eac/8e8/369/eac8e8369f822993a74bcd42cff79241c50fd011.gif
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA0:6F:CE:1E:5C:62:F4:89:8E:4E:0C:40:FE:AE:79:4C:83:7B:90:C8
ValidityFri, 31 Mar 2023 00:00:00 GMT - Sat, 30 Mar 2024 23:59:59 GMT
File type GIF image data, version 89a, 300 x 100\012- data
Hash 8288ed0e1e132023537dfdcdda356cd2
eac8e8369f822993a74bcd42cff79241c50fd011
774d85e2bed782f9da27179f9fdf16c9ba2b7c7a66ce880017b5711e96bc5d31
GET /bn/eac/8e8/369/eac8e8369f822993a74bcd42cff79241c50fd011.gif HTTP/1.1
Host: cdn.bncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 16 Sep 2023 19:59:02 GMT
content-type: image/gif
content-length: 59549
etag: 8288ed0e1e132023537dfdcdda356cd2
last-modified: Thu, 20 Apr 2023 09:38:39 GMT
x-timestamp: 1681983518.92304
x-trans-id: tx0864e65dcb0f45299a923-0064410aa0
x-openstack-request-id: tx0864e65dcb0f45299a923-0064410aa0
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Mon, 18 Sep 2023 13:09:35 GMT
cache-control: max-age=432000
x-proxy-cache: HIT
cf-cache-status: HIT
age: 24567
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kqq3NvVYI9%2Be9zeCmO%2B%2FVOMPpjOsLtyTPmu%2BwnEXu7%2BC9eHwYCgHYZNhcrsUFj3S06Fi8%2FJFZ28%2Ff8i1wriFCI74Vg8m%2FHKjhQw%2FVLVpptAcLEODrBqloCOGj4r9qahv7qKjiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 807bb00888600afe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET i.wlicdn.com/01d/234/37f/1c0427f21dbd7a8272749c23b97370c1_thumb_medium.jpg
200 OK 3.4 kB URL GET HTTP/2 i.wlicdn.com/01d/234/37f/1c0427f21dbd7a8272749c23b97370c1_thumb_medium.jpg
IP
ASN #209242 Cloudflare London, LLC
Requested by https://bngdyn.com/promo.php?c=629199&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=100&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=none&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=custom&db%5Bmpad%5D=19&db%5Bmwidth%5D=120&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23EEEEEE&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0&db%5Bchat%5D=0
Certificate IssuerLet's Encrypt
Subjecti.wlicdn.com
Fingerprint24:DE:AA:3F:96:BD:5F:10:1E:98:AD:DA:0D:B1:DB:E0:0B:E7:90:20
ValidityThu, 31 Aug 2023 08:31:30 GMT - Wed, 29 Nov 2023 08:31:29 GMT
File type JPEG image data, progressive, precision 8, 232x174, components 3\012- data
Hash 03c3dd32fef849cb46a20852d487ba50
abd12001e0a09b319cad2b4c3e2816ba6e502048
46b7f48da4ac7f1102c4b0d694861e1fc30a35040eee3b5e4a2aaf92d45d9951
GET /01d/234/37f/1c0427f21dbd7a8272749c23b97370c1_thumb_medium.jpg HTTP/1.1
Host: i.wlicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bngdyn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 16 Sep 2023 19:59:02 GMT
content-type: image/jpeg
content-length: 3443
cf-bgj: h2pri
access-control-allow-origin: *
cache-control: max-age=2592000
etag: "643c8670-d73"
expires: Sat, 30 Sep 2023 17:45:11 GMT
last-modified: Sun, 16 Apr 2023 23:36:16 GMT
x-o3-p2: EXPIRED
cf-cache-status: HIT
age: 1390424
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 807bb008a935b4ff-OSL
X-Firefox-Spdy: h2
GET dood.yt/cdn-cgi/challenge-platform/scripts/jsd/main.js
302 Found 7.9 kB URL GET HTTP/3 dood.yt/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerGoogle Trust Services LLC
Subjectdood.yt
Fingerprint78:FC:96:CF:41:7A:7F:5B:E2:2F:F3:C8:5D:ED:CB:40:0D:87:BA:5E
ValidityWed, 13 Sep 2023 00:54:45 GMT - Tue, 12 Dec 2023 00:54:44 GMT
File type JPEG image data, progressive, precision 8, 232x174, components 3\012- data
Hash 00a1776037e35b0744020ef09a2929f0
8231e1b7ce9b30b5d8a7000424037cc179f0b7eb
df60779808bda386819f1cfef4e797218914ba31b712eb7966ef139591f8163d
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: dood.yt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: dref_url=none
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sat, 16 Sep 2023 19:59:01 GMT
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
vary: accept-encoding
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqwu4CyxOVNAP4UVb4J5UNdA%2BI43dw90QIYkLO6SHy32CugsI78AWUly0b%2FyLz6C6YGO551QIvbg3zbsMgii6UFAtrOgULZj%2B2WJ3kALIIB0DafYqwEKkEI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 807bb004afe5b518-OSL
alt-svc: h3=":443"; ma=86400
GET deductionkeepingbabysitter.com/6f/0a/93/6f0a93cda652e64b72651fd9588be3d4.js
200 OK 11 kB URL GET HTTP/1.1 deductionkeepingbabysitter.com/6f/0a/93/6f0a93cda652e64b72651fd9588be3d4.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://dood.yt/e/tko6r5f4vaj8
Certificate IssuerLet's Encrypt
Subjectdeductionkeepingbabysitter.com
Fingerprint8A:00:E0:6E:03:D4:04:2A:14:DB:B5:DE:2A:7A:59:9F:E1:F3:16:13
ValidityWed, 23 Aug 2023 06:19:06 GMT - Tue, 21 Nov 2023 06:19:05 GMT
File type ASCII text, with very long lines (32176), with no line terminators
Hash 480f39621213e796ebc9c28041a060d6
7123582b9cf304b8d27c682d746594ac47f96f01
2271fdbbafee4afbf45288aac9b56f4630fab180130f8a9a4daeaf3fec8e7028
GET /6f/0a/93/6f0a93cda652e64b72651fd9588be3d4.js HTTP/1.1
Host: deductionkeepingbabysitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 16 Sep 2023 19:59:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 64f44e38ce2ddaf5efa8d492d1ea7639
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET alas4kanmfa6a4mubte.com/chicken.gif?z=1841679&pb=14c0d85a076fe77a2efd8e3a8f279ad71694901541&psp=W8R0ihsWXery_FtpzYw3sZis7uEnvgoQqmeXcpgiCJARmBsBYwXp3pjsAHuoP-y1RY_BEbm1w1QLGKRDKhTNPQME63_p_EmCoT-POK9mxF1Q3HJINzm1syNR--vDFts21T8DgB_o6DVht1MXKd6OQJTVihxRU6GQISHzIomB7QHMFSd3Pi49KcTVoeR5BGlaSsBZafnSXy5HGQ0AkfPF-AVCmgDzIWpcVzTw9cndrynPufUfanDVXITzy9-ZwgTF4LFgAnFTLArkM75vYGdM5Q1TQOnzSshMEkpRNfdICmPGcdtK_Q4Ypqe77_0UAhdD2qXsOhw5eCjJKevO_tneSPwMHuQ3YXo1dul-iiCIpACoqaoAMZXKz8-qJJ1PWgFyv7sXN-KNfmYWFUU3GiXGziMjO0oreesrzO_91sTIFHQqreHYQ3D8lEP8MNaxq1J9stywp-AidXa597xfN0V9SrEvSvCfvmXIrLjoaI6w0e0Fu0R7tZFCoY0h6bd6wUntQzMCQ3-5_ahhm0OfLdhu4IFsxeNJCl0iH-NF599R2UdwO545J8IgFVFatHU5QPCCDGRS3AlA7QtDBf49yd-_zXhIwZLX0FdBe1N58UYUxiVe6vs41V83LOm7EuGC5DoYDOex1kE7V-BuTq2uZGqJgBMC_r0VLYRoRMBMUA7DwiNSlaNmdpA_zcEoa23nHH9ExhBDaKbHU9ZDRwVIbxDxp6XnPrG8AShsDfsBZ7v25gcy016bpvelOWZMQNS5-zFX_pQq398OBe9U_WW54Ds4EPIdESc9tJHjOrOyuSa2sEdeQnCXWZldeO9CZHrI1Ozp72pL3kGqRCGJcBP0xfesQiJS0vR5rERd0iPjRbkkO9xv_p1ypsyj0oqufXbb0YxVTW8u22JUAT0YhvOgkA3N8q2ndA8iOV82Bldo9HZBNfxhDZdypkYAnnwer45sIKKwRAQTQQ2fp6jeLWJN3MF5Wvy48cCvm2Y_6yT-fSwkRceNfvYfAlGEsw==&im=1&abvar=0&febuild=1.0.147&os=0&pload=564
200 OK 43 B URL GET HTTP/2 alas4kanmfa6a4mubte.com/chicken.gif?z=1841679&pb=14c0d85a076fe77a2efd8e3a8f279ad71694901541&psp=W8R0ihsWXery_FtpzYw3sZis7uEnvgoQqmeXcpgiCJARmBsBYwXp3pjsAHuoP-y1RY_BEbm1w1QLGKRDKhTNPQME63_p_EmCoT-POK9mxF1Q3HJINzm1syNR--vDFts21T8DgB_o6DVht1MXKd6OQJTVihxRU6GQISHzIomB7QHMFSd3Pi49KcTVoeR5BGlaSsBZafnSXy5HGQ0AkfPF-AVCmgDzIWpcVzTw9cndrynPufUfanDVXITzy9-ZwgTF4LFgAnFTLArkM75vYGdM5Q1TQOnzSshMEkpRNfdICmPGcdtK_Q4Ypqe77_0UAhdD2qXsOhw5eCjJKevO_tneSPwMHuQ3YXo1dul-iiCIpACoqaoAMZXKz8-qJJ1PWgFyv7sXN-KNfmYWFUU3GiXGziMjO0oreesrzO_91sTIFHQqreHYQ3D8lEP8MNaxq1J9stywp-AidXa597xfN0V9SrEvSvCfvmXIrLjoaI6w0e0Fu0R7tZFCoY0h6bd6wUntQzMCQ3-5_ahhm0OfLdhu4IFsxeNJCl0iH-NF599R2UdwO545J8IgFVFatHU5QPCCDGRS3AlA7QtDBf49yd-_zXhIwZLX0FdBe1N58UYUxiVe6vs41V83LOm7EuGC5DoYDOex1kE7V-BuTq2uZGqJgBMC_r0VLYRoRMBMUA7DwiNSlaNmdpA_zcEoa23nHH9ExhBDaKbHU9ZDRwVIbxDxp6XnPrG8AShsDfsBZ7v25gcy016bpvelOWZMQNS5-zFX_pQq398OBe9U_WW54Ds4EPIdESc9tJHjOrOyuSa2sEdeQnCXWZldeO9CZHrI1Ozp72pL3kGqRCGJcBP0xfesQiJS0vR5rERd0iPjRbkkO9xv_p1ypsyj0oqufXbb0YxVTW8u22JUAT0YhvOgkA3N8q2ndA8iOV82Bldo9HZBNfxhDZdypkYAnnwer45sIKKwRAQTQQ2fp6jeLWJN3MF5Wvy48cCvm2Y_6yT-fSwkRceNfvYfAlGEsw==&im=1&abvar=0&febuild=1.0.147&os=0&pload=564
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerBuypass AS-983163327
Subject
FingerprintED:B9:EC:CE:41:67:3E:5C:94:1B:96:F4:D1:B9:7B:F3:39:50:35:EE
ValidityWed, 31 May 2023 12:01:56 GMT - Sun, 26 Nov 2023 22:59:00 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1841679&pb=14c0d85a076fe77a2efd8e3a8f279ad71694901541&psp=W8R0ihsWXery_FtpzYw3sZis7uEnvgoQqmeXcpgiCJARmBsBYwXp3pjsAHuoP-y1RY_BEbm1w1QLGKRDKhTNPQME63_p_EmCoT-POK9mxF1Q3HJINzm1syNR--vDFts21T8DgB_o6DVht1MXKd6OQJTVihxRU6GQISHzIomB7QHMFSd3Pi49KcTVoeR5BGlaSsBZafnSXy5HGQ0AkfPF-AVCmgDzIWpcVzTw9cndrynPufUfanDVXITzy9-ZwgTF4LFgAnFTLArkM75vYGdM5Q1TQOnzSshMEkpRNfdICmPGcdtK_Q4Ypqe77_0UAhdD2qXsOhw5eCjJKevO_tneSPwMHuQ3YXo1dul-iiCIpACoqaoAMZXKz8-qJJ1PWgFyv7sXN-KNfmYWFUU3GiXGziMjO0oreesrzO_91sTIFHQqreHYQ3D8lEP8MNaxq1J9stywp-AidXa597xfN0V9SrEvSvCfvmXIrLjoaI6w0e0Fu0R7tZFCoY0h6bd6wUntQzMCQ3-5_ahhm0OfLdhu4IFsxeNJCl0iH-NF599R2UdwO545J8IgFVFatHU5QPCCDGRS3AlA7QtDBf49yd-_zXhIwZLX0FdBe1N58UYUxiVe6vs41V83LOm7EuGC5DoYDOex1kE7V-BuTq2uZGqJgBMC_r0VLYRoRMBMUA7DwiNSlaNmdpA_zcEoa23nHH9ExhBDaKbHU9ZDRwVIbxDxp6XnPrG8AShsDfsBZ7v25gcy016bpvelOWZMQNS5-zFX_pQq398OBe9U_WW54Ds4EPIdESc9tJHjOrOyuSa2sEdeQnCXWZldeO9CZHrI1Ozp72pL3kGqRCGJcBP0xfesQiJS0vR5rERd0iPjRbkkO9xv_p1ypsyj0oqufXbb0YxVTW8u22JUAT0YhvOgkA3N8q2ndA8iOV82Bldo9HZBNfxhDZdypkYAnnwer45sIKKwRAQTQQ2fp6jeLWJN3MF5Wvy48cCvm2Y_6yT-fSwkRceNfvYfAlGEsw==&im=1&abvar=0&febuild=1.0.147&os=0&pload=564 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=230916145924587dad547d4775b97cdd73d5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 16 Sep 2023 19:59:02 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET deductionkeepingbabysitter.com/72/8a/58/728a58c69c6f14b6f63d3e9993ff4820.js
200 OK 17 kB URL GET HTTP/1.1 deductionkeepingbabysitter.com/72/8a/58/728a58c69c6f14b6f63d3e9993ff4820.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://dood.yt/e/tko6r5f4vaj8
Certificate IssuerLet's Encrypt
Subjectdeductionkeepingbabysitter.com
Fingerprint8A:00:E0:6E:03:D4:04:2A:14:DB:B5:DE:2A:7A:59:9F:E1:F3:16:13
ValidityWed, 23 Aug 2023 06:19:06 GMT - Tue, 21 Nov 2023 06:19:05 GMT
File type ASCII text, with very long lines (40532), with no line terminators
Hash 328971f9b914882065e694ea6a33385f
2e1029b56ba58997c5e58b3113e88d23a169f686
4e81ee6103a03c90b341ad42904afd970fb6bcb672d3de3871b5ec3fece8bf18
GET /72/8a/58/728a58c69c6f14b6f63d3e9993ff4820.js HTTP/1.1
Host: deductionkeepingbabysitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 16 Sep 2023 19:59:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f4f82a836619e2ced0d77335b56769be
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET deatchshipsmotor.com/utx?tid=926820&top=dood.yt&cb=ltXuOAqEqtS8
204 No Content 0 B URL GET HTTP/2 deatchshipsmotor.com/utx?tid=926820&top=dood.yt&cb=ltXuOAqEqtS8
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerAmazon
Subjectdeatchshipsmotor.com
Fingerprint9C:34:2D:04:62:30:9B:47:17:CD:C6:43:FB:50:04:74:EB:2B:63:8A
ValidityWed, 13 Sep 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=926820&top=dood.yt&cb=ltXuOAqEqtS8 HTTP/1.1
Host: deatchshipsmotor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.yt
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sat, 16 Sep 2023 19:59:02 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://dood.yt
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 16 Sep 2023 20:00:02 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: B3rlf0lcnnUstLyQXQM3uF-ePpqm_K8v7OhIUldXN0L1Yr8ZQq6QEQ==
X-Firefox-Spdy: h2
GET i.doodcdn.co/fonts/avertastd-regular-webfont.woff2
200 OK 24 kB URL GET HTTP/3 i.doodcdn.co/fonts/avertastd-regular-webfont.woff2
IP
Requested by https://dood.yt/e/tko6r5f4vaj8
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint95:79:36:28:82:A7:27:27:28:6B:8B:F8:02:2B:6E:BE:EC:06:A5:C3
ValiditySun, 12 Feb 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 23812, version 1.524\012- data
Hash eb586e5a1b86dbf1c866e3ed80f9d18e
280ee78d19c017ab9335f769595e5157d3c4a343
714e70103deac0d67f52a6285c5fabee6088ce4d710ce7e74353503837038baf
GET /fonts/avertastd-regular-webfont.woff2 HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dood.yt
DNT: 1
Connection: keep-alive
Referer: https://i.doodcdn.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 16 Sep 2023 19:59:02 GMT
content-type: font/woff2
content-length: 23812
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
cache-control: max-age=2592000
expires: Sun, 15 Oct 2023 20:23:40 GMT
vary: User-Agent,Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 84582
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=14FN9QsX1yCJOYshh43dh2Yu7Ipdn%2BTZyCk18jjnEV9Hepituaogs8vzC1w3kNSQNlxLz5cvjWypHUyQY%2FYVS%2FYfJVyBGJmION%2FBR0QOTIWVEF75j7IXixDoz1CMJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 807bb009eadf0b02-OSL
alt-svc: h3=":443"; ma=86400
GET bngdyn.com/promo.php?c=629199&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=100&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=none&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=custom&db%5Bmpad%5D=19&db%5Bmwidth%5D=120&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23EEEEEE&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0&db%5Bchat%5D=0
200 OK 46 kB URL GET HTTP/2 bngdyn.com/promo.php?c=629199&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=100&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=none&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=custom&db%5Bmpad%5D=19&db%5Bmwidth%5D=120&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23EEEEEE&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0&db%5Bchat%5D=0
IP
ASN #48684 Viking Host B.V.
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerGoGetSSL
Subjectbngdyn.com
Fingerprint4C:56:4F:F1:D5:90:EA:37:7F:77:7D:97:37:5B:4F:25:F6:73:56:9B
ValidityFri, 07 Jul 2023 00:00:00 GMT - Tue, 06 Aug 2024 23:59:59 GMT
File type gzip compressed data, max compression, from Unix\012- data
Hash 4bc526587a5e0932ba945bbb9a35f345
548240909e4e4ab8ca8ef9a582fe1143c0660fa1
8a820f2a2b275425ed3991908678f35e2e14a4fe054e13e1f58488b0e0e9b64f
GET /promo.php?c=629199&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=100&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=none&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=custom&db%5Bmpad%5D=19&db%5Bmwidth%5D=120&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23EEEEEE&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0&db%5Bchat%5D=0 HTTP/1.1
Host: bngdyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 16 Sep 2023 19:59:02 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin:
expires: Sat, 16 Sep 2023 19:59:01 GMT
x-bcs: ded7724
strict-transport-security: max-age=0;
cache-control: no-cache, public
content-encoding: gzip
x-bc-bl: 101n
X-Firefox-Spdy: h2
GET tzegilo.com/stattag.js
200 OK 98 kB IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerGoogle Trust Services LLC
Subjecttzegilo.com
Fingerprint42:15:A6:1F:C2:2C:D5:FF:32:2C:B9:6C:84:A6:86:63:B0:45:C5:20
ValidityMon, 07 Aug 2023 17:09:01 GMT - Sun, 05 Nov 2023 17:09:00 GMT
File type ASCII text, with very long lines (18369)
Hash 89e89aea544ea2785d49cc4cd9cf26f6
7d53437a89eb9861038ee27a8ff0e3bb70fa2a0b
86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 16 Sep 2023 19:59:02 GMT
content-type: application/javascript
last-modified: Thu, 07 Sep 2023 08:19:52 GMT
etag: W/"64f987a8-4a4b"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4919
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kg1R2Gw2TegoJmhQlm7ECc2qxzN7xxuiqMuaOVrT1lxyv6XePJ2HawlAyOF5CMLxUdifmRm7V2HIge5qWdH1wWFlxdElX3941jLFFDpKmaUltwG4HGGcIYrUWbCn0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 807bb008cb5c76c5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET i.doodcdn.co/img/logo-s.png
200 OK 1.9 kB URL GET HTTP/3 i.doodcdn.co/img/logo-s.png
IP
Requested by https://dood.yt/e/tko6r5f4vaj8
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint95:79:36:28:82:A7:27:27:28:6B:8B:F8:02:2B:6E:BE:EC:06:A5:C3
ValiditySun, 12 Feb 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8211fb3cc137d3e1c1e399b86476f951
136d8ef228959aa0cee12e5ed463b6e6a4fcf720
2577866b9d26cd6a4be764910f0913ae5b737ed1d130d635048051ebe15ae680
GET /img/logo-s.png HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 16 Sep 2023 19:59:02 GMT
content-type: image/webp
content-length: 1932
access-control-allow-origin: *
cache-control: public, max-age=2592000, no-transform
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=6212
content-disposition: inline; filename="logo-s.webp"
etag: "61d3187c-1844"
expires: Sun, 15 Oct 2023 17:52:34 GMT
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
vary: Accept
cf-cache-status: HIT
age: 84887
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JB%2BPiDaOs39tJ2%2FhQQshovny6nXLsfHo%2BOgV16rlpHgMNGJO63SmscjlQOfCxaqUmZp8mhUvEnXy2Cb35psFFn4BlfG%2FIU%2Bx8elJIJg4lXlsAPCnX5jHnM6YcIaM7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 807bb00a3a7956bf-OSL
alt-svc: h3=":443"; ma=86400
GET alas4kanmfa6a4mubte.com/chicken.gif?z=1841674&pb=14c0d85a076fe77a2efd8e3a8f279ad71694901541&psp=crZsYNj7eygaSdlpZsc2BYTBVf0RhsFO4XPbDWNgaafp8CfY_5OyrOLnbJ5PF5bcxUMEC8TwObnG5ePdphKvVJp2_RVCyXzBYMS3cJBgzuYNve9kSyNglmOAwiYRapHzv-BnrDrYjXVEqUfbnc4xqwNEIY867U6f70u8EH5jqjl0rBj16RKxXuXrqIBUxX7Gg7MUJlC3ZyQV7pO4E4JaOijeDNkhcahl3SoL0_3ODLO0f7ofAudbjCM-Kd8GkqOaTHIUkE5QeAON8Oq6sVmgg2owkyzuXJ7Pf-lvARzSuriHj7A7ME-dbig0JJGA6OPpwcNzY3Qq1KxT-6MUTs5zAh4tukCBVzfnUUOD1gyIs0TpPgnooZKuhTdLZ2p_4V0f95oOOxk4M3sB4z87W36G3TH7qtrnSIQwWbGJYXxpy4Uw7MSeSQJn-gaJER5jP_JCvBdaZmAXEAZz4Gxy-ZP82Fp5EjcIQrAsP0R2hKP8mK3bI9AvZYJfnSOI8LBoh3dQ00ktCUndAd-tD6YCwo4DzHbY4gfLuq6QBJ5GgSAf8CsZ-EvNBuhHCfSyEEpuAAzUTUkHxq--90_CQxQlrsU-6KJwr4bMsmH0kwmw86_ZO-xhR_h-aieHpJ7LNocAMK_tLBETlMyTmwCrS1luF70trzGGuBUVyyEFKJ1wYRZxAzxhFBkf5-ItiuqaIWLRg3P4_Wb6Mni9kh5V9cpDjiWn8iefmIdUujAGqdfjumz7_lFacT43RH9egN7yl0GXGc0IMfRb9on0hGm6PkXLx3eGxkzVSK1NkIEQuGQgMGpUrZj_7lb_0NwqqrRNcj5uBf1wEKXJ0JSwLqTG-aAXzuMDU5ChR8IqxLjaJx5_vhnrNZzo2YqKzQ==&im=1&abvar=0&febuild=1.0.147&os=0&pload=372
200 OK 43 B URL GET HTTP/2 alas4kanmfa6a4mubte.com/chicken.gif?z=1841674&pb=14c0d85a076fe77a2efd8e3a8f279ad71694901541&psp=crZsYNj7eygaSdlpZsc2BYTBVf0RhsFO4XPbDWNgaafp8CfY_5OyrOLnbJ5PF5bcxUMEC8TwObnG5ePdphKvVJp2_RVCyXzBYMS3cJBgzuYNve9kSyNglmOAwiYRapHzv-BnrDrYjXVEqUfbnc4xqwNEIY867U6f70u8EH5jqjl0rBj16RKxXuXrqIBUxX7Gg7MUJlC3ZyQV7pO4E4JaOijeDNkhcahl3SoL0_3ODLO0f7ofAudbjCM-Kd8GkqOaTHIUkE5QeAON8Oq6sVmgg2owkyzuXJ7Pf-lvARzSuriHj7A7ME-dbig0JJGA6OPpwcNzY3Qq1KxT-6MUTs5zAh4tukCBVzfnUUOD1gyIs0TpPgnooZKuhTdLZ2p_4V0f95oOOxk4M3sB4z87W36G3TH7qtrnSIQwWbGJYXxpy4Uw7MSeSQJn-gaJER5jP_JCvBdaZmAXEAZz4Gxy-ZP82Fp5EjcIQrAsP0R2hKP8mK3bI9AvZYJfnSOI8LBoh3dQ00ktCUndAd-tD6YCwo4DzHbY4gfLuq6QBJ5GgSAf8CsZ-EvNBuhHCfSyEEpuAAzUTUkHxq--90_CQxQlrsU-6KJwr4bMsmH0kwmw86_ZO-xhR_h-aieHpJ7LNocAMK_tLBETlMyTmwCrS1luF70trzGGuBUVyyEFKJ1wYRZxAzxhFBkf5-ItiuqaIWLRg3P4_Wb6Mni9kh5V9cpDjiWn8iefmIdUujAGqdfjumz7_lFacT43RH9egN7yl0GXGc0IMfRb9on0hGm6PkXLx3eGxkzVSK1NkIEQuGQgMGpUrZj_7lb_0NwqqrRNcj5uBf1wEKXJ0JSwLqTG-aAXzuMDU5ChR8IqxLjaJx5_vhnrNZzo2YqKzQ==&im=1&abvar=0&febuild=1.0.147&os=0&pload=372
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerBuypass AS-983163327
Subject
FingerprintED:B9:EC:CE:41:67:3E:5C:94:1B:96:F4:D1:B9:7B:F3:39:50:35:EE
ValidityWed, 31 May 2023 12:01:56 GMT - Sun, 26 Nov 2023 22:59:00 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1841674&pb=14c0d85a076fe77a2efd8e3a8f279ad71694901541&psp=crZsYNj7eygaSdlpZsc2BYTBVf0RhsFO4XPbDWNgaafp8CfY_5OyrOLnbJ5PF5bcxUMEC8TwObnG5ePdphKvVJp2_RVCyXzBYMS3cJBgzuYNve9kSyNglmOAwiYRapHzv-BnrDrYjXVEqUfbnc4xqwNEIY867U6f70u8EH5jqjl0rBj16RKxXuXrqIBUxX7Gg7MUJlC3ZyQV7pO4E4JaOijeDNkhcahl3SoL0_3ODLO0f7ofAudbjCM-Kd8GkqOaTHIUkE5QeAON8Oq6sVmgg2owkyzuXJ7Pf-lvARzSuriHj7A7ME-dbig0JJGA6OPpwcNzY3Qq1KxT-6MUTs5zAh4tukCBVzfnUUOD1gyIs0TpPgnooZKuhTdLZ2p_4V0f95oOOxk4M3sB4z87W36G3TH7qtrnSIQwWbGJYXxpy4Uw7MSeSQJn-gaJER5jP_JCvBdaZmAXEAZz4Gxy-ZP82Fp5EjcIQrAsP0R2hKP8mK3bI9AvZYJfnSOI8LBoh3dQ00ktCUndAd-tD6YCwo4DzHbY4gfLuq6QBJ5GgSAf8CsZ-EvNBuhHCfSyEEpuAAzUTUkHxq--90_CQxQlrsU-6KJwr4bMsmH0kwmw86_ZO-xhR_h-aieHpJ7LNocAMK_tLBETlMyTmwCrS1luF70trzGGuBUVyyEFKJ1wYRZxAzxhFBkf5-ItiuqaIWLRg3P4_Wb6Mni9kh5V9cpDjiWn8iefmIdUujAGqdfjumz7_lFacT43RH9egN7yl0GXGc0IMfRb9on0hGm6PkXLx3eGxkzVSK1NkIEQuGQgMGpUrZj_7lb_0NwqqrRNcj5uBf1wEKXJ0JSwLqTG-aAXzuMDU5ChR8IqxLjaJx5_vhnrNZzo2YqKzQ==&im=1&abvar=0&febuild=1.0.147&os=0&pload=372 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=230916145924587dad547d4775b97cdd73d5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 16 Sep 2023 19:59:02 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
POST fvcwqkkqmuv.com/solid.gif?z=1941940&abvar=0&febuild=1.0.147&nojs=0&ix=0&abvar=0&febuild=1.0.147&t=0&x=1110&y=624&wcks=1&wgl=0&cnvs=1&os=0&md=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24
200 OK 43 B URL POST HTTP/2 fvcwqkkqmuv.com/solid.gif?z=1941940&abvar=0&febuild=1.0.147&nojs=0&ix=0&abvar=0&febuild=1.0.147&t=0&x=1110&y=624&wcks=1&wgl=0&cnvs=1&os=0&md=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24
IP
Requested by https://dood.yt/e/tko6r5f4vaj8
Certificate IssuerBuypass AS-983163327
Subject
Fingerprint9A:2F:14:29:BF:3A:F6:04:3C:73:42:7B:73:9F:C1:FE:76:C6:D5:0F
ValidityWed, 31 May 2023 13:01:06 GMT - Sun, 26 Nov 2023 22:59:00 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=1941940&abvar=0&febuild=1.0.147&nojs=0&ix=0&abvar=0&febuild=1.0.147&t=0&x=1110&y=624&wcks=1&wgl=0&cnvs=1&os=0&md=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: fvcwqkkqmuv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.yt
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 16 Sep 2023 19:59:02 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
set-cookie: CHCK=1; Path=/; Expires=Sat, 19 Oct 2024 19:59:02 GMT; HttpOnly; Secure; SameSite=None
UID=230916145943b29b3ff7524c64b927ee388f; Path=/; Expires=Sat, 19 Oct 2024 19:59:02 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
471 B URL ocsp.r2m03.amazontrust.com/
IP
Hash 7b1dab279093686cfff0ba545bceef3a
9b71fb5162a17d21a71ebf99a1ad1339df637b26
ce9ba6d1a232543ecced41cc787733ae37da2efdf28bc26de1c6a30182c4eeb6
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 16 Sep 2023 19:59:02 GMT
Last-Modified: Sat, 16 Sep 2023 19:30:27 GMT
Server: ECAcc (ska/F6BD)
X-Cache: Miss from cloudfront
Via: 1.1 fedd444eadd43dacc7e53f24b46bddf8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P2
X-Amz-Cf-Id: 58j8dgEvoef46ZT4PZgHBJV7zQMamNX-vX340zrvAFEmIz6LccB1ag==
Age: 1715
GET www.blockadsnot.com/unitegallery.min.js
200 OK 11 kB URL GET HTTP/2 www.blockadsnot.com/unitegallery.min.js
IP
ASN #60068 Datacamp Limited
Requested by https://dood.yt/e/tko6r5f4vaj8
Certificate IssuerLet's Encrypt
Subject1158060716.rsc.cdn77.org
FingerprintDC:4D:77:2D:8C:4B:74:67:E3:16:36:48:44:AA:E0:7C:02:18:B9:16
ValidityMon, 24 Jul 2023 14:50:52 GMT - Sun, 22 Oct 2023 14:50:51 GMT
File type gzip compressed data, from Unix\012- data
Hash cf307fd6eb9dc517b81f27916448dba0
145b7859bc38f92b69cbab06be88ac91f6f988f6
4e97a331ea151df0a5dd9da6267ed43d685e99a5c4c47f7796de9752d737a85c
GET /unitegallery.min.js HTTP/1.1
Host: www.blockadsnot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.yt
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 16 Sep 2023 19:59:02 GMT
content-type: application/x-javascript
expires: Mon, 18 Sep 2023 20:43:32 GMT
access-control-allow-origin: https://dood.yt
link: <https://blockadsnot.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
server: CDN77-Turbo
vary: Accept-Encoding, Origin
x-77-nzt: AblMCRRsm/H/Eo0GAA
x-77-nzt-ray: af585630cb229de606090665aacf8e30
x-accel-expires: @1695069812
x-accel-date: 1694465012
x-cache: HIT
x-age: 429330
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 429330
content-encoding: gzip
X-Firefox-Spdy: h2
GET i.doodcdn.co/theme_2/img/loader.svg
200 OK 834 B URL GET HTTP/3 i.doodcdn.co/theme_2/img/loader.svg
IP
Requested by https://dood.yt/e/tko6r5f4vaj8
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint95:79:36:28:82:A7:27:27:28:6B:8B:F8:02:2B:6E:BE:EC:06:A5:C3
ValiditySun, 12 Feb 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
File type exported SGML document, ASCII text
Hash be00fc4a29d03016e78b28c9943e3f51
10f2025f5aa96706cc81e050eadfcaa9bcc55af5
eec2c40d8b1bb98306990239204d8b90ca030f0def0e00dfe3117ae42991e126
GET /theme_2/img/loader.svg HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://i.doodcdn.co/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 16 Sep 2023 19:59:02 GMT
content-type: image/svg+xml
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
cache-control: max-age=2592000
expires: Sun, 15 Oct 2023 20:23:35 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 84899
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaanB7Vls04MG3%2Fa%2FBGHbK9pRfddkZ3KyJVX%2FmjYu%2FTEWR9wADb39qNwTn5UddCMGiVUEy7NuT1wyLA5kqhTflWJt4rntIKoYqxKTHaVK2M0qAjLkKQ5wxkUjc%2FA%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 807bb00b7b9356bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET dood.yt/pass_md5/87187894-91-90-1694894341-a7eeaddde722c467ff6fc06ab9553c3c/wdhbwfv2yt7xkba80xb84r9u
200 OK 157 B URL GET HTTP/3 dood.yt/pass_md5/87187894-91-90-1694894341-a7eeaddde722c467ff6fc06ab9553c3c/wdhbwfv2yt7xkba80xb84r9u
IP
Requested by https://dood.yt/e/tko6r5f4vaj8
Certificate IssuerGoogle Trust Services LLC
Subjectdood.yt
Fingerprint78:FC:96:CF:41:7A:7F:5B:E2:2F:F3:C8:5D:ED:CB:40:0D:87:BA:5E
ValidityWed, 13 Sep 2023 00:54:45 GMT - Tue, 12 Dec 2023 00:54:44 GMT
File type ASCII text, with no line terminators
Hash f3839ec44dffe0b03754f33cc2bf2534
34eae1bdf19a7c409ccd1aa8cb0fc1b402885801
191f9c94320aaf10afa14847336992308e4b8076ba24b41dc165c9d4f32c61d5
GET /pass_md5/87187894-91-90-1694894341-a7eeaddde722c467ff6fc06ab9553c3c/wdhbwfv2yt7xkba80xb84r9u HTTP/1.1
Host: dood.yt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/e/tko6r5f4vaj8
Cookie: dref_url=none; lang=1; cf_clearance=wScRXmp3ItlXiLm5RysVSA9x1GPmaoR5Y5kYPaUEFKo-1694894342-0-1-69b0ef05.6b0d8b6b.438cce4a-0.2.1694894342
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 16 Sep 2023 19:59:02 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVoSdaEgqEcp4MRmjP362jYMK5cMtuPZ32yEZ0w32GYY6AxWVuh44nZ%2FtHpB7MH8bSMDWPAE2dV%2FC7lvN7Tg4fxoVu%2FdC1S8u9V4I0%2Bk7q8aJzJuN3TFt5o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 807bb009dc4cb518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET professionalswebcheck.com/stats
200 OK 40 B URL GET HTTP/2 professionalswebcheck.com/stats
IP
Requested by https://dood.yt/e/tko6r5f4vaj8
Certificate IssuerAmazon
Subjectprofessionalswebcheck.com
Fingerprint75:E9:08:FD:96:58:C7:98:43:E8:21:27:A8:E9:B9:A4:55:28:F2:0C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 711bbea95f0239b21c754fe5bc31764e
16d9f91d555dbeef537c51f84a6fd6cd80c55619
dfe027f27ebcfb4dccf3ff62626fc2afd4c784f576190ec40d2ccb189be5c658
GET /stats HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.yt
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 16 Sep 2023 19:59:03 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dood.yt
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=54262af2-7614-4273-901b-5c8b9123c4b9:3:1; expires=Tue, 13 Sep 2033 19:59:03 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
GET alas4kanmfa6a4mubte.com/whob.gif?z=1841679&pb=14c0d85a076fe77a2efd8e3a8f279ad71694901541&psp=W8R0ihsWXery_FtpzYw3sZis7uEnvgoQqmeXcpgiCJARmBsBYwXp3pjsAHuoP-y1RY_BEbm1w1QLGKRDKhTNPQME63_p_EmCoT-POK9mxF1Q3HJINzm1syNR--vDFts21T8DgB_o6DVht1MXKd6OQJTVihxRU6GQISHzIomB7QHMFSd3Pi49KcTVoeR5BGlaSsBZafnSXy5HGQ0AkfPF-AVCmgDzIWpcVzTw9cndrynPufUfanDVXITzy9-ZwgTF4LFgAnFTLArkM75vYGdM5Q1TQOnzSshMEkpRNfdICmPGcdtK_Q4Ypqe77_0UAhdD2qXsOhw5eCjJKevO_tneSPwMHuQ3YXo1dul-iiCIpACoqaoAMZXKz8-qJJ1PWgFyv7sXN-KNfmYWFUU3GiXGziMjO0oreesrzO_91sTIFHQqreHYQ3D8lEP8MNaxq1J9stywp-AidXa597xfN0V9SrEvSvCfvmXIrLjoaI6w0e0Fu0R7tZFCoY0h6bd6wUntQzMCQ3-5_ahhm0OfLdhu4IFsxeNJCl0iH-NF599R2UdwO545J8IgFVFatHU5QPCCDGRS3AlA7QtDBf49yd-_zXhIwZLX0FdBe1N58UYUxiVe6vs41V83LOm7EuGC5DoYDOex1kE7V-BuTq2uZGqJgBMC_r0VLYRoRMBMUA7DwiNSlaNmdpA_zcEoa23nHH9ExhBDaKbHU9ZDRwVIbxDxp6XnPrG8AShsDfsBZ7v25gcy016bpvelOWZMQNS5-zFX_pQq398OBe9U_WW54Ds4EPIdESc9tJHjOrOyuSa2sEdeQnCXWZldeO9CZHrI1Ozp72pL3kGqRCGJcBP0xfesQiJS0vR5rERd0iPjRbkkO9xv_p1ypsyj0oqufXbb0YxVTW8u22JUAT0YhvOgkA3N8q2ndA8iOV82Bldo9HZBNfxhDZdypkYAnnwer45sIKKwRAQTQQ2fp6jeLWJN3MF5Wvy48cCvm2Y_6yT-fSwkRceNfvYfAlGEsw==&im=1&abvar=0&febuild=1.0.147&os=0&pload=564
200 OK 43 B URL GET HTTP/2 alas4kanmfa6a4mubte.com/whob.gif?z=1841679&pb=14c0d85a076fe77a2efd8e3a8f279ad71694901541&psp=W8R0ihsWXery_FtpzYw3sZis7uEnvgoQqmeXcpgiCJARmBsBYwXp3pjsAHuoP-y1RY_BEbm1w1QLGKRDKhTNPQME63_p_EmCoT-POK9mxF1Q3HJINzm1syNR--vDFts21T8DgB_o6DVht1MXKd6OQJTVihxRU6GQISHzIomB7QHMFSd3Pi49KcTVoeR5BGlaSsBZafnSXy5HGQ0AkfPF-AVCmgDzIWpcVzTw9cndrynPufUfanDVXITzy9-ZwgTF4LFgAnFTLArkM75vYGdM5Q1TQOnzSshMEkpRNfdICmPGcdtK_Q4Ypqe77_0UAhdD2qXsOhw5eCjJKevO_tneSPwMHuQ3YXo1dul-iiCIpACoqaoAMZXKz8-qJJ1PWgFyv7sXN-KNfmYWFUU3GiXGziMjO0oreesrzO_91sTIFHQqreHYQ3D8lEP8MNaxq1J9stywp-AidXa597xfN0V9SrEvSvCfvmXIrLjoaI6w0e0Fu0R7tZFCoY0h6bd6wUntQzMCQ3-5_ahhm0OfLdhu4IFsxeNJCl0iH-NF599R2UdwO545J8IgFVFatHU5QPCCDGRS3AlA7QtDBf49yd-_zXhIwZLX0FdBe1N58UYUxiVe6vs41V83LOm7EuGC5DoYDOex1kE7V-BuTq2uZGqJgBMC_r0VLYRoRMBMUA7DwiNSlaNmdpA_zcEoa23nHH9ExhBDaKbHU9ZDRwVIbxDxp6XnPrG8AShsDfsBZ7v25gcy016bpvelOWZMQNS5-zFX_pQq398OBe9U_WW54Ds4EPIdESc9tJHjOrOyuSa2sEdeQnCXWZldeO9CZHrI1Ozp72pL3kGqRCGJcBP0xfesQiJS0vR5rERd0iPjRbkkO9xv_p1ypsyj0oqufXbb0YxVTW8u22JUAT0YhvOgkA3N8q2ndA8iOV82Bldo9HZBNfxhDZdypkYAnnwer45sIKKwRAQTQQ2fp6jeLWJN3MF5Wvy48cCvm2Y_6yT-fSwkRceNfvYfAlGEsw==&im=1&abvar=0&febuild=1.0.147&os=0&pload=564
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerBuypass AS-983163327
Subject
FingerprintED:B9:EC:CE:41:67:3E:5C:94:1B:96:F4:D1:B9:7B:F3:39:50:35:EE
ValidityWed, 31 May 2023 12:01:56 GMT - Sun, 26 Nov 2023 22:59:00 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /whob.gif?z=1841679&pb=14c0d85a076fe77a2efd8e3a8f279ad71694901541&psp=W8R0ihsWXery_FtpzYw3sZis7uEnvgoQqmeXcpgiCJARmBsBYwXp3pjsAHuoP-y1RY_BEbm1w1QLGKRDKhTNPQME63_p_EmCoT-POK9mxF1Q3HJINzm1syNR--vDFts21T8DgB_o6DVht1MXKd6OQJTVihxRU6GQISHzIomB7QHMFSd3Pi49KcTVoeR5BGlaSsBZafnSXy5HGQ0AkfPF-AVCmgDzIWpcVzTw9cndrynPufUfanDVXITzy9-ZwgTF4LFgAnFTLArkM75vYGdM5Q1TQOnzSshMEkpRNfdICmPGcdtK_Q4Ypqe77_0UAhdD2qXsOhw5eCjJKevO_tneSPwMHuQ3YXo1dul-iiCIpACoqaoAMZXKz8-qJJ1PWgFyv7sXN-KNfmYWFUU3GiXGziMjO0oreesrzO_91sTIFHQqreHYQ3D8lEP8MNaxq1J9stywp-AidXa597xfN0V9SrEvSvCfvmXIrLjoaI6w0e0Fu0R7tZFCoY0h6bd6wUntQzMCQ3-5_ahhm0OfLdhu4IFsxeNJCl0iH-NF599R2UdwO545J8IgFVFatHU5QPCCDGRS3AlA7QtDBf49yd-_zXhIwZLX0FdBe1N58UYUxiVe6vs41V83LOm7EuGC5DoYDOex1kE7V-BuTq2uZGqJgBMC_r0VLYRoRMBMUA7DwiNSlaNmdpA_zcEoa23nHH9ExhBDaKbHU9ZDRwVIbxDxp6XnPrG8AShsDfsBZ7v25gcy016bpvelOWZMQNS5-zFX_pQq398OBe9U_WW54Ds4EPIdESc9tJHjOrOyuSa2sEdeQnCXWZldeO9CZHrI1Ozp72pL3kGqRCGJcBP0xfesQiJS0vR5rERd0iPjRbkkO9xv_p1ypsyj0oqufXbb0YxVTW8u22JUAT0YhvOgkA3N8q2ndA8iOV82Bldo9HZBNfxhDZdypkYAnnwer45sIKKwRAQTQQ2fp6jeLWJN3MF5Wvy48cCvm2Y_6yT-fSwkRceNfvYfAlGEsw==&im=1&abvar=0&febuild=1.0.147&os=0&pload=564 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=230916145924587dad547d4775b97cdd73d5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 16 Sep 2023 19:59:03 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.banner.view
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET alas4kanmfa6a4mubte.com/get/1841674?zoneid=1841674&jp=_clq7izb7ldn86pxd9jjxlq&nojs=0&ix=0&abvar=0&febuild=1.0.147&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=2644351386006534&sp=1&im=1
200 OK 2.4 kB URL GET HTTP/2 alas4kanmfa6a4mubte.com/get/1841674?zoneid=1841674&jp=_clq7izb7ldn86pxd9jjxlq&nojs=0&ix=0&abvar=0&febuild=1.0.147&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=2644351386006534&sp=1&im=1
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerBuypass AS-983163327
Subject
FingerprintED:B9:EC:CE:41:67:3E:5C:94:1B:96:F4:D1:B9:7B:F3:39:50:35:EE
ValidityWed, 31 May 2023 12:01:56 GMT - Sun, 26 Nov 2023 22:59:00 GMT
File type gzip compressed data, from Unix\012- data
Hash f92a2d563a77728727d5ab5a33348358
daa3a34d799df17cc70c43c51abe134a25fa929e
fc19134aec6c1e965e1164c9ee660cb12f57041860ed5f10ba698a34d4d2471b
GET /get/1841674?zoneid=1841674&jp=_clq7izb7ldn86pxd9jjxlq&nojs=0&ix=0&abvar=0&febuild=1.0.147&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=2644351386006534&sp=1&im=1 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 16 Sep 2023 19:59:01 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Sat, 19 Oct 2024 19:59:01 GMT; HttpOnly; Secure; SameSite=None
UID=230916145924587dad547d4775b97cdd73d5; Path=/; Expires=Sat, 19 Oct 2024 19:59:01 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET orchardmaltregiment.com/e3/a0/02/e3a0021c8381b2ea49b6fcdcbc913f27.js
200 OK 13 kB URL GET HTTP/1.1 orchardmaltregiment.com/e3/a0/02/e3a0021c8381b2ea49b6fcdcbc913f27.js
IP
Requested by https://dood.yt/e/tko6r5f4vaj8
Certificate IssuerLet's Encrypt
Subjectorchardmaltregiment.com
Fingerprint78:6B:51:26:3C:68:D3:16:B7:41:C5:B7:CF:09:9F:1C:3D:B3:B3:E6
ValidityThu, 14 Sep 2023 11:46:20 GMT - Wed, 13 Dec 2023 11:46:19 GMT
File type ASCII text, with very long lines (37158), with no line terminators
Hash 40aac8dbc1619140338e773471aaf8fc
e0abdd841f0896e62b1ce48c1180e7c482868e74
81f7a1714eca09c75351dc7d962066fb014455c115e41033e0d0b82131106a5b
GET /e3/a0/02/e3a0021c8381b2ea49b6fcdcbc913f27.js HTTP/1.1
Host: orchardmaltregiment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 16 Sep 2023 19:59:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 23197b91e3bd2c0c36a45ed06399debd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET alas4kanmfa6a4mubte.com/whob.gif?z=1841674&pb=14c0d85a076fe77a2efd8e3a8f279ad71694901541&psp=VpaoJnQvHKBFwUb2utIgK9_E3W_VKvc97jGKkNVtIclDXp3ITPZkIiieHdtCF0RrmWTzDac1HrGI47xLJibXFt6tMOEag1A5NjsEyUCWItP1pbH6Lw5KRqOHoQ_CdsWlhwCmg2kblhxYC_Z88FUIjPGplmyC8oLC6Y1rDwSocqagkYqRQVnPfRHEL73vtLbV810h_iw_OuiNMwTq_VmLSeXKCnAcfOpq-z3GVWT5S9Ag3EkwQo_Hb4TUu1-fcCqhzK-htaqWIGwjlS7iZ694j4vGl9ID0nL3StLgR92s6ZzjufW92_mEL4lHvKwOmWFjCOLFUiP1Sr8lgTffSneq3hSFA3V9JOOodSgk6YJv7qQ5EkFJqOONuqrqXzB51Zj7U6tCFN35Q_w2gQZgBXWDlrIA1zMuuFo-7ybB-_5TX27hwyFc82B6AqOO8aCTHF6od2R9iN-X7EqiW3ds2Aw4rszQDQbR5nBdsPytngeJgt110YwVeUoKX-_m9w4l6n79vL19XY0JG5WpqNLLq2doVa6vOwfDVTTSp-JzPMbw1FoIFetkm-2Qenpmj6bYitRoHYbwYo2gz29eFF70vWiSPYcoCozzQd0Uc3ay17PzynxY7s3VMDlp83krsQQsTBrs2m0sTtx7RCD2MGCK7NdjHhCYCHtyuRpd0p90sqkHK6HVYPEZRk5z31PaDmwomF_psTKnY5v9eh1EDNk8bFdezDflIefvrMfbpL0RZGHyokimS2Bp3ZdxvglTnJsdFNv7GX5vnPApq0ItoOsJ4uHY6LWA7VgouyG0G8Je4JHYpnwbyTT5W6SdWXuk3EqFOZ0GJ_obQZysHgJ2W08_DTTpR06B-MGtKK-ij7cq3Y4EiaERKUf6dwROqL1cWYa5Eeqeslq1hKQZCDTzJYsolJI87lGMkAKnit7OItKOjJ-br4an0cyTbwo5T94hmgINxJNYns9CQR-4IlHvJ_szoNcap85FP5Em93UaQuofvpyWjFFHhoxKflE_Gth8_dZoFi1IlK6YzMfTsJxS2zunW5isoOJLdCCTXkQwghS_RZWOIXbPfFNWkeGNBetOAvWYRbXq1ds7WhZzzI-R5maj0kymk5CotPhO4jT945sPsVgJwV76K2IRbg9ihbwgVgIB0QA0WsJmdMVYlxj9T2SdaAtS2BJf9PYr2ECk3m5qjQopXYmRBvqDQ7Hfj0x8UQ8=&im=1&abvar=0&febuild=1.0.147&os=0&pload=269
200 OK 43 B URL GET HTTP/2 alas4kanmfa6a4mubte.com/whob.gif?z=1841674&pb=14c0d85a076fe77a2efd8e3a8f279ad71694901541&psp=VpaoJnQvHKBFwUb2utIgK9_E3W_VKvc97jGKkNVtIclDXp3ITPZkIiieHdtCF0RrmWTzDac1HrGI47xLJibXFt6tMOEag1A5NjsEyUCWItP1pbH6Lw5KRqOHoQ_CdsWlhwCmg2kblhxYC_Z88FUIjPGplmyC8oLC6Y1rDwSocqagkYqRQVnPfRHEL73vtLbV810h_iw_OuiNMwTq_VmLSeXKCnAcfOpq-z3GVWT5S9Ag3EkwQo_Hb4TUu1-fcCqhzK-htaqWIGwjlS7iZ694j4vGl9ID0nL3StLgR92s6ZzjufW92_mEL4lHvKwOmWFjCOLFUiP1Sr8lgTffSneq3hSFA3V9JOOodSgk6YJv7qQ5EkFJqOONuqrqXzB51Zj7U6tCFN35Q_w2gQZgBXWDlrIA1zMuuFo-7ybB-_5TX27hwyFc82B6AqOO8aCTHF6od2R9iN-X7EqiW3ds2Aw4rszQDQbR5nBdsPytngeJgt110YwVeUoKX-_m9w4l6n79vL19XY0JG5WpqNLLq2doVa6vOwfDVTTSp-JzPMbw1FoIFetkm-2Qenpmj6bYitRoHYbwYo2gz29eFF70vWiSPYcoCozzQd0Uc3ay17PzynxY7s3VMDlp83krsQQsTBrs2m0sTtx7RCD2MGCK7NdjHhCYCHtyuRpd0p90sqkHK6HVYPEZRk5z31PaDmwomF_psTKnY5v9eh1EDNk8bFdezDflIefvrMfbpL0RZGHyokimS2Bp3ZdxvglTnJsdFNv7GX5vnPApq0ItoOsJ4uHY6LWA7VgouyG0G8Je4JHYpnwbyTT5W6SdWXuk3EqFOZ0GJ_obQZysHgJ2W08_DTTpR06B-MGtKK-ij7cq3Y4EiaERKUf6dwROqL1cWYa5Eeqeslq1hKQZCDTzJYsolJI87lGMkAKnit7OItKOjJ-br4an0cyTbwo5T94hmgINxJNYns9CQR-4IlHvJ_szoNcap85FP5Em93UaQuofvpyWjFFHhoxKflE_Gth8_dZoFi1IlK6YzMfTsJxS2zunW5isoOJLdCCTXkQwghS_RZWOIXbPfFNWkeGNBetOAvWYRbXq1ds7WhZzzI-R5maj0kymk5CotPhO4jT945sPsVgJwV76K2IRbg9ihbwgVgIB0QA0WsJmdMVYlxj9T2SdaAtS2BJf9PYr2ECk3m5qjQopXYmRBvqDQ7Hfj0x8UQ8=&im=1&abvar=0&febuild=1.0.147&os=0&pload=269
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerBuypass AS-983163327
Subject
FingerprintED:B9:EC:CE:41:67:3E:5C:94:1B:96:F4:D1:B9:7B:F3:39:50:35:EE
ValidityWed, 31 May 2023 12:01:56 GMT - Sun, 26 Nov 2023 22:59:00 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /whob.gif?z=1841674&pb=14c0d85a076fe77a2efd8e3a8f279ad71694901541&psp=VpaoJnQvHKBFwUb2utIgK9_E3W_VKvc97jGKkNVtIclDXp3ITPZkIiieHdtCF0RrmWTzDac1HrGI47xLJibXFt6tMOEag1A5NjsEyUCWItP1pbH6Lw5KRqOHoQ_CdsWlhwCmg2kblhxYC_Z88FUIjPGplmyC8oLC6Y1rDwSocqagkYqRQVnPfRHEL73vtLbV810h_iw_OuiNMwTq_VmLSeXKCnAcfOpq-z3GVWT5S9Ag3EkwQo_Hb4TUu1-fcCqhzK-htaqWIGwjlS7iZ694j4vGl9ID0nL3StLgR92s6ZzjufW92_mEL4lHvKwOmWFjCOLFUiP1Sr8lgTffSneq3hSFA3V9JOOodSgk6YJv7qQ5EkFJqOONuqrqXzB51Zj7U6tCFN35Q_w2gQZgBXWDlrIA1zMuuFo-7ybB-_5TX27hwyFc82B6AqOO8aCTHF6od2R9iN-X7EqiW3ds2Aw4rszQDQbR5nBdsPytngeJgt110YwVeUoKX-_m9w4l6n79vL19XY0JG5WpqNLLq2doVa6vOwfDVTTSp-JzPMbw1FoIFetkm-2Qenpmj6bYitRoHYbwYo2gz29eFF70vWiSPYcoCozzQd0Uc3ay17PzynxY7s3VMDlp83krsQQsTBrs2m0sTtx7RCD2MGCK7NdjHhCYCHtyuRpd0p90sqkHK6HVYPEZRk5z31PaDmwomF_psTKnY5v9eh1EDNk8bFdezDflIefvrMfbpL0RZGHyokimS2Bp3ZdxvglTnJsdFNv7GX5vnPApq0ItoOsJ4uHY6LWA7VgouyG0G8Je4JHYpnwbyTT5W6SdWXuk3EqFOZ0GJ_obQZysHgJ2W08_DTTpR06B-MGtKK-ij7cq3Y4EiaERKUf6dwROqL1cWYa5Eeqeslq1hKQZCDTzJYsolJI87lGMkAKnit7OItKOjJ-br4an0cyTbwo5T94hmgINxJNYns9CQR-4IlHvJ_szoNcap85FP5Em93UaQuofvpyWjFFHhoxKflE_Gth8_dZoFi1IlK6YzMfTsJxS2zunW5isoOJLdCCTXkQwghS_RZWOIXbPfFNWkeGNBetOAvWYRbXq1ds7WhZzzI-R5maj0kymk5CotPhO4jT945sPsVgJwV76K2IRbg9ihbwgVgIB0QA0WsJmdMVYlxj9T2SdaAtS2BJf9PYr2ECk3m5qjQopXYmRBvqDQ7Hfj0x8UQ8=&im=1&abvar=0&febuild=1.0.147&os=0&pload=269 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=230916145924587dad547d4775b97cdd73d5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 16 Sep 2023 19:59:03 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.banner.view
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET lucrativeemotionallypromised.com/f2/97/36/f29736bcfda8b4332e601ee92dfbc108.js
200 OK 29 kB URL GET HTTP/1.1 lucrativeemotionallypromised.com/f2/97/36/f29736bcfda8b4332e601ee92dfbc108.js
IP
Requested by https://dood.yt/e/tko6r5f4vaj8
Certificate IssuerLet's Encrypt
Subjectlucrativeemotionallypromised.com
Fingerprint94:31:11:65:0F:BF:32:0B:F4:BD:60:02:3D:7A:9F:B9:9B:D4:64:F7
ValiditySat, 16 Sep 2023 02:46:30 GMT - Fri, 15 Dec 2023 02:46:29 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 7720af399d7854027db69f8d2a993b7c
67f4bfb9899ec9ca8fe4f0bd1c161af63e283c08
354a5fc397851478a21de876cf98195a5613dc11a90bb8d683715e2e92034d7d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /f2/97/36/f29736bcfda8b4332e601ee92dfbc108.js HTTP/1.1
Host: lucrativeemotionallypromised.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 16 Sep 2023 19:59:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2e65c90e575cb2c7b24c78d5bd53cfd5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
471 B IP
Hash 96e9eb5b422850e3afcddebdcdf255d3
bb0cd543c5e279206651a5bd04cdf8d9268126f8
9c05df1f28cfd9c1781b61734567ae97d2f571b0d8732435209382df11c655b3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 16 Sep 2023 19:59:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 13 Sep 2023 15:49:42 GMT
Expires: Wed, 20 Sep 2023 15:49:41 GMT
Etag: "bb0cd543c5e279206651a5bd04cdf8d9268126f8"
Cache-Control: max-age=331404,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 807bb00e5daa0b3d-OSL
POST fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
200 OK 12 B URL POST HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerSectigo Limited
Subjectfleraprt.com
FingerprintA4:AF:A0:00:99:C9:85:E5:30:F6:F3:F2:B5:4F:AE:4F:D0:46:74:A9
ValidityMon, 09 Jan 2023 00:00:00 GMT - Sun, 14 Jan 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1349
Origin: https://dood.yt
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 16 Sep 2023 20:00:26 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://dood.yt
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
472 B IP
Hash e073b4e0b630795a9b9420308f71500e
f857412e26abfbd5111d5f8149efccb111ba486b
9bc78042047134f950c330673dee9ffa9c7c2132ca1a16c50478496144edd02a
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 16 Sep 2023 19:59:03 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 16 Sep 2023 16:10:07 GMT
Expires: Sat, 23 Sep 2023 16:10:06 GMT
Etag: "f857412e26abfbd5111d5f8149efccb111ba486b"
Cache-Control: max-age=602552,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 621
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 807bb0116df256aa-OSL
472 B IP
Hash e073b4e0b630795a9b9420308f71500e
f857412e26abfbd5111d5f8149efccb111ba486b
9bc78042047134f950c330673dee9ffa9c7c2132ca1a16c50478496144edd02a
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 16 Sep 2023 19:59:03 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 16 Sep 2023 16:10:07 GMT
Expires: Sat, 23 Sep 2023 16:10:06 GMT
Etag: "f857412e26abfbd5111d5f8149efccb111ba486b"
Cache-Control: max-age=602552,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 621
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 807bb011696b5699-OSL
GET alas4kanmfa6a4mubte.com/chicken.gif?z=1841679&pb=14c0d85a076fe77a2efd8e3a8f279ad71694901541&psp=ON2E1w-K87hqxP41ULHJn0FY0Ds0ePt_WU6wIf6kmL75GfccL3khRs99tLuA7B5wDWS7IykFWtx9C3FyfmvXLvIOS-kH3oqhsyF_8nKdsRIVRRMGaj8oORVSnqoLrS_843urTsuHXuVdwmND9mk-v95OoOefU5aJOjQbFRMu3nHXmIfGV6u669IJfZGhV4Vh15xiJPDdEh2gBeBQu_ctCQYsfWGdhZueyA1oIGOY7id7s5E6yL76hbfHYoFVQXMc2DAufAyuFx9Q-wTS4Yhqx-AGMu2FGTy1UsHkcX4L9UBDezCiNh6LGfYlmxmLSPOdCjHh0odVE7zPV01lFwE9nH2oGZ_fIf2j7yvFaDJxesumRbQe0SJybTNMfTRh6U705U_Y6POao0mw9yNJtc7NswnoywKNvtNIfUjvFUUY0rXZJXE4z515B-3Ehy4lSRSDsJ_wfHVh7lhKN5hAi3XdjDiWQ2C6Nym_ndHWQpXVZqPaEctFCLlpUNCGatTt3UMNbBv8S1RJDHW7sZeiiV4teLx3R7y4jTOz3sn6vtQQfvK9zUdXGvEZid80ohT_cVi5VmopvX-NnHa6z9ahh5nFksFxMiD_h7AyJME7NBzqMOpRVIlWSeAdZ-AJy3wBJcNd1s8FfBxuMk25Mrtyv_Ng47yt2DgNWHEMzFBZH4JizF6jVyrg6JNUSXFb7kiTayjCOANlGBcMnr-QMfOBEQ56s8D7n_jYH9J8_84h2WR9dKvqg18chMAvmBq6ahRcH_iCWYus3BNG6vrK3wzy-u01CqciB2ji5g8RL_PAElP4IaaOfc0voP6Qs2iJ2BxeiacyfaNXt1-fRjP30pU0LFM2QVOzCUxu7bZrBq6Iqldy5XTM21TBcoVOpIl8oOdQVBuos_HZ171GM8fAXLr2wGJaaW4qCQ0-aEkz-BTzlbYMQSUg-LVtM3PbELGXZncA_l94Kd7bj8py2oHcV6GsfmNsuIQfN7a-7D5S8hIpHJoW3GKW1xwHLMemc-vPRw2OUZ4OvDPj_bIMzltq-rPllZl2Dv6-C_Ipj_aTpw3w2BfDnmvTzqmbnAyCnKlP_gZQFB7a-EN7PU4MoSDqHRTt6vz83PBZcli60rsJRGPygud66E9Wb-yWFGhp9c4sKSNo0jUgBKSamKl5WJdxpxOENasFXWyBC5ayiq1ugERSIjLzu0rQHSTz1lfdQ-_c361HdKiR_zdhGV49nebarbb1ReytFnogzFOOMhltlSTj7mvwEH4FavtZkzVhnvoaA850d4NMiGxJ0A7KiaK89aaQCY5c4jiscvJL8-gbPT2XK7SRZI67WUB0JWGFeEWRip950vh4kQLFX-AH1X_fVWG4ORNFZ-IZbTkNXt3HrdKWWsOjLhcHn2DtLblQymFEqlUutu3t1Bs3ECPwUxoexNIZztdTjVaZewZITeIUYE7mgIfcPbAFYSYTSuiiEkPHZK8ePb-yHcflE5sVZBE-I1WdvqxRmKl7QePYwx_TCw6qmhlwF579QaFZVhggBDTFOXnzH-BBxPZ9z6233HM7Am7n6a4jLQqM6nboRlHgp9MgIslSrgfrI4Mzzowm7fEnIBeI4IEq8dM9KreYWzHluTxzr5tVpEZSgnwDKlyyrhIOVLXlhETQyHUfK9kp7rdQqfLml6mjv1Q2ldmcXIZOSWJ07MRXElInWT12uZ4SnHqd1O8ZAPoTWNVALHA77ove7IA74lXLQocJTgcEdi_VbDYTpacM0Y5H_rqVDa5m_WMCtYNvcTCPEtErB4LWoVbHfFmLJtwsGZtPHWLLrYSw5sJFyf98DG6B1qMrR1vUBkIiQ-CqSJth4oJ2t94Rkl-K0dq5CTsjBT3FBz6GuDCIXlrNAYnauht_yQFKjfvOPUdNzwjitp6v72diRqzETIev4E9KQnLWLj38m4Z_nmgtJLBRZVoXCJVobSXj8T_ELz8tJAEjnqBDDUdYo_iaEIY8NtawetirkzlEl3qK7mIExUid6YrdiKdru0ZKSgJWIghXIKNPLWsqFwRCZhG5U5OWu5yWL9to-Tkt5NKIBVqnk0YWsGC5-u9Gvs5b&im=1&abvar=0&febuild=1.0.147&os=0&pload=2079
200 OK 43 B URL GET HTTP/2 alas4kanmfa6a4mubte.com/chicken.gif?z=1841679&pb=14c0d85a076fe77a2efd8e3a8f279ad71694901541&psp=ON2E1w-K87hqxP41ULHJn0FY0Ds0ePt_WU6wIf6kmL75GfccL3khRs99tLuA7B5wDWS7IykFWtx9C3FyfmvXLvIOS-kH3oqhsyF_8nKdsRIVRRMGaj8oORVSnqoLrS_843urTsuHXuVdwmND9mk-v95OoOefU5aJOjQbFRMu3nHXmIfGV6u669IJfZGhV4Vh15xiJPDdEh2gBeBQu_ctCQYsfWGdhZueyA1oIGOY7id7s5E6yL76hbfHYoFVQXMc2DAufAyuFx9Q-wTS4Yhqx-AGMu2FGTy1UsHkcX4L9UBDezCiNh6LGfYlmxmLSPOdCjHh0odVE7zPV01lFwE9nH2oGZ_fIf2j7yvFaDJxesumRbQe0SJybTNMfTRh6U705U_Y6POao0mw9yNJtc7NswnoywKNvtNIfUjvFUUY0rXZJXE4z515B-3Ehy4lSRSDsJ_wfHVh7lhKN5hAi3XdjDiWQ2C6Nym_ndHWQpXVZqPaEctFCLlpUNCGatTt3UMNbBv8S1RJDHW7sZeiiV4teLx3R7y4jTOz3sn6vtQQfvK9zUdXGvEZid80ohT_cVi5VmopvX-NnHa6z9ahh5nFksFxMiD_h7AyJME7NBzqMOpRVIlWSeAdZ-AJy3wBJcNd1s8FfBxuMk25Mrtyv_Ng47yt2DgNWHEMzFBZH4JizF6jVyrg6JNUSXFb7kiTayjCOANlGBcMnr-QMfOBEQ56s8D7n_jYH9J8_84h2WR9dKvqg18chMAvmBq6ahRcH_iCWYus3BNG6vrK3wzy-u01CqciB2ji5g8RL_PAElP4IaaOfc0voP6Qs2iJ2BxeiacyfaNXt1-fRjP30pU0LFM2QVOzCUxu7bZrBq6Iqldy5XTM21TBcoVOpIl8oOdQVBuos_HZ171GM8fAXLr2wGJaaW4qCQ0-aEkz-BTzlbYMQSUg-LVtM3PbELGXZncA_l94Kd7bj8py2oHcV6GsfmNsuIQfN7a-7D5S8hIpHJoW3GKW1xwHLMemc-vPRw2OUZ4OvDPj_bIMzltq-rPllZl2Dv6-C_Ipj_aTpw3w2BfDnmvTzqmbnAyCnKlP_gZQFB7a-EN7PU4MoSDqHRTt6vz83PBZcli60rsJRGPygud66E9Wb-yWFGhp9c4sKSNo0jUgBKSamKl5WJdxpxOENasFXWyBC5ayiq1ugERSIjLzu0rQHSTz1lfdQ-_c361HdKiR_zdhGV49nebarbb1ReytFnogzFOOMhltlSTj7mvwEH4FavtZkzVhnvoaA850d4NMiGxJ0A7KiaK89aaQCY5c4jiscvJL8-gbPT2XK7SRZI67WUB0JWGFeEWRip950vh4kQLFX-AH1X_fVWG4ORNFZ-IZbTkNXt3HrdKWWsOjLhcHn2DtLblQymFEqlUutu3t1Bs3ECPwUxoexNIZztdTjVaZewZITeIUYE7mgIfcPbAFYSYTSuiiEkPHZK8ePb-yHcflE5sVZBE-I1WdvqxRmKl7QePYwx_TCw6qmhlwF579QaFZVhggBDTFOXnzH-BBxPZ9z6233HM7Am7n6a4jLQqM6nboRlHgp9MgIslSrgfrI4Mzzowm7fEnIBeI4IEq8dM9KreYWzHluTxzr5tVpEZSgnwDKlyyrhIOVLXlhETQyHUfK9kp7rdQqfLml6mjv1Q2ldmcXIZOSWJ07MRXElInWT12uZ4SnHqd1O8ZAPoTWNVALHA77ove7IA74lXLQocJTgcEdi_VbDYTpacM0Y5H_rqVDa5m_WMCtYNvcTCPEtErB4LWoVbHfFmLJtwsGZtPHWLLrYSw5sJFyf98DG6B1qMrR1vUBkIiQ-CqSJth4oJ2t94Rkl-K0dq5CTsjBT3FBz6GuDCIXlrNAYnauht_yQFKjfvOPUdNzwjitp6v72diRqzETIev4E9KQnLWLj38m4Z_nmgtJLBRZVoXCJVobSXj8T_ELz8tJAEjnqBDDUdYo_iaEIY8NtawetirkzlEl3qK7mIExUid6YrdiKdru0ZKSgJWIghXIKNPLWsqFwRCZhG5U5OWu5yWL9to-Tkt5NKIBVqnk0YWsGC5-u9Gvs5b&im=1&abvar=0&febuild=1.0.147&os=0&pload=2079
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerBuypass AS-983163327
Subject
FingerprintED:B9:EC:CE:41:67:3E:5C:94:1B:96:F4:D1:B9:7B:F3:39:50:35:EE
ValidityWed, 31 May 2023 12:01:56 GMT - Sun, 26 Nov 2023 22:59:00 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1841679&pb=14c0d85a076fe77a2efd8e3a8f279ad71694901541&psp=ON2E1w-K87hqxP41ULHJn0FY0Ds0ePt_WU6wIf6kmL75GfccL3khRs99tLuA7B5wDWS7IykFWtx9C3FyfmvXLvIOS-kH3oqhsyF_8nKdsRIVRRMGaj8oORVSnqoLrS_843urTsuHXuVdwmND9mk-v95OoOefU5aJOjQbFRMu3nHXmIfGV6u669IJfZGhV4Vh15xiJPDdEh2gBeBQu_ctCQYsfWGdhZueyA1oIGOY7id7s5E6yL76hbfHYoFVQXMc2DAufAyuFx9Q-wTS4Yhqx-AGMu2FGTy1UsHkcX4L9UBDezCiNh6LGfYlmxmLSPOdCjHh0odVE7zPV01lFwE9nH2oGZ_fIf2j7yvFaDJxesumRbQe0SJybTNMfTRh6U705U_Y6POao0mw9yNJtc7NswnoywKNvtNIfUjvFUUY0rXZJXE4z515B-3Ehy4lSRSDsJ_wfHVh7lhKN5hAi3XdjDiWQ2C6Nym_ndHWQpXVZqPaEctFCLlpUNCGatTt3UMNbBv8S1RJDHW7sZeiiV4teLx3R7y4jTOz3sn6vtQQfvK9zUdXGvEZid80ohT_cVi5VmopvX-NnHa6z9ahh5nFksFxMiD_h7AyJME7NBzqMOpRVIlWSeAdZ-AJy3wBJcNd1s8FfBxuMk25Mrtyv_Ng47yt2DgNWHEMzFBZH4JizF6jVyrg6JNUSXFb7kiTayjCOANlGBcMnr-QMfOBEQ56s8D7n_jYH9J8_84h2WR9dKvqg18chMAvmBq6ahRcH_iCWYus3BNG6vrK3wzy-u01CqciB2ji5g8RL_PAElP4IaaOfc0voP6Qs2iJ2BxeiacyfaNXt1-fRjP30pU0LFM2QVOzCUxu7bZrBq6Iqldy5XTM21TBcoVOpIl8oOdQVBuos_HZ171GM8fAXLr2wGJaaW4qCQ0-aEkz-BTzlbYMQSUg-LVtM3PbELGXZncA_l94Kd7bj8py2oHcV6GsfmNsuIQfN7a-7D5S8hIpHJoW3GKW1xwHLMemc-vPRw2OUZ4OvDPj_bIMzltq-rPllZl2Dv6-C_Ipj_aTpw3w2BfDnmvTzqmbnAyCnKlP_gZQFB7a-EN7PU4MoSDqHRTt6vz83PBZcli60rsJRGPygud66E9Wb-yWFGhp9c4sKSNo0jUgBKSamKl5WJdxpxOENasFXWyBC5ayiq1ugERSIjLzu0rQHSTz1lfdQ-_c361HdKiR_zdhGV49nebarbb1ReytFnogzFOOMhltlSTj7mvwEH4FavtZkzVhnvoaA850d4NMiGxJ0A7KiaK89aaQCY5c4jiscvJL8-gbPT2XK7SRZI67WUB0JWGFeEWRip950vh4kQLFX-AH1X_fVWG4ORNFZ-IZbTkNXt3HrdKWWsOjLhcHn2DtLblQymFEqlUutu3t1Bs3ECPwUxoexNIZztdTjVaZewZITeIUYE7mgIfcPbAFYSYTSuiiEkPHZK8ePb-yHcflE5sVZBE-I1WdvqxRmKl7QePYwx_TCw6qmhlwF579QaFZVhggBDTFOXnzH-BBxPZ9z6233HM7Am7n6a4jLQqM6nboRlHgp9MgIslSrgfrI4Mzzowm7fEnIBeI4IEq8dM9KreYWzHluTxzr5tVpEZSgnwDKlyyrhIOVLXlhETQyHUfK9kp7rdQqfLml6mjv1Q2ldmcXIZOSWJ07MRXElInWT12uZ4SnHqd1O8ZAPoTWNVALHA77ove7IA74lXLQocJTgcEdi_VbDYTpacM0Y5H_rqVDa5m_WMCtYNvcTCPEtErB4LWoVbHfFmLJtwsGZtPHWLLrYSw5sJFyf98DG6B1qMrR1vUBkIiQ-CqSJth4oJ2t94Rkl-K0dq5CTsjBT3FBz6GuDCIXlrNAYnauht_yQFKjfvOPUdNzwjitp6v72diRqzETIev4E9KQnLWLj38m4Z_nmgtJLBRZVoXCJVobSXj8T_ELz8tJAEjnqBDDUdYo_iaEIY8NtawetirkzlEl3qK7mIExUid6YrdiKdru0ZKSgJWIghXIKNPLWsqFwRCZhG5U5OWu5yWL9to-Tkt5NKIBVqnk0YWsGC5-u9Gvs5b&im=1&abvar=0&febuild=1.0.147&os=0&pload=2079 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=230916145924587dad547d4775b97cdd73d5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 16 Sep 2023 19:59:04 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET alas4kanmfa6a4mubte.com/whob.gif?z=1841679&pb=14c0d85a076fe77a2efd8e3a8f279ad71694901541&psp=ON2E1w-K87hqxP41ULHJn0FY0Ds0ePt_WU6wIf6kmL75GfccL3khRs99tLuA7B5wDWS7IykFWtx9C3FyfmvXLvIOS-kH3oqhsyF_8nKdsRIVRRMGaj8oORVSnqoLrS_843urTsuHXuVdwmND9mk-v95OoOefU5aJOjQbFRMu3nHXmIfGV6u669IJfZGhV4Vh15xiJPDdEh2gBeBQu_ctCQYsfWGdhZueyA1oIGOY7id7s5E6yL76hbfHYoFVQXMc2DAufAyuFx9Q-wTS4Yhqx-AGMu2FGTy1UsHkcX4L9UBDezCiNh6LGfYlmxmLSPOdCjHh0odVE7zPV01lFwE9nH2oGZ_fIf2j7yvFaDJxesumRbQe0SJybTNMfTRh6U705U_Y6POao0mw9yNJtc7NswnoywKNvtNIfUjvFUUY0rXZJXE4z515B-3Ehy4lSRSDsJ_wfHVh7lhKN5hAi3XdjDiWQ2C6Nym_ndHWQpXVZqPaEctFCLlpUNCGatTt3UMNbBv8S1RJDHW7sZeiiV4teLx3R7y4jTOz3sn6vtQQfvK9zUdXGvEZid80ohT_cVi5VmopvX-NnHa6z9ahh5nFksFxMiD_h7AyJME7NBzqMOpRVIlWSeAdZ-AJy3wBJcNd1s8FfBxuMk25Mrtyv_Ng47yt2DgNWHEMzFBZH4JizF6jVyrg6JNUSXFb7kiTayjCOANlGBcMnr-QMfOBEQ56s8D7n_jYH9J8_84h2WR9dKvqg18chMAvmBq6ahRcH_iCWYus3BNG6vrK3wzy-u01CqciB2ji5g8RL_PAElP4IaaOfc0voP6Qs2iJ2BxeiacyfaNXt1-fRjP30pU0LFM2QVOzCUxu7bZrBq6Iqldy5XTM21TBcoVOpIl8oOdQVBuos_HZ171GM8fAXLr2wGJaaW4qCQ0-aEkz-BTzlbYMQSUg-LVtM3PbELGXZncA_l94Kd7bj8py2oHcV6GsfmNsuIQfN7a-7D5S8hIpHJoW3GKW1xwHLMemc-vPRw2OUZ4OvDPj_bIMzltq-rPllZl2Dv6-C_Ipj_aTpw3w2BfDnmvTzqmbnAyCnKlP_gZQFB7a-EN7PU4MoSDqHRTt6vz83PBZcli60rsJRGPygud66E9Wb-yWFGhp9c4sKSNo0jUgBKSamKl5WJdxpxOENasFXWyBC5ayiq1ugERSIjLzu0rQHSTz1lfdQ-_c361HdKiR_zdhGV49nebarbb1ReytFnogzFOOMhltlSTj7mvwEH4FavtZkzVhnvoaA850d4NMiGxJ0A7KiaK89aaQCY5c4jiscvJL8-gbPT2XK7SRZI67WUB0JWGFeEWRip950vh4kQLFX-AH1X_fVWG4ORNFZ-IZbTkNXt3HrdKWWsOjLhcHn2DtLblQymFEqlUutu3t1Bs3ECPwUxoexNIZztdTjVaZewZITeIUYE7mgIfcPbAFYSYTSuiiEkPHZK8ePb-yHcflE5sVZBE-I1WdvqxRmKl7QePYwx_TCw6qmhlwF579QaFZVhggBDTFOXnzH-BBxPZ9z6233HM7Am7n6a4jLQqM6nboRlHgp9MgIslSrgfrI4Mzzowm7fEnIBeI4IEq8dM9KreYWzHluTxzr5tVpEZSgnwDKlyyrhIOVLXlhETQyHUfK9kp7rdQqfLml6mjv1Q2ldmcXIZOSWJ07MRXElInWT12uZ4SnHqd1O8ZAPoTWNVALHA77ove7IA74lXLQocJTgcEdi_VbDYTpacM0Y5H_rqVDa5m_WMCtYNvcTCPEtErB4LWoVbHfFmLJtwsGZtPHWLLrYSw5sJFyf98DG6B1qMrR1vUBkIiQ-CqSJth4oJ2t94Rkl-K0dq5CTsjBT3FBz6GuDCIXlrNAYnauht_yQFKjfvOPUdNzwjitp6v72diRqzETIev4E9KQnLWLj38m4Z_nmgtJLBRZVoXCJVobSXj8T_ELz8tJAEjnqBDDUdYo_iaEIY8NtawetirkzlEl3qK7mIExUid6YrdiKdru0ZKSgJWIghXIKNPLWsqFwRCZhG5U5OWu5yWL9to-Tkt5NKIBVqnk0YWsGC5-u9Gvs5b&im=1&abvar=0&febuild=1.0.147&os=0&pload=2079
200 OK 43 B URL GET HTTP/2 alas4kanmfa6a4mubte.com/whob.gif?z=1841679&pb=14c0d85a076fe77a2efd8e3a8f279ad71694901541&psp=ON2E1w-K87hqxP41ULHJn0FY0Ds0ePt_WU6wIf6kmL75GfccL3khRs99tLuA7B5wDWS7IykFWtx9C3FyfmvXLvIOS-kH3oqhsyF_8nKdsRIVRRMGaj8oORVSnqoLrS_843urTsuHXuVdwmND9mk-v95OoOefU5aJOjQbFRMu3nHXmIfGV6u669IJfZGhV4Vh15xiJPDdEh2gBeBQu_ctCQYsfWGdhZueyA1oIGOY7id7s5E6yL76hbfHYoFVQXMc2DAufAyuFx9Q-wTS4Yhqx-AGMu2FGTy1UsHkcX4L9UBDezCiNh6LGfYlmxmLSPOdCjHh0odVE7zPV01lFwE9nH2oGZ_fIf2j7yvFaDJxesumRbQe0SJybTNMfTRh6U705U_Y6POao0mw9yNJtc7NswnoywKNvtNIfUjvFUUY0rXZJXE4z515B-3Ehy4lSRSDsJ_wfHVh7lhKN5hAi3XdjDiWQ2C6Nym_ndHWQpXVZqPaEctFCLlpUNCGatTt3UMNbBv8S1RJDHW7sZeiiV4teLx3R7y4jTOz3sn6vtQQfvK9zUdXGvEZid80ohT_cVi5VmopvX-NnHa6z9ahh5nFksFxMiD_h7AyJME7NBzqMOpRVIlWSeAdZ-AJy3wBJcNd1s8FfBxuMk25Mrtyv_Ng47yt2DgNWHEMzFBZH4JizF6jVyrg6JNUSXFb7kiTayjCOANlGBcMnr-QMfOBEQ56s8D7n_jYH9J8_84h2WR9dKvqg18chMAvmBq6ahRcH_iCWYus3BNG6vrK3wzy-u01CqciB2ji5g8RL_PAElP4IaaOfc0voP6Qs2iJ2BxeiacyfaNXt1-fRjP30pU0LFM2QVOzCUxu7bZrBq6Iqldy5XTM21TBcoVOpIl8oOdQVBuos_HZ171GM8fAXLr2wGJaaW4qCQ0-aEkz-BTzlbYMQSUg-LVtM3PbELGXZncA_l94Kd7bj8py2oHcV6GsfmNsuIQfN7a-7D5S8hIpHJoW3GKW1xwHLMemc-vPRw2OUZ4OvDPj_bIMzltq-rPllZl2Dv6-C_Ipj_aTpw3w2BfDnmvTzqmbnAyCnKlP_gZQFB7a-EN7PU4MoSDqHRTt6vz83PBZcli60rsJRGPygud66E9Wb-yWFGhp9c4sKSNo0jUgBKSamKl5WJdxpxOENasFXWyBC5ayiq1ugERSIjLzu0rQHSTz1lfdQ-_c361HdKiR_zdhGV49nebarbb1ReytFnogzFOOMhltlSTj7mvwEH4FavtZkzVhnvoaA850d4NMiGxJ0A7KiaK89aaQCY5c4jiscvJL8-gbPT2XK7SRZI67WUB0JWGFeEWRip950vh4kQLFX-AH1X_fVWG4ORNFZ-IZbTkNXt3HrdKWWsOjLhcHn2DtLblQymFEqlUutu3t1Bs3ECPwUxoexNIZztdTjVaZewZITeIUYE7mgIfcPbAFYSYTSuiiEkPHZK8ePb-yHcflE5sVZBE-I1WdvqxRmKl7QePYwx_TCw6qmhlwF579QaFZVhggBDTFOXnzH-BBxPZ9z6233HM7Am7n6a4jLQqM6nboRlHgp9MgIslSrgfrI4Mzzowm7fEnIBeI4IEq8dM9KreYWzHluTxzr5tVpEZSgnwDKlyyrhIOVLXlhETQyHUfK9kp7rdQqfLml6mjv1Q2ldmcXIZOSWJ07MRXElInWT12uZ4SnHqd1O8ZAPoTWNVALHA77ove7IA74lXLQocJTgcEdi_VbDYTpacM0Y5H_rqVDa5m_WMCtYNvcTCPEtErB4LWoVbHfFmLJtwsGZtPHWLLrYSw5sJFyf98DG6B1qMrR1vUBkIiQ-CqSJth4oJ2t94Rkl-K0dq5CTsjBT3FBz6GuDCIXlrNAYnauht_yQFKjfvOPUdNzwjitp6v72diRqzETIev4E9KQnLWLj38m4Z_nmgtJLBRZVoXCJVobSXj8T_ELz8tJAEjnqBDDUdYo_iaEIY8NtawetirkzlEl3qK7mIExUid6YrdiKdru0ZKSgJWIghXIKNPLWsqFwRCZhG5U5OWu5yWL9to-Tkt5NKIBVqnk0YWsGC5-u9Gvs5b&im=1&abvar=0&febuild=1.0.147&os=0&pload=2079
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerBuypass AS-983163327
Subject
FingerprintED:B9:EC:CE:41:67:3E:5C:94:1B:96:F4:D1:B9:7B:F3:39:50:35:EE
ValidityWed, 31 May 2023 12:01:56 GMT - Sun, 26 Nov 2023 22:59:00 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /whob.gif?z=1841679&pb=14c0d85a076fe77a2efd8e3a8f279ad71694901541&psp=ON2E1w-K87hqxP41ULHJn0FY0Ds0ePt_WU6wIf6kmL75GfccL3khRs99tLuA7B5wDWS7IykFWtx9C3FyfmvXLvIOS-kH3oqhsyF_8nKdsRIVRRMGaj8oORVSnqoLrS_843urTsuHXuVdwmND9mk-v95OoOefU5aJOjQbFRMu3nHXmIfGV6u669IJfZGhV4Vh15xiJPDdEh2gBeBQu_ctCQYsfWGdhZueyA1oIGOY7id7s5E6yL76hbfHYoFVQXMc2DAufAyuFx9Q-wTS4Yhqx-AGMu2FGTy1UsHkcX4L9UBDezCiNh6LGfYlmxmLSPOdCjHh0odVE7zPV01lFwE9nH2oGZ_fIf2j7yvFaDJxesumRbQe0SJybTNMfTRh6U705U_Y6POao0mw9yNJtc7NswnoywKNvtNIfUjvFUUY0rXZJXE4z515B-3Ehy4lSRSDsJ_wfHVh7lhKN5hAi3XdjDiWQ2C6Nym_ndHWQpXVZqPaEctFCLlpUNCGatTt3UMNbBv8S1RJDHW7sZeiiV4teLx3R7y4jTOz3sn6vtQQfvK9zUdXGvEZid80ohT_cVi5VmopvX-NnHa6z9ahh5nFksFxMiD_h7AyJME7NBzqMOpRVIlWSeAdZ-AJy3wBJcNd1s8FfBxuMk25Mrtyv_Ng47yt2DgNWHEMzFBZH4JizF6jVyrg6JNUSXFb7kiTayjCOANlGBcMnr-QMfOBEQ56s8D7n_jYH9J8_84h2WR9dKvqg18chMAvmBq6ahRcH_iCWYus3BNG6vrK3wzy-u01CqciB2ji5g8RL_PAElP4IaaOfc0voP6Qs2iJ2BxeiacyfaNXt1-fRjP30pU0LFM2QVOzCUxu7bZrBq6Iqldy5XTM21TBcoVOpIl8oOdQVBuos_HZ171GM8fAXLr2wGJaaW4qCQ0-aEkz-BTzlbYMQSUg-LVtM3PbELGXZncA_l94Kd7bj8py2oHcV6GsfmNsuIQfN7a-7D5S8hIpHJoW3GKW1xwHLMemc-vPRw2OUZ4OvDPj_bIMzltq-rPllZl2Dv6-C_Ipj_aTpw3w2BfDnmvTzqmbnAyCnKlP_gZQFB7a-EN7PU4MoSDqHRTt6vz83PBZcli60rsJRGPygud66E9Wb-yWFGhp9c4sKSNo0jUgBKSamKl5WJdxpxOENasFXWyBC5ayiq1ugERSIjLzu0rQHSTz1lfdQ-_c361HdKiR_zdhGV49nebarbb1ReytFnogzFOOMhltlSTj7mvwEH4FavtZkzVhnvoaA850d4NMiGxJ0A7KiaK89aaQCY5c4jiscvJL8-gbPT2XK7SRZI67WUB0JWGFeEWRip950vh4kQLFX-AH1X_fVWG4ORNFZ-IZbTkNXt3HrdKWWsOjLhcHn2DtLblQymFEqlUutu3t1Bs3ECPwUxoexNIZztdTjVaZewZITeIUYE7mgIfcPbAFYSYTSuiiEkPHZK8ePb-yHcflE5sVZBE-I1WdvqxRmKl7QePYwx_TCw6qmhlwF579QaFZVhggBDTFOXnzH-BBxPZ9z6233HM7Am7n6a4jLQqM6nboRlHgp9MgIslSrgfrI4Mzzowm7fEnIBeI4IEq8dM9KreYWzHluTxzr5tVpEZSgnwDKlyyrhIOVLXlhETQyHUfK9kp7rdQqfLml6mjv1Q2ldmcXIZOSWJ07MRXElInWT12uZ4SnHqd1O8ZAPoTWNVALHA77ove7IA74lXLQocJTgcEdi_VbDYTpacM0Y5H_rqVDa5m_WMCtYNvcTCPEtErB4LWoVbHfFmLJtwsGZtPHWLLrYSw5sJFyf98DG6B1qMrR1vUBkIiQ-CqSJth4oJ2t94Rkl-K0dq5CTsjBT3FBz6GuDCIXlrNAYnauht_yQFKjfvOPUdNzwjitp6v72diRqzETIev4E9KQnLWLj38m4Z_nmgtJLBRZVoXCJVobSXj8T_ELz8tJAEjnqBDDUdYo_iaEIY8NtawetirkzlEl3qK7mIExUid6YrdiKdru0ZKSgJWIghXIKNPLWsqFwRCZhG5U5OWu5yWL9to-Tkt5NKIBVqnk0YWsGC5-u9Gvs5b&im=1&abvar=0&febuild=1.0.147&os=0&pload=2079 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=230916145924587dad547d4775b97cdd73d5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 16 Sep 2023 19:59:04 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.banner.view
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET db.bngpt.com/stream_---Calypso---.mp4
206 Partial Content 43 kB URL GET HTTP/2 db.bngpt.com/stream_---Calypso---.mp4
IP
Requested by https://bngdyn.com/promo.php?c=629199&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=100&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=none&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=custom&db%5Bmpad%5D=19&db%5Bmwidth%5D=120&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23EEEEEE&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0&db%5Bchat%5D=0
Certificate IssuerGoGetSSL
Subjectdb.bngpt.com
FingerprintD5:70:94:8D:03:7A:07:89:EC:46:F4:04:A2:B5:DF:5D:86:C4:5D:8D
ValidityThu, 06 Apr 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 58b6ddf7ef4565b33e980f167f78f7d1
96d80f483377f23494a33cc5e16f00cf4ecfec5f
7159231098b96c6b7ca2fb44541bc814306ec8ea3c385e6338a85744630c7667
GET /stream_---Calypso---.mp4 HTTP/1.1
Host: db.bngpt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://bngdyn.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
date: Sat, 16 Sep 2023 19:59:03 GMT
content-type: video/mp4
content-length: 203155
last-modified: Wed, 06 Sep 2023 18:03:51 GMT
etag: "64f8bf07-31993"
expires: Thu, 07 Sep 2023 04:17:35 GMT
cache-control: max-age=21600
x-circle-268: HIT
content-range: bytes 0-203154/203155
x-cdn-diag: ams5-7619-2-21787-h-0-0---;7619-26-44767----0-0-1
X-Firefox-Spdy: h2
104 kB URL db.bngpt.com/stream_xkaralevax.mp4
IP
Certificate IssuerGoGetSSL
Subjectdb.bngpt.com
FingerprintD5:70:94:8D:03:7A:07:89:EC:46:F4:04:A2:B5:DF:5D:86:C4:5D:8D
ValidityThu, 06 Apr 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 104 kB (104184 bytes)
Hash 4e3b9182640f89d56b2780456b00571c
12d2e39520451debede3f32fec31a1d35d673de3
f36f66cb037fc752a0526ccdedaf1c909ca09757ac6169a50e97c41255f8687e
GET /stream_xkaralevax.mp4 HTTP/1.1
Host: db.bngpt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://bngdyn.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
date: Sat, 16 Sep 2023 19:59:17 GMT
content-type: video/mp4
content-length: 104184
last-modified: Thu, 14 Sep 2023 20:40:38 GMT
etag: "65036fc6-196f8"
expires: Fri, 15 Sep 2023 08:02:57 GMT
cache-control: max-age=21600
x-circle-268: EXPIRED
content-range: bytes 0-104183/104184
x-cdn-diag: ams5-6140-3-34650-h-0-0---;7619-23-44767----0-0-0
X-Firefox-Spdy: h2
GET addresseepaper.com/sfp.js
0 B URL GET addresseepaper.com/sfp.js
IP
Requested by https://dood.yt/e/tko6r5f4vaj8
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET alas4kanmfa6a4mubte.com/lv/esnk/1841679/code.js
200 OK 119 kB URL GET HTTP/2 alas4kanmfa6a4mubte.com/lv/esnk/1841679/code.js
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerBuypass AS-983163327
Subject
FingerprintED:B9:EC:CE:41:67:3E:5C:94:1B:96:F4:D1:B9:7B:F3:39:50:35:EE
ValidityWed, 31 May 2023 12:01:56 GMT - Sun, 26 Nov 2023 22:59:00 GMT
File type ASCII text, with very long lines (65107)
Size 119 kB (119047 bytes)
Hash de3137f25dff2e596d90535fbbfedd12
f6e0ec5a87066c85a1edbda3e8b7248c5d6a3a70
4913f4b1c208d7c1afb0a4314d07452a92de1a16c9f5d7e8a1ee741f7cfb5513
GET /lv/esnk/1841679/code.js HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 16 Sep 2023 19:59:01 GMT
content-type: application/javascript
last-modified: Thu, 14 Sep 2023 12:16:28 GMT
vary: Accept-Encoding
etag: W/"6502f99c-1d148"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
GET alas4kanmfa6a4mubte.com/whob.gif?z=1841674&pb=14c0d85a076fe77a2efd8e3a8f279ad71694901541&psp=crZsYNj7eygaSdlpZsc2BYTBVf0RhsFO4XPbDWNgaafp8CfY_5OyrOLnbJ5PF5bcxUMEC8TwObnG5ePdphKvVJp2_RVCyXzBYMS3cJBgzuYNve9kSyNglmOAwiYRapHzv-BnrDrYjXVEqUfbnc4xqwNEIY867U6f70u8EH5jqjl0rBj16RKxXuXrqIBUxX7Gg7MUJlC3ZyQV7pO4E4JaOijeDNkhcahl3SoL0_3ODLO0f7ofAudbjCM-Kd8GkqOaTHIUkE5QeAON8Oq6sVmgg2owkyzuXJ7Pf-lvARzSuriHj7A7ME-dbig0JJGA6OPpwcNzY3Qq1KxT-6MUTs5zAh4tukCBVzfnUUOD1gyIs0TpPgnooZKuhTdLZ2p_4V0f95oOOxk4M3sB4z87W36G3TH7qtrnSIQwWbGJYXxpy4Uw7MSeSQJn-gaJER5jP_JCvBdaZmAXEAZz4Gxy-ZP82Fp5EjcIQrAsP0R2hKP8mK3bI9AvZYJfnSOI8LBoh3dQ00ktCUndAd-tD6YCwo4DzHbY4gfLuq6QBJ5GgSAf8CsZ-EvNBuhHCfSyEEpuAAzUTUkHxq--90_CQxQlrsU-6KJwr4bMsmH0kwmw86_ZO-xhR_h-aieHpJ7LNocAMK_tLBETlMyTmwCrS1luF70trzGGuBUVyyEFKJ1wYRZxAzxhFBkf5-ItiuqaIWLRg3P4_Wb6Mni9kh5V9cpDjiWn8iefmIdUujAGqdfjumz7_lFacT43RH9egN7yl0GXGc0IMfRb9on0hGm6PkXLx3eGxkzVSK1NkIEQuGQgMGpUrZj_7lb_0NwqqrRNcj5uBf1wEKXJ0JSwLqTG-aAXzuMDU5ChR8IqxLjaJx5_vhnrNZzo2YqKzQ==&im=1&abvar=0&febuild=1.0.147&os=0&pload=372
200 OK 43 B URL GET HTTP/2 alas4kanmfa6a4mubte.com/whob.gif?z=1841674&pb=14c0d85a076fe77a2efd8e3a8f279ad71694901541&psp=crZsYNj7eygaSdlpZsc2BYTBVf0RhsFO4XPbDWNgaafp8CfY_5OyrOLnbJ5PF5bcxUMEC8TwObnG5ePdphKvVJp2_RVCyXzBYMS3cJBgzuYNve9kSyNglmOAwiYRapHzv-BnrDrYjXVEqUfbnc4xqwNEIY867U6f70u8EH5jqjl0rBj16RKxXuXrqIBUxX7Gg7MUJlC3ZyQV7pO4E4JaOijeDNkhcahl3SoL0_3ODLO0f7ofAudbjCM-Kd8GkqOaTHIUkE5QeAON8Oq6sVmgg2owkyzuXJ7Pf-lvARzSuriHj7A7ME-dbig0JJGA6OPpwcNzY3Qq1KxT-6MUTs5zAh4tukCBVzfnUUOD1gyIs0TpPgnooZKuhTdLZ2p_4V0f95oOOxk4M3sB4z87W36G3TH7qtrnSIQwWbGJYXxpy4Uw7MSeSQJn-gaJER5jP_JCvBdaZmAXEAZz4Gxy-ZP82Fp5EjcIQrAsP0R2hKP8mK3bI9AvZYJfnSOI8LBoh3dQ00ktCUndAd-tD6YCwo4DzHbY4gfLuq6QBJ5GgSAf8CsZ-EvNBuhHCfSyEEpuAAzUTUkHxq--90_CQxQlrsU-6KJwr4bMsmH0kwmw86_ZO-xhR_h-aieHpJ7LNocAMK_tLBETlMyTmwCrS1luF70trzGGuBUVyyEFKJ1wYRZxAzxhFBkf5-ItiuqaIWLRg3P4_Wb6Mni9kh5V9cpDjiWn8iefmIdUujAGqdfjumz7_lFacT43RH9egN7yl0GXGc0IMfRb9on0hGm6PkXLx3eGxkzVSK1NkIEQuGQgMGpUrZj_7lb_0NwqqrRNcj5uBf1wEKXJ0JSwLqTG-aAXzuMDU5ChR8IqxLjaJx5_vhnrNZzo2YqKzQ==&im=1&abvar=0&febuild=1.0.147&os=0&pload=372
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerBuypass AS-983163327
Subject
FingerprintED:B9:EC:CE:41:67:3E:5C:94:1B:96:F4:D1:B9:7B:F3:39:50:35:EE
ValidityWed, 31 May 2023 12:01:56 GMT - Sun, 26 Nov 2023 22:59:00 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /whob.gif?z=1841674&pb=14c0d85a076fe77a2efd8e3a8f279ad71694901541&psp=crZsYNj7eygaSdlpZsc2BYTBVf0RhsFO4XPbDWNgaafp8CfY_5OyrOLnbJ5PF5bcxUMEC8TwObnG5ePdphKvVJp2_RVCyXzBYMS3cJBgzuYNve9kSyNglmOAwiYRapHzv-BnrDrYjXVEqUfbnc4xqwNEIY867U6f70u8EH5jqjl0rBj16RKxXuXrqIBUxX7Gg7MUJlC3ZyQV7pO4E4JaOijeDNkhcahl3SoL0_3ODLO0f7ofAudbjCM-Kd8GkqOaTHIUkE5QeAON8Oq6sVmgg2owkyzuXJ7Pf-lvARzSuriHj7A7ME-dbig0JJGA6OPpwcNzY3Qq1KxT-6MUTs5zAh4tukCBVzfnUUOD1gyIs0TpPgnooZKuhTdLZ2p_4V0f95oOOxk4M3sB4z87W36G3TH7qtrnSIQwWbGJYXxpy4Uw7MSeSQJn-gaJER5jP_JCvBdaZmAXEAZz4Gxy-ZP82Fp5EjcIQrAsP0R2hKP8mK3bI9AvZYJfnSOI8LBoh3dQ00ktCUndAd-tD6YCwo4DzHbY4gfLuq6QBJ5GgSAf8CsZ-EvNBuhHCfSyEEpuAAzUTUkHxq--90_CQxQlrsU-6KJwr4bMsmH0kwmw86_ZO-xhR_h-aieHpJ7LNocAMK_tLBETlMyTmwCrS1luF70trzGGuBUVyyEFKJ1wYRZxAzxhFBkf5-ItiuqaIWLRg3P4_Wb6Mni9kh5V9cpDjiWn8iefmIdUujAGqdfjumz7_lFacT43RH9egN7yl0GXGc0IMfRb9on0hGm6PkXLx3eGxkzVSK1NkIEQuGQgMGpUrZj_7lb_0NwqqrRNcj5uBf1wEKXJ0JSwLqTG-aAXzuMDU5ChR8IqxLjaJx5_vhnrNZzo2YqKzQ==&im=1&abvar=0&febuild=1.0.147&os=0&pload=372 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=230916145924587dad547d4775b97cdd73d5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 16 Sep 2023 19:59:03 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.banner.view
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET dood.yt/e/tko6r5f4vaj8
200 OK 60 kB IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerGoogle Trust Services LLC
Subjectdood.yt
Fingerprint78:FC:96:CF:41:7A:7F:5B:E2:2F:F3:C8:5D:ED:CB:40:0D:87:BA:5E
ValidityWed, 13 Sep 2023 00:54:45 GMT - Tue, 12 Dec 2023 00:54:44 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (60010), with no line terminators
Hash 7b729e8d98d0dfb1e465ccc901f364e2
83c9b40bcbb1bad5d877b63e827f28296610be6c
ab1f49835fcbef4bb334a812ba47e205155396f32013ba33b41575a6519e2cb6
GET /e/tko6r5f4vaj8 HTTP/1.1
Host: dood.yt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/d/tko6r5f4vaj8
Cookie: dref_url=none
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 16 Sep 2023 19:59:01 GMT
content-type: text/html; charset=UTF-8
expires: Fri, 15 Sep 2023 19:59:01 GMT
set-cookie: lang=1; domain=.dood.yt; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BChkzPUVVvwrKW%2FYWgn3J0EsVqcOYdnlJkZbgDJmsuqlvaJtiDTx5m2EZLUOgADRA0L4KwjxLI6IZ9w6BcIEAbmrdojmFS6XtEIU0mjCsR9IMB0TB%2BhPs5s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 807bb003cf42b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET cdn.pncloudfl.com/pn/79e/e98/4c1/79ee984c136eeaafbbc55791349bdf193fd80b97.jpg
200 OK 7.0 kB URL GET HTTP/2 cdn.pncloudfl.com/pn/79e/e98/4c1/79ee984c136eeaafbbc55791349bdf193fd80b97.jpg
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC6:42:10:11:EB:FA:38:01:62:34:DA:19:86:B6:89:D4:EF:B3:37:A8
ValidityFri, 31 Mar 2023 00:00:00 GMT - Sat, 30 Mar 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 192x192, components 3\012- data
Hash ed88391fed4684ab141f8cb59697ee11
79ee984c136eeaafbbc55791349bdf193fd80b97
c3a68b4324bd9c042c48b68e97d764e4d59dacfba493530e03c5ba85f2fd94da
GET /pn/79e/e98/4c1/79ee984c136eeaafbbc55791349bdf193fd80b97.jpg HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 16 Sep 2023 19:59:02 GMT
content-type: image/jpeg
content-length: 6953
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: ed88391fed4684ab141f8cb59697ee11
expires: Mon, 18 Sep 2023 12:25:24 GMT
last-modified: Fri, 28 Apr 2023 13:33:16 GMT
x-openstack-request-id: txe308167ef69c4c7691c06-00645b6060
x-proxy-cache: HIT
x-timestamp: 1682688795.85918
x-trans-id: txe308167ef69c4c7691c06-00645b6060
cf-cache-status: HIT
age: 27218
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 807bb0064d5db4fa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET alas4kanmfa6a4mubte.com/get/1841679?zoneid=1841679&jp=_clkiud7sow91d42dfvqmw&nojs=0&ix=0&abvar=0&febuild=1.0.147&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=6022051106494055&sp=1&im=1
200 OK 15 kB URL GET HTTP/2 alas4kanmfa6a4mubte.com/get/1841679?zoneid=1841679&jp=_clkiud7sow91d42dfvqmw&nojs=0&ix=0&abvar=0&febuild=1.0.147&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=6022051106494055&sp=1&im=1
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerBuypass AS-983163327
Subject
FingerprintED:B9:EC:CE:41:67:3E:5C:94:1B:96:F4:D1:B9:7B:F3:39:50:35:EE
ValidityWed, 31 May 2023 12:01:56 GMT - Sun, 26 Nov 2023 22:59:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/1841679?zoneid=1841679&jp=_clkiud7sow91d42dfvqmw&nojs=0&ix=0&abvar=0&febuild=1.0.147&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=6022051106494055&sp=1&im=1 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 16 Sep 2023 19:59:01 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Sat, 19 Oct 2024 19:59:01 GMT; HttpOnly; Secure; SameSite=None
UID=2309161459029b8ca4b71d4d25970de34c38; Path=/; Expires=Sat, 19 Oct 2024 19:59:01 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET betotodilea.com/400/4857535
200 OK 91 kB URL GET HTTP/2 betotodilea.com/400/4857535
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerLet's Encrypt
Subjectbetotodilea.com
FingerprintE6:43:29:5D:43:E3:1B:7A:9C:10:C4:40:DF:C9:6B:91:73:22:AE:E8
ValidityMon, 11 Sep 2023 03:28:47 GMT - Sun, 10 Dec 2023 03:28:46 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 17d86cca95d02df20d74059eddcc6bff
c93bdf0d7db5b8386a1afde0bade60320ebd20cc
e77e4bbc1ceb1a99b3ec486ce640c56089b28721a825e4e48ef2ab424874f3d5
GET /400/4857535 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 16 Sep 2023 19:59:01 GMT
content-type: application/javascript
x-trace-id: 02f2a79e2e3abe103dfd27752261a56c
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=401abe4ba7d94904a75308f5eed05d4e; expires=Sun, 15 Sep 2024 19:59:01 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
GET cdn.pncloudfl.com/pn/ed0/383/1a4/ed03831a46b255a74f378370cfbe78b360741624.webp
200 OK 20 kB URL GET HTTP/3 cdn.pncloudfl.com/pn/ed0/383/1a4/ed03831a46b255a74f378370cfbe78b360741624.webp
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC6:42:10:11:EB:FA:38:01:62:34:DA:19:86:B6:89:D4:EF:B3:37:A8
ValidityFri, 31 Mar 2023 00:00:00 GMT - Sat, 30 Mar 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fbab92d6de3538e29786605f350d5c58
ed03831a46b255a74f378370cfbe78b360741624
65d835b6c47b7461d851f7ea556833e8133a0c96494227f3df9bf8debb5ef73f
GET /pn/ed0/383/1a4/ed03831a46b255a74f378370cfbe78b360741624.webp HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 16 Sep 2023 19:59:02 GMT
content-type: application/octet-stream
content-length: 19470
etag: fbab92d6de3538e29786605f350d5c58
last-modified: Fri, 28 Apr 2023 13:32:53 GMT
x-timestamp: 1682688772.22347
x-trans-id: txfa66edb0dfb248d29885e-00645b606d
x-openstack-request-id: txfa66edb0dfb248d29885e-00645b606d
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Mon, 18 Sep 2023 12:26:41 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
cf-cache-status: HIT
age: 27141
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 807bb0083a46569c-OSL
alt-svc: h3=":443"; ma=86400
GET friendshipmale.com/sfp.js
200 OK 86 kB URL GET HTTP/2 friendshipmale.com/sfp.js
IP
Requested by https://dood.yt/e/tko6r5f4vaj8
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 16 Sep 2023 19:59:03 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: af3d258fb4386d293aa3881aaf6b2606
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 16 Sep 2023 19:59:02 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y8Hz%2BZAEFOBqtru5NjYs2KH47I8iiLcnJTPtP54Dy%2BYeCyqnjY4TQEPVMWnxGiA5h5Pk6JLzFbVI%2FORdT4VuVkaELHjrO9eLPra5ZeIs%2BIZRVu%2BdaUM8l2WKQxwjue0AjGhof94%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 807bb00bcc204170-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET i.doodcdn.co/theme_2/fonts/avertastd-bold-webfont.woff2
200 OK 24 kB URL GET HTTP/3 i.doodcdn.co/theme_2/fonts/avertastd-bold-webfont.woff2
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint95:79:36:28:82:A7:27:27:28:6B:8B:F8:02:2B:6E:BE:EC:06:A5:C3
ValiditySun, 12 Feb 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 23604, version 1.0\012- data
Hash e9133fd11f14c09a2e4556c395a0ef7d
00fad09605f3342df5c9aeba130156fe19ade8b0
06244cc9cd0c998581b1bf93f5222deee7d2d0b09299190e163961afa973ba91
GET /theme_2/fonts/avertastd-bold-webfont.woff2 HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dood.yt
DNT: 1
Connection: keep-alive
Referer: https://i.doodcdn.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 16 Sep 2023 19:59:01 GMT
content-type: font/woff2
content-length: 23604
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
cache-control: max-age=2592000
expires: Sun, 15 Oct 2023 20:24:21 GMT
vary: User-Agent,Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81587
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SlwHS14wtmMK%2FTYTxD69Ti91OoI8qRIMYfwWlbjyGETYjquQVFC2mEjUHRC71zMqAkmCD8lTkoNMqHMgsJcXUw%2FAflpY7n7g49EX7ym%2BQbsWUGgOvgApCkhRbsxndA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 807bb0046fdb0b02-OSL
alt-svc: h3=":443"; ma=86400
GET i.doodcdn.co/get_slides/430/b39nqo1zp26a95a3.jpg
200 OK 3.2 kB URL GET HTTP/3 i.doodcdn.co/get_slides/430/b39nqo1zp26a95a3.jpg
IP
Requested by https://dood.yt/e/tko6r5f4vaj8
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint95:79:36:28:82:A7:27:27:28:6B:8B:F8:02:2B:6E:BE:EC:06:A5:C3
ValiditySun, 12 Feb 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (3268), with no line terminators
Hash c3577a17faa840a91776d2341ea4c41c
448fb03b5d5be893d1696445571e3758c20b956c
f1a81d10c81304921d79e0dd29638940f48b668d999e190dddca719c5435397a
GET /get_slides/430/b39nqo1zp26a95a3.jpg HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.yt
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 16 Sep 2023 19:59:02 GMT
content-type: text/vtt
access-control-allow-origin: *
last-modified: Sat, 16 Sep 2023 01:46:42 GMT
cache-control: max-age=86400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GjBkH3psE18I086PW5Md0R%2FT4PAhkhxygfhONLqYZ1BObbF4iXewm17qGzzVK9cA0B8fgZiWfgnAhsK%2FZF%2FNByvzqlk%2B6u8CcSRPhGrzg0mO7dHsk7nUap%2BI9xDGxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 807bb00a3b240b02-OSL
alt-svc: h3=":443"; ma=86400
GET fvcwqkkqmuv.com/get/1941940?zoneid=1941940&jp=_clwun445whah7beafye88c&nojs=0&ix=0&abvar=0&febuild=1.0.147&t=0&x=1110&y=624&wcks=1&wgl=0&cnvs=1&os=0&md=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=1&im=1&cid=3207301339499213
200 OK 3.9 kB URL GET HTTP/2 fvcwqkkqmuv.com/get/1941940?zoneid=1941940&jp=_clwun445whah7beafye88c&nojs=0&ix=0&abvar=0&febuild=1.0.147&t=0&x=1110&y=624&wcks=1&wgl=0&cnvs=1&os=0&md=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=1&im=1&cid=3207301339499213
IP
Requested by https://dood.yt/e/tko6r5f4vaj8
Certificate IssuerBuypass AS-983163327
Subject
Fingerprint9A:2F:14:29:BF:3A:F6:04:3C:73:42:7B:73:9F:C1:FE:76:C6:D5:0F
ValidityWed, 31 May 2023 13:01:06 GMT - Sun, 26 Nov 2023 22:59:00 GMT
File type ASCII text, with very long lines (4256), with no line terminators
Hash 05a93402094a187d850c396164281060
6d2719547633a7c88bdb20cf7610133a11c3175e
95e328d2a7f99db490c6542b042d463362f5e6a7c938da8a0afcefe57b1368e0
GET /get/1941940?zoneid=1941940&jp=_clwun445whah7beafye88c&nojs=0&ix=0&abvar=0&febuild=1.0.147&t=0&x=1110&y=624&wcks=1&wgl=0&cnvs=1&os=0&md=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=1&im=1&cid=3207301339499213 HTTP/1.1
Host: fvcwqkkqmuv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 16 Sep 2023 19:59:02 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2309161459a07cee9118f64282a9ec6919a4; Path=/; Expires=Sat, 19 Oct 2024 19:59:02 GMT; HttpOnly; Secure; SameSite=None
CHCK=1; Path=/; Expires=Sat, 19 Oct 2024 19:59:02 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET alas4kanmfa6a4mubte.com/chicken.gif?z=1841674&pb=14c0d85a076fe77a2efd8e3a8f279ad71694901541&psp=VpaoJnQvHKBFwUb2utIgK9_E3W_VKvc97jGKkNVtIclDXp3ITPZkIiieHdtCF0RrmWTzDac1HrGI47xLJibXFt6tMOEag1A5NjsEyUCWItP1pbH6Lw5KRqOHoQ_CdsWlhwCmg2kblhxYC_Z88FUIjPGplmyC8oLC6Y1rDwSocqagkYqRQVnPfRHEL73vtLbV810h_iw_OuiNMwTq_VmLSeXKCnAcfOpq-z3GVWT5S9Ag3EkwQo_Hb4TUu1-fcCqhzK-htaqWIGwjlS7iZ694j4vGl9ID0nL3StLgR92s6ZzjufW92_mEL4lHvKwOmWFjCOLFUiP1Sr8lgTffSneq3hSFA3V9JOOodSgk6YJv7qQ5EkFJqOONuqrqXzB51Zj7U6tCFN35Q_w2gQZgBXWDlrIA1zMuuFo-7ybB-_5TX27hwyFc82B6AqOO8aCTHF6od2R9iN-X7EqiW3ds2Aw4rszQDQbR5nBdsPytngeJgt110YwVeUoKX-_m9w4l6n79vL19XY0JG5WpqNLLq2doVa6vOwfDVTTSp-JzPMbw1FoIFetkm-2Qenpmj6bYitRoHYbwYo2gz29eFF70vWiSPYcoCozzQd0Uc3ay17PzynxY7s3VMDlp83krsQQsTBrs2m0sTtx7RCD2MGCK7NdjHhCYCHtyuRpd0p90sqkHK6HVYPEZRk5z31PaDmwomF_psTKnY5v9eh1EDNk8bFdezDflIefvrMfbpL0RZGHyokimS2Bp3ZdxvglTnJsdFNv7GX5vnPApq0ItoOsJ4uHY6LWA7VgouyG0G8Je4JHYpnwbyTT5W6SdWXuk3EqFOZ0GJ_obQZysHgJ2W08_DTTpR06B-MGtKK-ij7cq3Y4EiaERKUf6dwROqL1cWYa5Eeqeslq1hKQZCDTzJYsolJI87lGMkAKnit7OItKOjJ-br4an0cyTbwo5T94hmgINxJNYns9CQR-4IlHvJ_szoNcap85FP5Em93UaQuofvpyWjFFHhoxKflE_Gth8_dZoFi1IlK6YzMfTsJxS2zunW5isoOJLdCCTXkQwghS_RZWOIXbPfFNWkeGNBetOAvWYRbXq1ds7WhZzzI-R5maj0kymk5CotPhO4jT945sPsVgJwV76K2IRbg9ihbwgVgIB0QA0WsJmdMVYlxj9T2SdaAtS2BJf9PYr2ECk3m5qjQopXYmRBvqDQ7Hfj0x8UQ8=&im=1&abvar=0&febuild=1.0.147&os=0&pload=269
200 OK 43 B URL GET HTTP/2 alas4kanmfa6a4mubte.com/chicken.gif?z=1841674&pb=14c0d85a076fe77a2efd8e3a8f279ad71694901541&psp=VpaoJnQvHKBFwUb2utIgK9_E3W_VKvc97jGKkNVtIclDXp3ITPZkIiieHdtCF0RrmWTzDac1HrGI47xLJibXFt6tMOEag1A5NjsEyUCWItP1pbH6Lw5KRqOHoQ_CdsWlhwCmg2kblhxYC_Z88FUIjPGplmyC8oLC6Y1rDwSocqagkYqRQVnPfRHEL73vtLbV810h_iw_OuiNMwTq_VmLSeXKCnAcfOpq-z3GVWT5S9Ag3EkwQo_Hb4TUu1-fcCqhzK-htaqWIGwjlS7iZ694j4vGl9ID0nL3StLgR92s6ZzjufW92_mEL4lHvKwOmWFjCOLFUiP1Sr8lgTffSneq3hSFA3V9JOOodSgk6YJv7qQ5EkFJqOONuqrqXzB51Zj7U6tCFN35Q_w2gQZgBXWDlrIA1zMuuFo-7ybB-_5TX27hwyFc82B6AqOO8aCTHF6od2R9iN-X7EqiW3ds2Aw4rszQDQbR5nBdsPytngeJgt110YwVeUoKX-_m9w4l6n79vL19XY0JG5WpqNLLq2doVa6vOwfDVTTSp-JzPMbw1FoIFetkm-2Qenpmj6bYitRoHYbwYo2gz29eFF70vWiSPYcoCozzQd0Uc3ay17PzynxY7s3VMDlp83krsQQsTBrs2m0sTtx7RCD2MGCK7NdjHhCYCHtyuRpd0p90sqkHK6HVYPEZRk5z31PaDmwomF_psTKnY5v9eh1EDNk8bFdezDflIefvrMfbpL0RZGHyokimS2Bp3ZdxvglTnJsdFNv7GX5vnPApq0ItoOsJ4uHY6LWA7VgouyG0G8Je4JHYpnwbyTT5W6SdWXuk3EqFOZ0GJ_obQZysHgJ2W08_DTTpR06B-MGtKK-ij7cq3Y4EiaERKUf6dwROqL1cWYa5Eeqeslq1hKQZCDTzJYsolJI87lGMkAKnit7OItKOjJ-br4an0cyTbwo5T94hmgINxJNYns9CQR-4IlHvJ_szoNcap85FP5Em93UaQuofvpyWjFFHhoxKflE_Gth8_dZoFi1IlK6YzMfTsJxS2zunW5isoOJLdCCTXkQwghS_RZWOIXbPfFNWkeGNBetOAvWYRbXq1ds7WhZzzI-R5maj0kymk5CotPhO4jT945sPsVgJwV76K2IRbg9ihbwgVgIB0QA0WsJmdMVYlxj9T2SdaAtS2BJf9PYr2ECk3m5qjQopXYmRBvqDQ7Hfj0x8UQ8=&im=1&abvar=0&febuild=1.0.147&os=0&pload=269
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerBuypass AS-983163327
Subject
FingerprintED:B9:EC:CE:41:67:3E:5C:94:1B:96:F4:D1:B9:7B:F3:39:50:35:EE
ValidityWed, 31 May 2023 12:01:56 GMT - Sun, 26 Nov 2023 22:59:00 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1841674&pb=14c0d85a076fe77a2efd8e3a8f279ad71694901541&psp=VpaoJnQvHKBFwUb2utIgK9_E3W_VKvc97jGKkNVtIclDXp3ITPZkIiieHdtCF0RrmWTzDac1HrGI47xLJibXFt6tMOEag1A5NjsEyUCWItP1pbH6Lw5KRqOHoQ_CdsWlhwCmg2kblhxYC_Z88FUIjPGplmyC8oLC6Y1rDwSocqagkYqRQVnPfRHEL73vtLbV810h_iw_OuiNMwTq_VmLSeXKCnAcfOpq-z3GVWT5S9Ag3EkwQo_Hb4TUu1-fcCqhzK-htaqWIGwjlS7iZ694j4vGl9ID0nL3StLgR92s6ZzjufW92_mEL4lHvKwOmWFjCOLFUiP1Sr8lgTffSneq3hSFA3V9JOOodSgk6YJv7qQ5EkFJqOONuqrqXzB51Zj7U6tCFN35Q_w2gQZgBXWDlrIA1zMuuFo-7ybB-_5TX27hwyFc82B6AqOO8aCTHF6od2R9iN-X7EqiW3ds2Aw4rszQDQbR5nBdsPytngeJgt110YwVeUoKX-_m9w4l6n79vL19XY0JG5WpqNLLq2doVa6vOwfDVTTSp-JzPMbw1FoIFetkm-2Qenpmj6bYitRoHYbwYo2gz29eFF70vWiSPYcoCozzQd0Uc3ay17PzynxY7s3VMDlp83krsQQsTBrs2m0sTtx7RCD2MGCK7NdjHhCYCHtyuRpd0p90sqkHK6HVYPEZRk5z31PaDmwomF_psTKnY5v9eh1EDNk8bFdezDflIefvrMfbpL0RZGHyokimS2Bp3ZdxvglTnJsdFNv7GX5vnPApq0ItoOsJ4uHY6LWA7VgouyG0G8Je4JHYpnwbyTT5W6SdWXuk3EqFOZ0GJ_obQZysHgJ2W08_DTTpR06B-MGtKK-ij7cq3Y4EiaERKUf6dwROqL1cWYa5Eeqeslq1hKQZCDTzJYsolJI87lGMkAKnit7OItKOjJ-br4an0cyTbwo5T94hmgINxJNYns9CQR-4IlHvJ_szoNcap85FP5Em93UaQuofvpyWjFFHhoxKflE_Gth8_dZoFi1IlK6YzMfTsJxS2zunW5isoOJLdCCTXkQwghS_RZWOIXbPfFNWkeGNBetOAvWYRbXq1ds7WhZzzI-R5maj0kymk5CotPhO4jT945sPsVgJwV76K2IRbg9ihbwgVgIB0QA0WsJmdMVYlxj9T2SdaAtS2BJf9PYr2ECk3m5qjQopXYmRBvqDQ7Hfj0x8UQ8=&im=1&abvar=0&febuild=1.0.147&os=0&pload=269 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=230916145924587dad547d4775b97cdd73d5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 16 Sep 2023 19:59:02 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET i.wlicdn.com/064/1d7/33b/d2810ea0e90541fdca4a9cc716cdc69e_thumb_medium.jpg
200 OK 7.9 kB URL GET HTTP/2 i.wlicdn.com/064/1d7/33b/d2810ea0e90541fdca4a9cc716cdc69e_thumb_medium.jpg
IP
ASN #209242 Cloudflare London, LLC
Requested by https://bngdyn.com/promo.php?c=629199&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=100&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=none&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=custom&db%5Bmpad%5D=19&db%5Bmwidth%5D=120&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23EEEEEE&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0&db%5Bchat%5D=0
Certificate IssuerLet's Encrypt
Subjecti.wlicdn.com
Fingerprint24:DE:AA:3F:96:BD:5F:10:1E:98:AD:DA:0D:B1:DB:E0:0B:E7:90:20
ValidityThu, 31 Aug 2023 08:31:30 GMT - Wed, 29 Nov 2023 08:31:29 GMT
File type JPEG image data, progressive, precision 8, 232x174, components 3\012- data
Hash 00a1776037e35b0744020ef09a2929f0
8231e1b7ce9b30b5d8a7000424037cc179f0b7eb
df60779808bda386819f1cfef4e797218914ba31b712eb7966ef139591f8163d
GET /064/1d7/33b/d2810ea0e90541fdca4a9cc716cdc69e_thumb_medium.jpg HTTP/1.1
Host: i.wlicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bngdyn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 16 Sep 2023 19:59:02 GMT
content-type: image/jpeg
content-length: 7892
cf-bgj: h2pri
access-control-allow-origin: *
cache-control: max-age=2592000
etag: "64b252c3-1ed4"
expires: Sat, 30 Sep 2023 14:58:38 GMT
last-modified: Sat, 15 Jul 2023 08:03:15 GMT
x-o3-p6: EXPIRED
cf-cache-status: HIT
age: 97667
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 807bb008a93ab4ff-OSL
X-Firefox-Spdy: h2
GET dood.yt/sw.js
200 OK 101 kB IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerGoogle Trust Services LLC
Subjectdood.yt
Fingerprint78:FC:96:CF:41:7A:7F:5B:E2:2F:F3:C8:5D:ED:CB:40:0D:87:BA:5E
ValidityWed, 13 Sep 2023 00:54:45 GMT - Tue, 12 Dec 2023 00:54:44 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 101 kB (100789 bytes)
Hash a3b19e0f1a400f3ba23056585d6b302b
479d1a856952c570a0f09065a95ea6b7bacb3548
1a38fa21b9f532624acc45112374c352cb1170099c76eea2b17a8a081dae3ac8
GET /sw.js HTTP/1.1
Host: dood.yt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/d/tko6r5f4vaj8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 16 Sep 2023 19:59:01 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=102634
access-control-allow-origin: *
cache-control: public, max-age=2592000
expires: Sun, 04 Aug 2024 05:36:42 GMT
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 2370481
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYKE3jkyU5Wejjzgs%2BK3Gg03gs88YIHk77IERRMXUmctz%2BHpGOij5%2Bb3G2RXbG5IoZOnjzodUYY2xmwiFOrcseoaN79uelZykcJ2A7FEAHgqdxxxo%2FZAXWk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 807bb0016d34b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET pringed.space/ZDVjVmIfFxAhPRFHD3RYRl0XIhIXD0x5BgtaB3gbEBoQIUwORkF6QBdYBXRYVRlBJQ8SF1l0VkoFQXpAEFQECQsAF1l0W1YDW2RSRhlBJRcGagoyUEYPQTBXAARaZVUGGFFlBgYYVzcEVxhaMFNUGFJiBlQDWmZVBQMBZEAZ
200 OK 57 kB URL GET HTTP/2 pringed.space/ZDVjVmIfFxAhPRFHD3RYRl0XIhIXD0x5BgtaB3gbEBoQIUwORkF6QBdYBXRYVRlBJQ8SF1l0VkoFQXpAEFQECQsAF1l0W1YDW2RSRhlBJRcGagoyUEYPQTBXAARaZVUGGFFlBgYYVzcEVxhaMFNUGFJiBlQDWmZVBQMBZEAZ
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerLet's Encrypt
Subjectpringed.space
FingerprintA0:61:B7:91:DD:B7:21:4B:96:DC:2B:09:35:79:66:6F:F9:20:75:97
ValidityFri, 18 Aug 2023 04:57:30 GMT - Thu, 16 Nov 2023 04:57:29 GMT
File type ASCII text, with very long lines (56951), with no line terminators
Hash 6ce719c99319a49cc2da76417c5d6614
366a7fc5772ef1c2ffa37631965c30a395c82329
6bc7813e32dd58d1d01ba5dada6ef3304cac911c763d2581b8f1f17e10fdc9b0
GET /ZDVjVmIfFxAhPRFHD3RYRl0XIhIXD0x5BgtaB3gbEBoQIUwORkF6QBdYBXRYVRlBJQ8SF1l0VkoFQXpAEFQECQsAF1l0W1YDW2RSRhlBJRcGagoyUEYPQTBXAARaZVUGGFFlBgYYVzcEVxhaMFNUGFJiBlQDWmZVBQMBZEAZ HTTP/1.1
Host: pringed.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: 113382618aec151d97e656bf8cdb2b76=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"de77-Nmp/xXcu8cL/o3Yxllwwo5XIIyk"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
GET i.doodcdn.co/theme_2/fonts/avertastd-regular-webfont.woff2
200 OK 24 kB URL GET HTTP/3 i.doodcdn.co/theme_2/fonts/avertastd-regular-webfont.woff2
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint95:79:36:28:82:A7:27:27:28:6B:8B:F8:02:2B:6E:BE:EC:06:A5:C3
ValiditySun, 12 Feb 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 23812, version 1.524\012- data
Hash eb586e5a1b86dbf1c866e3ed80f9d18e
280ee78d19c017ab9335f769595e5157d3c4a343
714e70103deac0d67f52a6285c5fabee6088ce4d710ce7e74353503837038baf
GET /theme_2/fonts/avertastd-regular-webfont.woff2 HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dood.yt
DNT: 1
Connection: keep-alive
Referer: https://i.doodcdn.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 16 Sep 2023 19:59:01 GMT
content-type: font/woff2
content-length: 23812
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
cache-control: max-age=2592000
expires: Sun, 15 Oct 2023 20:23:52 GMT
vary: User-Agent,Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81753
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYv%2FBqq1dVRtrn8SdvdyJkX5V8RGxcnEukeNjEKMJyWJRtGIgqoaCPvDqNDbfkGerUCl%2BT5pDYEglhxoBYXE0NTcaokEh84HYs7vcwRcYih%2FdHJN0Z9n4LZchOXN3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 807bb0045fd20b02-OSL
alt-svc: h3=":443"; ma=86400
GET cdn.itskiddien.club/apu.php?zoneid=6220023
200 OK 84 kB URL GET HTTP/2 cdn.itskiddien.club/apu.php?zoneid=6220023
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerLet's Encrypt
Subjectitskiddien.club
Fingerprint8D:B5:DA:15:12:BC:AA:BE:FD:76:AC:FF:10:B2:9D:BD:A7:94:51:0C
ValiditySun, 27 Aug 2023 06:43:43 GMT - Sat, 25 Nov 2023 06:43:42 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1dfe21b597ea38eebe7672f51e6eaedd
e041a29ed3d53a05ee6bb6336d9207122f445eaf
3e1ca53b56826fcbe8ded51cc3eb9e8d2461d31849711b9210666ebbb89f4d49
GET /apu.php?zoneid=6220023 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 16 Sep 2023 19:59:02 GMT
content-type: application/javascript
x-trace-id: 408dbd28138c4bd79e161dd2aa76f9a9
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=80ba2013e2514307b2ce78ae62066e3e; expires=Sun, 15 Sep 2024 19:59:02 GMT; path=/; secure; SameSite=None
oaidts=1694894342; expires=Sun, 15 Sep 2024 19:59:02 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
POST dood.yt/cdn-cgi/challenge-platform/h/b/jsd/r/807baffddbd856aa
200 OK 0 B URL POST HTTP/3 dood.yt/cdn-cgi/challenge-platform/h/b/jsd/r/807baffddbd856aa
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerGoogle Trust Services LLC
Subjectdood.yt
Fingerprint78:FC:96:CF:41:7A:7F:5B:E2:2F:F3:C8:5D:ED:CB:40:0D:87:BA:5E
ValidityWed, 13 Sep 2023 00:54:45 GMT - Tue, 12 Dec 2023 00:54:44 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/challenge-platform/h/b/jsd/r/807baffddbd856aa HTTP/1.1
Host: dood.yt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12185
Origin: https://dood.yt
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/d/tko6r5f4vaj8
Cookie: dref_url=none; lang=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 16 Sep 2023 19:59:02 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=wScRXmp3ItlXiLm5RysVSA9x1GPmaoR5Y5kYPaUEFKo-1694894342-0-1-69b0ef05.6b0d8b6b.438cce4a-0.2.1694894342; path=/; expires=Sun, 15-Sep-24 19:59:02 GMT; domain=.dood.yt; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKQTEZv8J3jQHB2wx0y4GnGLojcyzsuFTQjIxyZHx6RXFs3JERN1HjZevf6hRruy%2FqiyjEYkLo%2FcbD8LVsOnVYX3lDFe47zQaOlEaE%2B%2FvKSK1vQnOgHRDNI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 807bb007ca93b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET i.bngprm.com/dynamic_banner/jquery.tools.min.js
200 OK 138 kB URL GET HTTP/2 i.bngprm.com/dynamic_banner/jquery.tools.min.js
IP
Requested by https://bngdyn.com/promo.php?c=629199&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=100&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=none&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=custom&db%5Bmpad%5D=19&db%5Bmwidth%5D=120&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23EEEEEE&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0&db%5Bchat%5D=0
Certificate IssuerGoGetSSL
Subjecti.bngprm.com
Fingerprint0E:0B:EE:89:64:0D:F4:D8:82:85:C8:53:77:C4:1F:03:11:1B:33:60
ValidityMon, 07 Nov 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
Size 138 kB (137840 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dynamic_banner/jquery.tools.min.js HTTP/1.1
Host: i.bngprm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bngdyn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 16 Sep 2023 19:59:03 GMT
content-type: application/x-javascript
last-modified: Fri, 31 May 2019 10:15:17 GMT
expires: Fri, 30 Dec 2022 23:15:50 GMT
cache-control: max-age=2592000
content-encoding: gzip
vary: Accept-Encoding
x-cdn-diag: ams5-7740-1-11758-h-0-0---;7028-26-14247----0-0-1
X-Firefox-Spdy: h2
GET dood.yt/d/tko6r5f4vaj8
200 OK 6.1 kB URL User Request GET HTTP/2 IP
Certificate IssuerGoogle Trust Services LLC
Subjectdood.yt
Fingerprint78:FC:96:CF:41:7A:7F:5B:E2:2F:F3:C8:5D:ED:CB:40:0D:87:BA:5E
ValidityWed, 13 Sep 2023 00:54:45 GMT - Tue, 12 Dec 2023 00:54:44 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6344), with no line terminators
Hash 221e618bb806d08207505dbd9dbd826b
18a16353409c7f0d8219ca5021a7f3a5f08dd8d2
d76546230c09fc0b9dfa02c7a6dd9569b655b530b77776962b814e4bd0c4e939
GET /d/tko6r5f4vaj8 HTTP/1.1
Host: dood.yt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 16 Sep 2023 19:59:00 GMT
content-type: text/html; charset=UTF-8
expires: Fri, 15 Sep 2023 19:59:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6B6PjR6nYrDOcLE%2FvyZWU9GQq0HO8P%2F7HK6OTIune3qkCuyYPDRUXMO10FQA1BiMq5t2VGv5B65Kwls19aK9kHwZld7iiI3u08pCKet69sDY7L8s0nLibUA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 807baffddbd856aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET my.rtmark.net/gid.js?userId=80ba2013e2514307b2ce78ae62066e3e
200 OK 65 B URL GET HTTP/2 my.rtmark.net/gid.js?userId=80ba2013e2514307b2ce78ae62066e3e
IP
Requested by https://dood.yt/d/tko6r5f4vaj8
Certificate IssuerLet's Encrypt
Subjectrtmark.net
FingerprintB4:02:64:AF:5C:AB:27:5B:1B:80:CF:C8:FF:EB:BF:43:29:C3:C5:C1
ValidityTue, 25 Jul 2023 06:29:27 GMT - Mon, 23 Oct 2023 06:29:26 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash aa2dc68e1d10c21ab69855a54df4cb16
cf7075ee76147679225fa37af8f0f68139857224
dbd505f3929d2dccaa6846f8a5464bf9568f9162d50f05e9f54b391f0beafa67
GET /gid.js?userId=80ba2013e2514307b2ce78ae62066e3e HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.yt
DNT: 1
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 16 Sep 2023 19:59:03 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://dood.yt
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=80ba2013e2514307b2ce78ae62066e3e; expires=Sun, 15 Sep 2024 19:59:03 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
GET db.bngpt.com/stream_Theodoraa.mp4
206 Partial Content 33 kB URL GET HTTP/2 db.bngpt.com/stream_Theodoraa.mp4
IP
Requested by https://bngdyn.com/promo.php?c=629199&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=100&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=none&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=custom&db%5Bmpad%5D=19&db%5Bmwidth%5D=120&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23EEEEEE&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0&db%5Bchat%5D=0
Certificate IssuerGoGetSSL
Subjectdb.bngpt.com
FingerprintD5:70:94:8D:03:7A:07:89:EC:46:F4:04:A2:B5:DF:5D:86:C4:5D:8D
ValidityThu, 06 Apr 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 2c372d1b5e21bec4a70264c7a79a10c4
238105ce43ab1c67e85e90f14069aee1b2e500b6
b174269c1fc7ecb399d0bfa25273528579de551b9ec41b73a25a3d70fd62b518
GET /stream_Theodoraa.mp4 HTTP/1.1
Host: db.bngpt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://bngdyn.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
date: Sat, 16 Sep 2023 19:59:03 GMT
content-type: video/mp4
content-length: 42433
last-modified: Fri, 15 Sep 2023 11:06:16 GMT
etag: "65043aa8-a5c1"
expires: Fri, 15 Sep 2023 23:46:47 GMT
cache-control: max-age=21600
x-circle-268: HIT
content-range: bytes 0-42432/42433
x-cdn-diag: ams5-6139-2-9302-h-0-0---;7619-26-44767----0-0-0
X-Firefox-Spdy: h2
GET i.doodcdn.com/theme_2/img/loader.svg
301 Moved Permanently 694 B URL GET HTTP/2 i.doodcdn.com/theme_2/img/loader.svg
IP
Requested by https://dood.yt/e/tko6r5f4vaj8
Certificate IssuerGoogle Trust Services LLC
Subjectdoodcdn.com
FingerprintA5:72:B1:AC:76:C5:70:98:7F:AE:49:07:5B:72:E9:3B:FC:4E:0F:B8
ValidityWed, 16 Aug 2023 09:35:51 GMT - Tue, 14 Nov 2023 09:35:50 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /theme_2/img/loader.svg HTTP/1.1
Host: i.doodcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://i.doodcdn.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Sat, 16 Sep 2023 19:59:02 GMT
location: https://i.doodcdn.co/theme_2/img/loader.svg
cache-control: max-age=3600
expires: Sat, 16 Sep 2023 20:59:02 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GL2OSAq1OCK1N%2BnSs5rxsucoGK9RDoetH2Ay5hj32C7f1bwJ6Pfk6m2FYrceYFEfGzD8CfcvP6145tFwbjRXsAivVfXnC%2BRGtfgHd%2B5BVAfEnf6qaZmMpDiLpGUR0Q%2BJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 807bb00a0ac40b69-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
172.67.71.205
139.45.197.236
23.33.119.65
62.122.171.6
104.21.35.62
185.76.9.25
18.195.190.179
195.85.23.30