urlscan.io logo urlscan.io
SecurityTrails logo

do0od.com Open in urlscan Pro
2606:4700:20::681a:fae  Public Scan

Go To Rescan Add Verdict Report
URL: https://do0od.com/e/tf5j903go600
Submission: On January 16 via manual — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 3 countries across 24 domains to perform 54 HTTP transactions. The main IP is 2606:4700:20::681a:fae, located in United States and belongs to CLOUDFLARENET, US. The main domain is do0od.com.
TLS certificate: Issued by GTS CA 1P5 on December 26th 2023. Valid for: 3 months.
This is the only time do0od.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
10 2606:4700:20:... 13335 (CLOUDFLAR...)
2 8.252.161.249 3356 (LEVEL3)
3 2600:9000:20e... 16509 (AMAZON-02)
4 162.252.21.37 15317 (SERVEREL-AS)
2 192.243.61.225 39572 (ADVANCEDH...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 51.210.111.151 16276 (OVH)
2 172.67.220.203 13335 (CLOUDFLAR...)
2 99.86.229.28 16509 (AMAZON-02)
1 18.165.98.127 16509 (AMAZON-02)
3 172.67.185.238 13335 (CLOUDFLAR...)
1 2a03:2880:f10... 32934 (FACEBOOK)
4 6 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 184.73.30.186 14618 (AMAZON-AES)
4 192.243.61.227 39572 (ADVANCEDH...)
1 2a02:b48:8301::3 39572 (ADVANCEDH...)
6 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
54 23
2    2606:4700:20::681a:fae (United States)

ASN13335 (CLOUDFLARENET, US)
do0od.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
10    2606:4700:20::681a:74a (United States)

ASN13335 (CLOUDFLARENET, US)
i.doodcdn.co
img.doodcdn.co
2    8.252.161.249 (United States)

ASN3356 (LEVEL3, US)
cdn.tsyndicate.com
3    2600:9000:20ed:4200:12:8107:3100:21 (United States)

ASN16509 (AMAZON-02, US)
d3eub2e21dc6h0.cloudfront.net
4    162.252.21.37 (United States)

ASN15317 (SERVEREL-AS, US)
PTR: 162.252.21.37.serverel.net
ku42hjr2e.com
limurol.com
2    192.243.61.225 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
forfeitsubscribe.com
unseenreport.com
3    2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700:3031::6815:22d2 (United States)

ASN13335 (CLOUDFLARENET, US)
i.doodcdn.com
1    51.210.111.151 (France)

ASN16276 (OVH, FR)
PTR: vps-2dda20ec.vps.ovh.net
ce728wo.video-delivery.net
2    172.67.220.203 (United States)

ASN13335 (CLOUDFLARENET, US)
pogothere.xyz
2    99.86.229.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-229-28.iad79.r.cloudfront.net
orgotitedu.info
1    18.165.98.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-98-127.iad55.r.cloudfront.net
ioniamcurr.info
3    172.67.185.238 (United States)

ASN13335 (CLOUDFLARENET, US)
xukpresesmr.info
1    2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    2607:f8b0:4004:c09::54 (Ashburn, United States)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2606:4700:3038::6815:ea20 (United States)

ASN13335 (CLOUDFLARENET, US)
friendshipmale.com
1    184.73.30.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-30-186.compute-1.amazonaws.com
proftrafficcounter.com
4    192.243.61.227 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
expertiseresemblefood.com
1    2a02:b48:8301::3 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
cdn.barscreative1.com
6    2606:4700:e2::ac40:8203 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.creative-bars1.com
1    2607:f8b0:4004:c17::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
Apex Domain
Subdomains		 Transfer
10 doodcdn.co
i.doodcdn.co — Cisco Umbrella Rank: 34883
img.doodcdn.co — Cisco Umbrella Rank: 34480
566 KB
6 creative-bars1.com
cdn.creative-bars1.com — Cisco Umbrella Rank: 27267
58 KB
6 google.com
accounts.google.com — Cisco Umbrella Rank: 23
3 KB
4 expertiseresemblefood.com
expertiseresemblefood.com — Cisco Umbrella Rank: 89390
7 KB
3 xukpresesmr.info
xukpresesmr.info
1 KB
3 gstatic.com
www.gstatic.com
29 KB
3 ku42hjr2e.com
ku42hjr2e.com — Cisco Umbrella Rank: 28469
37 KB
3 cloudfront.net
d3eub2e21dc6h0.cloudfront.net
70 KB
2 orgotitedu.info
orgotitedu.info — Cisco Umbrella Rank: 38271
2 KB
2 pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 31844
101 KB
2 tsyndicate.com
cdn.tsyndicate.com — Cisco Umbrella Rank: 14738
38 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
29 KB
2 do0od.com
do0od.com
49 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
1 KB
1 unseenreport.com
unseenreport.com — Cisco Umbrella Rank: 21727
425 B
1 barscreative1.com
cdn.barscreative1.com — Cisco Umbrella Rank: 31692
1 KB
1 limurol.com
limurol.com — Cisco Umbrella Rank: 22835
600 B
1 proftrafficcounter.com
proftrafficcounter.com — Cisco Umbrella Rank: 15666
296 B
1 friendshipmale.com
friendshipmale.com — Cisco Umbrella Rank: 18684
27 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
1 ioniamcurr.info
ioniamcurr.info
2 KB
1 video-delivery.net
ce728wo.video-delivery.net
15 KB
1 doodcdn.com
i.doodcdn.com — Cisco Umbrella Rank: 40684
459 B
1 forfeitsubscribe.com
forfeitsubscribe.com — Cisco Umbrella Rank: 53585
14 KB
54 24
Domain Requested by
8 i.doodcdn.co do0od.com
i.doodcdn.co
6 cdn.creative-bars1.com forfeitsubscribe.com
6 accounts.google.com 4 redirects do0od.com
4 expertiseresemblefood.com forfeitsubscribe.com
do0od.com
3 xukpresesmr.info do0od.com
3 www.gstatic.com do0od.com
www.gstatic.com
3 ku42hjr2e.com do0od.com
ku42hjr2e.com
3 d3eub2e21dc6h0.cloudfront.net do0od.com
orgotitedu.info
ioniamcurr.info
2 orgotitedu.info d3eub2e21dc6h0.cloudfront.net
2 pogothere.xyz d3eub2e21dc6h0.cloudfront.net
2 cdn.tsyndicate.com do0od.com
cdn.tsyndicate.com
2 img.doodcdn.co do0od.com
cdnjs.cloudflare.com
2 cdnjs.cloudflare.com do0od.com
2 do0od.com cdnjs.cloudflare.com
1 fonts.googleapis.com forfeitsubscribe.com
1 unseenreport.com
1 cdn.barscreative1.com forfeitsubscribe.com
1 limurol.com ku42hjr2e.com
1 proftrafficcounter.com forfeitsubscribe.com
1 friendshipmale.com forfeitsubscribe.com
1 www.facebook.com do0od.com
1 ioniamcurr.info d3eub2e21dc6h0.cloudfront.net
1 ce728wo.video-delivery.net text
1 i.doodcdn.com 1 redirects
1 forfeitsubscribe.com do0od.com
54 25

This site contains links to these domains. Also see Links.

Domain
doodstream.com
Subject Issuer Validity Valid
do0od.com
GTS CA 1P5		 2023-12-26 -
2024-03-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
doodcdn.co
Cloudflare Inc ECC CA-3		 2024-01-12 -
2024-12-31		 a year crt.sh
cdn.tsyndicate.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-14 -
2024-07-14		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh

Buypass Class 2 CA 5		 2024-01-09 -
2024-07-06		 6 months crt.sh
forfeitsubscribe.com
R3		 2023-11-28 -
2024-02-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.video-delivery.net
Sectigo RSA Domain Validation Secure Server CA		 2023-08-07 -
2024-08-07		 a year crt.sh
orgotitedu.info
Amazon RSA 2048 M02		 2023-10-12 -
2024-11-10		 a year crt.sh
ioniamcurr.info
Amazon RSA 2048 M03		 2024-01-04 -
2025-02-01		 a year crt.sh
xukpresesmr.info
GTS CA 1P5		 2024-01-02 -
2024-04-01		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-25 -
2024-01-23		 3 months crt.sh
proftrafficcounter.com
Amazon RSA 2048 M02		 2023-11-21 -
2024-12-19		 a year crt.sh
expertiseresemblefood.com
R3		 2024-01-05 -
2024-04-04		 3 months crt.sh
cdn.barscreative1.com
R3		 2024-01-10 -
2024-04-09		 3 months crt.sh
*.unseenreport.com
R3		 2023-11-22 -
2024-02-20		 3 months crt.sh
creative-bars1.com
GTS CA 1P5		 2023-12-19 -
2024-03-18		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://do0od.com/e/tf5j903go600
Frame ID: 08B8ED5993A47F58C3EA7C7A018B6C26
Requests: 48 HTTP requests in this frame

Frame: data://truncated
Frame ID: 231EB3DE6A2849BFF8F8D3D73B6CCFEC
Requests: 2 HTTP requests in this frame

Frame: https://orgotitedu.info/Q2hnOXQiCgRUSyJVBR8BMQRaHEYFTVV/EHANEltGJlpWXRd1AFcXFy8HEl0SMQcJTVotDRMcRgU+Bgo+OjoMcD0LOhBeEhFQBX8aNxIwCT4EDAlvLRUqAAg4Ej0kbQ0vXiptFzstM149ER8yezYCMVZvMApcIwlNJQ4KaDwGEBBREnNYP3E3FU1VfyMvOTNwHQE/NVUlOiUAaC4XEj5APBEpMmkwFgshe0EkJhBJJAsRDA01K1wCc0YnMil8ECwLDAw1EgVTCDUrHzByIBYxMQk2cSQlACwSID1DI3IQJGBHBhgxCTZxJjZwFxEgLVcjByo/XTwKPDV8WRkePQgYAC0dYA0BEAR/PTopJn4DGQIEekULOT9/BxQtNWEQCyIjfiYsEStOEBs5Jm8aFD0uXDg6AyhvRAFaLWhAES80VQYXAyV6PhAHPXEmewI9CB9zOVRrDRE9LVoXCyI0akU7WAQIRRs5L2AMAAA2bToAHChoMBESBG8MIDk/ex8LA159UikbCFcEfgdfYzEAPx1aQTQvIVQz
Frame ID: 18CA4795516F7EDC3E0510EB889491D0
Requests: 2 HTTP requests in this frame

Frame: https://ioniamcurr.info/V2hLb3E2CigCTjZVKUkEJQR2SkMRTXkpFWQNPg1DMlp6CxJhAHtBEjsHPgsXJQclG185DT9KQxEDKl4ZHQ0cOjgZESgJJj9QMyMkBT0cXRluOx0lFzEBBiQyMD0kCzIgAgg7NBwmGioAGAF7GSAvUCIjJAUhHlxFOy8KHDwNP3MMMiAAJwo3by0PFQFnPB4iFBgwGjoyPy0zJSMCLR8CHgc8DhsTMTA/JSUFHzMlCWcjAywFJDt6OjcbLzMjJwEYJDVBOykcLQEkO3o6Eho7Lz8kAl05LEAvMBwWM3JaDTskLycqARoOLhkcQRspfy4yAyUsKyQVMgMBXC8jHgQnJQ56FykAWwoGNAUtDCE2LyQBBEQmDRk6PBYsehwiZj0GPyI4OwgEO24NewQ2FhEkAjcWKgQOFm4hHV4FZQ0dCyUAWg0YJ2YMKg0cLyQdPRZiJDMIKRYGelghZioSDUMzIx5fQSMMDghXPRskAQFqPQ0NGBQkLy4TMz4
Frame ID: E45DE8EA97FB59B97DC73695A0EF142A
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
Frame ID: F2DB7BD274211CB2E2B9148C4656692E
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HOT51 CUPII ML 2024-01-10 - DoodStream

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

54
Requests

94 %
HTTPS

55 %
IPv6

24
Domains

25
Subdomains

23
IPs

3
Countries

1048 kB
Transfer

1725 kB
Size

24
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://i.doodcdn.com/theme_2/img/loader.svg HTTP 301
  • https://i.doodcdn.co/theme_2/img/loader.svg
Request Chain 32
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp1OxQKErUeufUQU8eSaGVwytKkkrX8nFbx5Jd9JxDdlP_sG5geKmhlJ59Sy9mJtGYD1IFxtvA HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1_2u1_xPZj-mh-YZcz0j_B6Zf31Kok--AMpbp-ADMoiRCQ4dcfI3jk_pmS4RoKkCh8S6aSjQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-452600218%3A1705369498464613&theme=glif
Request Chain 33
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp3y7ccz747mWapGNt4b2d-YVmjbX0eMYQQ9Oz1uV1Eo4lcDAEBfWVQwFHZJca9LuFtXBp15tA HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp01elEU3uF-Ay2zKae-5I8nYyUxje1e7xElt7R9626KbF_SFVN3EwmXdlijr6zn-ylBVa9EFQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-150472060%3A1705369498482552&theme=glif

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request tf5j903go600
do0od.com/e/ 		128 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://do0od.com/e/tf5j903go600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
994e3e3eb20ac07cc31da580ecf4c774f9e29d13b4581e77dee9a09b357835a1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8462ad0e3a8438e3-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 16 Jan 2024 01:44:54 GMT
expires
Mon, 15 Jan 2024 01:44:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2yHoJPQvAfHMUPy3rODoDKDXRSiX7%2BqyNbJwNf7gyH0I4VA9xmOyLmbob%2FN0Pn1RGlFysewOz9%2FksDVBFg5QIqrXX4QMhcLULZx%2BBj8S%2BndGvpyw3VNx%2BLNTUYKjGBCT8%2Blfbq1IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: do0od.com
URL: https://do0od.com/e/tf5j903go600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4038882
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27958
last-modified
Mon, 04 May 2020 23:01:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb09ed3-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgDlgzACqPeewzOFKzVKVTNPgybUwJpufU7UUGKGtuZd0QbpRldITc%2Fp6YNOdBPPS9rq1fbwZ3YJH4AmOUD%2B0EbK4JRbmo9dSO2Al%2FhhSHKIn8ONtTEFPeToc%2FNVW9XfNYPxvqPKpQZyAH5M7mCMuD3g"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8462ad137e447118-YYZ
expires
Sun, 05 Jan 2025 01:44:55 GMT
jquery.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
Requested by
Host: do0od.com
URL: https://do0od.com/e/tf5j903go600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1690844
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
591
last-modified
Mon, 04 May 2020 16:11:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec1-514"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EjjWyoWWv8GwoSvo62s8%2FbhP0HeAlYnwOAXJQ4n5ZiG4TR7qzjqiPqilpA6AmSPwOLgi%2Bcmp%2FgV65FiuKm%2FNj8cP7ce22Wy6xz6CW3OzMOhCBQKYKBBmqkNolanJd1TMGlBGPfCuTxcmZWm99zjWiQxz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8462ad137e487118-YYZ
expires
Sun, 05 Jan 2025 01:44:55 GMT
ad.js
i.doodcdn.co/ads/ 		18 B
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.doodcdn.co/ads/ad.js
Requested by
Host: do0od.com
URL: https://do0od.com/e/tf5j903go600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:74a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3716878d3ceb2042b22c092b31c6f43cc862f8464e92ddde416a49624b32716e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
67420
cf-polished
origSize=20
alt-svc
h3=":443"; ma=86400
content-length
18
cf-bgj
minify
last-modified
Mon, 03 Jan 2022 15:38:36 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBnFUdezJMk1O%2B10LR%2FbVH7QIREGfK%2B0mfcww6HTWY556A%2F3r5JBmPxx13swHeFOiCg%2FOv19x9ByBm4ZmTMnBl%2BNTi0jUeTNZSkGxe8JgGf0R2OEa2B07VEL4kRNkxNTTJucK4cfCSSH1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
8462ad13ad8ca241-YYZ
expires
Tue, 14 Jan 2025 02:30:19 GMT
no_video_3.svg
i.doodcdn.co/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.doodcdn.co/img/no_video_3.svg
Requested by
Host: do0od.com
URL: https://do0od.com/e/tf5j903go600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:74a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d6a17097a8c27edfaad6740e11359d9363f3f04bff1b93483e29c25609fa6c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
53433
alt-svc
h3=":443"; ma=86400
content-length
2812
last-modified
Mon, 03 Jan 2022 15:38:36 GMT
server
cloudflare
etag
"61d3187c-afc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FO63bCPWfeOkaX1NZVripKxDCHNIcPS4%2BwArNGiEPTyq4mOH6l0ciqLIt4seldM5y7vWSUbUBUxyK%2F%2B08jCQWOGCQgVkeWeswIc%2BuEP7BdRyUCFQ4o10v%2BuAjS6F9rORuzMn8Pi%2BkeU%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
8462ad13ad90a241-YYZ
expires
Wed, 14 Feb 2024 00:20:44 GMT
embed.css
i.doodcdn.co/css/ 		78 KB
78 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.doodcdn.co/css/embed.css
Requested by
Host: do0od.com
URL: https://do0od.com/e/tf5j903go600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:74a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d33d9d5fc2eef77dd7cda0770e9bc8213f058f2ead19b7d9b7ed731bcd081a47

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
68314
cf-polished
origSize=79890
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 03 Jan 2022 15:38:36 GMT
server
cloudflare
etag
W/"61d3187c-13812"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qUqsVkaXjjeXuEdGnoeijvt59qz5UhX2aMnJ4sP8v%2Fq6zyazZaR5plwA1LgUDMpPhPuNnAcuOn2fVu9ivBly%2BXTT4QTL0SJ2aMGD%2BpR0DNqLDJ6O1cgZCWHJtuUoRuPD5NY0pPm7uCIQag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-transform
cf-ray
8462ad13ad91a241-YYZ
expires
Tue, 13 Feb 2024 01:58:03 GMT
sspnngsexqfhsh1b.jpg
img.doodcdn.co/snaps/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.doodcdn.co/snaps/sspnngsexqfhsh1b.jpg
Requested by
Host: do0od.com
URL: https://do0od.com/e/tf5j903go600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:74a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a54ec8639452fe869c064913b7db5677afea5d407911e23fbf553834a39951f8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
46739
cf-polished
origSize=62850
alt-svc
h3=":443"; ma=86400
content-length
61390
cf-bgj
imgq:100,h2pri
last-modified
Sat, 13 Jan 2024 12:41:56 GMT
server
cloudflare
etag
"65a28514-f582"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ije%2FUUAFVMSNydl8rNACEaqAES2P2ks4tJ3pDs2GY7ZGirbKzQ0jIOiD4wKaY8gECLqY%2BizXcl2fBzMRcTzk5dNERta7E9ogk1bSknsLsdPPbE7M8v9XvEsm6qJZmZTHwQf7pzKI7gG3zv0g"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
8462ad152fd5a241-YYZ
expires
Mon, 29 Jan 2024 12:45:56 GMT
embed2.js
i.doodcdn.co/js/ 		331 KB
332 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.doodcdn.co/js/embed2.js
Requested by
Host: do0od.com
URL: https://do0od.com/e/tf5j903go600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:74a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01c49e02b98bc8a4275650b65787cdd100c362abc7e54e8b9e99396b6117c2c6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
58465
cf-polished
origSize=339527
alt-svc
h3=":443"; ma=86400
content-length
339271
cf-bgj
minify
last-modified
Mon, 03 Jan 2022 15:38:36 GMT
server
cloudflare
etag
"61d3187c-52e47"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X2qwVHnF1rxskFGDSaxM%2Bzr9AIXSh1nQPhuuAbp1vT2So05Zwdybal7EVwWjCFiisZtysDspa1xHCwNC1iUrEnNPy7G7D1c%2FuWeGi6O%2FNwsJYvTxzAOpNtShvvmubo9ugw%2BPRhNso4u7RQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
8462ad152fd4a241-YYZ
expires
Wed, 14 Feb 2024 05:58:42 GMT
p.js
cdn.tsyndicate.com/sdk/v1/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tsyndicate.com/sdk/v1/p.js
Requested by
Host: do0od.com
URL: https://do0od.com/e/tf5j903go600
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.161.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
311cba72a3181f33f1b4e39a56e15c5344b97bd82987f64cabd1ed1f2bd340e1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:56 GMT
content-encoding
gzip
last-modified
Mon, 30 Oct 2023 10:14:53 GMT
server
nginx
age
2902397
etag
W/"653f821d-256b"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
4524
/
d3eub2e21dc6h0.cloudfront.net/ 		205 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3eub2e21dc6h0.cloudfront.net/?ebued=1004073
Requested by
Host: do0od.com
URL: https://do0od.com/e/tf5j903go600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:4200:12:8107:3100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b481e948291b5c9265534527a726078aac0c1085487235b028d0fa308d5f9b6e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jan 2024 01:44:56 GMT
content-encoding
gzip
via
1.1 235099561ba63a2b7662a2b20d9ac036.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
69532
x-amz-cf-id
RIeMuDDiPYzUqYENUxghQdhm1gTD2JHOHMDtpRIUzJ5L9ast8O8BEA==
01a7fa3f.js
ku42hjr2e.com/aas/r45d/vki/1941940/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ku42hjr2e.com/aas/r45d/vki/1941940/01a7fa3f.js
Requested by
Host: do0od.com
URL: https://do0od.com/e/tf5j903go600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.252.21.37 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
162.252.21.37.serverel.net
Software
nginx /
Resource Hash
f9082bbccc0876a71c9b52d389785bcf667c242e4ce852772a0f997ac82a0763

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:56 GMT
content-encoding
gzip
last-modified
Thu, 11 Jan 2024 10:33:02 GMT
server
nginx
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
etag
W/"659fc3de-16574"
vary
Accept-Encoding
content-type
application/javascript
x-js-ab2
current
timing-allow-origin
*
6f0a93cda652e64b72651fd9588be3d4.js
forfeitsubscribe.com/6f/0a/93/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forfeitsubscribe.com/6f/0a/93/6f0a93cda652e64b72651fd9588be3d4.js
Requested by
Host: do0od.com
URL: https://do0od.com/e/tf5j903go600
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
52274a0fa18a3993c7d5771305031641a6cdee8a2e1c27720796a65503784d0e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Tue, 16 Jan 2024 01:44:56 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
X-Request-ID
bdf2138d05f549961a858d2400385439
Expires
Thu, 01 Jan 1970 00:00:01 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: do0od.com
URL: https://do0od.com/e/tf5j903go600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://do0od.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 16 Jan 2024 01:44:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 16 Jan 2024 01:44:56 GMT
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12197
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 23:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Tue, 16 Jan 2024 01:44:56 GMT
cast_sender.js
www.gstatic.com/eureka/clank/120/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/120/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 14:01:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42191
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 15:04:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 16 Jan 2024 14:01:45 GMT
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		633 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6280b025f54d1e117f8515da139cc3d7c64955a5342fd81498431578336dd08

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
nj8f73nery5ggzsaa13s5na1
do0od.com/pass_md5/138968405-0-0-1705369494-ea461b566ecf2752632479e44d8dc9f1/ 		107 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://do0od.com/pass_md5/138968405-0-0-1705369494-ea461b566ecf2752632479e44d8dc9f1/nj8f73nery5ggzsaa13s5na1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
581897bc0eb70a9cba52754e2407d9514345f457a74cba16d29cb1472d33907b

Request headers

Accept
*/*
Referer
https://do0od.com/e/tf5j903go600
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8egzSO5svwU1NHTMn77wOHsTmnGdfZ2d%2BVRCVgjgRIguDzJLTo%2BONHzVBRNGD5IRakmadbA7PbaAYD%2BnBVSzDsff8Gp8SNrff7TpRFpSJnNQbejXx47IMN1PlYMlgf3frhRFfRbsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
8462ad18ddc838e3-YYZ
sspnngsexqfhsh1b.jpg
img.doodcdn.co/snaps/ 		60 KB
60 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.doodcdn.co/snaps/sspnngsexqfhsh1b.jpg
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:74a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a54ec8639452fe869c064913b7db5677afea5d407911e23fbf553834a39951f8

Request headers

Accept
*/*
Referer
https://do0od.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44380
cf-polished
origSize=62850
alt-svc
h3=":443"; ma=86400
content-length
61390
cf-bgj
imgq:100,h2pri
last-modified
Sat, 13 Jan 2024 12:41:56 GMT
server
cloudflare
etag
"65a28514-f582"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=468b00Suks%2B2kSBbDQvY6PjKvKaHKShhBXqCjg7YhyCNmT1kofd7J4Za7ioRPUwfIjt1WgPHRhLpvhKIOsiY2caaUdSWIPmJd4aKRnztB6xA9GjvxqUBwU3ENN%2FCiDcI4RYXeArwJzqE9ymX"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
8462ad1aff265401-YYZ
expires
Mon, 29 Jan 2024 13:25:16 GMT
loader.svg
i.doodcdn.co/theme_2/img/
Redirect Chain
  • https://i.doodcdn.com/theme_2/img/loader.svg
  • https://i.doodcdn.co/theme_2/img/loader.svg
694 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.doodcdn.co/theme_2/img/loader.svg
Requested by
Host: i.doodcdn.co
URL: https://i.doodcdn.co/css/embed.css
Protocol
H3
Server
2606:4700:20::681a:74a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eec2c40d8b1bb98306990239204d8b90ca030f0def0e00dfe3117ae42991e126

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://i.doodcdn.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 03 Jan 2022 15:43:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
53263
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPgWlFrLlCvaQyKXikAcYPV3un3Rkh%2BtZsjwgMOmBCeKPoWb0Y3%2ByQCljWrjq%2FeULI80%2FYHfRFxCAyvAU3QcM9HkoFH8PhtY2KLAvT8kfUy4PcEri7w6zta1Y%2BziQCNa0ubqmNmBkcH61g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
8462ad1dc9d13a00-YYZ
alt-svc
h3=":443"; ma=86400
expires
Wed, 14 Feb 2024 05:09:55 GMT

Redirect headers

date
Tue, 16 Jan 2024 01:44:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ghbB7v%2FjH4uKHAFUBeqVYBj4bgnn4Aa0619VaYc2zAAAePUkbtAbA1wmnUz5KOI7ITWLACuloYvSxHG%2BwpKjMP5h3FSS0AKCpxU65I0cWcv57d2vAdZ8bx6fUjv7DYHYZUj8rlYEZQ46E%2BRj"}],"group":"cf-nel","max_age":604800}
location
https://i.doodcdn.co/theme_2/img/loader.svg
cache-control
max-age=3600
cf-ray
8462ad1b7e4f7ca8-EWR
alt-svc
h3=":443"; ma=86400
expires
Tue, 16 Jan 2024 02:44:56 GMT
avertastd-regular-webfont.woff2
i.doodcdn.co/fonts/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i.doodcdn.co/fonts/avertastd-regular-webfont.woff2
Requested by
Host: i.doodcdn.co
URL: https://i.doodcdn.co/css/embed.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:74a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
714e70103deac0d67f52a6285c5fabee6088ce4d710ce7e74353503837038baf

Request headers

Referer
https://i.doodcdn.co/css/embed.css
Origin
https://do0od.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
47844
alt-svc
h3=":443"; ma=86400
content-length
23812
last-modified
Mon, 03 Jan 2022 15:38:36 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qHgx8om0uWp3EyHDSyZs%2BvMOoZZ174%2FuIOF3zs2RmBRZ8RlWqryLq1OZAzJ44slCp6tm9%2FqF2xqJ%2BsFHMfSVp8Hz4QnrK5DwyRiEnel%2BLGnlV6%2FAjGxUUrhNvFh3zQPz74FBcMDSq0ezA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8462ad1aded95401-YYZ
expires
Tue, 13 Feb 2024 18:08:40 GMT
sspnngsexqfhsh1b.jpg
i.doodcdn.co/get_slides/2421/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.doodcdn.co/get_slides/2421/sspnngsexqfhsh1b.jpg
Requested by
Host: i.doodcdn.co
URL: https://i.doodcdn.co/js/embed2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:74a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e82d781f1fd57e80d2aa0a96d67252e5b1f486eeab034e06591df902dc8d0c41

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:56 GMT
cf-cache-status
HIT
last-modified
Mon, 15 Jan 2024 12:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jm51YgPARqDIEFHDBo7QZj9LsQ0n%2FVOlonnnV%2FJfNCAd65%2B%2BS8JQHwBezfTq9PYr%2FHo4HoFETtaR0ZVckNjKRZakj%2BJQ4RKp20fR0XeSawpVoDl%2BWGBYgB72%2FwqwB6AO1AMSROmeHoUyvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/vtt
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
8462ad1adedb5401-YYZ
alt-svc
h3=":443"; ma=86400
logo-s.png
i.doodcdn.co/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.doodcdn.co/img/logo-s.png
Requested by
Host: do0od.com
URL: https://do0od.com/e/tf5j903go600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:74a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2577866b9d26cd6a4be764910f0913ae5b737ed1d130d635048051ebe15ae680

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
47665
cf-polished
origFmt=png, origSize=6212
content-disposition
inline; filename="logo-s.webp"
alt-svc
h3=":443"; ma=86400
content-length
1932
cf-bgj
imgq:100,h2pri
last-modified
Mon, 03 Jan 2022 15:38:36 GMT
server
cloudflare
etag
"61d3187c-1844"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VfbbnlljYU%2BcLP5Hr%2B20N%2BeumOI48rxjOJCpf4Grn8IqkoHgrTzYVUXe3YQfpCc78DzNZNDzw0WA6P6J%2BRmyYqdbHDFEP6MkdjbZggG8MpZEgaFY%2Bei7O3ZkSk3p%2FMvZWcqFia2Nf6myTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
8462ad190ec03a00-YYZ
expires
Mon, 12 Feb 2024 15:12:29 GMT
truncated
/ Frame 231E 		66 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b66816cf96c7bb2996a20846cdfce80694947b58d3ebb3ed2e5ce131e659086

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Type
text/html;charset=utf-8
favicon.ico
ce728wo.video-delivery.net/ Frame 231E 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce728wo.video-delivery.net/favicon.ico?i
Requested by
Host: text
URL: data:text/html;charset=utf-8;base64,PGltZyBzcmM9Imh0dHBzOi8vY2U3Mjh3by52aWRlby1kZWxpdmVyeS5uZXQvZmF2aWNvbi5pY28/aSI+PC9pbWc+
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.210.111.151 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-2dda20ec.vps.ovh.net
Software
nginx /
Resource Hash
a558a4796f60f07743027eec96b538b2e7758cca8c544ed796ff745837478555

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Tue, 16 Jan 2024 01:44:57 GMT
Last-Modified
Sat, 29 Feb 2020 09:26:04 GMT
Server
nginx
ETag
"3c2e-59fb38b06e300"
Content-Type
image/vnd.microsoft.icon
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15406
puengine.js
cdn.tsyndicate.com/sdk/v1/ 		88 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tsyndicate.com/sdk/v1/puengine.js
Requested by
Host: cdn.tsyndicate.com
URL: https://cdn.tsyndicate.com/sdk/v1/p.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.161.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
9f8cc0fa666cd6911977e73e8ea15747da46c0e2fed880b774d974aeec94fa50

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:57 GMT
content-encoding
gzip
last-modified
Mon, 15 Jan 2024 13:51:12 GMT
server
nginx
age
42535
etag
W/"65a53850-15e83"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
33601
asd100.bin
pogothere.xyz/ 		100 KB
101 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d3eub2e21dc6h0.cloudfront.net
URL: https://d3eub2e21dc6h0.cloudfront.net/?ebued=1004073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.220.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
450
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Jan 2024 01:37:27 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://do0od.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5yHtq4EhsahJW6XmVfKO0U%2FkucJPPWjEUZtUGNfcZS2cc6mxhBztXQUqFWowkxFxA%2FWNOIHH9nnGEOv5yRzRMJe9BVhG8nl7pzdUp4rXwGDCRnRvcUGnzB9DbhY181s"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8462ad200b13a240-YYZ
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		27 B
370 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d3eub2e21dc6h0.cloudfront.net
URL: https://d3eub2e21dc6h0.cloudfront.net/?ebued=1004073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.220.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cd933d85c43fa5a2ce65342b68cd4f018bc0be0fab09977248d7ba41470d11a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4C6DgtNNfdS4Aod%2FM7FY5Ov%2BRpFhWGpN9Ey9BC3026YPDG1P9jUonO8mo9M7C4TnuPk1C7fuHCVPk04ETje%2BUddvIgfF554%2BtCT744J4lI30RWCxseadQj9o94BOrhTI"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://do0od.com
content-type
text/plain
access-control-allow-credentials
true
cf-ray
8462ad200b17a240-YYZ
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
utx
orgotitedu.info/ 		0
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://orgotitedu.info/utx?cb=fbNqbRO3Whp0&top=do0od.com&tid=1004073
Requested by
Host: d3eub2e21dc6h0.cloudfront.net
URL: https://d3eub2e21dc6h0.cloudfront.net/?ebued=1004073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-28.iad79.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jan 2024 01:44:57 GMT
via
1.1 29bea082286af4a231cfc553e1b23886.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop
IAD79-C3
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://do0od.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
ccaSW_U8oDujMx6AIa4bIGlpH4PIkzG2eyAIUZoWMtABDa4QxRCKqQ==
ex8LA159UikbCFcEfgdfYzEAPx1aQTQvIVQz
orgotitedu.info/Q2hnOXQiCgRUSyJVBR8BMQRaHEYFTVV/EHANEltGJlpWXRd1AFcXFy8HEl0SMQcJTVotDRMcRgU+Bgo+OjoMcD0LOhBeEhFQBX8aNxIwCT4EDAlvLRUqAAg4Ej0kbQ0vXiptFzstM149ER8yezYCMVZvMApcIwlNJQ4KaDwGEBBREnNYP3E3F... Frame 18CA 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://orgotitedu.info/Q2hnOXQiCgRUSyJVBR8BMQRaHEYFTVV/EHANEltGJlpWXRd1AFcXFy8HEl0SMQcJTVotDRMcRgU+Bgo+OjoMcD0LOhBeEhFQBX8aNxIwCT4EDAlvLRUqAAg4Ej0kbQ0vXiptFzstM149ER8yezYCMVZvMApcIwlNJQ4KaDwGEBBREnNYP3E3FU1VfyMvOTNwHQE/NVUlOiUAaC4XEj5APBEpMmkwFgshe0EkJhBJJAsRDA01K1wCc0YnMil8ECwLDAw1EgVTCDUrHzByIBYxMQk2cSQlACwSID1DI3IQJGBHBhgxCTZxJjZwFxEgLVcjByo/XTwKPDV8WRkePQgYAC0dYA0BEAR/PTopJn4DGQIEekULOT9/BxQtNWEQCyIjfiYsEStOEBs5Jm8aFD0uXDg6AyhvRAFaLWhAES80VQYXAyV6PhAHPXEmewI9CB9zOVRrDRE9LVoXCyI0akU7WAQIRRs5L2AMAAA2bToAHChoMBESBG8MIDk/ex8LA159UikbCFcEfgdfYzEAPx1aQTQvIVQz
Requested by
Host: d3eub2e21dc6h0.cloudfront.net
URL: https://d3eub2e21dc6h0.cloudfront.net/?ebued=1004073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-28.iad79.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
f5db7e8d7d3bf86111b0a6e9c5aea090bec9507cb3643326d60fa65562c42b88

Request headers

Referer
https://do0od.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1243
content-type
text/html
date
Tue, 16 Jan 2024 01:44:57 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 29bea082286af4a231cfc553e1b23886.cloudfront.net (CloudFront)
x-amz-cf-id
oFg-H0Rq3vuj7p7uvPeDdV2sl1r17H9dWXkB-CNGku2e2ijRdLYf2g==
x-amz-cf-pop
IAD79-C3
x-cache
Miss from cloudfront
JSUFHzMlCWcjAywFJDt6OjcbLzMjJwEYJDVBOykcLQEkO3o6Eho7Lz8kAl05LEAvMBwWM3JaDTskLycqARoOLhkcQRspfy4yAyUsKyQVMgMBXC8jHgQnJQ56FykAWwoGNAUtDCE2LyQBBEQmDRk6PBYsehwiZj0GPyI4OwgEO24NewQ2FhEkAjcWKgQOFm4hHV4FZ...
ioniamcurr.info/V2hLb3E2CigCTjZVKUkEJQR2SkMRTXkpFWQNPg1DMlp6CxJhAHtBEjsHPgsXJQclG185DT9KQxEDKl4ZHQ0cOjgZESgJJj9QMyMkBT0cXRluOx0lFzEBBiQyMD0kCzIgAgg7NBwmGioAGAF7GSAvUCIjJAUhHlxFOy8KHDwNP3MMMiAAJwo3b... Frame E45D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ioniamcurr.info/V2hLb3E2CigCTjZVKUkEJQR2SkMRTXkpFWQNPg1DMlp6CxJhAHtBEjsHPgsXJQclG185DT9KQxEDKl4ZHQ0cOjgZESgJJj9QMyMkBT0cXRluOx0lFzEBBiQyMD0kCzIgAgg7NBwmGioAGAF7GSAvUCIjJAUhHlxFOy8KHDwNP3MMMiAAJwo3by0PFQFnPB4iFBgwGjoyPy0zJSMCLR8CHgc8DhsTMTA/JSUFHzMlCWcjAywFJDt6OjcbLzMjJwEYJDVBOykcLQEkO3o6Eho7Lz8kAl05LEAvMBwWM3JaDTskLycqARoOLhkcQRspfy4yAyUsKyQVMgMBXC8jHgQnJQ56FykAWwoGNAUtDCE2LyQBBEQmDRk6PBYsehwiZj0GPyI4OwgEO24NewQ2FhEkAjcWKgQOFm4hHV4FZQ0dCyUAWg0YJ2YMKg0cLyQdPRZiJDMIKRYGelghZioSDUMzIx5fQSMMDghXPRskAQFqPQ0NGBQkLy4TMz4
Requested by
Host: d3eub2e21dc6h0.cloudfront.net
URL: https://d3eub2e21dc6h0.cloudfront.net/?ebued=1004073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.98.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-98-127.iad55.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
7583b79e53169094d005b6e9988a42e960a46503dc2b0216007514b4ee3213b0

Request headers

Referer
https://do0od.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1217
content-type
text/html
date
Tue, 16 Jan 2024 01:44:57 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 0af050b863ec46156a524df4e5d86692.cloudfront.net (CloudFront)
x-amz-cf-id
7glqiIhcZmb7GfUc_OQiCGX-u9dAAs8gsMglyPSbxDFUwNMb4oxA7g==
x-amz-cf-pop
IAD55-P4
x-cache
Miss from cloudfront
WlhCNjoGDllzbBcdEC53Vl5Ud3lRUFB7fVVQUA
xukpresesmr.info/aWRCSmdGWyE5WjwgADszEy4vCSEBUwMdBC0xcSksMyUALgI4IWQ+Dg1Zc3pXXVR1eUEZDSZ3Vk8XNisTHBd/e0EACiQlWk8Sf3tJWlBseVNHVGQ/ 		0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xukpresesmr.info/aWRCSmdGWyE5WjwgADszEy4vCSEBUwMdBC0xcSksMyUALgI4IWQ+Dg1Zc3pXXVR1eUEZDSZ3Vk8XNisTHBd/e0EACiQlWk8Sf3tJWlBseVNHVGQ/WlhCNjoGDllzbBcdEC53Vl5Ud3lRUFB7fVVQUA
Requested by
Host: do0od.com
URL: https://do0od.com/e/tf5j903go600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.185.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7z3IFjgaMAEbJZYGdolrUVTZ89lT2GgsfNxI7f6EvVqHyn5aBv79oLc8noPqbhHMWl0GFOrE60xluXpIXL6MKIkfoblSEyTCOKFLIY5VBnOi24X7lK1rbYSI5DiH94epb9a4"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8462ad22c975a216-YYZ
alt-svc
h3=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: do0od.com
URL: https://do0od.com/e/tf5j903go600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp1OxQKErUeufUQU8eSaGVwytKkkrX8nFbx5Jd9JxDdlP_sG5geKmhlJ59S...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1_2u1_xPZj-mh-YZcz0j_B6Zf31Kok--AMpbp-ADMoiRCQ4dcfI3jk_pmS4RoKkCh8S6aSjQ&passiv...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1_2u1_xPZj-mh-YZcz0j_B6Zf31Kok--AMpbp-ADMoiRCQ4dcfI3jk_pmS4RoKkCh8S6aSjQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-452600218%3A1705369498464613&theme=glif
Requested by
Host: do0od.com
URL: https://do0od.com/e/tf5j903go600
Protocol
H2
Server
2607:f8b0:4004:c09::54 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Redirect headers

date
Tue, 16 Jan 2024 01:44:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-RbpYKgNNzxU4SmAHRWRVaA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
402
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1_2u1_xPZj-mh-YZcz0j_B6Zf31Kok--AMpbp-ADMoiRCQ4dcfI3jk_pmS4RoKkCh8S6aSjQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-452600218%3A1705369498464613&theme=glif
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp3y7ccz747mWapGNt4b2d-YVmjbX0eMYQQ9Oz1uV1Eo4lcDAEBfWVQ...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp01elEU3uF-Ay2zKae-5I8nYyUxje1e7xElt7R9626KbF_SFVN3EwmXdlijr6zn-ylBVa9EFQ&passi...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp01elEU3uF-Ay2zKae-5I8nYyUxje1e7xElt7R9626KbF_SFVN3EwmXdlijr6zn-ylBVa9EFQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-150472060%3A1705369498482552&theme=glif
Requested by
Host: do0od.com
URL: https://do0od.com/e/tf5j903go600
Protocol
H2
Server
2607:f8b0:4004:c09::54 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Redirect headers

date
Tue, 16 Jan 2024 01:44:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-y9RKmJ1cH1-IHf-i7_FSHA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
407
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp01elEU3uF-Ay2zKae-5I8nYyUxje1e7xElt7R9626KbF_SFVN3EwmXdlijr6zn-ylBVa9EFQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-150472060%3A1705369498482552&theme=glif
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
TlJSQXBhbTEyTSoHKgU+JBQWJEMtHRMEJn8xE3k1Hzw+djQ5E3Q1GSpvY3FAemJldVY+OzZ8QXZ0ITUROichfEFoOzwnH3N0JHxBYGJ8c156dCd8QWgmIiAXc2N0MQQ6Pm9wR35nYXdJemtlckN7
xukpresesmr.info/ 		0
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xukpresesmr.info/TlJSQXBhbTEyTSoHKgU+JBQWJEMtHRMEJn8xE3k1Hzw+djQ5E3Q1GSpvY3FAemJldVY+OzZ8QXZ0ITUROichfEFoOzwnH3N0JHxBYGJ8c156dCd8QWgmIiAXc2N0MQQ6Pm9wR35nYXdJemtlckN7
Requested by
Host: do0od.com
URL: https://do0od.com/e/tf5j903go600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.185.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzlLllux9aWODPykrcA%2FScnJTx2bGp2pEDo1P0xjezLwmK2kjTImeUcA6XG5g8%2FXeKMr%2BeWxW8ke5q3St1vpIgy7lhRLa0cUZleC%2Fi9T8qEZ%2BsD7%2BLmxcUWiQbn4gU8xpXZ9"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8462ad22c96da216-YYZ
alt-svc
h3=":443"; ma=86400
sfp.js
friendshipmale.com/ 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friendshipmale.com/sfp.js
Requested by
Host: forfeitsubscribe.com
URL: https://forfeitsubscribe.com/6f/0a/93/6f0a93cda652e64b72651fd9588be3d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:58 GMT
strict-transport-security
max-age=0; includeSubdomains
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
x-request-id
1415ca324fe1e1d20b1c123b0f1ffe41
last-modified
Tue, 16 Jan 2024 01:44:58 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fo9ay1riqiPNX4wOHN8evHfB6%2FAFUUx3J6JFq9pLI3KGjMWFf3ksFozXpUfxw%2FvQEPhG6Q8cL336x0PCmcdfDyBJRaRWg0NCUBeeqQMxlK1NudkJsEcMUl7xuziV4UYGcrrF%2BPjjt%2BcYfXEgvE7udfA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8462ad247c0b2b27-ORD
expires
Thu, 01 Jan 1970 00:00:01 GMT
stats
proftrafficcounter.com/ 		40 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proftrafficcounter.com/stats
Requested by
Host: forfeitsubscribe.com
URL: https://forfeitsubscribe.com/6f/0a/93/6f0a93cda652e64b72651fd9588be3d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.30.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-30-186.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
d6762296cafaa500c46f5328a2ce9c8abbbba2095304f7661d627857838325af

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
https://do0od.com
date
Tue, 16 Jan 2024 01:44:57 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
vary
Origin
content-type
text/html; charset=UTF-8
solid.gif
ku42hjr2e.com/ 		43 B
547 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ku42hjr2e.com/solid.gif?z=1941940&nojs=0&abvar=0&febuild=1.0.188&t=0&wcks=1&wgl=1&cnvs=1&os=480&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=7430112489845760&eclog=0&im=1
Requested by
Host: ku42hjr2e.com
URL: https://ku42hjr2e.com/aas/r45d/vki/1941940/01a7fa3f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.252.21.37 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
162.252.21.37.serverel.net
Software
nginx /
Resource Hash
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:58 GMT
x-route-id
stats.tag.loaded
server
nginx
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
timing-allow-origin
*
content-length
43
content-type
image/gif
1941940
ku42hjr2e.com/get/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ku42hjr2e.com/get/1941940?zoneid=1941940&jp=_cl4ma30b514tzy2ar5431a&nojs=0&abvar=0&febuild=1.0.188&t=0&wcks=1&wgl=1&cnvs=1&os=480&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=7430112489845760&eclog=0&im=1
Requested by
Host: ku42hjr2e.com
URL: https://ku42hjr2e.com/aas/r45d/vki/1941940/01a7fa3f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.252.21.37 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
162.252.21.37.serverel.net
Software
nginx /
Resource Hash
8fadf475c13cadb8d2433909ecbf1459be18cd31a78e2f091845a42872a00a9f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:57 GMT
content-encoding
gzip
server
nginx
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-route-id
config
timing-allow-origin
*
WlQTIiBWRlQyMgQZTzYyHRAUPDUcFB5gNwpPHyk4Ah4eJ2dZNEdock5AQm41AhwWKTUYV0B2LB9XQHZzW1xCY3EpV0B2NQIcRHJnWDBXdHITRE-ZvZ1lCEzYyBxcFIyAAGwZjcC1HQXFsWERXdHJDGRoyLwdXQAVnWUIeLykOV0B2JQ4RGSlrTkBCJSoZHR8jZ1k0...
d3eub2e21dc6h0.cloudfront.net/Va3JyRkIIHRwgfR8bFntzW0JGdnVYVBg1LQUCTyl6MTcxETgIRwUBBAY1VDI4D09ffmQHExwhf00XHCV/ Frame 18CA 		810 B
835 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3eub2e21dc6h0.cloudfront.net/Va3JyRkIIHRwgfR8bFntzW0JGdnVYVBg1LQUCTyl6MTcxETgIRwUBBAY1VDI4D09ffmQHExwhf00XHCV/WlQTIiBWRlQyMgQZTzYyHRAUPDUcFB5gNwpPHyk4Ah4eJ2dZNEdock5AQm41AhwWKTUYV0B2LB9XQHZzW1xCY3EpV0B2NQIcRHJnWDBXdHITRE-ZvZ1lCEzYyBxcFIyAAGwZjcC1HQXFsWERXdHJDGRoyLwdXQAVnWUIeLykOV0B2JQ4RGSlrTkBCJSoZHR8jZ1k0Q3RyRUJccHJSS1x0c11XQHYxChQTNCtOQDRzcVxcQXBkHk9D
Requested by
Host: orgotitedu.info
URL: https://orgotitedu.info/Q2hnOXQiCgRUSyJVBR8BMQRaHEYFTVV/EHANEltGJlpWXRd1AFcXFy8HEl0SMQcJTVotDRMcRgU+Bgo+OjoMcD0LOhBeEhFQBX8aNxIwCT4EDAlvLRUqAAg4Ej0kbQ0vXiptFzstM149ER8yezYCMVZvMApcIwlNJQ4KaDwGEBBREnNYP3E3FU1VfyMvOTNwHQE/NVUlOiUAaC4XEj5APBEpMmkwFgshe0EkJhBJJAsRDA01K1wCc0YnMil8ECwLDAw1EgVTCDUrHzByIBYxMQk2cSQlACwSID1DI3IQJGBHBhgxCTZxJjZwFxEgLVcjByo/XTwKPDV8WRkePQgYAC0dYA0BEAR/PTopJn4DGQIEekULOT9/BxQtNWEQCyIjfiYsEStOEBs5Jm8aFD0uXDg6AyhvRAFaLWhAES80VQYXAyV6PhAHPXEmewI9CB9zOVRrDRE9LVoXCyI0akU7WAQIRRs5L2AMAAA2bToAHChoMBESBG8MIDk/ex8LA159UikbCFcEfgdfYzEAPx1aQTQvIVQz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:4200:12:8107:3100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2a6e0365befd9bcd0bf7ed0f3eb972bb5a2809940b476d540963ba5548fbfe2c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://orgotitedu.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:57 GMT
content-encoding
gzip
via
1.1 235099561ba63a2b7662a2b20d9ac036.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
559
x-amz-cf-id
aLUf8JSWpd8P9g4SZd6qNiLa443PURHQI_1estpbIXDeaLHuJd_oug==
TUxOankYFRs0LA4ACTMgDUBZHn-xKUkVrf1xXW3AiEREGNGxLJk5qeRUMAD1sS1UMPSoSCkJ9e0kGAyomFABOag9IV1t2eVdTW2FwV1dabmxLVRg5LxgXAn17P1BYb2dKU00tdEg
d3eub2e21dc6h0.cloudfront.net/ka1hJeWUINycfWh8xLURUW2h9SVJffiMKCgUodCwjCTEKNQEqOi0vQx8iLURIU34lGAsMZW8cCwhleF8EDzp0TUMeOXQUChExJRUETmoPTEtbfXtJTRwxJx0KHCtsS1UFLGxLVVpoZ0lAWBpsS1UcMSdPUU5rC1xXWyB/ Frame E45D 		295 B
538 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3eub2e21dc6h0.cloudfront.net/ka1hJeWUINycfWh8xLURUW2h9SVJffiMKCgUodCwjCTEKNQEqOi0vQx8iLURIU34lGAsMZW8cCwhleF8EDzp0TUMeOXQUChExJRUETmoPTEtbfXtJTRwxJx0KHCtsS1UFLGxLVVpoZ0lAWBpsS1UcMSdPUU5rC1xXWyB/TUxOankYFRs0LA4ACTMgDUBZHn-xKUkVrf1xXW3AiEREGNGxLJk5qeRUMAD1sS1UMPSoSCkJ9e0kGAyomFABOag9IV1t2eVdTW2FwV1dabmxLVRg5LxgXAn17P1BYb2dKU00tdEg
Requested by
Host: ioniamcurr.info
URL: https://ioniamcurr.info/V2hLb3E2CigCTjZVKUkEJQR2SkMRTXkpFWQNPg1DMlp6CxJhAHtBEjsHPgsXJQclG185DT9KQxEDKl4ZHQ0cOjgZESgJJj9QMyMkBT0cXRluOx0lFzEBBiQyMD0kCzIgAgg7NBwmGioAGAF7GSAvUCIjJAUhHlxFOy8KHDwNP3MMMiAAJwo3by0PFQFnPB4iFBgwGjoyPy0zJSMCLR8CHgc8DhsTMTA/JSUFHzMlCWcjAywFJDt6OjcbLzMjJwEYJDVBOykcLQEkO3o6Eho7Lz8kAl05LEAvMBwWM3JaDTskLycqARoOLhkcQRspfy4yAyUsKyQVMgMBXC8jHgQnJQ56FykAWwoGNAUtDCE2LyQBBEQmDRk6PBYsehwiZj0GPyI4OwgEO24NewQ2FhEkAjcWKgQOFm4hHV4FZQ0dCyUAWg0YJ2YMKg0cLyQdPRZiJDMIKRYGelghZioSDUMzIx5fQSMMDghXPRskAQFqPQ0NGBQkLy4TMz4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:4200:12:8107:3100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ead236c5c4874638808dcf16314ff682e143e7c0bd5b99bbab96fbc0d661582f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ioniamcurr.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:57 GMT
content-encoding
gzip
via
1.1 235099561ba63a2b7662a2b20d9ac036.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
261
x-amz-cf-id
p82PqEv8apbfTodZazc5Q9wgVmRbznmy-FEpD-nqLcVMPCiQczFutw==
popunder.gif
xukpresesmr.info/ 		35 B
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xukpresesmr.info/popunder.gif
Requested by
Host: do0od.com
URL: https://do0od.com/e/tf5j903go600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.185.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
public
date
Tue, 16 Jan 2024 01:44:58 GMT
cf-cache-status
HIT
last-modified
Mon, 15 Jan 2024 17:48:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
28596
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etNZSP9%2FbHd8x3ZKzVznUy82%2FKE2va63LYZqergWR%2F06fsJne6NZEZXXQlhsVyacdg1cL16iOZZrioya6%2BAptsyoW1IJqjWIDTqKrj2r6HhFMhu5N1TB3ZNdljXzbB1HU7zq"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
8462ad22c971a216-YYZ
alt-svc
h3=":443"; ma=86400
sbar.json
expertiseresemblefood.com/ 		6 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://expertiseresemblefood.com/sbar.json?key=6f0a93cda652e64b72651fd9588be3d4&uuid=7c95dc8b-f505-4eaf-954d-751e868556ae%3A2%3A1
Requested by
Host: forfeitsubscribe.com
URL: https://forfeitsubscribe.com/6f/0a/93/6f0a93cda652e64b72651fd9588be3d4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
3c8bbfd01b3903ccf2e355c88a22d97ea6e9bdf101057def706c30b0ee5292d2
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Tue, 16 Jan 2024 01:44:58 GMT
Custom-Referer
https://do0od.com
Content-Encoding
gzip
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://do0od.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Request-ID
6066c17a2b4bf66ad1c1e60415cc867b
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
limurol.com/ssp/req/1941940/ 		7 B
600 B 		Script
General
Check archive.org
Download Go to
Full URL
https://limurol.com/ssp/req/1941940/?pb=61fc233f5dbb44960b606181bcf16c1c1705376697&psp=l42z0izXxNE3fzIP0RAB6i8A_xCjtlitIeXq0QCdy0z-Yz1_MzqOxlY0EJrlRXiFOsuHbcgeaxFAYLjZDV-IR4KaQVhnqldqwLmpS2k7BcUxfBSCUKSiLRS9rdEAFcbQqAqaUqCtgjzxUx8qp2uDqBHHlLfC6hBCHqribk3-nXN61KKE85Fz1sXVJVaSETBxA4adt4DCQ7GXZ2uf8AHnVlpmkmTyCGUUALQo9jhTBDPgzTunct9xGwb4xVKoAJaf_QFk3OBBvM8BAEiCxOlyJQVvXpfjJpuNKInT88N0q_hOkVKOmMNT6HRmdO8By0BSNCLCLtJhfDMo8HILDJgfie1zCTXQazj43UeQBJziW_V2dIoM244YzkpdCnOGgqLqGwYJy28KDsMR5X9HrvOqWhPMjY_W2s9Of8MP7QjoCxV-HkU8EYLf19IyP-K0mpBjpBX9jXUDZPEewK3yYcuEMBn1Wh98d0OenjUmxAjXaBNi66TL9C2E_9SkELa7HpQ8dAAdBdXU-qe0BYr0XJUf43MPARAK-7hKp8unWfzFXVWKmjIaLZ8G6RC3-N0OYF2px3M2yTRfCkN1umbXPsvzPT8AA70Dlz966ASOcqY128C4pP_v54qN3KdkmbFs1sDhtFUUHYJ6sn56CC1xYZ09QPH_cfnMNRFLgCB332NnziNatDeoioZtm2PP9tEpyLAQY6rrj3I3RLhJhaIY_STVpFNaJwKdw5abg_4Bai2Cjo7OZiY2jIrr01kFeo4ybMNQr79ttnITjHZ3OSOcJ4NvPt-my3mhm6ipv-luCE1jxWdJThHEe86mw0jKDQcO8mo-D_4dnNdtBY-8hxU-RZpOPqSTbkrrmEdd-1ZueQ-ZT-8YeuXH1lt3yyx1cMCalO_3VC4VBn8Dy8CfSa4fn2ibBMJQbQYoT4x-YRa8ZgVeFIEcDQeY0k-ZovVr7VnVzwtYiGc2zLC1KQ==&im=1&cb=_cl89ewviavfffcwzmyw9mu&nojs=0&abvar=0&febuild=1.0.188&t=0&wcks=1&wgl=1&cnvs=1&os=480&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=7430112489845760&eclog=0&im=1
Requested by
Host: ku42hjr2e.com
URL: https://ku42hjr2e.com/aas/r45d/vki/1941940/01a7fa3f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.252.21.37 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
162.252.21.37.serverel.net
Software
nginx /
Resource Hash
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:58 GMT
x-route-id
ssp.bet
server
nginx
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
timing-allow-origin
*
content-length
7
content-type
text/javascript
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
index.html
cdn.barscreative1.com/sb/interstitial/software/flashPlayer/wind/multi/2/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.barscreative1.com/sb/interstitial/software/flashPlayer/wind/multi/2/index.html
Requested by
Host: forfeitsubscribe.com
URL: https://forfeitsubscribe.com/6f/0a/93/6f0a93cda652e64b72651fd9588be3d4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8301::3 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
0f1a7f6f402d881f0a882c8e8bcb722552ead9f11c421bdcce6bfa68720bf6e1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Tue, 16 Jan 2024 02:44:59 GMT
date
Tue, 16 Jan 2024 01:44:59 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 12:21:10 GMT
server
nginx/1.21.6
etag
W/"612f7036-ab5"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
max-age=3600
x-proxy-cache
HIT
ren.gif
expertiseresemblefood.com/ 		7 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://expertiseresemblefood.com/ren.gif?sid=H4sIAAAAAAAC%2F1xSTYgcRRitjpqLQUzw4kFo%2FMEEsrPdPdM9M0SyZDcmxk1MSCJ78VJdVb1bbnVXW9U9vRkEowEJnsabeOp5kx9%2Fg4JeFEFmPRhWPYynBVnx5E0QvIkgszu44Lt8X33vFdR79b09LHeIj5JuFxd0XypF58OG5x5dkRnXlXVfuur6XsM74a7ILGqdcDei1jH3VJ4rsSLiZVnMh812oxm5R5dfuHrh%2FHFXyXXhnhVsXR9zl9aMTsW8H3gNrxF53W4j8CP3Ck2okbN7kPmnba8RhI0gDBt%2B1MWG%2Bd%2FAlg4sdcB7O%2BQIJJ8cuu9%2BD8nGyNLPTgu7Xuj8%2BPNpqWihDXr87svZeqarDOl%2BmxgHSXZ3poa2E0LeOwCd3Z35hO7dmvpELCfE%2Beck4uzO3vMR90Z%2B4CFWEBli%2FjCq3hhCjSHpGEzfgOTPgnEsnUKW3lmiGeV0j6NTbkIOLr8BWU3IwT82kKVfLAql3D2Zu1hamQlrsZHUkBtjyNUx8nITRf9vyGoTrHgLkv9EXvn6BLL0gws6K4ygCpJvP91m3ZCzTjyXhF441xI0meuGLT7XDn3RiTphGFGxm5OUY8hkDCUGoPYASuuglA7KxEGZO0j5tkvDIPHavMVo2O4K34v9iCcijruR16GsLVCyqZsBinwApgZg5jpycx3rcgBTfgu7VsNyB7Yg6PEalSCoLEFFCSpJUBUEVa%2B%2BzZUNbH2HK1vG%2FqwGs9qsR7pYHdLbulgVGQE1g2G%2BQw5PY3SeevIg1sW2GyUe7TYZp1EYiKgVt4Mo9BPeDTudWDR5C1bWkPYAqHXQlxPyzGsnkcsJOXT%2FMGK6Cas2weSjoOUToNWoHXiga6NWx0M%2F%2B9KnvFRFg2vN7TTqtMF0Cq5r5MWDKK45Q7VDHt%2F91xe%2FehOCbS3svPP7xfkjz4GZGrmp8ar8jmBV3Rxd1hW5dVlXlnx%2BMS9kKvu0kDq7UtBCPPTRsrhWacPPnbaDD0%2BxKTFtP7kqbHGeZlxmq5Z8vCg5F%2BaMNkyQb87ZFRFfKu3aYmmyMj9%2FaenMuTQ3wlqpszHodHWDv8DkhDzy%2BpXdVT42ZJBmDFPWSMstMgOk3gTLr8PmWwu%2F%2FDDFj7CawKh9TZw7qMp6ZIJ4f6gkgRL7ZxrXsGJr4c97j%2FV%2FO3sPsfgvkKG9iVXjgBY3kKU1eqZGT9WgagBbPjAqcrO18HNzF4iVM4qVcW7Fyqh398K1cttNgoTSiHHfi9qchXHoh0nUFBHrBk0%2FZgyFnYjbv77%2FLwAAAP%2F%2FAQAA%2F%2F%2FqEgdFyAQAAA%3D%3D
Requested by
Host: do0od.com
URL: https://do0od.com/e/tf5j903go600
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Tue, 16 Jan 2024 01:44:58 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
7
X-Request-ID
25d3abc9b479521ec868716f11107657
Expires
Thu, 01 Jan 1970 00:00:01 GMT
pxf.gif
unseenreport.com/ 		1 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unseenreport.com/pxf.gif?uuid=7c95dc8b-f505-4eaf-954d-751e868556ae&eb=bbc096aa9bde05ab4ca7a9a2490f8d5e&te=1dc48c59599e40edc1793199bfea2f10&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36&dev=r&res=14.31&b_frame=0&pk=6f0a93cda652e64b72651fd9588be3d4&bl=en-US&sr=1200x1600&sz=1200x1600&hjs=17
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Tue, 16 Jan 2024 01:44:59 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.21.6
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
1
X-Request-ID
68add84617e2fd4e8c74744a454378d2
Expires
Thu, 01 Jan 1970 00:00:01 GMT
animate.css
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/multi/2/css/ 		77 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/multi/2/css/animate.css
Requested by
Host: forfeitsubscribe.com
URL: https://forfeitsubscribe.com/6f/0a/93/6f0a93cda652e64b72651fd9588be3d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3028c87fc798ac3741f02079034e6c23462afc0c5e6c8d321188ce3716c8472a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
300208
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 01 Sep 2021 12:21:12 GMT
server
cloudflare
etag
W/"612f7038-13591"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65DVockcEq78Ifop027X8z6wGcZdolcp8LtDHWmWVPiO%2F9e3OKXRuVsUK3Gbq94TruYvSUeoxNS42ejIihxqaeDEmmqCo3K6qmSYjtU0QhU0MLPiN44F5w0hjZH9KX%2B%2F6VC%2BQjfIbrkAsPtn3eppxNOXSF6n"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
public, max-age=315360000
cf-ray
8462ad2e5fbc02ab-ORD
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/multi/2/css/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/multi/2/css/style.css
Requested by
Host: forfeitsubscribe.com
URL: https://forfeitsubscribe.com/6f/0a/93/6f0a93cda652e64b72651fd9588be3d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186a4cc8a9737dd12db8093b5b765716a2d681096920363decc68ade7b16ea44

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:44:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
300208
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 01 Sep 2021 12:21:11 GMT
server
cloudflare
etag
W/"612f7037-242e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=earHRqHDijMbdiQ1Oo5gY%2BRzkBJl8tqWAXjliF5t6yNtUe4%2FjV87kgmuoRvwBpAqOHUntuKSm1leEF2vqkJWCQQwOHcDbWbLaUXFeAPyGSSUgfUzmpN4J9EpeAJg%2FoqCqrgNl%2FQ3OWerDs2ISA37M%2BDW8Q%2Fr"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
public, max-age=315360000
cf-ray
8462ad2e5fb802ab-ORD
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ Frame F2DB 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
Requested by
Host: forfeitsubscribe.com
URL: https://forfeitsubscribe.com/6f/0a/93/6f0a93cda652e64b72651fd9588be3d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e40dbc6da95b47d932014e5a93f35b13a341a37ea6fe7559dca041dc77271cd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 16 Jan 2024 01:45:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 23:49:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Jan 2024 01:45:00 GMT
close.svg
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/multi/2/img/ Frame F2DB 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/multi/2/img/close.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9630c142a8c074cc1809ebf4109538cf29cc0baeb6c27726191f1cf5376e2e21

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:45:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4703929
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 01 Sep 2021 12:21:13 GMT
server
cloudflare
etag
W/"612f7039-4ff"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ELuF8R1%2BmuLcvuGYIlTBT%2BE%2FF6puGvuTuT%2BRKonzmvn0gSu0KhaCzE2XbZmJsmibweepVWhKm5td%2BYGoNJYaqTcdKXHFYkIQMjgG1dNi5uMEhSOHn2q9vc%2FCk7PvwuNuBEmp3zYf9tLp9YMCj3%2B1q%2BvzQRBm"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
public, max-age=315360000
cf-ray
8462ad332e7660ac-ORD
expires
Thu, 31 Dec 2037 23:55:55 GMT
Chrome.png
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/multi/2/img/ Frame F2DB 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/multi/2/img/Chrome.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926ced13c6d1f8812977bd0b6402f121696b33ac42ecacd3f8ba07f13552a65a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:45:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3581807
alt-svc
h3=":443"; ma=86400
content-length
9298
last-modified
Wed, 01 Sep 2021 12:21:13 GMT
server
cloudflare
etag
"612f7039-2452"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJAop07EQNePDT4SKIOok8Van8xVXLuPy%2Fo6XvnOeZ7uPrbaa8ZUstQrI17ecE9LesCRyi%2B7a4Rn4OIK2ZrwAUaTeITweTnlJnN2CBaIl2eCQ0oXBOnHjG9meLehvJNFwDQ0vjaxSAnNC5MASYx%2F8uoEXHtb"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
8462ad332e7560ac-ORD
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/multi/2/js/ Frame F2DB 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/multi/2/js/jquery.min.js
Requested by
Host: forfeitsubscribe.com
URL: https://forfeitsubscribe.com/6f/0a/93/6f0a93cda652e64b72651fd9588be3d4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:45:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4703916
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 01 Sep 2021 12:28:54 GMT
server
cloudflare
etag
W/"612f7206-149a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpQFlPMTW1HFDVAiUV841Oqi23sCZ724XXJ3VRqAxWefrLxxgz%2FFhHcTrPeDdrVs5rnkNJxdiX75yMA7LBEswDKzPNMmjo3PwGLYIH5VkzOroMzJjt00L9aozkwR7XFQprLtnWrpXiCqeL7S3d1pQAAZrgOL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
public, max-age=315360000
cf-ray
8462ad332e6f60ac-ORD
expires
Thu, 31 Dec 2037 23:55:55 GMT
script.js
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/multi/2/js/ 		23 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/multi/2/js/script.js
Requested by
Host: forfeitsubscribe.com
URL: https://forfeitsubscribe.com/6f/0a/93/6f0a93cda652e64b72651fd9588be3d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6736b40db626020c4948a227a881ef502d278c81d3f506344d0d07af6bff3c56

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:45:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
300209
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 01 Sep 2021 12:28:54 GMT
server
cloudflare
etag
W/"612f7206-5c14"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Br9PWXVikV2vUjCwybEEi5zlsahGosm8UrCT1Q9IWVosXuodXenSxwY59PW%2FIejQPZRpduUR8UbgpTaHBr%2Fki5r1wMoXRzcmHry5DLpPGOE0GZ%2Bv4D9pXVbsK8MqqncupSXaAirlWyb9tl6rIfR7GOr4TwHX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
public, max-age=315360000
cf-ray
8462ad34aa7302ab-ORD
expires
Thu, 31 Dec 2037 23:55:55 GMT
impr.gif
expertiseresemblefood.com/ 		7 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://expertiseresemblefood.com/impr.gif?sid=H4sIAAAAAAAC%2F1xSTYgcRRitjpqLQUzw4kFo%2FMEEsrPdPdPdM0SyZDcmxk1MSCJ78VJdVb1bbnVXW9U9vVkEowEJnsabeOp9kx9%2Fg4JeFEFmPRhWPYynBVnx5E0QvIkgszu44Lt8X33vFdR79b29Ue0QHxXdLi%2FodakUnQ1bnnt0SeZc19Z96arrey3vhLsk86hzwl2LOsfcU0WhxJJIFmU5G7bjVjtyjy6%2BcPXC%2BeOukqvCPSvYqj7mLqwYnYlZP%2FBaXivyer1W4EfuFZpSI6f3IItPY68VhK0gDFt%2B1MOa%2Bd%2FAVg4sdcD7O%2BQIJB8fuu9%2BD8lGyLPPTgu7Wuri%2BPNZpWipDfr87sv5aq7rHNl%2BmxoHaX53qoa2Y0LeOwCd3536hO7fmvhEIsfE%2BeckkvzO3vOR9Id%2B4CFREDkS%2FjDq%2FghCjSDpCEzfgOTPgnEsnEKe3VmgOeV0j6MTbkwOLr4BWY%2FJwT%2FWkGdfzAul3D2ZO19ZmQtrsZY2kGsjyOURimoT5frfkPUmWPkWJP%2BJvPL1CeTZBxd0XhpBFSTffjpmvZCzbjKThl440xE0nemFHT4Th77oRt0wjKjYzUnKEWQ6ghIDUHsAlXVQSQdV6qAqHGR826VhkHox7zAaxj3he4kf8VQkSS%2FyupTFAhWbuBmgLAZgagBmrqMw17EqBzDVt7ArDSx3YEuCPm9QC4LaEtSUoJYEdUlQ95vbXNnANne4slXiT2swre1mqMvlDXpbl8siJ6BmsFHskMOTGJ2nnjyIVbHtRqlHe23GaRQGIuokcRCFfsp7YbebiDbvwMoG0h4AtQ7W5Zg889pJFHJMDt0%2FjIRuwqpNMPkoaPUEaD2MAw90ZdjpeljPv%2FQpr1TZ4lpzO4k6azGdgesGRfkgymvOhtohj%2B%2F%2B64tfvQnBtuZ23vn94uyR58BMg8I0eFV%2BR7Csbg4v65rcuqxrSz6%2FWJQyk%2Bu0lDq%2FUtJSPPTRorhWa8PPnbaDD0%2BxCTFpP7kqbHme5lzmy5Z8PC85F%2BaMNkyQb87ZJZFcquzKfGXyqjh%2FaeHMuawwwlqp8xHoZHWDv8DkmDzy%2BpXdVT62wSDNCKZqkFVbZApIvQlWXIcttuZ%2B%2BWGCH2E1gVH7mqRwUFfN0ATJ%2FlBJAiX2zzRpYMXW3J%2F3Hlv%2F7ew9JOK%2FQDbsTSwbB7S8gTxr0DcN%2BqoBVQPY6oFhWZituZ%2Fbu0CinGGijHMrUUa9uxeuldtu2%2BdJ2vXiOAx9Pw2DXtvvxO24S4VgIesxlHYsbv%2F6%2Fr8AAAD%2F%2FwEAAP%2F%2FytchjsgEAAA%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Tue, 16 Jan 2024 01:45:01 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
7
X-Request-ID
e5f3e61dba874de271936239d399c9ba
Expires
Thu, 01 Jan 1970 00:00:01 GMT
sbs
expertiseresemblefood.com/pixel/ 		0
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://expertiseresemblefood.com/pixel/sbs?c=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://do0od.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Tue, 16 Jan 2024 01:45:01 GMT
Server
nginx/1.21.6
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| $ function| jQuery boolean| googleAd string| oref string| oemb function| PushOpen function| errMsg function| hab number| punix number| prand string| pdomain string| pfurl string| prefe number| pwidth number| pheight function| supports_html5_storage function| dpload function| _0x2249bc undefined| standaloneFi string| userAgentFi boolean| safariFi boolean| chromebr boolean| iosFi boolean| Fitor function| _0x633c function| _0x238e object| canvas object| gl object| debugInfo string| vendor string| renderer string| oftor boolean| VIDEOJS_NO_BASE_THEME boolean| VIDEOJS_NO_DYNAMIC_STYLE boolean| HELP_IMPROVE_VIDEOJS number| ysel function| runBD function| __onGCastApiAvailable function| videoInfo object| vttjs function| WebVTT function| videojs undefined| returnExports function| videojsSeekButtons object| videojs_hotkeys function| videojsBrand function| videojsMobileUi function| Class number| ntt object| dsplayer boolean| sentPL object| dsvl function| StartPlay function| makePlay object| SILVERMINE_VIDEOJS_CHROMECAST_CONFIG object| span object| MTD object| cast number| LAST_CORRECT_EVENT_TIME object| utr_1004073 number| userTrackingInterval number| _505506734 function| x7$3x function| g6rbFg number| w6A_7$ function| V2ZW0 number| N$ai42 function| e0JHi function| E6m3Y_ function| U3EvY object| actions number| openedPop number| deli number| timer object| urls object| urls2 function| getUrl string| cb43a0 function| N4kk object| yCItbqoqYWzvmVikU function| nextPop number| r function| _0xd965 function| _0x42a0 function| euysa function| _0x286b function| _0x58fc object| sbslms boolean| once boolean| oncet string| cookieIndex function| secondsTimeSpanToHMS function| loadSrtFromUrl function| loadSrtFromPc function| Load boolean| isNotScrolled function| changeSize number| customsubs function| parseSrt number| tryCount number| minimalUserResponseInMiliseconds function| check function| handleException function| i1zz boolean| zfgloadedcode function| _cl4ma30b514tzy2ar5431a object| 1941941__cngfg number| j0m0Wv function| L0Njr function| s6KRDp function| W1bBV string| e770ff9b7 object| PUENGINE function| _cl89ewviavfffcwzmyw9mu function| _cltt8pw45dv4hs0kh9sagw function| onClickTrigger boolean| zfgloadedpopup function| _0x39b4 function| _0x61bf object| LieDetector number| iinf

24 Cookies

Domain/Path Name / Value
do0od.com/e Name: file_id
Value: 138968405
do0od.com/e Name: aff
Value: 261370
do0od.com/e Name: ref_url
Value:
.do0od.com/ Name: lang
Value: 1
do0od.com/ Name: ts_popunder-cnt
Value: 0
do0od.com/ Name: ts_popunder
Value: Mon%20Jan%2015%202024%2017%3A45%3A57%20GMT-0800%20(Pacific%20Standard%20Time)
pogothere.xyz/ Name: csu
Value: 1867717516981423@1@1705369497
proftrafficcounter.com/ Name: uid_id2
Value: 7c95dc8b-f505-4eaf-954d-751e868556ae:2:1
do0od.com/ Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c
Value: 7c95dc8b-f505-4eaf-954d-751e868556ae%3A2%3A1
do0od.com/ Name: sb_main_6f0a93cda652e64b72651fd9588be3d4
Value: 1
do0od.com/ Name: sb_count_6f0a93cda652e64b72651fd9588be3d4
Value: 1
ku42hjr2e.com/ Name: CHCK
Value: 1
ku42hjr2e.com/ Name: UID
Value: 24011520448f3a99e2c46d48b2a42c2f5809
do0od.com/ Name: __PPU___PPU_SESSION_URL
Value: %2Fe%2Ftf5j903go600
expertiseresemblefood.com/ Name: u_pl
Value: 19079686
expertiseresemblefood.com/ Name: uid_id2
Value: 7c95dc8b-f505-4eaf-954d-751e868556ae:2:1
expertiseresemblefood.com/ Name: pdhtkv
Value: true
expertiseresemblefood.com/ Name: uncs
Value: 1
expertiseresemblefood.com/ Name: pdhtkv29
Value: true
expertiseresemblefood.com/ Name: uncs29
Value: 1
expertiseresemblefood.com/ Name: slec6f0a93cda652e64b72651fd9588be3d4
Value: [4897409]
do0od.com/ Name: pbpr0tpuw4isk85t8yg3jb2lj5vqf
Value: expertiseresemblefood.com
limurol.com/ Name: UID
Value: 24011520448db74015859e4a2d9493e01eb2
limurol.com/ Name: CHCK
Value: 1

5 Console Messages

Source Level URL
Text
javascript warning URL: https://do0od.com/e/tf5j903go600
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://do0od.com/e/tf5j903go600
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security warning URL: https://do0od.com/e/tf5j903go600
Message:
document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1_2u1_xPZj-mh-YZcz0j_B6Zf31Kok--AMpbp-ADMoiRCQ4dcfI3jk_pmS4RoKkCh8S6aSjQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-452600218%3A1705369498464613&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp01elEU3uF-Ay2zKae-5I8nYyUxje1e7xElt7R9626KbF_SFVN3EwmXdlijr6zn-ylBVa9EFQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-150472060%3A1705369498482552&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
cdn.barscreative1.com
cdn.creative-bars1.com
cdn.tsyndicate.com
cdnjs.cloudflare.com
ce728wo.video-delivery.net
d3eub2e21dc6h0.cloudfront.net
do0od.com
expertiseresemblefood.com
fonts.googleapis.com
forfeitsubscribe.com
friendshipmale.com
i.doodcdn.co
i.doodcdn.com
img.doodcdn.co
ioniamcurr.info
ku42hjr2e.com
limurol.com
orgotitedu.info
pogothere.xyz
proftrafficcounter.com
unseenreport.com
www.facebook.com
www.gstatic.com
xukpresesmr.info
162.252.21.37
172.67.185.238
172.67.220.203
18.165.98.127
184.73.30.186
192.243.61.225
192.243.61.227
2600:9000:20ed:4200:12:8107:3100:21
2606:4700:20::681a:74a
2606:4700:20::681a:fae
2606:4700:3031::6815:22d2
2606:4700:3038::6815:ea20
2606:4700::6811:180e
2606:4700:e2::ac40:8203
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c09::54
2607:f8b0:4004:c17::5f
2a02:b48:8301::3
2a03:2880:f103:83:face:b00c:0:25de
51.210.111.151
8.252.161.249
99.86.229.28
01c49e02b98bc8a4275650b65787cdd100c362abc7e54e8b9e99396b6117c2c6
0f1a7f6f402d881f0a882c8e8bcb722552ead9f11c421bdcce6bfa68720bf6e1
186a4cc8a9737dd12db8093b5b765716a2d681096920363decc68ade7b16ea44
1cd933d85c43fa5a2ce65342b68cd4f018bc0be0fab09977248d7ba41470d11a
2577866b9d26cd6a4be764910f0913ae5b737ed1d130d635048051ebe15ae680
2a6e0365befd9bcd0bf7ed0f3eb972bb5a2809940b476d540963ba5548fbfe2c
3028c87fc798ac3741f02079034e6c23462afc0c5e6c8d321188ce3716c8472a
311cba72a3181f33f1b4e39a56e15c5344b97bd82987f64cabd1ed1f2bd340e1
3716878d3ceb2042b22c092b31c6f43cc862f8464e92ddde416a49624b32716e
3c8bbfd01b3903ccf2e355c88a22d97ea6e9bdf101057def706c30b0ee5292d2
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
4b66816cf96c7bb2996a20846cdfce80694947b58d3ebb3ed2e5ce131e659086
52274a0fa18a3993c7d5771305031641a6cdee8a2e1c27720796a65503784d0e
581897bc0eb70a9cba52754e2407d9514345f457a74cba16d29cb1472d33907b
6736b40db626020c4948a227a881ef502d278c81d3f506344d0d07af6bff3c56
70d6a17097a8c27edfaad6740e11359d9363f3f04bff1b93483e29c25609fa6c
714e70103deac0d67f52a6285c5fabee6088ce4d710ce7e74353503837038baf
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7583b79e53169094d005b6e9988a42e960a46503dc2b0216007514b4ee3213b0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8fadf475c13cadb8d2433909ecbf1459be18cd31a78e2f091845a42872a00a9f
926ced13c6d1f8812977bd0b6402f121696b33ac42ecacd3f8ba07f13552a65a
9630c142a8c074cc1809ebf4109538cf29cc0baeb6c27726191f1cf5376e2e21
994e3e3eb20ac07cc31da580ecf4c774f9e29d13b4581e77dee9a09b357835a1
9f8cc0fa666cd6911977e73e8ea15747da46c0e2fed880b774d974aeec94fa50
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a54ec8639452fe869c064913b7db5677afea5d407911e23fbf553834a39951f8
a558a4796f60f07743027eec96b538b2e7758cca8c544ed796ff745837478555
ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95
b481e948291b5c9265534527a726078aac0c1085487235b028d0fa308d5f9b6e
b6280b025f54d1e117f8515da139cc3d7c64955a5342fd81498431578336dd08
d33d9d5fc2eef77dd7cda0770e9bc8213f058f2ead19b7d9b7ed731bcd081a47
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d6762296cafaa500c46f5328a2ce9c8abbbba2095304f7661d627857838325af
df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40dbc6da95b47d932014e5a93f35b13a341a37ea6fe7559dca041dc77271cd6
e82d781f1fd57e80d2aa0a96d67252e5b1f486eeab034e06591df902dc8d0c41
ead236c5c4874638808dcf16314ff682e143e7c0bd5b99bbab96fbc0d661582f
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eec2c40d8b1bb98306990239204d8b90ca030f0def0e00dfe3117ae42991e126
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f5db7e8d7d3bf86111b0a6e9c5aea090bec9507cb3643326d60fa65562c42b88
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9082bbccc0876a71c9b52d389785bcf667c242e4ce852772a0f997ac82a0763