doramy.top Open in urlscan Pro
185.179.190.95 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://doramy.top/igra-v-kalmara-vse-serii
Submission: On October 07 via manual (October 7th 2021, 2:40:00 pm UTC) from RU — Scanned from DE

Summary HTTP 98 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 33 IPs in 7 countries across 27 domains to perform 98 HTTP transactions. The main IP is 185.179.190.95, located in Russian Federation and belongs to WEBHOST1-AS, RU. The main domain is doramy.top.
TLS certificate: Issued by R3 on August 22nd 2021. Valid for: 3 months.

This is the only time doramy.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	185.179.190.95 185.179.190.95	44094 (WEBHOST1-AS) (WEBHOST1-AS)
3	77.88.55.88 77.88.55.88	13238 (YANDEX) (YANDEX)
1	88.99.234.26 88.99.234.26	24940 (HETZNER-AS) (HETZNER-AS)
8	178.154.131.215 178.154.131.215	13238 (YANDEX) (YANDEX)
2	142.250.74.200 142.250.74.200	15169 (GOOGLE) (GOOGLE)
13	185.129.100.109 185.129.100.109	57724 (DDOS-GUARD) (DDOS-GUARD)
1 2	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
3	142.250.185.206 142.250.185.206	15169 (GOOGLE) (GOOGLE)
5 23	77.88.21.119 77.88.21.119	13238 (YANDEX) (YANDEX)
1	93.158.134.118 93.158.134.118	13238 (YANDEX) (YANDEX)
1	88.212.252.2 88.212.252.2	7979 (SERVERS-COM) (SERVERS-COM)
1	148.251.4.142 148.251.4.142	24940 (HETZNER-AS) (HETZNER-AS)
1 2	193.232.148.151 193.232.148.151	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	65.108.1.48 65.108.1.48	24940 (HETZNER-AS) (HETZNER-AS)
3	178.250.2.130 178.250.2.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	195.209.111.22 195.209.111.22	52007 (ADRIVER-AS) (ADRIVER-AS)
1 2	138.201.34.238 138.201.34.238	24940 (HETZNER-AS) (HETZNER-AS)
1	157.90.179.215 157.90.179.215	24940 (HETZNER-AS) (HETZNER-AS)
2	173.194.76.156 173.194.76.156	15169 (GOOGLE) (GOOGLE)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	142.250.185.164 142.250.185.164	15169 (GOOGLE) (GOOGLE)
1	104.16.86.20 104.16.86.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.18.106 172.217.18.106	15169 (GOOGLE) (GOOGLE)
3	93.158.134.90 93.158.134.90	13238 (YANDEX) (YANDEX)
2	109.236.85.10 109.236.85.10	49981 (WORLDSTREAM) (WORLDSTREAM)
1 1	176.58.48.48 176.58.48.48	199251 (MNOGOBYTE...) (MNOGOBYTE-CDN MnogoByte LLC)
1	185.190.188.195 185.190.188.195	47328 (TRI-AS Tr...) (TRI-AS True Records Inc.)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	87.250.247.183 87.250.247.183	13238 (YANDEX) (YANDEX)
1	87.250.250.114 87.250.250.114	13238 (YANDEX) (YANDEX)
2 3	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2 6	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
98	33

7 185.179.190.95 (Russian Federation)

ASN44094 (WEBHOST1-AS, RU)
PTR: static.95.190.179.185.ip.webhost1.net

doramy.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 77.88.55.88 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: yandex.ru

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.234.26 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: digitalcaramel.com

ads.digitalcaramel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 178.154.131.215 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: static.yandex.net

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.129.100.109 (Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net

kodik.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.210 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 77.88.21.119 (Moscow, Russian Federation) 5 redirects

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.158.134.118 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
PTR: matchid-production.adfox.yandex.ru

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.252.2 (Russian Federation)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.4.142 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.142.4.251.148.clients.your-server.de

yhb.p.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.151 (Russian Federation) 1 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp12.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

adfox-c2s-ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.108.1.48 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.48.1.108.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.209.111.22 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)

pb.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.34.238 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.238.34.201.138.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.90.179.215 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1407631.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.76.156 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.86.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.106 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f106.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 93.158.134.90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 109.236.85.10 (Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: customer.worldstream.nl

ls.player-cname-domain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.58.48.48 (Russian Federation) 1 redirects

ASN199251 (MNOGOBYTE-CDN MnogoByte LLC, RU)

cloud.kodik-storage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.190.188.195 (Russian Federation)

ASN47328 (TRI-AS True Records Inc., ES)

coliseum.cloud.kodik-storage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.250.247.183 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: avatars.mds.yandex.net

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.250.250.114 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: ysa-static.passport.yandex.net

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	yandex.com 3 redirects mc.yandex.com	5 KB
15	yandex.ru 2 redirects yandex.ru mc.yandex.ru matchid.adfox.yandex.ru an.yandex.ru ysa-static.passport.yandex.ru	243 KB
13	kodik.cc kodik.cc	145 KB
8	doubleclick.net 2 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	6 KB
8	google.com analytics.google.com www.google.com	1 KB
8	yastatic.net yastatic.net	330 KB
7	doramy.top doramy.top	289 KB
4	criteo.com bidder.criteo.com gum.criteo.com	6 KB
3	googleadservices.com 2 redirects www.googleadservices.com	15 KB
3	criteo.net static.criteo.net	39 KB
2	yandex.net avatars.mds.yandex.net	8 KB
2	kodik-storage.com 1 redirects cloud.kodik-storage.com coliseum.cloud.kodik-storage.com	32 KB
2	player-cname-domain.com ls.player-cname-domain.com	887 B
2	buzzoola.com 1 redirects exchange.buzzoola.com	849 B
2	adhigh.net 1 redirects px.adhigh.net	729 B
2	google-analytics.com www.google-analytics.com	20 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	googletagmanager.com www.googletagmanager.com	90 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	jsdelivr.net cdn.jsdelivr.net Failed	77 KB
1	sape.ru ssp-rtb.sape.ru	449 B
1	adriver.ru pb.adriver.ru	298 B
1	bidvol.com ssp.bidvol.com	440 B
1	creativecdn.com adfox-c2s-ams.creativecdn.com	204 B
1	otm-r.com yhb.p.otm-r.com	248 B
1	betweendigital.com ads.betweendigital.com	915 B
1	digitalcaramel.com ads.digitalcaramel.com	943 B
98	27

	Domain	Requested by
16	mc.yandex.com	3 redirects doramy.top mc.yandex.ru
13	kodik.cc	doramy.top kodik.cc
8	yastatic.net	doramy.top yandex.ru yastatic.net
7	www.google.com	doramy.top
7	mc.yandex.ru	2 redirects doramy.top kodik.cc cdn.jsdelivr.net yastatic.net
7	doramy.top	doramy.top
6	googleads.g.doubleclick.net	2 redirects www.googleadservices.com
3	www.googleadservices.com	2 redirects yastatic.net
3	an.yandex.ru	yandex.ru
3	static.criteo.net	yandex.ru doramy.top
3	yandex.ru	doramy.top yastatic.net
2	avatars.mds.yandex.net
2	gum.criteo.com	static.criteo.net gum.criteo.com
2	ls.player-cname-domain.com	kodik.cc ls.player-cname-domain.com
2	bidder.criteo.com	static.criteo.net
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	exchange.buzzoola.com	1 redirects doramy.top
2	px.adhigh.net	1 redirects doramy.top
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	counter.yadro.ru	1 redirects doramy.top
2	www.googletagmanager.com	doramy.top www.googletagmanager.com
1	ysa-static.passport.yandex.ru
1	coliseum.cloud.kodik-storage.com
1	cloud.kodik-storage.com	1 redirects
1	fonts.googleapis.com	kodik.cc
1	cdn.jsdelivr.net	kodik.cc
1	analytics.google.com	www.googletagmanager.com
1	ssp-rtb.sape.ru	yandex.ru
1	pb.adriver.ru	yandex.ru
1	ssp.bidvol.com	yandex.ru
1	adfox-c2s-ams.creativecdn.com	yandex.ru
1	yhb.p.otm-r.com	yandex.ru
1	ads.betweendigital.com	yandex.ru
1	matchid.adfox.yandex.ru	yandex.ru
1	ads.digitalcaramel.com	doramy.top
98	35

This site contains links to these domains. Also see Links.

Domain
vk.com
t.me
connect.ok.ru
www.facebook.com
twitter.com
api.whatsapp.com
www.liveinternet.ru

Subject Issuer	Validity	Valid
doramy.top R3	`2021-08-22` - `2021-11-20`	3 months	crt.sh
yandex.ru Yandex CA	`2021-08-30` - `2022-02-28`	6 months	crt.sh
caramel.am R3	`2021-08-29` - `2021-11-27`	3 months	crt.sh
*.yastatic.net Yandex CA	`2021-08-18` - `2022-02-16`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
kodik.cc Sectigo RSA Domain Validation Secure Server CA	`2021-10-02` - `2022-11-02`	a year	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
matchid.adfox.yandex.ru Yandex CA	`2021-08-26` - `2022-02-18`	6 months	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-06` - `2022-02-16`	2 years	crt.sh
*.p.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-27` - `2022-02-06`	2 years	crt.sh
ltmse.com R3	`2021-07-30` - `2021-10-28`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
ssp.bidvol.com R3	`2021-09-30` - `2021-12-29`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
*.buzzoola.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-30` - `2022-09-28`	2 years	crt.sh
*.sape.ru R3	`2021-08-16` - `2021-11-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
bs.yandex.ru Yandex CA	`2021-05-31` - `2021-11-29`	6 months	crt.sh
ls.player-cname-domain.com R3	`2021-08-08` - `2021-11-06`	3 months	crt.sh
*.cloud.kodik-storage.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-03` - `2022-11-03`	a year	crt.sh
avatars.mds.yandex.net Yandex CA	`2021-08-31` - `2022-03-01`	6 months	crt.sh
ysa-static.passport.yandex.net Yandex CA	`2021-08-21` - `2022-02-19`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 8 frames:

Primary Page: https://doramy.top/igra-v-kalmara-vse-serii
Frame ID: 00CF46D49BCA99CCC80CAA6F85C6539B
Requests: 65 HTTP requests in this frame

Frame: https://kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p
Frame ID: 75D2860500F8E4E7251514E3FB31B450
Requests: 5 HTTP requests in this frame

Frame: https://kodik.cc/go/seria/891065/c078a257ad066119428a7c24b30c6304/720p?d=doramy.top&d_sign=a5a9c2c6b85ec50c45e52d6d812f95f4542d7533ee213f97ce9b0f9c400270dc&pd=kodik.cc&pd_sign=9945930febce35101e96ce0fe360f9729430271c19941e63c5208c2f342e10ed&ref=https%3A%2F%2Fdoramy.top%2F&ref_sign=754eac682169edaea44a53e61baaa4f5c795e1e7ad63d493822bcd3879385cff&sl=//kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p&sl_sign=a888018d80140545cd20aa0150c37c4a56a46d82b27631514e4f4c4a04743290&min_age=18
Frame ID: FD141FC13942757295FB486E2B524D0B
Requests: 1 HTTP requests in this frame

Frame: https://kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p
Frame ID: FA1E2547D2AEE889943C29B9FD9699A8
Requests: 8 HTTP requests in this frame

Frame: https://kodik.cc/go/seria/891065/c078a257ad066119428a7c24b30c6304/720p?d=doramy.top&d_sign=a5a9c2c6b85ec50c45e52d6d812f95f4542d7533ee213f97ce9b0f9c400270dc&pd=kodik.cc&pd_sign=9945930febce35101e96ce0fe360f9729430271c19941e63c5208c2f342e10ed&ref=https%3A%2F%2Fdoramy.top%2F&ref_sign=754eac682169edaea44a53e61baaa4f5c795e1e7ad63d493822bcd3879385cff&sl=//kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p&sl_sign=a888018d80140545cd20aa0150c37c4a56a46d82b27631514e4f4c4a04743290&min_age=18
Frame ID: 565C7B996E653805DFF469D4EC40BD01
Requests: 6 HTTP requests in this frame

Frame: https://ls.player-cname-domain.com/storage.html
Frame ID: 52F46CD809D212D2B3E1A225126F1C45
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=doramy.top
Frame ID: 83FED51A714C5295D5C993D2875D90D8
Requests: 2 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.82/1-1-0/render.html
Frame ID: 0FCBA81BD9F240DE40AE994DC84C0727
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Игра в кальмара дорама смотреть онлайн с русской озвучкой

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

98
Requests

99 %
HTTPS

0 %
IPv6

27
Domains

35
Subdomains

33
IPs

7
Countries

1309 kB
Transfer

4128 kB
Size

42
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://vk.com/share.php?url=https%3A%2F%2Fdoramy.top%2Figra-v-kalmara-vse-serii&title=%D0%98%D0%B3%D1%80%D0%B0%20%D0%B2%20%D0%BA%D0%B0%D0%BB%D1%8C%D0%BC%D0%B0%D1%80%D0%B0%20%D0%B4%D0%BE%D1%80%D0%B0%D0%BC%D0%B0%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B7%D0%B2%D1%83%D1%87%D0%BA%D0%BE%D0%B9&utm_source=share2
Title: ВКонтакте

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=https%3A%2F%2Fdoramy.top%2Figra-v-kalmara-vse-serii&text=%D0%98%D0%B3%D1%80%D0%B0%20%D0%B2%20%D0%BA%D0%B0%D0%BB%D1%8C%D0%BC%D0%B0%D1%80%D0%B0%20%D0%B4%D0%BE%D1%80%D0%B0%D0%BC%D0%B0%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B7%D0%B2%D1%83%D1%87%D0%BA%D0%BE%D0%B9&utm_source=share2
Title: Telegram

Search URL Search Domain Scan URL

URL: https://connect.ok.ru/offer?url=https%3A%2F%2Fdoramy.top%2Figra-v-kalmara-vse-serii&title=%D0%98%D0%B3%D1%80%D0%B0%20%D0%B2%20%D0%BA%D0%B0%D0%BB%D1%8C%D0%BC%D0%B0%D1%80%D0%B0%20%D0%B4%D0%BE%D1%80%D0%B0%D0%BC%D0%B0%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B7%D0%B2%D1%83%D1%87%D0%BA%D0%BE%D0%B9&utm_source=share2
Title: Одноклассники

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?src=sp&u=https%3A%2F%2Fdoramy.top%2Figra-v-kalmara-vse-serii&title=%D0%98%D0%B3%D1%80%D0%B0%20%D0%B2%20%D0%BA%D0%B0%D0%BB%D1%8C%D0%BC%D0%B0%D1%80%D0%B0%20%D0%B4%D0%BE%D1%80%D0%B0%D0%BC%D0%B0%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B7%D0%B2%D1%83%D1%87%D0%BA%D0%BE%D0%B9&utm_source=share2
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=%D0%98%D0%B3%D1%80%D0%B0%20%D0%B2%20%D0%BA%D0%B0%D0%BB%D1%8C%D0%BC%D0%B0%D1%80%D0%B0%20%D0%B4%D0%BE%D1%80%D0%B0%D0%BC%D0%B0%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B7%D0%B2%D1%83%D1%87%D0%BA%D0%BE%D0%B9&url=https%3A%2F%2Fdoramy.top%2Figra-v-kalmara-vse-serii&utm_source=share2
Title: Twitter

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=%D0%98%D0%B3%D1%80%D0%B0%20%D0%B2%20%D0%BA%D0%B0%D0%BB%D1%8C%D0%BC%D0%B0%D1%80%D0%B0%20%D0%B4%D0%BE%D1%80%D0%B0%D0%BC%D0%B0%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B7%D0%B2%D1%83%D1%87%D0%BA%D0%BE%D0%B9%20https%3A%2F%2Fdoramy.top%2Figra-v-kalmara-vse-serii&utm_source=share2
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://counter.yadro.ru/hit?t45.1;r;s1600*1200*24;uhttps%3A//doramy.top/igra-v-kalmara-vse-serii;h%u0418%u0433%u0440%u0430%20%u0432%20%u043A%u0430%u043B%u044C%u043C%u0430%u0440%u0430%20%u0434%u043E%u0440%u0430%u043C%u0430%20%u0441%u043C%u043E%u0442%u0440%u0435%u0442%u044C%20%u043E%u043D%u043B%u0430%u0439%u043D%20%u0441%20%u0440%u0443%u0441%u0441%u043A%u043E%u0439%20%u043E%u0437%u0432%u0443%u0447%u043A%u043E%u0439;0.6715626644414405 HTTP 302
https://counter.yadro.ru/hit?q;t45.1;r;s1600*1200*24;uhttps%3A//doramy.top/igra-v-kalmara-vse-serii;h%u0418%u0433%u0440%u0430%20%u0432%20%u043A%u0430%u043B%u044C%u043C%u0430%u0440%u0430%20%u0434%u043E%u0440%u0430%u043C%u0430%20%u0441%u043C%u043E%u0442%u0440%u0435%u0442%u044C%20%u043E%u043D%u043B%u0430%u0439%u043D%20%u0441%20%u0440%u0443%u0441%u0441%u043A%u043E%u0439%20%u043E%u0437%u0432%u0443%u0447%u043A%u043E%u0439;0.6715626644414405

Request Chain 22

https://px.adhigh.net/rtb/yandex_hb HTTP 307
https://px.adhigh.net/rtb/yandex_hb?bounced=1

Request Chain 27

https://exchange.buzzoola.com/ssp/adfox HTTP 307
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

Request Chain 56

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9419.zanahP8dP0HnlsR3hoDdM6RK3ijIGZwto-XGA6bKzKa_UU8QKhQklej2yo4MAFJi.ADjoC6IpKEhDWMvEGi_h1tuhivE%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9419.ZZB1mud2LaQMZkvPo4FQuavw2ELaQHGUsyMVHiPPluc3LjsM3-KhlCsFGxQgrxFPWiplRNguuJUHPjQPKtC9K40t1QiSfkLIFTI-KkmtHAU%2C.lpIVKptxEsXN7HPMUZ3eL9HxfPQ%2C

Request Chain 63

https://mc.yandex.com/watch/26812653?wmode=7&page-url=https%3A%2F%2Fdoramy.top%2Figra-v-kalmara-vse-serii&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22b%2Fh%2Fj%2Fk%2Fk%2Fl%2Ft%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A305%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A2%3Adp%3A1%3Als%3A397577748094%3Ahid%3A344876536%3Az%3A0%3Ai%3A202101007143954%3Aet%3A1633617595%3Ac%3A1%3Arn%3A834897833%3Arqn%3A1%3Au%3A1633617595134645084%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633617594243%3Ads%3A0%2C94%2C51%2C1%2C0%2C0%2C%2C162%2C0%2C%2C%2C%2C311%3Adsn%3A1%2C93%2C51%2C1%2C0%2C0%2C%2C164%2C0%2C%2C%2C%2C311%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633617595%3At%3A%D0%98%D0%B3%D1%80%D0%B0%20%D0%B2%20%D0%BA%D0%B0%D0%BB%D1%8C%D0%BC%D0%B0%D1%80%D0%B0%20%D0%B4%D0%BE%D1%80%D0%B0%D0%BC%D0%B0%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B7%D0%B2%D1%83%D1%87%D0%BA%D0%BE%D0%B9 HTTP 302
https://mc.yandex.com/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fdoramy.top%2Figra-v-kalmara-vse-serii&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22b%2Fh%2Fj%2Fk%2Fk%2Fl%2Ft%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A305%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A2%3Adp%3A1%3Als%3A397577748094%3Ahid%3A344876536%3Az%3A0%3Ai%3A202101007143954%3Aet%3A1633617595%3Ac%3A1%3Arn%3A834897833%3Arqn%3A1%3Au%3A1633617595134645084%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633617594243%3Ads%3A0%2C94%2C51%2C1%2C0%2C0%2C%2C162%2C0%2C%2C%2C%2C311%3Adsn%3A1%2C93%2C51%2C1%2C0%2C0%2C%2C164%2C0%2C%2C%2C%2C311%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633617595%3At%3A%D0%98%D0%B3%D1%80%D0%B0%20%D0%B2%20%D0%BA%D0%B0%D0%BB%D1%8C%D0%BC%D0%B0%D1%80%D0%B0%20%D0%B4%D0%BE%D1%80%D0%B0%D0%BC%D0%B0%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B7%D0%B2%D1%83%D1%87%D0%BA%D0%BE%D0%B9

Request Chain 64

https://mc.yandex.com/watch/47552716?wmode=7&page-url=https%3A%2F%2Fdoramy.top%2Figra-v-kalmara-vse-serii&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A305%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A1094707868919%3Ahid%3A344876536%3Az%3A0%3Ai%3A202101007143954%3Aet%3A1633617595%3Ac%3A1%3Arn%3A826919326%3Arqn%3A1%3Au%3A1633617595134645084%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633617594243%3Ads%3A0%2C94%2C51%2C1%2C0%2C0%2C%2C162%2C0%2C%2C%2C%2C311%3Adsn%3A1%2C93%2C51%2C1%2C0%2C0%2C%2C164%2C0%2C%2C%2C%2C311%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633617595%3At%3A%D0%98%D0%B3%D1%80%D0%B0%20%D0%B2%20%D0%BA%D0%B0%D0%BB%D1%8C%D0%BC%D0%B0%D1%80%D0%B0%20%D0%B4%D0%BE%D1%80%D0%B0%D0%BC%D0%B0%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B7%D0%B2%D1%83%D1%87%D0%BA%D0%BE%D0%B9 HTTP 302
https://mc.yandex.com/watch/47552716/1?wmode=7&page-url=https%3A%2F%2Fdoramy.top%2Figra-v-kalmara-vse-serii&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A305%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A1094707868919%3Ahid%3A344876536%3Az%3A0%3Ai%3A202101007143954%3Aet%3A1633617595%3Ac%3A1%3Arn%3A826919326%3Arqn%3A1%3Au%3A1633617595134645084%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633617594243%3Ads%3A0%2C94%2C51%2C1%2C0%2C0%2C%2C162%2C0%2C%2C%2C%2C311%3Adsn%3A1%2C93%2C51%2C1%2C0%2C0%2C%2C164%2C0%2C%2C%2C%2C311%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633617595%3At%3A%D0%98%D0%B3%D1%80%D0%B0%20%D0%B2%20%D0%BA%D0%B0%D0%BB%D1%8C%D0%BC%D0%B0%D1%80%D0%B0%20%D0%B4%D0%BE%D1%80%D0%B0%D0%BC%D0%B0%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B7%D0%B2%D1%83%D1%87%D0%BA%D0%BE%D0%B9

Request Chain 68

https://mc.yandex.ru/watch/58424476?wmode=7&page-url=https%3A%2F%2Fkodik.cc%2Fserial%2F37378%2F37759596e9ba2c55fe6433ff45d05f29%2F720p&page-ref=https%3A%2F%2Fdoramy.top%2F&charset=utf-8&site-info=%7B%22iframe%22%3Atrue%2C%22a%22%3Atrue%2C%22adult%22%3Afalse%2C%22double_a%22%3Atrue%2C%22partnership%22%3Atrue%2C%22share_link%22%3Afalse%2C%22c_a%22%3A%22on%22%2C%22c_a_bool%22%3Atrue%2C%22b_a%22%3A%22on%22%2C%22b_a_bool%22%3Atrue%2C%22y_a%22%3A%22on%22%2C%22y_a_bool%22%3Atrue%2C%22domain%22%3A%22doramy.top%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A114%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A607320713056%3Ahid%3A704591976%3Az%3A0%3Ai%3A202101007143954%3Aet%3A1633617595%3Ac%3A1%3Arn%3A480916165%3Arqn%3A1%3Au%3A163361759542863984%3Aw%3A1100x594%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1633617594787%3Ads%3A0%2C0%2C19%2C1%2C0%2C0%2C%2C71%2C6%2C%2C%2C%2C114%3Adsn%3A0%2C0%2C20%2C0%2C0%2C0%2C%2C93%2C6%2C%2C%2C%2C114%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633617595%3At%3A%D0%98%D0%B3%D1%80%D0%B0%20%D0%B2%20%D0%BA%D0%B0%D0%BB%D1%8C%D0%BC%D0%B0%D1%80%D0%B0 HTTP 302
https://mc.yandex.ru/watch/58424476/1?wmode=7&page-url=https%3A%2F%2Fkodik.cc%2Fserial%2F37378%2F37759596e9ba2c55fe6433ff45d05f29%2F720p&page-ref=https%3A%2F%2Fdoramy.top%2F&charset=utf-8&site-info=%7B%22iframe%22%3Atrue%2C%22a%22%3Atrue%2C%22adult%22%3Afalse%2C%22double_a%22%3Atrue%2C%22partnership%22%3Atrue%2C%22share_link%22%3Afalse%2C%22c_a%22%3A%22on%22%2C%22c_a_bool%22%3Atrue%2C%22b_a%22%3A%22on%22%2C%22b_a_bool%22%3Atrue%2C%22y_a%22%3A%22on%22%2C%22y_a_bool%22%3Atrue%2C%22domain%22%3A%22doramy.top%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A114%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A607320713056%3Ahid%3A704591976%3Az%3A0%3Ai%3A202101007143954%3Aet%3A1633617595%3Ac%3A1%3Arn%3A480916165%3Arqn%3A1%3Au%3A163361759542863984%3Aw%3A1100x594%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1633617594787%3Ads%3A0%2C0%2C19%2C1%2C0%2C0%2C%2C71%2C6%2C%2C%2C%2C114%3Adsn%3A0%2C0%2C20%2C0%2C0%2C0%2C%2C93%2C6%2C%2C%2C%2C114%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633617595%3At%3A%D0%98%D0%B3%D1%80%D0%B0%20%D0%B2%20%D0%BA%D0%B0%D0%BB%D1%8C%D0%BC%D0%B0%D1%80%D0%B0

Request Chain 78

https://cloud.kodik-storage.com/d3a53b2b265a631c3950c301eb214c48:2021100802/useruploads/b9ea32ad-d3eb-4b31-a100-8e98c5d14a8a/thumb002.jpg HTTP 302
https://coliseum.cloud.kodik-storage.com/d3a53b2b265a631c3950c301eb214c48:2021100802/useruploads/b9ea32ad-d3eb-4b31-a100-8e98c5d14a8a/thumb002.jpg

Request Chain 92

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=vQZfYbKFLrSAx_APzuWDwAw&random=180772797&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=180772797&crd=&is_vtc=1&random=845299994

Request Chain 93

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=vQZfYdWJLsLRgAfQ54yoDQ&random=506785227&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=506785227&crd=&is_vtc=1&random=3155203663

98 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request igra-v-kalmara-vse-serii Show response
doramy.top/ 28 KB
9 KB 146ms
51ms Document
text/html 185.179.190.95
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://doramy.top/igra-v-kalmara-vse-serii
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.179.190.95 , Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: static.95.190.179.185.ip.webhost1.net
Software: nginx/1.21.1 / PHP/7.3.29
Resource Hash: 8808bfcc90682db911afe6ec5c7bca652ab0ed2a2b1c50e60a58694e7980da3d

Request headers

:method: GET
:authority: doramy.top
:scheme: https
:path: /igra-v-kalmara-vse-serii
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx/1.21.1
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.29
chd: 1
cache-control: no-cache, private
date: Thu, 07 Oct 2021 14:39:54 GMT
access-control-allow-methods: HEAD, GET, POST, PUT, PATCH, DELETE
access-control-allow-headers
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 app.0e794e.css
doramy.top/dist/ 163 KB
33 KB 51ms
50ms Stylesheet
text/css 185.179.190.95
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://doramy.top/dist/app.0e794e.css
Requested by: Host: doramy.top
URL: https://doramy.top/igra-v-kalmara-vse-serii
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.179.190.95 , Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: static.95.190.179.185.ip.webhost1.net
Software: nginx/1.21.1 /
Resource Hash: 1d0117d0bbc663f1ec1cc27cae9973f2f85397a37e9afa11ca71c0b5017c4141

Request headers

:path: /dist/app.0e794e.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: doramy.top
referer: https://doramy.top/igra-v-kalmara-vse-serii
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/igra-v-kalmara-vse-serii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:54 GMT
content-encoding: gzip
last-modified: Sat, 28 Aug 2021 11:10:30 GMT
server: nginx/1.21.1
etag: W/"612a19a6-28a47"
content-type: text/css
cache-control: max-age=31536000
expires: Fri, 07 Oct 2022 14:39:54 GMT

GET
H2 200 header-bidding.js Show response
yandex.ru/ads/system/ 152 KB
39 KB 127ms
57ms Script
text/javascript 77.88.55.88
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/header-bidding.js

Requested by

Host: doramy.top
URL: https://doramy.top/igra-v-kalmara-vse-serii

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.55.88 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

yandex.ru

Software

Resource Hash

a320132a9473a1c3bbe964b1cdeaf5fb883dfbc4d951e6d55b7026ddc45a16a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
etag: 4022740391
x-yandex-req-id: 1633617594497330-11883092834217695680-man0-6861-6a2-man-l7-balancer-8080-BAL-5157
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 07 Oct 2021 15:39:54 GMT

GET
H2 200 doramy.top.js Show response
ads.digitalcaramel.com/js/ 5 KB
943 B 44ms
10ms Script
application/javascript 88.99.234.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.digitalcaramel.com/js/doramy.top.js

Requested by

Host: doramy.top
URL: https://doramy.top/igra-v-kalmara-vse-serii

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.99.234.26 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

digitalcaramel.com

Software

nginx /

Resource Hash

1a9cb94e156c90d133d639fd0871dd2285e88ac29cf9fca29ddffb4c9202b5f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 11 Sep 2021 07:00:23 GMT
server: nginx
etag: W/"613c5407-1401"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=15724800; includeSubdomains; preload
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 300 KB
80 KB 76ms
75ms Script
text/javascript 77.88.55.88
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: doramy.top
URL: https://doramy.top/igra-v-kalmara-vse-serii

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.55.88 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

yandex.ru

Software

Resource Hash

4b1942d62fd6528155cafb9f6d96ee80ba791ec1f06ccab827a915d848555234

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
etag: 4089146682
x-yandex-req-id: 1633617594524192-5278166941055177791-man0-6861-6a2-man-l7-balancer-8080-BAL-1632
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 07 Oct 2021 15:39:54 GMT

GET
H2 200 igra-v-kalmara.webp
doramy.top/img/poster/webp/ 71 KB
71 KB 46ms
46ms Image
image/webp 185.179.190.95
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doramy.top/img/poster/webp/igra-v-kalmara.webp
Requested by: Host: doramy.top
URL: https://doramy.top/igra-v-kalmara-vse-serii
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.179.190.95 , Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: static.95.190.179.185.ip.webhost1.net
Software: nginx/1.21.1 /
Resource Hash: eb0b7620ea4d111b2ccf64cadb906f2897defd8d57ed3c6398731ad6ffd5cb98

Request headers

:path: /img/poster/webp/igra-v-kalmara.webp
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: doramy.top
referer: https://doramy.top/igra-v-kalmara-vse-serii
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/igra-v-kalmara-vse-serii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:54 GMT
last-modified: Tue, 05 Oct 2021 08:19:37 GMT
server: nginx/1.21.1
etag: "615c0a99-11c2e"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 72750
expires: Fri, 07 Oct 2022 14:39:54 GMT

GET
H2 200 voice.svg
doramy.top/img/ 2 KB
2 KB 91ms
91ms Image
image/svg+xml 185.179.190.95
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doramy.top/img/voice.svg
Requested by: Host: doramy.top
URL: https://doramy.top/igra-v-kalmara-vse-serii
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.179.190.95 , Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: static.95.190.179.185.ip.webhost1.net
Software: nginx/1.21.1 /
Resource Hash: 1406d8dea59d2acf7126777b3c6d3bd8f9a0a5cde3d81bc93b60a7c355d0c7cc

Request headers

:path: /img/voice.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: doramy.top
referer: https://doramy.top/igra-v-kalmara-vse-serii
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/igra-v-kalmara-vse-serii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:54 GMT
last-modified: Thu, 12 Mar 2020 11:44:55 GMT
server: nginx/1.21.1
etag: "5e6a20b7-6f4"
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1780
expires: Fri, 07 Oct 2022 14:39:54 GMT

GET
H2 200 app.71399b.js Show response
doramy.top/dist/ 159 KB
159 KB 92ms
91ms Script
application/javascript 185.179.190.95
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://doramy.top/dist/app.71399b.js
Requested by: Host: doramy.top
URL: https://doramy.top/igra-v-kalmara-vse-serii
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.179.190.95 , Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: static.95.190.179.185.ip.webhost1.net
Software: nginx/1.21.1 /
Resource Hash: 96224b0ee3eaf0ff6582cf7330efe2e8f886944c27bc18193196760d1790e76a

Request headers

:path: /dist/app.71399b.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: doramy.top
referer: https://doramy.top/igra-v-kalmara-vse-serii
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/igra-v-kalmara-vse-serii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:54 GMT
last-modified: Sun, 15 Aug 2021 19:15:42 GMT
server: nginx/1.21.1
etag: "611967de-27b3f"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 162623
expires: Fri, 07 Oct 2022 14:39:54 GMT

GET
H2 200 share.js Show response
yastatic.net/share2/ 144 KB
39 KB 100ms
30ms Script
application/javascript 178.154.131.215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/share2/share.js

Requested by

Host: doramy.top
URL: https://doramy.top/igra-v-kalmara-vse-serii

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

8e96268766735ae11a87d1e3bea4e681b0b05e3afa54d79806dc1f550597fa15

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:54 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 24 May 2021 12:18:35 GMT
server: nginx/1.17.9
etag: W/"bcd00e6750a3b5b8b79248b4c2e87b60"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=216009
timing-allow-origin: *
expires: Sun, 10 Oct 2021 02:36:04 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 104 KB
41 KB 45ms
21ms Script
application/javascript 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T56X9XT

Requested by

Host: doramy.top
URL: https://doramy.top/igra-v-kalmara-vse-serii

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ccff4e84f080ada5b0519fb16f2827cf5e1630f15b280ac4cdd1f11d993afa93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:54 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41192
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 Oct 2021 14:39:54 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebbfdc8a0892a560dcb391cbb4e94cdc18faffc8e5afa1601affe95c303c4f7d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 685 B
685 B Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39d6fbd7b9938804854b244dccb51a2fb3f7d8b405c04e4cc13648d46aa53651

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 316 B
316 B Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ee8ac10188e1abeca3abe2112c04ba0d7a9d9149ff6b6ea7e5de3ef5048d534

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: img/png

GET
H2 200 light_wool.png
doramy.top/img/ 14 KB
14 KB 89ms
88ms Image
image/png 185.179.190.95
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doramy.top/img/light_wool.png
Requested by: Host: doramy.top
URL: https://doramy.top/dist/app.0e794e.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.179.190.95 , Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: static.95.190.179.185.ip.webhost1.net
Software: nginx/1.21.1 /
Resource Hash: dcfbe8bc092d0fccfe25cfedcda1272e7e8bb916d4a7a64273de1f51c226f7fa

Request headers

:path: /img/light_wool.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: doramy.top
referer: https://doramy.top/dist/app.0e794e.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/dist/app.0e794e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:54 GMT
last-modified: Thu, 14 Jun 2012 18:19:04 GMT
server: nginx/1.21.1
etag: "4fda2b18-3700"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 14080
expires: Fri, 07 Oct 2022 14:39:54 GMT

GET
H2 200 search.svg
doramy.top/img/ 478 B
661 B 88ms
88ms Image
image/svg+xml 185.179.190.95
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doramy.top/img/search.svg
Requested by: Host: doramy.top
URL: https://doramy.top/dist/app.0e794e.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.179.190.95 , Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: static.95.190.179.185.ip.webhost1.net
Software: nginx/1.21.1 /
Resource Hash: 5e7d0ad580fba5f6438559c1716c9e2ca8fde3d2ce823701d9503f99722a3710

Request headers

:path: /img/search.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: doramy.top
referer: https://doramy.top/dist/app.0e794e.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/dist/app.0e794e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:54 GMT
last-modified: Wed, 04 Mar 2020 16:45:08 GMT
server: nginx/1.21.1
etag: "5e5fdb14-1de"
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 478
expires: Fri, 07 Oct 2022 14:39:54 GMT

GET
H2 200 720p Show response
kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/ Frame 75D2 23 KB
4 KB 61ms
24ms Document
text/html 185.129.100.109
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL: https://kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p
Requested by: Host: doramy.top
URL: https://doramy.top/igra-v-kalmara-vse-serii
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.129.100.109 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS: ddos-guard.net
Software: ddos-guard /
Resource Hash: 3000020a2faa43a70a15d1e594265ca9ede8916b9528163e8cae960df545e59b

Request headers

:method: GET
:authority: kodik.cc
:scheme: https
:path: /serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://doramy.top/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/

Response headers

server: ddos-guard
set-cookie: __ddg1=holMgoKY9spBt84Qb0Kz; Domain=.kodik.cc; HttpOnly; Path=/; Expires=Fri, 07-Oct-2022 14:39:54 GMT
date: Thu, 07 Oct 2021 14:39:54 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t45.1;r;s1600*1200*24;uhttps%3A//doramy.top/igra-v-kalmara-vse-serii;h%u0418%u0433%u0440%u0430%20%u0432%20%u043A%u0430%u043B%u044C%u043C%u0430%u0440%u0430%20%u0434%u043...
https://counter.yadro.ru/hit?q;t45.1;r;s1600*1200*24;uhttps%3A//doramy.top/igra-v-kalmara-vse-serii;h%u0418%u0433%u0440%u0430%20%u0432%20%u043A%u0430%u043B%u044C%u043C%u0430%u0440%u0430%20%u0434%u0...

112 B
598 B

46ms
46ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t45.1;r;s1600*1200*24;uhttps%3A//doramy.top/igra-v-kalmara-vse-serii;h%u0418%u0433%u0440%u0430%20%u0432%20%u043A%u0430%u043B%u044C%u043C%u0430%u0440%u0430%20%u0434%u043E%u0440%u0430%u043C%u0430%20%u0441%u043C%u043E%u0442%u0440%u0435%u0442%u044C%20%u043E%u043D%u043B%u0430%u0439%u043D%20%u0441%20%u0440%u0443%u0441%u0441%u043A%u043E%u0439%20%u043E%u0437%u0432%u0443%u0447%u043A%u043E%u0439;0.6715626644414405

Requested by

Host: doramy.top
URL: https://doramy.top/igra-v-kalmara-vse-serii

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

bb51b9caddb8a0e55d70c819b8a8903fbf2f94b7ad453653ec6aa0e823524276

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Oct 2021 14:39:54 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 112
Expires: Tue, 06 Oct 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 07 Oct 2021 14:39:54 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t45.1;r;s1600*1200*24;uhttps%3A//doramy.top/igra-v-kalmara-vse-serii;h%u0418%u0433%u0440%u0430%20%u0432%20%u043A%u0430%u043B%u044C%u043C%u0430%u0440%u0430%20%u0434%u043E%u0440%u0430%u043C%u0430%20%u0441%u043C%u043E%u0442%u0440%u0435%u0442%u044C%20%u043E%u043D%u043B%u0430%u0439%u043D%20%u0441%20%u0440%u0443%u0441%u0441%u043A%u043E%u0439%20%u043E%u0437%u0432%u0443%u0447%u043A%u043E%u0439;0.6715626644414405
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Tue, 06 Oct 2020 21:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 125 KB
49 KB 23ms
22ms Script
application/javascript 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T657KHEYB7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T56X9XT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

abd0f965d58c5616a9e36f4cbeaed7e3b2e7c8cb017bf407a265b8844c0859d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:54 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50048
x-xss-protection: 0
expires: Thu, 07 Oct 2021 14:39:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 50ms
14ms Script
text/javascript 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T56X9XT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 6777
date: Thu, 07 Oct 2021 12:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 07 Oct 2021 14:46:57 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 131 KB
47 KB 129ms
60ms Script
application/javascript 77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: doramy.top
URL: https://doramy.top/igra-v-kalmara-vse-serii

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

d5c91393fc42ed4d1234c6180d0bd54ab46c10bcac71822415902d5cec48163f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:54 GMT
content-encoding: br
last-modified: Wed, 06 Oct 2021 08:41:01 GMT
etag: "615d36ed-b968"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 47464
expires: Thu, 07 Oct 2021 15:39:54 GMT

GET
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 88 B
369 B 161ms
51ms XHR
application/json 93.158.134.118
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

93.158.134.118 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

matchid-production.adfox.yandex.ru

Software

Resource Hash

517d9a85db5827a119c8efbc4f1b8cd324adf73d40aad9d078db52e515c5037d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: https://doramy.top
date: Thu, 07 Oct 2021 14:39:54 GMT
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 88
x-content-type-options: nosniff
content-type: application/json

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
915 B 157ms
49ms XHR
application/json 88.212.252.2
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://doramy.top/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://doramy.top
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 200 yhb Show response
yhb.p.otm-r.com/ 11 B
248 B 52ms
16ms XHR
text/plain 148.251.4.142
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yhb.p.otm-r.com/yhb
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.4.142 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.142.4.251.148.clients.your-server.de
Software: nginx/1.17.6 /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://doramy.top/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://doramy.top
date: Thu, 07 Oct 2021 14:39:54 GMT
access-control-allow-credentials: true
server: nginx/1.17.6
content-length: 11
vary: Origin
content-type: text/plain; charset=utf-8

POST
H2

200

yandex_hb Show response
px.adhigh.net/rtb/
Redirect Chain

https://px.adhigh.net/rtb/yandex_hb
https://px.adhigh.net/rtb/yandex_hb?bounced=1

11 B
314 B

42ms
42ms

XHR
application/json

193.232.148.151
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.adhigh.net/rtb/yandex_hb?bounced=1
Requested by: Host: doramy.top
URL: https://doramy.top/igra-v-kalmara-vse-serii
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.232.148.151 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: smtp12.sender.ltmse.com
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:54 GMT
server: nginx
x-backend-id: f12-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://doramy.top
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 11
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:54 GMT
server: nginx
access-control-allow-origin: https://doramy.top
x-backend-id: f12-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://px.adhigh.net/rtb/yandex_hb?bounced=1
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
204 B 49ms
15ms XHR
application/json 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://doramy.top/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://doramy.top
date: Thu, 07 Oct 2021 14:39:54 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H2 200 pl999 Show response
ssp.bidvol.com/rtb/ 11 B
440 B 124ms
64ms XHR
application/json 65.108.1.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.bidvol.com/rtb/pl999
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.108.1.48 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.48.1.108.65.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://doramy.top/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:54 GMT
server: nginx/1.14.0 (Ubuntu)
surrogate-control: no-store
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://doramy.top
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
content-length: 11
expires: 0

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 119 KB
39 KB 51ms
20ms Script
text/javascript 178.250.2.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 808ecd508fafb1836f5a350eb2165824e8130f96ba29e1b35d9d473d8b13708e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:54 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 12:34:27 GMT
server: nginx
etag: W/"615af4d3-1dd0f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Oct 2021 14:39:54 GMT

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
298 B 238ms
63ms XHR
text/plain 195.209.111.22
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.22 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://doramy.top/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://doramy.top
Pragma: no-cache
Date: Thu, 07 Oct 2021 14:39:54 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2

200

adfox Show response
exchange.buzzoola.com/ssp/
Redirect Chain

https://exchange.buzzoola.com/ssp/adfox
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

11 B
314 B

54ms
54ms

XHR
text/plain

138.201.34.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by: Host: doramy.top
URL: https://doramy.top/igra-v-kalmara-vse-serii
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.201.34.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.34.201.138.clients.your-server.de
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:54 GMT
server: nginx
serverid: TODO
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://doramy.top
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 11

Redirect headers

date: Thu, 07 Oct 2021 14:39:54 GMT
server: nginx
access-control-allow-origin: https://doramy.top
etag: W/"c306cca901620192609c6b840a45f030ec0376b9169745fb0b5dccf4a01edb69"
serverid: TODO
location: /ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 0

POST
H/1.1 200
OK adfoxhb Show response
ssp-rtb.sape.ru/ 11 B
449 B 444ms
416ms XHR
application/json 157.90.179.215
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/adfoxhb
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.179.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1407631.sapientru.net
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://doramy.top/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 07 Oct 2021 14:39:55 GMT
Server: openresty
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://doramy.top
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 11

GET
H2 200 app.serial.0e2b3273f85e577f1a31ea94153ddafb49d8e591396fbbc8affad04d5386e512.css
kodik.cc/assets/css/ Frame 75D2 17 KB
2 KB 15ms
13ms Stylesheet
text/css 185.129.100.109
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL: https://kodik.cc/assets/css/app.serial.0e2b3273f85e577f1a31ea94153ddafb49d8e591396fbbc8affad04d5386e512.css
Requested by: Host: kodik.cc
URL: https://kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.129.100.109 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS: ddos-guard.net
Software: ddos-guard /
Resource Hash: 0e2b3273f85e577f1a31ea94153ddafb49d8e591396fbbc8affad04d5386e512

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: public
date: Wed, 22 Sep 2021 09:45:38 GMT
content-encoding: br
last-modified: Tue, 21 Sep 2021 13:35:01 GMT
server: ddos-guard
age: 1313656
etag: W/"6149df85-8ce"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 2190
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app.serial.19218bc95d40108dfa9ca2cdf435debd69f49302ef8e6bab5d4d626a5b7d7ae2.js Show response
kodik.cc/assets/js/ Frame 75D2 121 KB
40 KB 25ms
23ms Script
application/javascript 185.129.100.109
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL: https://kodik.cc/assets/js/app.serial.19218bc95d40108dfa9ca2cdf435debd69f49302ef8e6bab5d4d626a5b7d7ae2.js
Requested by: Host: kodik.cc
URL: https://kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.129.100.109 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS: ddos-guard.net
Software: ddos-guard /
Resource Hash: 19218bc95d40108dfa9ca2cdf435debd69f49302ef8e6bab5d4d626a5b7d7ae2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: public
date: Mon, 12 Jul 2021 14:47:30 GMT
content-encoding: br
last-modified: Mon, 12 Jul 2021 14:47:21 GMT
server: ddos-guard
age: 7516344
etag: W/"60ec55f9-a222"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 40421
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app.events.0ac64b4e0f7cf76543b87de22dad5eda550e56acb59090d536fc508149b860a0.js Show response
kodik.cc/assets/js/ Frame 75D2 316 B
349 B 36ms
35ms Script
application/javascript 185.129.100.109
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL: https://kodik.cc/assets/js/app.events.0ac64b4e0f7cf76543b87de22dad5eda550e56acb59090d536fc508149b860a0.js
Requested by: Host: kodik.cc
URL: https://kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.129.100.109 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS: ddos-guard.net
Software: ddos-guard /
Resource Hash: 0ac64b4e0f7cf76543b87de22dad5eda550e56acb59090d536fc508149b860a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: public
date: Tue, 27 Jul 2021 13:42:08 GMT
content-encoding: br
last-modified: Tue, 27 Jul 2021 11:51:43 GMT
server: ddos-guard
age: 6224267
etag: W/"60fff34f-c0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 162
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
364 B 38ms
14ms Ping
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-T657KHEYB7&gtm=2oea40&_p=1330953628&sr=1600x1200&_gaz=1&ul=en-us&cid=1976281915.1633617595&_s=1&dl=https%3A%2F%2Fdoramy.top%2Figra-v-kalmara-vse-serii&dt=%D0%98%D0%B3%D1%80%D0%B0%20%D0%B2%20%D0%BA%D0%B0%D0%BB%D1%8C%D0%BC%D0%B0%D1%80%D0%B0%20%D0%B4%D0%BE%D1%80%D0%B0%D0%BC%D0%B0%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B7%D0%B2%D1%83%D1%87%D0%BA%D0%BE%D0%B9&sid=1633617594&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T657KHEYB7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://doramy.top/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://doramy.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
364 B 64ms
20ms Ping
text/plain 173.194.76.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-T657KHEYB7&cid=1976281915.1633617595&gtm=2oea40&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T657KHEYB7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.76.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ws-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://doramy.top/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://doramy.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 9b79908a1d379f7a84d6.js Show response
yastatic.net/partner-code-bundles/44608/ 13 KB
5 KB 95ms
31ms Script
text/javascript 178.154.131.215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/44608/9b79908a1d379f7a84d6.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

8db90db80b7317a1fea2c851b8c5f367cfafc9477c14db983dc572607e1ce1dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://doramy.top/
Origin: https://doramy.top
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:54 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4458
last-modified: Wed, 06 Oct 2021 15:15:55 GMT
server: nginx/1.17.9
etag: "0a500fa30f93c4e078d00f304b91f0f0"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2051 21:15:22 GMT

GET
H2 200 d4aad942f650378afda6.js Show response
yastatic.net/partner-code-bundles/44608/ 81 KB
18 KB 124ms
61ms Script
text/javascript 178.154.131.215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/44608/d4aad942f650378afda6.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

e47cc0239f24b9e9d35c84ecea92d6700429796639ef2f1c2fe88b92834c806a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://doramy.top/
Origin: https://doramy.top
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:54 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 17420
last-modified: Wed, 06 Oct 2021 15:15:55 GMT
server: nginx/1.17.9
etag: "a7bbe1c2d90790984d5f7da0e1478f93"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2051 21:15:23 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.82/ 33 KB
9 KB 170ms
107ms Script
text/javascript 178.154.131.215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.82/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

10c861bc88c25be1f3ee98f7652bc7fbb35857f42f923e00c6037b757c77685e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://doramy.top/
Origin: https://doramy.top
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:54 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8879
last-modified: Mon, 28 Jun 2021 10:29:24 GMT
server: nginx/1.17.9
etag: "e4627697ff619d2b610d2b2fee975531"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2051 21:11:59 GMT

GET
H2 200 53fe0d4c99d380e5f1f2.js Show response
yastatic.net/partner-code-bundles/44608/ 948 KB
155 KB 133ms
76ms Script
text/javascript 178.154.131.215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/44608/53fe0d4c99d380e5f1f2.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

f3929c4b9ef2a501bc8537ec4a88b3a13a76543f664c714d5b3305f53d8f6572

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://doramy.top/
Origin: https://doramy.top
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:54 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 157915
last-modified: Wed, 06 Oct 2021 15:15:55 GMT
server: nginx/1.17.9
etag: "14739e398185ede16e77dbbb009544de"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2051 21:15:23 GMT

GET
H2 200 7a6e8c2b132ed4ae5fde.js Show response
yastatic.net/partner-code-bundles/44608/ 337 KB
62 KB 164ms
107ms Script
text/javascript 178.154.131.215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/44608/7a6e8c2b132ed4ae5fde.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

b13dc2a8371fc77701d13cc67bbcbcba4fe6ae9c3f84750b42613ea7145f2a15

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://doramy.top/
Origin: https://doramy.top
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:54 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 62583
last-modified: Wed, 06 Oct 2021 15:15:55 GMT
server: nginx/1.17.9
etag: "4521ed1ec068c606eb7ce94a583e668b"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2051 21:15:23 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 42ms
21ms XHR
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1330953628&t=pageview&_s=1&dl=https%3A%2F%2Fdoramy.top%2Figra-v-kalmara-vse-serii&ul=en-us&de=UTF-8&dt=%D0%98%D0%B3%D1%80%D0%B0%20%D0%B2%20%D0%BA%D0%B0%D0%BB%D1%8C%D0%BC%D0%B0%D1%80%D0%B0%20%D0%B4%D0%BE%D1%80%D0%B0%D0%BC%D0%B0%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B7%D0%B2%D1%83%D1%87%D0%BA%D0%BE%D0%B9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=1979322278&gjid=168911450&cid=1976281915.1633617595&tid=UA-113455476-1&_gid=1471154969.1633617595&_r=1&gtm=2wga40T56X9XT&z=1001334515

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://doramy.top/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://doramy.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 799 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2751eb32e3720b540ff8210d70e6af4c916a255ff05d96130d0125576b14afa5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20f2d6255fe749341e6543047782811c5977380c562e7163efa64594d88c6b3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 595 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7a754dc68b051e1b18bbf37fc0f5557196bc8db1c5f1c31ce5d242ea5c95ed6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 285 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ea8ef6a20a2f7307560b9fee2788613b13492d30582c95b6f57bc53383b68bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 520 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb2b18ff7b82cdbab0ba5f095448f16c159526ff504699042f8069f1a70ae7f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f88bb57db2810d820bcc9b1e24a9cbb036c1a8d64268f53243f78dc2c40b3525

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5307f101ffa74d83e44ccc5cbaa1193577fe0c9c659fb40fedb9d403acbb186a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
183 B 59ms
16ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=114&profileId=184&cb=16618360634
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://doramy.top/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://doramy.top
date: Thu, 07 Oct 2021 14:39:54 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 720p
kodik.cc/go/seria/891065/c078a257ad066119428a7c24b30c6304/ Frame FD14 0
0 25ms
25ms Document
text/html 185.129.100.109
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL: https://kodik.cc/go/seria/891065/c078a257ad066119428a7c24b30c6304/720p?d=doramy.top&d_sign=a5a9c2c6b85ec50c45e52d6d812f95f4542d7533ee213f97ce9b0f9c400270dc&pd=kodik.cc&pd_sign=9945930febce35101e96ce0fe360f9729430271c19941e63c5208c2f342e10ed&ref=https%3A%2F%2Fdoramy.top%2F&ref_sign=754eac682169edaea44a53e61baaa4f5c795e1e7ad63d493822bcd3879385cff&sl=//kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p&sl_sign=a888018d80140545cd20aa0150c37c4a56a46d82b27631514e4f4c4a04743290&min_age=18
Requested by: Host: kodik.cc
URL: https://kodik.cc/assets/js/app.serial.19218bc95d40108dfa9ca2cdf435debd69f49302ef8e6bab5d4d626a5b7d7ae2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.129.100.109 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS: ddos-guard.net
Software: ddos-guard /
Resource Hash

Request headers

:method: GET
:authority: kodik.cc
:scheme: https
:path: /go/seria/891065/c078a257ad066119428a7c24b30c6304/720p?d=doramy.top&d_sign=a5a9c2c6b85ec50c45e52d6d812f95f4542d7533ee213f97ce9b0f9c400270dc&pd=kodik.cc&pd_sign=9945930febce35101e96ce0fe360f9729430271c19941e63c5208c2f342e10ed&ref=https%3A%2F%2Fdoramy.top%2F&ref_sign=754eac682169edaea44a53e61baaa4f5c795e1e7ad63d493822bcd3879385cff&sl=//kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p&sl_sign=a888018d80140545cd20aa0150c37c4a56a46d82b27631514e4f4c4a04743290&min_age=18
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p

Response headers

server: ddos-guard
set-cookie: __ddg1=Mhe2lJLzyaX9bJWBn5UY; Domain=.kodik.cc; HttpOnly; Path=/; Expires=Fri, 07-Oct-2022 14:39:54 GMT
date: Thu, 07 Oct 2021 14:39:54 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip

GET tag.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ Frame 75D2 0
0

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
23 B 28ms
14ms XHR
text/plain 173.194.76.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-113455476-1&cid=1976281915.1633617595&jid=1979322278&gjid=168911450&_gid=1471154969.1633617595&_u=YADAAEAAAAAAAC~&z=1757602606

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.76.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doramy.top/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 07 Oct 2021 14:39:54 GMT
content-type: text/plain
access-control-allow-origin: https://doramy.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 720p Show response
kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/ Frame FA1E 23 KB
4 KB 20ms
19ms Document
text/html 185.129.100.109
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL: https://kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p
Requested by: Host: doramy.top
URL: https://doramy.top/dist/app.71399b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.129.100.109 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS: ddos-guard.net
Software: ddos-guard /
Resource Hash: 3000020a2faa43a70a15d1e594265ca9ede8916b9528163e8cae960df545e59b

Request headers

:method: GET
:authority: kodik.cc
:scheme: https
:path: /serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://doramy.top/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/

Response headers

server: ddos-guard
set-cookie: __ddg1=vVn7PvLADcSy27zpdZEF; Domain=.kodik.cc; HttpOnly; Path=/; Expires=Fri, 07-Oct-2022 14:39:54 GMT
date: Thu, 07 Oct 2021 14:39:54 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 53ms
31ms Image
image/gif 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-113455476-1&cid=1976281915.1633617595&jid=1979322278&_u=YADAAEAAAAAAAC~&z=1542700146

Requested by

Host: doramy.top
URL: https://doramy.top/igra-v-kalmara-vse-serii

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
183 B 19ms
18ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://doramy.top/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://doramy.top
date: Thu, 07 Oct 2021 14:39:54 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
337 B 23ms
22ms Image
image/gif 178.250.2.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: doramy.top
URL: https://doramy.top/igra-v-kalmara-vse-serii
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:54 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 02 Oct 2022 14:39:54 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
337 B 14ms
13ms Image
image/gif 178.250.2.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: doramy.top
URL: https://doramy.top/igra-v-kalmara-vse-serii
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:54 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 02 Oct 2022 14:39:54 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9419.zanahP8dP0HnlsR3hoDdM6RK3ijIGZwto-XGA6bKzKa_UU8QKhQklej2yo4MAFJi.ADjoC6IpKEhDWMvEGi_h1tuhivE%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9419.ZZB1mud2LaQMZkvPo4FQuavw2ELaQHGUsyMVHiPPluc3LjsM3-KhlCsFGxQgrxFPWiplRNguuJUHPjQPKtC9K40t1QiSfkLIFTI-KkmtHAU%2C.lpIVKptxEsXN7HPMUZ3eL9HxfPQ%2C

43 B
333 B

32ms
32ms

Image
image/gif

77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9419.ZZB1mud2LaQMZkvPo4FQuavw2ELaQHGUsyMVHiPPluc3LjsM3-KhlCsFGxQgrxFPWiplRNguuJUHPjQPKtC9K40t1QiSfkLIFTI-KkmtHAU%2C.lpIVKptxEsXN7HPMUZ3eL9HxfPQ%2C

Requested by

Host: doramy.top
URL: https://doramy.top/igra-v-kalmara-vse-serii

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:54 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9419.ZZB1mud2LaQMZkvPo4FQuavw2ELaQHGUsyMVHiPPluc3LjsM3-KhlCsFGxQgrxFPWiplRNguuJUHPjQPKtC9K40t1QiSfkLIFTI-KkmtHAU%2C.lpIVKptxEsXN7HPMUZ3eL9HxfPQ%2C
date: Thu, 07 Oct 2021 14:39:54 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 32ms
32ms Image
image/gif 77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: doramy.top
URL: https://doramy.top/igra-v-kalmara-vse-serii

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:54 GMT
last-modified: Wed, 06 Oct 2021 08:41:01 GMT
etag: "615d36ed-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 07 Oct 2021 15:39:54 GMT

GET
H2 200 app.serial.0e2b3273f85e577f1a31ea94153ddafb49d8e591396fbbc8affad04d5386e512.css
kodik.cc/assets/css/ Frame FA1E 17 KB
2 KB 14ms
13ms Stylesheet
text/css 185.129.100.109
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL: https://kodik.cc/assets/css/app.serial.0e2b3273f85e577f1a31ea94153ddafb49d8e591396fbbc8affad04d5386e512.css
Requested by: Host: kodik.cc
URL: https://kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.129.100.109 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS: ddos-guard.net
Software: ddos-guard /
Resource Hash: 0e2b3273f85e577f1a31ea94153ddafb49d8e591396fbbc8affad04d5386e512

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: public
date: Wed, 22 Sep 2021 09:45:38 GMT
content-encoding: br
last-modified: Tue, 21 Sep 2021 13:35:01 GMT
server: ddos-guard
age: 1313656
etag: W/"6149df85-8ce"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 2190
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app.serial.19218bc95d40108dfa9ca2cdf435debd69f49302ef8e6bab5d4d626a5b7d7ae2.js Show response
kodik.cc/assets/js/ Frame FA1E 121 KB
40 KB 25ms
25ms Script
application/javascript 185.129.100.109
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL: https://kodik.cc/assets/js/app.serial.19218bc95d40108dfa9ca2cdf435debd69f49302ef8e6bab5d4d626a5b7d7ae2.js
Requested by: Host: kodik.cc
URL: https://kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.129.100.109 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS: ddos-guard.net
Software: ddos-guard /
Resource Hash: 19218bc95d40108dfa9ca2cdf435debd69f49302ef8e6bab5d4d626a5b7d7ae2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: public
date: Mon, 12 Jul 2021 14:47:30 GMT
content-encoding: br
last-modified: Mon, 12 Jul 2021 14:47:21 GMT
server: ddos-guard
age: 7516344
etag: W/"60ec55f9-a222"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 40421
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app.events.0ac64b4e0f7cf76543b87de22dad5eda550e56acb59090d536fc508149b860a0.js Show response
kodik.cc/assets/js/ Frame FA1E 316 B
303 B 15ms
15ms Script
application/javascript 185.129.100.109
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL: https://kodik.cc/assets/js/app.events.0ac64b4e0f7cf76543b87de22dad5eda550e56acb59090d536fc508149b860a0.js
Requested by: Host: kodik.cc
URL: https://kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.129.100.109 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS: ddos-guard.net
Software: ddos-guard /
Resource Hash: 0ac64b4e0f7cf76543b87de22dad5eda550e56acb59090d536fc508149b860a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: public
date: Tue, 27 Jul 2021 13:42:08 GMT
content-encoding: br
last-modified: Tue, 27 Jul 2021 11:51:43 GMT
server: ddos-guard
age: 6224267
etag: W/"60fff34f-c0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 162
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 720p Show response
kodik.cc/go/seria/891065/c078a257ad066119428a7c24b30c6304/ Frame 565C 10 KB
4 KB 32ms
32ms Document
text/html 185.129.100.109
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL: https://kodik.cc/go/seria/891065/c078a257ad066119428a7c24b30c6304/720p?d=doramy.top&d_sign=a5a9c2c6b85ec50c45e52d6d812f95f4542d7533ee213f97ce9b0f9c400270dc&pd=kodik.cc&pd_sign=9945930febce35101e96ce0fe360f9729430271c19941e63c5208c2f342e10ed&ref=https%3A%2F%2Fdoramy.top%2F&ref_sign=754eac682169edaea44a53e61baaa4f5c795e1e7ad63d493822bcd3879385cff&sl=//kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p&sl_sign=a888018d80140545cd20aa0150c37c4a56a46d82b27631514e4f4c4a04743290&min_age=18
Requested by: Host: kodik.cc
URL: https://kodik.cc/assets/js/app.serial.19218bc95d40108dfa9ca2cdf435debd69f49302ef8e6bab5d4d626a5b7d7ae2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.129.100.109 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS: ddos-guard.net
Software: ddos-guard /
Resource Hash: 23a593b156dc434de276a0a1ba3e410b6593bec2652de5c022f0da18a5ccd6e5

Request headers

:method: GET
:authority: kodik.cc
:scheme: https
:path: /go/seria/891065/c078a257ad066119428a7c24b30c6304/720p?d=doramy.top&d_sign=a5a9c2c6b85ec50c45e52d6d812f95f4542d7533ee213f97ce9b0f9c400270dc&pd=kodik.cc&pd_sign=9945930febce35101e96ce0fe360f9729430271c19941e63c5208c2f342e10ed&ref=https%3A%2F%2Fdoramy.top%2F&ref_sign=754eac682169edaea44a53e61baaa4f5c795e1e7ad63d493822bcd3879385cff&sl=//kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p&sl_sign=a888018d80140545cd20aa0150c37c4a56a46d82b27631514e4f4c4a04743290&min_age=18
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p

Response headers

server: ddos-guard
set-cookie: __ddg1=6hzyORgUc1KYN1x4BMeL; Domain=.kodik.cc; HttpOnly; Path=/; Expires=Fri, 07-Oct-2022 14:39:54 GMT
date: Thu, 07 Oct 2021 14:39:54 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip

GET
H3 200 tag.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ Frame FA1E 192 KB
77 KB 40ms
30ms Script
application/javascript 104.16.86.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Requested by

Host: kodik.cc
URL: https://kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27e7fbbd6777b1881a85faa9c14c6d0c5bf9be0ada2a5369b48068618a902eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kodik.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 28914
x-jsd-version: 1.205.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19126-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"2fea2-yvjlk0HON60NbJ/xk6ig7Q7nj1w"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 69a7e1b03ed55c5c-FRA

GET
H2

200

1 Show response
mc.yandex.com/watch/26812653/
Redirect Chain

https://mc.yandex.com/watch/26812653?wmode=7&page-url=https%3A%2F%2Fdoramy.top%2Figra-v-kalmara-vse-serii&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22b%2Fh%2Fj%2Fk%2Fk%2...
https://mc.yandex.com/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fdoramy.top%2Figra-v-kalmara-vse-serii&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22b%2Fh%2Fj%2Fk%2Fk...

331 B
821 B

32ms
32ms

XHR
application/json

77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fdoramy.top%2Figra-v-kalmara-vse-serii&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22b%2Fh%2Fj%2Fk%2Fk%2Fl%2Ft%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A305%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A2%3Adp%3A1%3Als%3A397577748094%3Ahid%3A344876536%3Az%3A0%3Ai%3A202101007143954%3Aet%3A1633617595%3Ac%3A1%3Arn%3A834897833%3Arqn%3A1%3Au%3A1633617595134645084%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633617594243%3Ads%3A0%2C94%2C51%2C1%2C0%2C0%2C%2C162%2C0%2C%2C%2C%2C311%3Adsn%3A1%2C93%2C51%2C1%2C0%2C0%2C%2C164%2C0%2C%2C%2C%2C311%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633617595%3At%3A%D0%98%D0%B3%D1%80%D0%B0%20%D0%B2%20%D0%BA%D0%B0%D0%BB%D1%8C%D0%BC%D0%B0%D1%80%D0%B0%20%D0%B4%D0%BE%D1%80%D0%B0%D0%BC%D0%B0%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B7%D0%B2%D1%83%D1%87%D0%BA%D0%BE%D0%B9

Requested by

Host: doramy.top
URL: https://doramy.top/igra-v-kalmara-vse-serii

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

ca4b3c637fb6fd4e1e48b71a7425b711b5578e5c86184560a296eb2b8c639e45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 07-Oct-2021 14:39:55 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://doramy.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Thu, 07-Oct-2021 14:39:55 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:54 GMT
last-modified: Thu, 07-Oct-2021 14:39:54 GMT
location: /watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fdoramy.top%2Figra-v-kalmara-vse-serii&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22b%2Fh%2Fj%2Fk%2Fk%2Fl%2Ft%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A305%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A2%3Adp%3A1%3Als%3A397577748094%3Ahid%3A344876536%3Az%3A0%3Ai%3A202101007143954%3Aet%3A1633617595%3Ac%3A1%3Arn%3A834897833%3Arqn%3A1%3Au%3A1633617595134645084%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633617594243%3Ads%3A0%2C94%2C51%2C1%2C0%2C0%2C%2C162%2C0%2C%2C%2C%2C311%3Adsn%3A1%2C93%2C51%2C1%2C0%2C0%2C%2C164%2C0%2C%2C%2C%2C311%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633617595%3At%3A%D0%98%D0%B3%D1%80%D0%B0%20%D0%B2%20%D0%BA%D0%B0%D0%BB%D1%8C%D0%BC%D0%B0%D1%80%D0%B0%20%D0%B4%D0%BE%D1%80%D0%B0%D0%BC%D0%B0%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B7%D0%B2%D1%83%D1%87%D0%BA%D0%BE%D0%B9
strict-transport-security: max-age=31536000
access-control-allow-origin: https://doramy.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 07-Oct-2021 14:39:54 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/47552716/
Redirect Chain

https://mc.yandex.com/watch/47552716?wmode=7&page-url=https%3A%2F%2Fdoramy.top%2Figra-v-kalmara-vse-serii&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A305%3Afu%3A0%...
https://mc.yandex.com/watch/47552716/1?wmode=7&page-url=https%3A%2F%2Fdoramy.top%2Figra-v-kalmara-vse-serii&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A305%3Afu%3A...

350 B
388 B

33ms
32ms

XHR
application/json

77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/47552716/1?wmode=7&page-url=https%3A%2F%2Fdoramy.top%2Figra-v-kalmara-vse-serii&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A305%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A1094707868919%3Ahid%3A344876536%3Az%3A0%3Ai%3A202101007143954%3Aet%3A1633617595%3Ac%3A1%3Arn%3A826919326%3Arqn%3A1%3Au%3A1633617595134645084%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633617594243%3Ads%3A0%2C94%2C51%2C1%2C0%2C0%2C%2C162%2C0%2C%2C%2C%2C311%3Adsn%3A1%2C93%2C51%2C1%2C0%2C0%2C%2C164%2C0%2C%2C%2C%2C311%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633617595%3At%3A%D0%98%D0%B3%D1%80%D0%B0%20%D0%B2%20%D0%BA%D0%B0%D0%BB%D1%8C%D0%BC%D0%B0%D1%80%D0%B0%20%D0%B4%D0%BE%D1%80%D0%B0%D0%BC%D0%B0%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B7%D0%B2%D1%83%D1%87%D0%BA%D0%BE%D0%B9

Requested by

Host: doramy.top
URL: https://doramy.top/igra-v-kalmara-vse-serii

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

4b1f9986a23b02ceb506193f4aa94da71001bdc046231dc83f0a79d83e692911

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 07-Oct-2021 14:39:55 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://doramy.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Thu, 07-Oct-2021 14:39:55 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:54 GMT
last-modified: Thu, 07-Oct-2021 14:39:54 GMT
location: /watch/47552716/1?wmode=7&page-url=https%3A%2F%2Fdoramy.top%2Figra-v-kalmara-vse-serii&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A305%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A1094707868919%3Ahid%3A344876536%3Az%3A0%3Ai%3A202101007143954%3Aet%3A1633617595%3Ac%3A1%3Arn%3A826919326%3Arqn%3A1%3Au%3A1633617595134645084%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633617594243%3Ads%3A0%2C94%2C51%2C1%2C0%2C0%2C%2C162%2C0%2C%2C%2C%2C311%3Adsn%3A1%2C93%2C51%2C1%2C0%2C0%2C%2C164%2C0%2C%2C%2C%2C311%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633617595%3At%3A%D0%98%D0%B3%D1%80%D0%B0%20%D0%B2%20%D0%BA%D0%B0%D0%BB%D1%8C%D0%BC%D0%B0%D1%80%D0%B0%20%D0%B4%D0%BE%D1%80%D0%B0%D0%BC%D0%B0%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B7%D0%B2%D1%83%D1%87%D0%BA%D0%BE%D0%B9
strict-transport-security: max-age=31536000
access-control-allow-origin: https://doramy.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 07-Oct-2021 14:39:54 GMT

GET
H2 200 app.promo.85f0cfa70d99fd32e4f20e2c1abb0e5b567749cc52e71e9cff67300ec54b7b10.css
kodik.cc/assets/css/ Frame 565C 49 KB
9 KB 32ms
31ms Stylesheet
text/css 185.129.100.109
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL: https://kodik.cc/assets/css/app.promo.85f0cfa70d99fd32e4f20e2c1abb0e5b567749cc52e71e9cff67300ec54b7b10.css
Requested by: Host: kodik.cc
URL: https://kodik.cc/go/seria/891065/c078a257ad066119428a7c24b30c6304/720p?d=doramy.top&d_sign=a5a9c2c6b85ec50c45e52d6d812f95f4542d7533ee213f97ce9b0f9c400270dc&pd=kodik.cc&pd_sign=9945930febce35101e96ce0fe360f9729430271c19941e63c5208c2f342e10ed&ref=https%3A%2F%2Fdoramy.top%2F&ref_sign=754eac682169edaea44a53e61baaa4f5c795e1e7ad63d493822bcd3879385cff&sl=//kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p&sl_sign=a888018d80140545cd20aa0150c37c4a56a46d82b27631514e4f4c4a04743290&min_age=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.129.100.109 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS: ddos-guard.net
Software: ddos-guard /
Resource Hash: 85f0cfa70d99fd32e4f20e2c1abb0e5b567749cc52e71e9cff67300ec54b7b10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kodik.cc/go/seria/891065/c078a257ad066119428a7c24b30c6304/720p?d=doramy.top&d_sign=a5a9c2c6b85ec50c45e52d6d812f95f4542d7533ee213f97ce9b0f9c400270dc&pd=kodik.cc&pd_sign=9945930febce35101e96ce0fe360f9729430271c19941e63c5208c2f342e10ed&ref=https%3A%2F%2Fdoramy.top%2F&ref_sign=754eac682169edaea44a53e61baaa4f5c795e1e7ad63d493822bcd3879385cff&sl=//kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p&sl_sign=a888018d80140545cd20aa0150c37c4a56a46d82b27631514e4f4c4a04743290&min_age=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: public
date: Thu, 07 Oct 2021 14:39:54 GMT
content-encoding: br
last-modified: Thu, 07 Oct 2021 12:34:53 GMT
server: ddos-guard
age: 0
etag: W/"615ee96d-258f"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
kodik.cc/ Frame 565C 111 B
260 B 14ms
13ms Script
application/javascript 185.129.100.109
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL: https://kodik.cc/adsbygoogle.js
Requested by: Host: kodik.cc
URL: https://kodik.cc/go/seria/891065/c078a257ad066119428a7c24b30c6304/720p?d=doramy.top&d_sign=a5a9c2c6b85ec50c45e52d6d812f95f4542d7533ee213f97ce9b0f9c400270dc&pd=kodik.cc&pd_sign=9945930febce35101e96ce0fe360f9729430271c19941e63c5208c2f342e10ed&ref=https%3A%2F%2Fdoramy.top%2F&ref_sign=754eac682169edaea44a53e61baaa4f5c795e1e7ad63d493822bcd3879385cff&sl=//kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p&sl_sign=a888018d80140545cd20aa0150c37c4a56a46d82b27631514e4f4c4a04743290&min_age=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.129.100.109 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS: ddos-guard.net
Software: ddos-guard /
Resource Hash: 589bc47701827224c0b686ca5fae614e71ac5abce822e5412bdcc23cc04f0459

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kodik.cc/go/seria/891065/c078a257ad066119428a7c24b30c6304/720p?d=doramy.top&d_sign=a5a9c2c6b85ec50c45e52d6d812f95f4542d7533ee213f97ce9b0f9c400270dc&pd=kodik.cc&pd_sign=9945930febce35101e96ce0fe360f9729430271c19941e63c5208c2f342e10ed&ref=https%3A%2F%2Fdoramy.top%2F&ref_sign=754eac682169edaea44a53e61baaa4f5c795e1e7ad63d493822bcd3879385cff&sl=//kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p&sl_sign=a888018d80140545cd20aa0150c37c4a56a46d82b27631514e4f4c4a04743290&min_age=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:28:36 GMT
content-encoding: br
last-modified: Thu, 07 Oct 2021 12:34:21 GMT
server: ddos-guard
age: 678
etag: "615ee94d-6f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 77

GET
H2 200 app.promo.ff32c3eee8cb465b272d91604fdc9cfa925dbac7ed836078a5c5e9c915a924e3.js Show response
kodik.cc/assets/js/ Frame 565C 120 KB
39 KB 104ms
103ms Script
application/javascript 185.129.100.109
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL: https://kodik.cc/assets/js/app.promo.ff32c3eee8cb465b272d91604fdc9cfa925dbac7ed836078a5c5e9c915a924e3.js
Requested by: Host: kodik.cc
URL: https://kodik.cc/go/seria/891065/c078a257ad066119428a7c24b30c6304/720p?d=doramy.top&d_sign=a5a9c2c6b85ec50c45e52d6d812f95f4542d7533ee213f97ce9b0f9c400270dc&pd=kodik.cc&pd_sign=9945930febce35101e96ce0fe360f9729430271c19941e63c5208c2f342e10ed&ref=https%3A%2F%2Fdoramy.top%2F&ref_sign=754eac682169edaea44a53e61baaa4f5c795e1e7ad63d493822bcd3879385cff&sl=//kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p&sl_sign=a888018d80140545cd20aa0150c37c4a56a46d82b27631514e4f4c4a04743290&min_age=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.129.100.109 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS: ddos-guard.net
Software: ddos-guard /
Resource Hash: ff32c3eee8cb465b272d91604fdc9cfa925dbac7ed836078a5c5e9c915a924e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kodik.cc/go/seria/891065/c078a257ad066119428a7c24b30c6304/720p?d=doramy.top&d_sign=a5a9c2c6b85ec50c45e52d6d812f95f4542d7533ee213f97ce9b0f9c400270dc&pd=kodik.cc&pd_sign=9945930febce35101e96ce0fe360f9729430271c19941e63c5208c2f342e10ed&ref=https%3A%2F%2Fdoramy.top%2F&ref_sign=754eac682169edaea44a53e61baaa4f5c795e1e7ad63d493822bcd3879385cff&sl=//kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p&sl_sign=a888018d80140545cd20aa0150c37c4a56a46d82b27631514e4f4c4a04743290&min_age=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: public
date: Thu, 07 Oct 2021 14:39:54 GMT
content-encoding: br
last-modified: Thu, 07 Oct 2021 12:34:53 GMT
server: ddos-guard
age: 2
etag: W/"615ee96d-a057"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/58424476/ Frame FA1E
Redirect Chain

https://mc.yandex.ru/watch/58424476?wmode=7&page-url=https%3A%2F%2Fkodik.cc%2Fserial%2F37378%2F37759596e9ba2c55fe6433ff45d05f29%2F720p&page-ref=https%3A%2F%2Fdoramy.top%2F&charset=utf-8&site-info=%...
https://mc.yandex.ru/watch/58424476/1?wmode=7&page-url=https%3A%2F%2Fkodik.cc%2Fserial%2F37378%2F37759596e9ba2c55fe6433ff45d05f29%2F720p&page-ref=https%3A%2F%2Fdoramy.top%2F&charset=utf-8&site-info...

350 B
728 B

32ms
32ms

XHR
application/json

77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/58424476/1?wmode=7&page-url=https%3A%2F%2Fkodik.cc%2Fserial%2F37378%2F37759596e9ba2c55fe6433ff45d05f29%2F720p&page-ref=https%3A%2F%2Fdoramy.top%2F&charset=utf-8&site-info=%7B%22iframe%22%3Atrue%2C%22a%22%3Atrue%2C%22adult%22%3Afalse%2C%22double_a%22%3Atrue%2C%22partnership%22%3Atrue%2C%22share_link%22%3Afalse%2C%22c_a%22%3A%22on%22%2C%22c_a_bool%22%3Atrue%2C%22b_a%22%3A%22on%22%2C%22b_a_bool%22%3Atrue%2C%22y_a%22%3A%22on%22%2C%22y_a_bool%22%3Atrue%2C%22domain%22%3A%22doramy.top%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A114%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A607320713056%3Ahid%3A704591976%3Az%3A0%3Ai%3A202101007143954%3Aet%3A1633617595%3Ac%3A1%3Arn%3A480916165%3Arqn%3A1%3Au%3A163361759542863984%3Aw%3A1100x594%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1633617594787%3Ads%3A0%2C0%2C19%2C1%2C0%2C0%2C%2C71%2C6%2C%2C%2C%2C114%3Adsn%3A0%2C0%2C20%2C0%2C0%2C0%2C%2C93%2C6%2C%2C%2C%2C114%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633617595%3At%3A%D0%98%D0%B3%D1%80%D0%B0%20%D0%B2%20%D0%BA%D0%B0%D0%BB%D1%8C%D0%BC%D0%B0%D1%80%D0%B0

Requested by

Host: kodik.cc
URL: https://kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

213cb087a9bb0512a6f9a697d63af72d8d90489ca61bb61affc9b0e53590377d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kodik.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 07-Oct-2021 14:39:55 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kodik.cc
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Thu, 07-Oct-2021 14:39:55 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:55 GMT
last-modified: Thu, 07-Oct-2021 14:39:55 GMT
location: /watch/58424476/1?wmode=7&page-url=https%3A%2F%2Fkodik.cc%2Fserial%2F37378%2F37759596e9ba2c55fe6433ff45d05f29%2F720p&page-ref=https%3A%2F%2Fdoramy.top%2F&charset=utf-8&site-info=%7B%22iframe%22%3Atrue%2C%22a%22%3Atrue%2C%22adult%22%3Afalse%2C%22double_a%22%3Atrue%2C%22partnership%22%3Atrue%2C%22share_link%22%3Afalse%2C%22c_a%22%3A%22on%22%2C%22c_a_bool%22%3Atrue%2C%22b_a%22%3A%22on%22%2C%22b_a_bool%22%3Atrue%2C%22y_a%22%3A%22on%22%2C%22y_a_bool%22%3Atrue%2C%22domain%22%3A%22doramy.top%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A114%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A607320713056%3Ahid%3A704591976%3Az%3A0%3Ai%3A202101007143954%3Aet%3A1633617595%3Ac%3A1%3Arn%3A480916165%3Arqn%3A1%3Au%3A163361759542863984%3Aw%3A1100x594%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1633617594787%3Ads%3A0%2C0%2C19%2C1%2C0%2C0%2C%2C71%2C6%2C%2C%2C%2C114%3Adsn%3A0%2C0%2C20%2C0%2C0%2C0%2C%2C93%2C6%2C%2C%2C%2C114%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633617595%3At%3A%D0%98%D0%B3%D1%80%D0%B0%20%D0%B2%20%D0%BA%D0%B0%D0%BB%D1%8C%D0%BC%D0%B0%D1%80%D0%B0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://kodik.cc
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 07-Oct-2021 14:39:55 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ Frame FA1E 43 B
177 B 32ms
32ms Image
image/gif 77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: kodik.cc
URL: https://kodik.cc/serial/37378/37759596e9ba2c55fe6433ff45d05f29/720p

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kodik.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:55 GMT
last-modified: Wed, 06 Oct 2021 08:41:01 GMT
etag: "615d36ed-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 07 Oct 2021 15:39:55 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 565C 5 KB
1 KB 39ms
17ms Stylesheet
text/css 172.217.18.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic

Requested by

Host: kodik.cc
URL: https://kodik.cc/assets/css/app.promo.85f0cfa70d99fd32e4f20e2c1abb0e5b567749cc52e71e9cff67300ec54b7b10.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f106.1e100.net

Software

ESF /

Resource Hash

357abb4b6b6c077e1285a2c8b2d2e03c268a0ef223062782d094728b85cd2f6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kodik.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 13:18:50 GMT
server: ESF
date: Thu, 07 Oct 2021 14:39:55 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Thu, 07 Oct 2021 14:39:55 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/26812653/ 43 B
73 B 32ms
32ms XHR
image/gif 77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26812653/1?page-url=https%3A%2F%2Fdoramy.top%2Figra-v-kalmara-vse-serii&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A2%3Adp%3A1%3Als%3A397577748094%3Ahid%3A344876536%3Az%3A0%3Ai%3A202101007143955%3Aet%3A1633617595%3Ac%3A1%3Arn%3A5953850%3Arqn%3A2%3Au%3A1633617595134645084%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1633617594243%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633617595

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://doramy.top/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:55 GMT
last-modified: Thu, 07-Oct-2021 14:39:55 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://doramy.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 07-Oct-2021 14:39:55 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/260971/getBulk/ 87 KB
27 KB 447ms
310ms XHR
application/json 93.158.134.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/260971/getBulk/v2?dl=https%3A%2F%2Fdoramy.top%2Figra-v-kalmara-vse-serii&date=2021-10-07T14%3A39%3A55.042%2B00%3A00&pd=7&pdh=1200&pdw=1600&pr1=1742662557&pr=1965644989&prr=&pv=14&pw=4&extid_loader=MTYzMzYxNzU5NTEzNDY0NTA4NA%3D%3D&extid_tag_loader=doramy.top&ylv=0.44608&ybv=0.44608&ytt=316660292790293&is-turbo=0&skip-token=&ad-session-id=964681633617595049&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22w%22%3A1110%2C%22h%22%3A0%2C%22width%22%3A1110%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A245%2C%22top%22%3A690%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=44608&p1=cpylw&p2=gxmr&slotNumber=1&bids=W3siY2FtcGFpZ25faWQiOjk1Nzg5MywicmVzcG9uc2VfdGltZSI6MjAzLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNDExNzk1NiJ9LHsiY2FtcGFpZ25faWQiOjE1MzYxMzEsInJlc3BvbnNlX3RpbWUiOjcwLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjIwOTQifSx7ImNhbXBhaWduX2lkIjoxMDQ4ODk5LCJyZXNwb25zZV90aW1lIjoyMTIsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2Nl85NzB4OTBfYWxmYWRhcnQifSx7ImNhbXBhaWduX2lkIjoxMDE5MTA1LCJyZXNwb25zZV90aW1lIjo1NywiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IlNNWEYyaTJQOWh4bHZzVWxiWXUxIn0seyJjYW1wYWlnbl9pZCI6MTQ0NTcyNSwicmVzcG9uc2VfdGltZSI6MTQ3LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTU1MjAifSx7ImNhbXBhaWduX2lkIjoxMDE2NTU3LCJyZXNwb25zZV90aW1lIjoyMTAsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxNDczMjU0In0seyJjYW1wYWlnbl9pZCI6OTMwMDg4LCJyZXNwb25zZV90aW1lIjoyNTgsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiI1Nzpkb3JhbXlfOTcweDkwIn0seyJjYW1wYWlnbl9pZCI6OTU3MTI5LCJyZXNwb25zZV90aW1lIjoxNDYsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjIzNjQ1In0seyJjYW1wYWlnbl9pZCI6MTY3MjY5NywicmVzcG9uc2VfdGltZSI6NDQ5LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNjY4NTA2In1d&grab=dNCY0LPRgNCwINCyINC60LDQu9GM0LzQsNGA0LAg0LTQvtGA0LDQvNCwINGB0LzQvtGC0YDQtdGC0Ywg0L7QvdC70LDQudC9INGBINGA0YPRgdGB0LrQvtC5INC-0LfQstGD0YfQutC-0LkKMdCU0L7RgNCw0LzQsCDQmNCz0YDQsCDQsiDQutCw0LvRjNC80LDRgNCwINGB0LzQvtGC0YDQtdGC0Ywg0L7QvdC70LDQudC9IAo%3D&utf8=%E2%9C%93&duid=MTYzMzYxNzU5NTEzNDY0NTA4NA%3D%3D&pcode-test-ids=432135%2C0%2C2%3B431005%2C0%2C45%3B428759%2C0%2C82%3B431905%2C0%2C29%3B432416%2C0%2C88%3B430925%2C0%2C46%3B428735%2C0%2C57%3B428087%2C0%2C74%3B431977%2C0%2C1%3B420897%2C0%2C39%3B420559%2C0%2C11%3B429815%2C0%2C56%3B433666%2C0%2C13%3B426160%2C0%2C16&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22433315%22%2C%22testId%22%3A%22434080%22%7D%5D%2C%22FEATURE_TOGGLE_FLAG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22386182%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22ALLOW_DISABLE_VIDEO_WIDGET%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22430303%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22431019%22%7D%5D%2C%22ZEN_FORMAT_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22431019%22%7D%5D%2C%22USE_PUNY_DOMAIN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22431019%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22431019%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22431019%22%7D%5D%2C%22ZEN_REDESIGN_TOUCH_CARD%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22431019%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22431019%22%7D%5D%2C%22FIX_IMAGES_CALCULATIONS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22431019%22%7D%5D%2C%22DECODE_VAST%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22432455%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_REDIRECT%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22433885%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%5D%2C%22testId%22%3A%22433987%22%7D%5D%2C%22REMOVE_GRAB_LIMIT_OTHER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22434001%22%7D%5D%2C%22IV_CONCEALED_ANIMATION_LOADING_POLICY%22%3A%5B%7B%22value%22%3A%22DEFAULT%22%2C%22testId%22%3A%22432135%22%7D%5D%2C%22DISABLE_144P_QUALITY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22431005%22%7D%5D%2C%22TEST_EXP_VAS_CONFIG_IN_PCODE%22%3A%5B%7B%22value%22%3A%22EXP%22%2C%22testId%22%3A%22428759%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22431905%22%7D%5D%2C%22BANNER_INPAGE_LOAD_MODULE_DIRECT%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22432416%22%7D%5D%2C%22COMBO_INPAGE_LOAD_MODULE_DIRECT%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22430925%22%7D%5D%2C%22SMART_BANNER_CLIENT_BUNDLE_EXP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428735%22%7D%5D%2C%22LOG_FULLSCREEN_QUEUE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22428087%22%7D%5D%2C%22IGNORE_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22431977%22%7D%5D%2C%22MARGINS_FOR_LAZY_INIT%22%3A%5B%7B%22value%22%3A%7B%22mobile%22%3A%220px%22%2C%22desktop%22%3A%220px%22%7D%2C%22testId%22%3A%22420897%22%7D%5D%2C%22MARGINS_FOR_LAZY_INIT_EXP%22%3A%5B%7B%22value%22%3A2%2C%22testId%22%3A%22420897%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22disable%22%2C%22testId%22%3A%22420559%22%7D%2C%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22429815%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22429815%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22429815%22%7D%5D%2C%22ADFOX_RELOAD_TIMEOUT%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22429815%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2244608%22%2C%22testId%22%3A%22433666%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=g8wgK%2Bwgq4pt0A2U1d79e2CZ8w4IN1B4qQJjvk%2Brs7fnmY8789wm%2FBEaHBMMOjz3c1bCcWodCW7hhCDhtey1fz1or1U%3D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

93.158.134.90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

ab67e512f9667cbbd30bd199a715c9cdfca225a081601a99ccd2750337170976

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:55 GMT
content-encoding: gzip
last-modified: Thu, 07 Oct 2021 14:39:55 GMT
ssr: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1633617595219611-714586857374286202800383-production-app-host-vla-pcode-99
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://doramy.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 07 Oct 2021 14:39:55 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/47552716/ 43 B
73 B 32ms
32ms XHR
image/gif 77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/47552716/1?page-url=https%3A%2F%2Fdoramy.top%2Figra-v-kalmara-vse-serii&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A1%3Als%3A1094707868919%3Ahid%3A344876536%3Az%3A0%3Ai%3A202101007143955%3Aet%3A1633617595%3Ac%3A1%3Arn%3A378040097%3Arqn%3A2%3Au%3A1633617595134645084%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1633617594243%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633617595

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://doramy.top/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:55 GMT
last-modified: Thu, 07-Oct-2021 14:39:55 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://doramy.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 07-Oct-2021 14:39:55 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/26812653/ 43 B
73 B 33ms
33ms XHR
image/gif 77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26812653/1?page-url=https%3A%2F%2Fdoramy.top%2Figra-v-kalmara-vse-serii&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A2%3Adp%3A1%3Als%3A397577748094%3Ahid%3A344876536%3Az%3A0%3Ai%3A202101007143955%3Aet%3A1633617595%3Ac%3A1%3Arn%3A242967696%3Arqn%3A3%3Au%3A1633617595134645084%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1633617594243%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633617595

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://doramy.top/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:55 GMT
last-modified: Thu, 07-Oct-2021 14:39:55 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://doramy.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 07-Oct-2021 14:39:55 GMT

GET
H2 200 storage.html Show response
ls.player-cname-domain.com/ Frame 52F4 293 B
356 B 135ms
17ms Document
text/html 109.236.85.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.player-cname-domain.com/storage.html
Requested by: Host: kodik.cc
URL: https://kodik.cc/assets/js/app.promo.ff32c3eee8cb465b272d91604fdc9cfa925dbac7ed836078a5c5e9c915a924e3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.236.85.10 , Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx /
Resource Hash: d63865ca0fb18bf2c52ac850a7e25935be065ee10aed1af1ff0369656ebbf286

Request headers

:method: GET
:authority: ls.player-cname-domain.com
:scheme: https
:path: /storage.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://kodik.cc/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kodik.cc/

Response headers

server: nginx
date: Thu, 07 Oct 2021 14:39:55 GMT
content-type: text/html; charset=utf-8
last-modified: Thu, 13 Aug 2020 12:16:09 GMT
vary: Accept-Encoding
etag: W/"5f352f09-125"
access-control-allow-origin: *
content-encoding: gzip

POST
H2 200 1 Show response
mc.yandex.ru/watch/58424476/ Frame FA1E 43 B
73 B 34ms
34ms XHR
image/gif 77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/58424476/1?page-url=https%3A%2F%2Fkodik.cc%2Fserial%2F37378%2F37759596e9ba2c55fe6433ff45d05f29%2F720p&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A1%3Als%3A607320713056%3Ahid%3A704591976%3Az%3A0%3Ai%3A202101007143955%3Aet%3A1633617595%3Ac%3A1%3Arn%3A225913615%3Arqn%3A2%3Au%3A163361759542863984%3Aw%3A1100x594%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1633617594787%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633617595

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kodik.cc/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:55 GMT
last-modified: Thu, 07-Oct-2021 14:39:55 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://kodik.cc
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 07-Oct-2021 14:39:55 GMT

GET
H2 200 local-storage.min.js Show response
ls.player-cname-domain.com/ Frame 52F4 759 B
531 B 18ms
17ms Script
application/javascript 109.236.85.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.player-cname-domain.com/local-storage.min.js
Requested by: Host: ls.player-cname-domain.com
URL: https://ls.player-cname-domain.com/storage.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.236.85.10 , Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx /
Resource Hash: 8a1bd6c31a4b05e0ebc4b58a9f127f85b8dc87eee1b80c068aa10721640d9321

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ls.player-cname-domain.com/storage.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:55 GMT
content-encoding: gzip
last-modified: Thu, 03 Dec 2020 13:06:09 GMT
server: nginx
etag: W/"5fc8e2c1-2f7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *

GET
H/1.1

200
OK

thumb002.jpg
coliseum.cloud.kodik-storage.com/d3a53b2b265a631c3950c301eb214c48:2021100802/useruploads/b9ea32ad-d3eb-4b31-a100-8e98c5d14a8a/ Frame 565C
Redirect Chain

https://cloud.kodik-storage.com/d3a53b2b265a631c3950c301eb214c48:2021100802/useruploads/b9ea32ad-d3eb-4b31-a100-8e98c5d14a8a/thumb002.jpg
https://coliseum.cloud.kodik-storage.com/d3a53b2b265a631c3950c301eb214c48:2021100802/useruploads/b9ea32ad-d3eb-4b31-a100-8e98c5d14a8a/thumb002.jpg

31 KB
31 KB

349ms
117ms

Image
image/jpeg

185.190.188.195
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coliseum.cloud.kodik-storage.com/d3a53b2b265a631c3950c301eb214c48:2021100802/useruploads/b9ea32ad-d3eb-4b31-a100-8e98c5d14a8a/thumb002.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.190.188.195 , Russian Federation, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: bddb258ff007fb2be34df4f7940e19b8eb3f31ade15ab0a80db6749441965f25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kodik.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 07 Oct 2021 14:39:55 GMT
Last-Modified: Sat, 18 Sep 2021 18:46:14 GMT
Server: nginx/1.18.0
ETag: "614633f6-7ca1"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 31905

Redirect headers

Location: https://coliseum.cloud.kodik-storage.com/d3a53b2b265a631c3950c301eb214c48:2021100802/useruploads/b9ea32ad-d3eb-4b31-a100-8e98c5d14a8a/thumb002.jpg
Date: Thu, 07 Oct 2021 14:39:55 GMT
Server: nginx/1.18.0
Connection: keep-alive
X-Routing: sh
Content-Length: 0
Content-Type: text/html; charset=utf-8

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 83FE 11 KB
5 KB 43ms
14ms Document
text/html 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=doramy.top

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=doramy.top
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://doramy.top/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1451
set-cookie: uid=335ddd48-2c2a-470e-accc-f1f004547f57; expires=Tue, 01 Nov 2022 14:39:54 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Thu, 07 Oct 2021 14:39:55 GMT
content-length: 4683

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 83FE 428 B
530 B 17ms
17ms Fetch
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=doramy.top&sn=ChromeSyncframe&so=0&topUrl=doramy.top&cw=1&lsw=1

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=doramy.top

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

2328780a29ec4659e56a5a8e017330c5a487c3831508021c99c5fce0449cb04d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=doramy.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 07 Oct 2021 14:39:54 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2484
expires: 0

GET
H2 200 x90
avatars.mds.yandex.net/get-direct/4474510/1oQc0AlscF6DCbh4K8pDag/ 4 KB
4 KB 103ms
31ms Image
image/webp 87.250.247.183
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4474510/1oQc0AlscF6DCbh4K8pDag/x90
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.250.247.183 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: avatars.mds.yandex.net
Software: nginx /
Resource Hash: 53c3c89ce7e82f38f119fa08a29968edfb26300be3120ce44e53fe5750296e0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:55 GMT
last-modified: Thu, 08 Apr 2021 20:01:37 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 3666
x-request-id: bccd408f707f14ef

GET
H2 200 x90
avatars.mds.yandex.net/get-direct/5261737/JXPMrjFSkTlOkDuDOard2w/ 3 KB
4 KB 103ms
31ms Image
image/webp 87.250.247.183
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5261737/JXPMrjFSkTlOkDuDOard2w/x90
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.250.247.183 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: avatars.mds.yandex.net
Software: nginx /
Resource Hash: 808b2823923f324e54083ba6b3d7b09f602648e16ad6c6db31e25bc25cd6967c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:55 GMT
last-modified: Tue, 05 Oct 2021 11:52:19 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 3230
x-request-id: 9bb5f604a8ea234f

GET
H2 200 1212039 Show response
mc.yandex.com/watch/ 295 B
330 B 32ms
32ms XHR
application/json 77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1212039?wmode=7&page-url=https%3A%2F%2Fdoramy.top%2Figra-v-kalmara-vse-serii&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A3%3Adp%3A1%3Als%3A1533470781672%3Ahid%3A344876536%3Az%3A0%3Ai%3A202101007143955%3Aet%3A1633617596%3Ac%3A1%3Arn%3A840666842%3Au%3A1633617595134645084%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1633617594243%3Anp%3ATGludXggeDg2XzY0%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633617596%3At%3A%D0%98%D0%B3%D1%80%D0%B0%20%D0%B2%20%D0%BA%D0%B0%D0%BB%D1%8C%D0%BC%D0%B0%D1%80%D0%B0%20%D0%B4%D0%BE%D1%80%D0%B0%D0%BC%D0%B0%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B7%D0%B2%D1%83%D1%87%D0%BA%D0%BE%D0%B9

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

0f77d61076ce26e45c1dfa94dc9787e1505cdeae6f165735939ae1e4a98218ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 07-Oct-2021 14:39:55 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://doramy.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 295
x-xss-protection: 1; mode=block
expires: Thu, 07-Oct-2021 14:39:55 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.82/1-1-0/ Frame 0FCB 24 KB
7 KB 33ms
33ms Document
text/html 178.154.131.215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.82/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.82/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

:method: GET
:authority: yastatic.net
:scheme: https
:path: /safeframe-bundles/0.82/1-1-0/render.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://doramy.top/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/

Response headers

server: nginx/1.17.9
date: Thu, 07 Oct 2021 14:39:55 GMT
content-type: text/html
content-length: 6262
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Sat, 07 Oct 2051 21:12:03 GMT
last-modified: Mon, 28 Jun 2021 10:29:24 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes

POST
H2 200 1 Show response
mc.yandex.com/watch/1212039/ 43 B
73 B 33ms
33ms XHR
image/gif 77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1212039/1?page-url=https%3A%2F%2Fdoramy.top%2Figra-v-kalmara-vse-serii&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A305%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A3%3Adp%3A1%3Als%3A1533470781672%3Ahid%3A344876536%3Az%3A0%3Ai%3A202101007143955%3Aet%3A1633617596%3Ac%3A1%3Arn%3A764814393%3Arqn%3A1%3Au%3A1633617595134645084%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1633617594243%3Ads%3A0%2C94%2C51%2C1%2C0%2C0%2C%2C162%2C0%2C1002%2C1002%2C3%2C311%3Adsn%3A1%2C93%2C51%2C1%2C0%2C0%2C%2C164%2C0%2C1002%2C1002%2C3%2C311%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633617596

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://doramy.top/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:55 GMT
last-modified: Thu, 07-Oct-2021 14:39:55 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://doramy.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 07-Oct-2021 14:39:55 GMT

GET
H2 200 1212039 Show response
mc.yandex.com/watch/ 43 B
73 B 34ms
33ms XHR
image/gif 77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1212039?page-url=https%3A%2F%2Fdoramy.top%2Figra-v-kalmara-vse-serii&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A3%3Adp%3A1%3Als%3A1533470781672%3Ahid%3A344876536%3Az%3A0%3Ai%3A202101007143955%3Aet%3A1633617596%3Ac%3A1%3Arn%3A320403701%3Arqn%3A2%3Au%3A1633617595134645084%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1633617594243%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633617596%3At%3A%D0%98%D0%B3%D1%80%D0%B0%20%D0%B2%20%D0%BA%D0%B0%D0%BB%D1%8C%D0%BC%D0%B0%D1%80%D0%B0%20%D0%B4%D0%BE%D1%80%D0%B0%D0%BC%D0%B0%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B7%D0%B2%D1%83%D1%87%D0%BA%D0%BE%D0%B9

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:55 GMT
last-modified: Thu, 07-Oct-2021 14:39:55 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://doramy.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 07-Oct-2021 14:39:55 GMT

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame 0FCB 95 B
400 B 107ms
31ms Image
image/png 87.250.250.114
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

87.250.250.114 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

ysa-static.passport.yandex.net

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 07 Oct 2021 14:39:55 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-RT-IH: 0.0002
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0001
Content-Length: 95
Expires: Fri, 08 Oct 2021 14:39:55 GMT

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame 0FCB 105 KB
37 KB 38ms
38ms Script
application/javascript 178.154.131.215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: doramy.top
URL: https://doramy.top/igra-v-kalmara-vse-serii

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.82/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:57 GMT
content-encoding: br
last-modified: Wed, 19 May 2021 13:42:44 GMT
server: nginx/1.17.9
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Sun, 10 Oct 2021 02:36:09 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: 9c17ef8f7c86e4f4

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame 0FCB 131 KB
47 KB 63ms
63ms Script
application/javascript 77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

d5c91393fc42ed4d1234c6180d0bd54ab46c10bcac71822415902d5cec48163f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:57 GMT
content-encoding: br
last-modified: Wed, 06 Oct 2021 08:41:01 GMT
etag: "615d36ed-b968"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 47464
expires: Thu, 07 Oct 2021 15:39:57 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame 0FCB 403 B
692 B 91ms
91ms Fetch
application/json 77.88.55.88
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fdoramy.top%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.55.88 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

yandex.ru

Software

Resource Hash

4ad925baffd5d6e58e41e9f5e56906098ba88607c28e2fff7afcffac07acb582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 0FCB 37 KB
14 KB 41ms
19ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

03b8f9e258f69727a11fc81ce93fbc8d0d5ca96489a1e84463af819efedf0782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14399
x-xss-protection: 0
server: cafe
etag: 3154747477907843336
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Oct 2021 14:39:57 GMT

GET
H3

200

/
www.google.com/pagead/1p-user-list/1014923426/ Frame 0FCB
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=vQZfYbKFLrSAx_APzuWDwA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=180772797&crd=&is_vtc=1&random=845299994

42 B
64 B

36ms
20ms

Image
image/gif

142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=180772797&crd=&is_vtc=1&random=845299994

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:57 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
location: https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=180772797&crd=&is_vtc=1&random=845299994
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-user-list/1014923426/ Frame 0FCB
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=vQZfYdWJLsLRgAfQ54yoDQ...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=506785227&crd=&is_vtc=1&random=3155203663

42 B
64 B

39ms
24ms

Image
image/gif

142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=506785227&crd=&is_vtc=1&random=3155203663

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:57 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
location: https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=506785227&crd=&is_vtc=1&random=3155203663
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.com/watch/ Frame 0FCB 167 B
266 B 32ms
31ms XHR
application/json 77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.82%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fdoramy.top%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A4phzp3o2dbm15p1mc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A69470571866%3Ahid%3A874673392%3Az%3A0%3Ai%3A202101007143957%3Aet%3A1633617598%3Ac%3A1%3Arn%3A522273107%3Arqn%3A1%3Au%3A1633617598911473082%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1633617595611%3Ads%3A0%2C0%2C32%2C1%2C0%2C0%2C%2C15%2C0%2C51%2C51%2C0%2C51%3Adsn%3A0%2C0%2C33%2C1%2C0%2C0%2C%2C16%2C1%2C52%2C52%2C0%2C51%3Ati%3A2%3Ast%3A1633617598

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

aaf7db319a6d2db06982064dffdbbab540c355645d21156bf2292f3e8b8bcc0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 07-Oct-2021 14:39:57 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Thu, 07-Oct-2021 14:39:57 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 0FCB 43 B
72 B 32ms
32ms Image
image/gif 77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:39:57 GMT
last-modified: Wed, 06 Oct 2021 08:41:01 GMT
etag: "615d36ed-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 07 Oct 2021 15:39:57 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 0FCB 2 KB
1 KB 28ms
20ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1633617597772&cv=9&fst=1633617597772&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.82%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fdoramy.top%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

c439c780d3f861389f2b923464bc9354ee4b8636fdf0bc34ff3230558d8a2c74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1089
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 0FCB 2 KB
1 KB 26ms
18ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1633617597775&cv=9&fst=1633617597775&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.82%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fdoramy.top%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e55e2cc8e42b1762a7806f17c7a9e4c8085b3476f24dbd61d619c702ff699b7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1091
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 0FCB 2 KB
1 KB 26ms
21ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1633617597778&cv=9&fst=1633617597778&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.82%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fdoramy.top%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

b34f525c28bd6fbe36c8ad86998d0e81ff627d2e1f164fc44cfd033ded969487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1090
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 0FCB 2 KB
1 KB 30ms
26ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1633617597779&cv=9&fst=1633617597779&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.82%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fdoramy.top%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

f1ca87da18c71ed49af50f0ee0115263c2e135f7ee8167dac6c085a9d1612956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1088
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame 0FCB 350 B
381 B 31ms
31ms XHR
application/json 77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.82%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fdoramy.top%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3A4phzp3o2dbm15p1mc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A2%3Adp%3A1%3Als%3A56407427462%3Ahid%3A874673392%3Az%3A0%3Ai%3A202101007143957%3Aet%3A1633617598%3Ac%3A1%3Arn%3A594542144%3Arqn%3A1%3Au%3A1633617598911473082%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1633617595611%3Ads%3A0%2C0%2C32%2C1%2C0%2C0%2C%2C15%2C0%2C51%2C51%2C0%2C51%3Adsn%3A0%2C0%2C33%2C1%2C0%2C0%2C%2C16%2C1%2C52%2C52%2C0%2C51%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633617598%3At%3A

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

10590f58192e41f52c5d318ee105d59f8304d2a0dc475a2a38ee9d9eb7a43456

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 07-Oct-2021 14:39:57 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Thu, 07-Oct-2021 14:39:57 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 0FCB 42 B
64 B 35ms
20ms Image
image/gif 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1633617597775&cv=9&fst=1633615200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.82%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fdoramy.top%2F&async=1&fmt=3&is_vtc=1&random=3102875045&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 0FCB 42 B
64 B 32ms
19ms Image
image/gif 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1633617597772&cv=9&fst=1633615200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.82%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fdoramy.top%2F&async=1&fmt=3&is_vtc=1&random=620848820&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1U4XpXwK0Sy100000000U9nJtANtf-jnwPGcGwFZF_n2qbu5MkvcYqza009Fc4Yezs5ZhzZsEY66L4QWUARHyGEk8F5I4Ays1KYqCeB8gK2-0iDCnWml1Z1Oo2XW3M6jP5mW3c7jPNpU8Sbm5Co_oWWou2uZWmm3mr_6MKmC37EPG29BcKunCp2iPOe2iiyo_GU2f...
an.yandex.ru/rtbcount/ 43 B
348 B 32ms
32ms Image
image/gif 93.158.134.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/rtbcount/1U4XpXwK0Sy100000000U9nJtANtf-jnwPGcGwFZF_n2qbu5MkvcYqza009Fc4Yezs5ZhzZsEY66L4QWUARHyGEk8F5I4Ays1KYqCeB8gK2-0iDCnWml1Z1Oo2XW3M6jP5mW3c7jPNpU8Sbm5Co_oWWou2uZWmm3mr_6MKmC37EPG29BcKunCp2iPOe2iiyo_GU2fqmlW2Alc0Ik1Yz_QtISWU7Q-ZAR8sTP6VuoiO2iPsO5ahtCYY17C8ECcClC1B8MI2e0QG66ZSmhJycjlMgJp7kI6URZgs2LTy7aJsO79twm0sUnA9HccbjablePvdXwcplbM6OO61S4fQSxkoSxUMU668KuBMGHtZi3h7W5opxE7IpC1rWOBx3SMNRXsA6B7w-AtMI1UFM3_KEMMJD1uARzMnQGXoUmJhqmuL1pWyS2LiwJhE8QR61rDrbtbUNQRbrzrFOhAyYp4zXstVrmVSUUkQUQ61UmxTxqy4tNYqz_rZEkP8EPzeYDDpJTqgggEAieAxiunFmb6yn602kobj00?confirmTime=2101000&confirmRatio=1000000&test-tag=316710888407042&format-type=100&actual-format=12&rnd=3245436419970&pcode-active-testids=429815%2C0%2C56%3B431905%2C0%2C29%3B420897%2C0%2C39&banner-sizes=eyI3MjA1NzYwNDYzNTU0MDc4NSI6IjQ4Mng5MCIsIjcyMDU3NjA1MjE5NjQ4NzQ5IjoiNDgyeDkwIn0%3D&width=1110&height=90

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

93.158.134.90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:57 GMT
content-encoding: gzip
last-modified: Thu, 07 Oct 2021 14:39:57 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 07 Oct 2021 14:39:57 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 0FCB 42 B
64 B 18ms
18ms Image
image/gif 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1633617597778&cv=9&fst=1633615200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.82%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fdoramy.top%2F&async=1&fmt=3&is_vtc=1&random=4137076816&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 0FCB 42 B
64 B 16ms
16ms Image
image/gif 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1633617597779&cv=9&fst=1633615200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.82%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fdoramy.top%2F&async=1&fmt=3&is_vtc=1&random=1034544039&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 WL4ejI_zO9q0FGe0D15ACyDB2jzaq0K0dG4GW8200J6x1bzX000003YE-fC1Y081kG9wQ_sIJzVHfV02zQRv5_050Q06o0791hek_8hZTPI2gGSony15L6RgKO0A0OWA2QWAw0T1j6x6CiS009i_Tpp4pV0B1k0DWe20WO20W0YO3hhTyDUul9tAWW6e3xAEu_V4o...
an.yandex.ru/count/ 43 B
152 B 43ms
43ms Image
image/gif 93.158.134.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/count/WL4ejI_zO9q0FGe0D15ACyDB2jzaq0K0dG4GW8200J6x1bzX000003YE-fC1Y081kG9wQ_sIJzVHfV02zQRv5_050Q06o0791hek_8hZTPI2gGSony15L6RgKO0A0OWA2QWAw0T1j6x6CiS009i_Tpp4pV0B1k0DWe20WO20W0YO3hhTyDUul9tAWW6e3xAEu_V4ofdrKP0GkCBFz8IIrwvk-10GW14IqFYvaotm4X3W507O5S6AzkoZZxpyO_205fNGaCA3W4Z95l0_WHUe5mcP6D0O8VWOW1cm6RWP____0S0PkksrwzFswk8zqXaIUM5YSrzpPN9sPN8lSZKtCoqpw1dM2F0PWC83WXmDLMSvEdfpQd9gQtDKD-aSW1t_Vn00K6JyTn1OlGElpCPGi16AXabq2o6cnF1SjbgEinxLS_8g7lEmXzevAZvmO8F1tuOP~1=WfaejI_zO1G2VHG0b2FBdASs50EkvzcmG801zzMC0uW1wDR4z7EG0UBqrVhEW8200fW1ulJL-awW0Ohjg06AxTNwJhW1YFpev27O0Voahva1u06MbQ-P0UW1l0Fu0TYFthu1e0AE-eK1W0Fm-SJo0uW3iu-seWUO0uoD1R03Wn681QED3905wOKDi0N4g0Eu1SIe0y05aiX3o0NNbX7G1UUf0U05FgW6o06m1u20a3Iu1u05yGS008Y7_KA02W712fRI-HcKgym_oVWAWBKOsGiony15L6RgKUWBeuqCY0pOZzw-0UWCcmQO3U358Z-W3i24FO0Glf207S2ma881q13iXwzVu16J-k84w16gZhVZkDUOfRxuaa0QR1kbFmVJFvWJ0gWJtARGniBHyTKMu1F4g0E85CZnmwAJoBZe8A0KnAW3g1JfXGsm5Ek1CBWKWDCE0j0KtztM7jWKrh7bYWRe58m2q1NMiUMA1jWLmOhsxAEFlFnZe1Rm-igA1h0MiWF95j0Ms8_UlW615m3mFvWNbxMqBBWN0S0NjHBG5z260zWN-Reww1SAcHYW60Um68Vs-ue6k1Wl-1YxnEUEbRtoolW1W1c96HSe1W000000a1a1e1d00QWPtOtbbGIu6V___m7W6Ghe6TO8y1c0mWE16l__-pzGXgIEY1h0X3sG6e10e1gybv-2mTYKmZNr6W40002O6-358kaRnmMq6gBkPK7m6yV3o1Nu6zpuxmJf703mFu0T_t-P7G3mF-0TrQwU1QWU0Hi0G12G6a23mk5dI1dZE1JiKPJXzg0Q0hLuFWeqDYJZQqaiOkfv5q8MmAiGV15GWM2C81JoWnOGZwItA3qFN4SCJEgS5L3uv28GI-aSKJENO9k00m00~1=WfaejI_zO1y2VHG0j2ENmnNK7mEuovBGhI600G680TY_dP1_a07Qazodqu20W0AO0TgJtATJe07Og07Ok07etzs08zW1zfYGdW7W0OZ6iGpe0QO3-07atzw-0Q02ijNs5S022w031B030gS9Y0Mvy1AG1O_R4x05g_m5k0Mh_0N01SVR5iW5vl06q0NBW0BW1PG1c0Q6xgYJ0QW6o06m1u20a3Iu1xGGu0Ua3_470032Wjcg-mgHF4DtOHRhFydP2pB7m4LKPkfHw0kvy1A839wbvBu1w0oR1fWDuCKYi3wW3i24FO0Gkygm7y2W4E0Ha_hY1EWHgewtuxZNcAM--990HsV_sdA4nZ-O4mAe4zocqCR2qV7L5k0Jg_m5W1I088WKoF73efF8kEWWe1Ih_0Me58_R4mtO596Hyue6w1IC0iWLdwtYgCe2q1MHaVEA1jWLmOhsxAEFlFnZe1Rm-igA1h0MiWF95j0MdgNalW615m3mFvWNrkpV3hWN0S0NjHBG5z260zWNXya-w1SCcHYW60km68Vs-ue6k1XR-1YxnEUEbRtoolW1W1c96HSe1W000000a1a1e1d00RWP_m7W6Gpe6TO8y1c0mWFu6RhpkXw16l__s-U7bTmfY1h0X3sG6e10e1gPxOd2auwuheK1k1e2zHe10000c1lWnIBO6m7f6pDGD2tti151y1kKiphu6vVoEUaS0F0_W1t_VvaT0F0_w1suWTYBt_JAcYZm7StpaD7SzCgQAFWTbyskczpqofeeg1u17010492wG8C5-C49EmvbU1Hbk7sKXa2I9TL0MaCoTfR4agNU825asRiAGTqPQY3m1mJYD6WvaXGZ10pCUIwOZHYczMbZG7i4LW71jIOXmJO11m00~1?stat-id=1&test-tag=316711236571681&banner-sizes=eyI3MjA1NzYwNDYzNTU0MDc4NSI6IjQ4Mng5MCIsIjcyMDU3NjA1MjE5NjQ4NzQ5IjoiNDgyeDkwIn0%3D&format-type=100&actual-format=12&pcodever=44608&banner-test-tags=eyI3MjA1NzYwNDYzNTU0MDc4NSI6IjU3MzYxIiwiNzIwNTc2MDUyMTk2NDg3NDkiOiI1NzM2MiJ9&pcode-active-testids=429815%2C0%2C56%3B431905%2C0%2C29%3B420897%2C0%2C39&width=1110&height=90&confirmTime=2101000&confirmRatio=1000000&wmode=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

93.158.134.90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doramy.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 14:39:58 GMT
content-encoding: gzip
last-modified: Thu, 07 Oct 2021 14:39:58 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 07 Oct 2021 14:39:58 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.82/1-1-0	1970-01-19 21:48:23	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.82/1-1-0	1970-01-19 21:48:23	Name: pcs3 Value: 1
.doramy.top/	1970-01-20 15:18:09	Name: _ga_T657KHEYB7 Value: GS1.1.1633617594.1.0.1633617594.60
.otm-r.com/	1970-01-20 06:32:33	Name: mpid Value: NjE1ZjA2YmEwYTVhMmEyZQ==
.exchange.buzzoola.com/	1970-01-19 22:30:09	Name: uuid Value: 2f05ba10-17f5-4469-6bc1-a770aa5b2b59
.doramy.top/	1970-01-20 15:18:09	Name: _ga Value: GA1.2.1976281915.1633617595
.doramy.top/	1970-01-19 21:48:23	Name: _gid Value: GA1.2.1471154969.1633617595
.doramy.top/	1970-01-19 21:46:57	Name: _gat_UA-113455476-1 Value: 1
.yadro.ru/	1970-01-20 06:31:30	Name: FTID Value: 1XNmQw1ivE8A1XNmQw0007sB
ssp.bidvol.com/	1970-02-13 18:18:21	Name: bvuid Value: 9hhjnmstth
.adhigh.net/	1970-01-20 06:32:33	Name: gi_u Value: 8iWsXR3LiAT.AikABlF8WzJJVw
.yandex.ru/	1970-01-20 06:32:33	Name: yandexuid Value: 9409275141633617594
.betweendigital.com/	1970-01-20 06:32:33	Name: dc Value: mow1
.betweendigital.com/	1970-01-20 06:32:33	Name: tuuid Value: 95570af2-10b2-5118-9abe-95d7fbe1936d
.betweendigital.com/	1970-01-20 06:32:33	Name: ut Value: YV8GugALDCBXBUxmvN8f0h42TiL9p5PYSdbGKQ==
.betweendigital.com/	1970-01-20 06:32:33	Name: ss Value: 1
.betweendigital.com/	1970-01-20 06:32:33	Name: unm Value: 1
.yadro.ru/	1970-01-20 06:31:30	Name: VID Value: 06Sr2s1nWmOA1XNmQw000LM5
.doramy.top/	1970-01-20 06:32:33	Name: _ym_uid Value: 1633617595134645084
.doramy.top/	1970-01-20 06:32:33	Name: _ym_d Value: 1633617595
.mc.yandex.com/	1970-01-19 21:46:58	Name: sync_cookie_csrf Value: 2153102073fake
.doramy.top/	1970-01-19 21:48:09	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-19 21:46:58	Name: sync_cookie_csrf Value: 3692099739fake
.yandex.com/	1970-01-20 06:32:33	Name: yandexuid Value: 9409275141633617594
.yandex.com/	1970-01-20 06:32:33	Name: yuidss Value: 9409275141633617594
.mc.yandex.com/	1970-01-19 21:48:23	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1426383841633617594
.yandex.com/	1970-01-23 13:22:57	Name: i Value: okfxKGSd5ofySiVv/kZPm+mEVcFf2EWfuMq/6kBqra9Joqf1auK7sWC3PlwKWJ+3fai3aRR4OkQVIEwxU+2/fnt6cok=
.kodik.cc/	1970-01-20 06:32:33	Name: _ym_uid Value: 163361759542863984
.kodik.cc/	1970-01-20 06:32:33	Name: _ym_d Value: 1633617595
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 355765481633617595
.yandex.ru/	1970-01-23 13:22:57	Name: i Value: gE31HLi+V2m8gBc9Y0G2ruWOFcmmw2E1ysydHZpTkLNbWsOVXQDaxH/nFsQuoemdRkweucsfaTNyOc1VXC03U2xliUA=
.yandex.com/	1970-01-20 06:32:33	Name: ymex Value: 1665153595.yrts.1633617595#1665153594.yrtsi.1633617594
.kodik.cc/	1970-01-19 21:48:09	Name: _ym_isad Value: 2
.ssp-rtb.sape.ru/	1970-01-25 20:05:16	Name: sspuid Value: fwAAAWFfBro1mwAV1s7IAj+mWy0bf15u4+QZD+l+hTdP05JD
.yandex.ru/	1970-01-20 06:32:33	Name: yuidss Value: 9409275141633617594
.yandex.ru/	1970-01-20 06:32:33	Name: ymex Value: 1665153595.yrts.1633617595#1665153595.yrtsi.1633617595
.criteo.com/	1970-01-20 07:08:33	Name: uid Value: 335ddd48-2c2a-470e-accc-f1f004547f57
.doramy.top/	1970-01-20 07:08:33	Name: cto_bundle Value: RF4eaF9Gc0tMcXI0TFk3cDEyQm1GRTd0N29ENUZTa3hxVVMzdEhpUTJObiUyRkNOVFNZYWFPcXBsMEVobExoWnFLaVhSakgyNzJoSldzJTJGVFQ5ZHh6aGRzV1l1QzZXdTVOOTZ6dkNxNWgxZGZPZyUyRlBiT2pMT0dDWk9GbTBLdzE2V1VIRnlIZHQlMkZwUzU3Y1E4VEFmUU9OcUFRTUdUUSUzRCUzRA
.yandex.ru/	1970-01-20 15:18:09	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 15:18:09	Name: is_gdpr_b Value: CKDNLhDpSRgB
.doubleclick.net/	1970-01-19 21:46:58	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://doramy.top/igra-v-kalmara-vse-serii(Line 188) Message: Allow attribute will take precedence over 'allowfullscreen'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adfox-c2s-ams.creativecdn.com
ads.betweendigital.com
ads.digitalcaramel.com
an.yandex.ru
analytics.google.com
avatars.mds.yandex.net
bidder.criteo.com
cdn.jsdelivr.net
cloud.kodik-storage.com
coliseum.cloud.kodik-storage.com
counter.yadro.ru
doramy.top
exchange.buzzoola.com
fonts.googleapis.com
googleads.g.doubleclick.net
gum.criteo.com
kodik.cc
ls.player-cname-domain.com
matchid.adfox.yandex.ru
mc.yandex.com
mc.yandex.ru
pb.adriver.ru
px.adhigh.net
ssp-rtb.sape.ru
ssp.bidvol.com
static.criteo.net
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
yandex.ru
yastatic.net
yhb.p.otm-r.com
ysa-static.passport.yandex.ru
cdn.jsdelivr.net
104.16.86.20
109.236.85.10
138.201.34.238
142.250.185.164
142.250.185.206
142.250.186.130
142.250.74.200
148.251.4.142
157.90.179.215
172.217.18.106
172.217.23.98
173.194.76.156
176.58.48.48
178.154.131.215
178.250.0.165
178.250.2.130
178.250.2.146
185.129.100.109
185.179.190.95
185.184.8.65
185.190.188.195
193.232.148.151
195.209.111.22
65.108.1.48
77.88.21.119
77.88.55.88
87.250.247.183
87.250.250.114
88.212.201.210
88.212.252.2
88.99.234.26
93.158.134.118
93.158.134.90
03b8f9e258f69727a11fc81ce93fbc8d0d5ca96489a1e84463af819efedf0782
0ac64b4e0f7cf76543b87de22dad5eda550e56acb59090d536fc508149b860a0
0e2b3273f85e577f1a31ea94153ddafb49d8e591396fbbc8affad04d5386e512
0f77d61076ce26e45c1dfa94dc9787e1505cdeae6f165735939ae1e4a98218ae
10590f58192e41f52c5d318ee105d59f8304d2a0dc475a2a38ee9d9eb7a43456
10c861bc88c25be1f3ee98f7652bc7fbb35857f42f923e00c6037b757c77685e
1406d8dea59d2acf7126777b3c6d3bd8f9a0a5cde3d81bc93b60a7c355d0c7cc
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
19218bc95d40108dfa9ca2cdf435debd69f49302ef8e6bab5d4d626a5b7d7ae2
1a9cb94e156c90d133d639fd0871dd2285e88ac29cf9fca29ddffb4c9202b5f6
1d0117d0bbc663f1ec1cc27cae9973f2f85397a37e9afa11ca71c0b5017c4141
20f2d6255fe749341e6543047782811c5977380c562e7163efa64594d88c6b3d
213cb087a9bb0512a6f9a697d63af72d8d90489ca61bb61affc9b0e53590377d
2328780a29ec4659e56a5a8e017330c5a487c3831508021c99c5fce0449cb04d
23a593b156dc434de276a0a1ba3e410b6593bec2652de5c022f0da18a5ccd6e5
2751eb32e3720b540ff8210d70e6af4c916a255ff05d96130d0125576b14afa5
27e7fbbd6777b1881a85faa9c14c6d0c5bf9be0ada2a5369b48068618a902eac
3000020a2faa43a70a15d1e594265ca9ede8916b9528163e8cae960df545e59b
357abb4b6b6c077e1285a2c8b2d2e03c268a0ef223062782d094728b85cd2f6c
39d6fbd7b9938804854b244dccb51a2fb3f7d8b405c04e4cc13648d46aa53651
4ad925baffd5d6e58e41e9f5e56906098ba88607c28e2fff7afcffac07acb582
4b1942d62fd6528155cafb9f6d96ee80ba791ec1f06ccab827a915d848555234
4b1f9986a23b02ceb506193f4aa94da71001bdc046231dc83f0a79d83e692911
517d9a85db5827a119c8efbc4f1b8cd324adf73d40aad9d078db52e515c5037d
5307f101ffa74d83e44ccc5cbaa1193577fe0c9c659fb40fedb9d403acbb186a
53c3c89ce7e82f38f119fa08a29968edfb26300be3120ce44e53fe5750296e0f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
589bc47701827224c0b686ca5fae614e71ac5abce822e5412bdcc23cc04f0459
5e7d0ad580fba5f6438559c1716c9e2ca8fde3d2ce823701d9503f99722a3710
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
808b2823923f324e54083ba6b3d7b09f602648e16ad6c6db31e25bc25cd6967c
808ecd508fafb1836f5a350eb2165824e8130f96ba29e1b35d9d473d8b13708e
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
85f0cfa70d99fd32e4f20e2c1abb0e5b567749cc52e71e9cff67300ec54b7b10
8808bfcc90682db911afe6ec5c7bca652ab0ed2a2b1c50e60a58694e7980da3d
8a1bd6c31a4b05e0ebc4b58a9f127f85b8dc87eee1b80c068aa10721640d9321
8db90db80b7317a1fea2c851b8c5f367cfafc9477c14db983dc572607e1ce1dd
8e96268766735ae11a87d1e3bea4e681b0b05e3afa54d79806dc1f550597fa15
8ea8ef6a20a2f7307560b9fee2788613b13492d30582c95b6f57bc53383b68bd
8ee8ac10188e1abeca3abe2112c04ba0d7a9d9149ff6b6ea7e5de3ef5048d534
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
96224b0ee3eaf0ff6582cf7330efe2e8f886944c27bc18193196760d1790e76a
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
a320132a9473a1c3bbe964b1cdeaf5fb883dfbc4d951e6d55b7026ddc45a16a7
aaf7db319a6d2db06982064dffdbbab540c355645d21156bf2292f3e8b8bcc0c
ab67e512f9667cbbd30bd199a715c9cdfca225a081601a99ccd2750337170976
abd0f965d58c5616a9e36f4cbeaed7e3b2e7c8cb017bf407a265b8844c0859d0
b13dc2a8371fc77701d13cc67bbcbcba4fe6ae9c3f84750b42613ea7145f2a15
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b34f525c28bd6fbe36c8ad86998d0e81ff627d2e1f164fc44cfd033ded969487
bb51b9caddb8a0e55d70c819b8a8903fbf2f94b7ad453653ec6aa0e823524276
bddb258ff007fb2be34df4f7940e19b8eb3f31ade15ab0a80db6749441965f25
c439c780d3f861389f2b923464bc9354ee4b8636fdf0bc34ff3230558d8a2c74
ca4b3c637fb6fd4e1e48b71a7425b711b5578e5c86184560a296eb2b8c639e45
cb2b18ff7b82cdbab0ba5f095448f16c159526ff504699042f8069f1a70ae7f4
ccff4e84f080ada5b0519fb16f2827cf5e1630f15b280ac4cdd1f11d993afa93
d5c91393fc42ed4d1234c6180d0bd54ab46c10bcac71822415902d5cec48163f
d63865ca0fb18bf2c52ac850a7e25935be065ee10aed1af1ff0369656ebbf286
dcfbe8bc092d0fccfe25cfedcda1272e7e8bb916d4a7a64273de1f51c226f7fa
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47cc0239f24b9e9d35c84ecea92d6700429796639ef2f1c2fe88b92834c806a
e55e2cc8e42b1762a7806f17c7a9e4c8085b3476f24dbd61d619c702ff699b7b
e7a754dc68b051e1b18bbf37fc0f5557196bc8db1c5f1c31ce5d242ea5c95ed6
eb0b7620ea4d111b2ccf64cadb906f2897defd8d57ed3c6398731ad6ffd5cb98
ebbfdc8a0892a560dcb391cbb4e94cdc18faffc8e5afa1601affe95c303c4f7d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ca87da18c71ed49af50f0ee0115263c2e135f7ee8167dac6c085a9d1612956
f3929c4b9ef2a501bc8537ec4a88b3a13a76543f664c714d5b3305f53d8f6572
f88bb57db2810d820bcc9b1e24a9cbb036c1a8d64268f53243f78dc2c40b3525
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff32c3eee8cb465b272d91604fdc9cfa925dbac7ed836078a5c5e9c915a924e3

doramy.top Open in urlscan Pro 185.179.190.95 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

98 Requests

99 %HTTPS

0 %IPv6

27 Domains

35 Subdomains

33 IPs

7 Countries

1309 kBTransfer

4128 kBSize

42 Cookies

7 Outgoing links

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

doramy.top Open in urlscan Pro
185.179.190.95 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

99 %
HTTPS

0 %
IPv6

27
Domains

35
Subdomains

33
IPs

7
Countries

1309 kB
Transfer

4128 kB
Size

42
Cookies

98 HTTP transactions
10 data transactions