urlscan.io logo urlscan.io
SecurityTrails logo

ds2play.com Open in urlscan Pro
2606:4700:20::681a:8aa  Public Scan

Go To Rescan Add Verdict Report
URL: https://ds2play.com/e/knuggdm0869x
Submission: On November 19 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 6 countries across 17 domains to perform 58 HTTP transactions. The main IP is 2606:4700:20::681a:8aa, located in United States and belongs to CLOUDFLARENET, US. The main domain is ds2play.com. The Cisco Umbrella rank of the primary domain is 65384.
TLS certificate: Issued by GTS CA 1P5 on October 2nd 2023. Valid for: 3 months.
This is the only time ds2play.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
10 2606:4700:20:... 13335 (CLOUDFLAR...)
2 8.255.53.121 3356 (LEVEL3)
4 2600:9000:221... 16509 (AMAZON-02)
3 2404:6800:400... 15169 (GOOGLE)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
4 172.64.132.28 13335 (CLOUDFLAR...)
5 18.172.52.99 16509 (AMAZON-02)
4 13.227.62.118 16509 (AMAZON-02)
8 104.21.42.8 13335 (CLOUDFLAR...)
1 2a03:2880:f10... 32934 (FACEBOOK)
4 6 2404:6800:400... 15169 (GOOGLE)
1 51.83.239.67 16276 (OVH)
3 23.106.127.147 59253 (LEASEWEB-...)
2 2600:9000:213... 16509 (AMAZON-02)
1 23.106.127.154 59253 (LEASEWEB-...)
1 3.5.85.14 16509 (AMAZON-02)
58 19
5    2606:4700:20::681a:8aa (United States)

ASN13335 (CLOUDFLARENET, US)
ds2play.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
10    2606:4700:20::681a:74a (United States)

ASN13335 (CLOUDFLARENET, US)
i.doodcdn.co
img.doodcdn.co
2    8.255.53.121 (United States)

ASN3356 (LEVEL3, US)
cdn.tsyndicate.com
4    2600:9000:2219:7200:13:4c71:26c0:21 (United States)

ASN16509 (AMAZON-02, US)
du0pud0sdlmzf.cloudfront.net
3    2404:6800:4004:813::2003 (Australia)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700:3031::6815:22d2 (United States)

ASN13335 (CLOUDFLARENET, US)
i.doodcdn.com
4    172.64.132.28 (United States)

ASN13335 (CLOUDFLARENET, US)
pogothere.xyz
5    18.172.52.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-52-99.nrt20.r.cloudfront.net
orgotitedu.info
4    13.227.62.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-62-118.nrt20.r.cloudfront.net
adiingsinspiri.org
8    104.21.42.8 (None, )

ASN13335 (CLOUDFLARENET, US)
setitoefanyor.org
1    2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    2404:6800:4004:821::200d (Australia)

ASN15169 (GOOGLE, US)
accounts.google.com
1    51.83.239.67 (Poland)

ASN16276 (OVH, FR)
PTR: ns3167902.ip-51-83-239.eu
wws306l.video-delivery.net
3    23.106.127.147 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
fvcwqkkqmuv.com
2    2600:9000:2138:9c00:1:c788:1640:21 (United States)

ASN16509 (AMAZON-02, US)
d18t35yyry2k49.cloudfront.net
1    23.106.127.154 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
limurol.com
1    3.5.85.14 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
webpick-cdn.s3.us-west-2.amazonaws.com
Apex Domain
Subdomains		 Transfer
10 doodcdn.co
i.doodcdn.co — Cisco Umbrella Rank: 37885
img.doodcdn.co — Cisco Umbrella Rank: 38272
606 KB
8 setitoefanyor.org
setitoefanyor.org
3 KB
6 google.com
accounts.google.com — Cisco Umbrella Rank: 24
3 KB
6 cloudfront.net
du0pud0sdlmzf.cloudfront.net
d18t35yyry2k49.cloudfront.net
149 KB
5 orgotitedu.info
orgotitedu.info — Cisco Umbrella Rank: 44033
6 KB
5 ds2play.com
ds2play.com — Cisco Umbrella Rank: 65384
54 KB
4 adiingsinspiri.org
adiingsinspiri.org
6 KB
4 pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 31227
202 KB
3 fvcwqkkqmuv.com
fvcwqkkqmuv.com — Cisco Umbrella Rank: 32088
37 KB
3 gstatic.com
www.gstatic.com
29 KB
2 tsyndicate.com
cdn.tsyndicate.com — Cisco Umbrella Rank: 14370
38 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
29 KB
1 amazonaws.com
webpick-cdn.s3.us-west-2.amazonaws.com — Cisco Umbrella Rank: 87047 Failed
10 KB
1 limurol.com
limurol.com — Cisco Umbrella Rank: 24777
600 B
1 video-delivery.net
wws306l.video-delivery.net — Cisco Umbrella Rank: 531484
15 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
1 doodcdn.com
i.doodcdn.com — Cisco Umbrella Rank: 44919
460 B
58 17
Domain Requested by
8 setitoefanyor.org ds2play.com
d18t35yyry2k49.cloudfront.net
8 i.doodcdn.co ds2play.com
i.doodcdn.co
6 accounts.google.com 4 redirects ds2play.com
5 orgotitedu.info du0pud0sdlmzf.cloudfront.net
d18t35yyry2k49.cloudfront.net
5 ds2play.com 1 redirects cdnjs.cloudflare.com
ds2play.com
4 adiingsinspiri.org du0pud0sdlmzf.cloudfront.net
4 pogothere.xyz du0pud0sdlmzf.cloudfront.net
4 du0pud0sdlmzf.cloudfront.net ds2play.com
orgotitedu.info
adiingsinspiri.org
3 fvcwqkkqmuv.com ds2play.com
fvcwqkkqmuv.com
3 www.gstatic.com ds2play.com
www.gstatic.com
2 d18t35yyry2k49.cloudfront.net ds2play.com
orgotitedu.info
2 cdn.tsyndicate.com ds2play.com
cdn.tsyndicate.com
2 img.doodcdn.co ds2play.com
cdnjs.cloudflare.com
2 cdnjs.cloudflare.com ds2play.com
1 webpick-cdn.s3.us-west-2.amazonaws.com d18t35yyry2k49.cloudfront.net
1 limurol.com fvcwqkkqmuv.com
1 wws306l.video-delivery.net text
1 www.facebook.com ds2play.com
1 i.doodcdn.com 1 redirects
58 19

This site contains links to these domains. Also see Links.

Domain
doodstream.com
Subject Issuer Validity Valid
ds2play.com
GTS CA 1P5		 2023-10-02 -
2023-12-31		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
cdn.tsyndicate.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-14 -
2024-07-14		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
orgotitedu.info
Amazon RSA 2048 M02		 2023-10-12 -
2024-11-10		 a year crt.sh
adiingsinspiri.org
Amazon RSA 2048 M02		 2023-11-15 -
2024-12-13		 a year crt.sh
setitoefanyor.org
GTS CA 1P5		 2023-11-15 -
2024-02-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-28 -
2023-11-26		 3 months crt.sh
*.video-delivery.net
Sectigo RSA Domain Validation Secure Server CA		 2023-08-07 -
2024-08-07		 a year crt.sh

Buypass Class 2 CA 5		 2023-10-28 -
2024-04-24		 6 months crt.sh
*.s3-us-west-2.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-08-03		 10 months crt.sh

This page contains 8 frames:

Primary Page: https://ds2play.com/e/knuggdm0869x
Frame ID: EC917D633A0AAB5F21FCD805502C2F51
Requests: 49 HTTP requests in this frame

Frame: https://orgotitedu.info/NmV0NVVXBxdYaldYFhMgRAlJEGdwQEZzMUNVBEAxBhYQWThMA1pWOVkQEFMnWQsAGztTEVEHE1gxM0E/Yx81Qxd3VUVxL1EmNgdhfAMyewFsAhBEFGQkTG0/TjI3QhMOJwx8FHUzPQEUXTAaZjxeMiNbA1UpJWAQVA0tRRdnJwF0AlkuNk8QeAAxBQ1/VExbA14gRGcWVTwydhNvKRN3E3wJMk0XURIEYgZ3LTVbDHUmGAAbbx0iEGd0MkRGPmE2PWURdTcwVANaMSRgB0YyIns8dyI+VwdbJw1UA1oxPnM+Xz0iUWd3EkF6AGErPVA5Dy4QUh8OJhwYGFw9N142dA8yVx9kXDNsDWxQI3MHDyRHRRpjMjlsH0EoLGU5ThUjZhcEJBpCHXUPHGM0YAkgexNjEzV0LQAjLAA3dyEAdhxBPDNRMn8uI1kfRy0aTRNgMjlwMGMzJ28yWhUjYxhRMCdaHnMxG2MzX1QjbBRSDCNzAwc3LHM0EA8HWjtGWBxnGX0cF283Qgw
Frame ID: F87EB988EC75AFA23109E53400AF4298
Requests: 2 HTTP requests in this frame

Frame: https://adiingsinspiri.org/eTVBUGsYVyI9VBgII3YeC1l8dVk/EHMWDwwFMSUPSUYlPAYDU28zBxZAJTYZFls1fgUcQWRiLRtRGQYeHQcQBywedBMHHDxWAjsbHWQqFggoBAcEIwEFGBMML3wGBTkscytgWyhcDGIhOEIGAQw8ZQI7Gx1gOTs7PmQPGT4ORhsSWxFwEhIyOHNxOAosZwQFODh4GBgDDm8AODE7ZzseCS5jEwE5SAAnFRMOVwI4DC13LRIIK0IuEj4/TQkGPi9XGTwhIXtwEggrTQwzLEhdBQE+IAYSYD0scRQeCiFeBxg5KA0JFikSZAYCIj59KScKLFkYKjo/GHAROBJvBQNbL2AZAl8+dDY7MSxzNmA6LFEHEQNNZQQWKRpnNh06P1IUCT8vdwkIAyh4AygEPXAqFiM0BHgXMy9BBwEuP2AQBSk4Zy0WJixzORgtAWQVFBwsexQVCBZkLTQoLgRwEjoedwgIHF9fMj8FCQg2Y1safRtlLDpkIyE
Frame ID: 58F1666E5721441217028AA99878B55F
Requests: 2 HTTP requests in this frame

Frame: https://adiingsinspiri.org/ZDgzTVUFWlAgagUFUWsgFlQOaGciHQELMREIQzgxVEtXITgeXh0uOQtNVysnC1ZHYzsBTBZ/EwNuAh86MH1UfRoTYUIpLCkBdwUTHGIBGzQBYHE1BQxLWQc8AEh6BTIPcVl9PTR6B38UMHFlBwQ2QXsJDBdZXnwaLXtYeBhVbkIBAQ8LZRVkEXZZDB4HYEs1HCZfWQRnC1V3NzIOcnAANC57XHU2DAhHKQELD3YkAA93SRsbAl8GJDAIUEMoOAAAezQACXVJPjM0CgIhDyVhBy8CMlNkFS0JYgALNyBVAiEPJgBfBzgiX2cVbS9bXhcMKnAGJzMxFQJoZyZddxQ+I3tyORwgfXgHLCFSUBs6L15kHz82VgpoZyZbXhcMPnt+aGcicXIYMgZvZhUBPA0HAi9UfHgaZAhicnUlL0JEegQzVAUXLwd5YyQ2UnVmfHBWencgDwhtZAdhAW95FDAsCQYXA1UJURoDD39KfSAqUWoPNDxXYRQDEA9pIAcNbFkhZD5fFScmC1ZDcB1QVEYkHBRuUhgPPVVg
Frame ID: 00A50DDEC04FAFA692AE81071364FDDB
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 80EAE438F48A6AB1116453F5551761E4
Requests: 2 HTTP requests in this frame

Frame: https://orgotitedu.info/OElSUUdZKzE8eFl0MHcySiVvdHV+bGAXIwlxJmJyQTAgKHVTfWt/JFQmJzUhSiY8JWlWLCZ0dX4RBmEvYhoKOjRyMzEnFVI6OgEfagg0PwFOLzkhN3EgPTwBQnBjHS1fKzY4cw8ZOjYoWwFqaAZBPWMIAAAfHjgeHXsQNQEAOBg7NwgaFTo3aBomFCIKfSYeFWEiNgIwVgEBPjJ1CjEyDAp9IRoCaSAYKApfDwEcN14BIXR1fiw/CzdaDCZ0dX4QEWUgfjAhPwtSOTE3H196Agc/ASwVOXJuemslJl89MTcfXzwbEyMNLxopcXd7ImcmbA8CNHV+cTdhLE0GEXwsVAEWNjN3MBsACAp4IBV3QHE0YiMOHWAhcVkeFwINQj5iGxFAcBFiPw8aARwvdSAqMiFgLndjBXQLPToNCwshAnQAOx8FNG8AO2B/XTNrdHV6LAUTKWseFHR1eigKYAphET4iJH4xazQEVyYaKHMOBBUpC3sRYyAhVC1qNykAcQAZcgwoYWgFXHprICJ9C2Y3KgE+ARk0HiMhPilIdCUgJQEvMCYmX3E
Frame ID: 76566B6317C1465893FA41EB2083251D
Requests: 2 HTTP requests in this frame

Frame: https://ds2play.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: E1C79078A84B4DDE6E3BB6B533DC3483
Requests: 2 HTTP requests in this frame

Frame: https://webpick-cdn.s3.us-west-2.amazonaws.com/getlaid.jpeg
Frame ID: E1A71E93A9C1ABB003FEA4F78A016155
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

5c878c4cc6914 vid - DoodStream

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

58
Requests

91 %
HTTPS

50 %
IPv6

17
Domains

19
Subdomains

19
IPs

6
Countries

1184 kB
Transfer

1828 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://i.doodcdn.com/theme_2/img/loader.svg HTTP 301
  • https://i.doodcdn.co/theme_2/img/loader.svg
Request Chain 31
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AVQVeyzqmOn_XdA_AaNPXz9bLfI4s4jphcd13c9OFCrVHUd_7NAf9_jJZuWIzExps0gW6IVvnwYV HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyxGr8-pgjXVQp-dHNUe9frfa4uxDL4N4-bMgT3A_Wg7mi-rxg1QChFdN1KUa0U8sKzGlvCC&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-183856564%3A1700361422079701&theme=glif
Request Chain 32
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AVQVeyzegSpYfqRYRhUQcnNjaC_5XIUMDrYNDUuOeXdjqyB_s0K2_ZPxsIjoHf1fREcrpwMgm47YKA HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyyNOLA2NjZeUSRcVFiojg9nSxfmDsRnmFQt9qQvaWwSLuNxn2o5SSxDIxCfV5lbufcbrUNuyA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1626480153%3A1700361421885171&theme=glif
Request Chain 51
  • https://ds2play.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://ds2play.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request knuggdm0869x
ds2play.com/e/ 		130 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ds2play.com/e/knuggdm0869x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ce048d50e4943e33b84a9ce2afc862c4133b1fac20dacc7f2abea48222fb6ed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
828511a1a8f53c0e-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 19 Nov 2023 02:37:01 GMT
expires
Sat, 18 Nov 2023 02:37:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2BgbSrZpb1%2Bg4%2BtkwyariUrLVvKYcIGlXAJGejwZBL5swAOk35Mw2rn2sqRqq9AaRTDxVl12t2ldvG9%2F3lqzCDl5u51bvDvyWeUbRwXlqmcTAryffk7YpWEUqtkivbnLsENVHMAsQUAs"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/knuggdm0869x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
866393
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27958
last-modified
Mon, 04 May 2020 23:01:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb09ed3-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJ9g%2FLAVfhClY%2BzrZuoySY9fl%2BVscOwfSnhl%2FYO%2FZn3e4rSAHxVIq7LZTM2GkxXL4MtdTfotwAszHieA4k5A2lgYIUKXT1KisTdvkO0p6TpFOjLKBgsSYLN9TPyF0lRs5p60d5rdZiAnZ5pIovrOF%2Fr3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
828511a3ae5b8a4b-NRT
expires
Fri, 08 Nov 2024 02:37:01 GMT
jquery.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/knuggdm0869x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1484834
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
591
last-modified
Mon, 04 May 2020 16:11:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec1-514"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BGZcHfeizCtSeMN4uesbaDhkDJX%2FyydWLUmeYIjPf%2Bve%2BeL9Xh6FMrGze12gaCfMtsuu4X%2BN4H%2BJm2p9R7NWBUALMSy5hXtstkOXXiBBRHUtwQFhMGCCVH0%2FLK2ORJdyMml6gK5TXQIpPF3nNUTvvCt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
828511a3ae5a8a4b-NRT
expires
Fri, 08 Nov 2024 02:37:01 GMT
ad.js
i.doodcdn.co/ads/ 		18 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.doodcdn.co/ads/ad.js
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/knuggdm0869x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:74a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3716878d3ceb2042b22c092b31c6f43cc862f8464e92ddde416a49624b32716e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62841
cf-polished
origSize=20
alt-svc
h3=":443"; ma=86400
content-length
18
cf-bgj
minify
last-modified
Mon, 03 Jan 2022 15:38:36 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQN0Nj7k%2FjHWQ2oAR6y0kLIohjH19oKjpI5LkfVQs0%2F%2BwOKiOp5QPId2TG0P3osu2qsKzSjFgXu1HApPgF2PLdEmjX3qdUKhLmy9Nw3IRnS4MLaKiSZpuX6BpevQYZlEh4tZw1896%2B6nKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
828511a3bf6bf671-NRT
expires
Sun, 17 Nov 2024 02:23:54 GMT
no_video_3.svg
i.doodcdn.co/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.doodcdn.co/img/no_video_3.svg
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/knuggdm0869x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:74a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d6a17097a8c27edfaad6740e11359d9363f3f04bff1b93483e29c25609fa6c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21724
alt-svc
h3=":443"; ma=86400
content-length
2812
last-modified
Mon, 03 Jan 2022 15:38:36 GMT
server
cloudflare
etag
"61d3187c-afc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irT%2B0QATG%2BQf8Bw3dzQbUuyxGeJQ7k9a9xzO%2FEf8zlMx8CcCDLKqP%2BKklHE0cGF7dVpv2BjtHHoZQNJV7X45666adspqntaeyfc24Yb8oUXxMlnYUt%2B%2BCorhOc88ViX2YBSbU9UMf%2FFivw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
828511a3bf70f671-NRT
expires
Sun, 17 Dec 2023 09:09:08 GMT
embed.css
i.doodcdn.co/css/ 		78 KB
78 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.doodcdn.co/css/embed.css
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/knuggdm0869x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:74a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d33d9d5fc2eef77dd7cda0770e9bc8213f058f2ead19b7d9b7ed731bcd081a47

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9529
cf-polished
origSize=79890
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 03 Jan 2022 15:38:36 GMT
server
cloudflare
etag
W/"61d3187c-13812"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qWhMD%2BClx9DBWfU8RQAamZXYAF0D3hrJjnZnoCWBX1xPAD5tnMCkn5HrqStL03flaTeEmPivXbSiHJZ81g7zDbscisuGfYoilH%2Bl9ppFIBkOS4Gc57647XUrGpjQg8nuBBHLSkmEPHCrfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-transform
cf-ray
828511a3bf71f671-NRT
expires
Sat, 16 Dec 2023 06:11:38 GMT
yoa9alq6ps8yfth8.jpg
img.doodcdn.co/splash/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.doodcdn.co/splash/yoa9alq6ps8yfth8.jpg
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/knuggdm0869x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:74a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c81754b3ccafe44b9e2d9288fa3f76e1dc879d514ccf679bc290dc9b6068ac8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
104
cf-polished
origSize=82556
alt-svc
h3=":443"; ma=86400
content-length
82275
cf-bgj
imgq:100,h2pri
last-modified
Sat, 18 Nov 2023 15:25:09 GMT
server
cloudflare
etag
"6558d755-1427c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dh468FOC1BqPUJwP1%2BsALA5xTvdhor%2Bkxw%2B9nKNNEAQ4bt%2BhTfiM3%2FtfzF7me%2FoJiojJAxLdq%2BWyXodrGF%2FybwWC3ofRyanSwmIFhaU%2FKscrh1oDtWwnLPDaiBEh9TdhaB4BuH8HkhzdR8J1"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
828511a3df8bf671-NRT
expires
Sun, 03 Dec 2023 00:34:57 GMT
embed2.js
i.doodcdn.co/js/ 		331 KB
332 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.doodcdn.co/js/embed2.js
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/knuggdm0869x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:74a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01c49e02b98bc8a4275650b65787cdd100c362abc7e54e8b9e99396b6117c2c6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62839
cf-polished
origSize=339527
alt-svc
h3=":443"; ma=86400
content-length
339271
cf-bgj
minify
last-modified
Mon, 03 Jan 2022 15:38:36 GMT
server
cloudflare
etag
"61d3187c-52e47"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jiDmoTfm7H28COJ0aj%2F0HSLATLCACAuSAC%2FtU2sw0zMtx6hMf4Fp%2FcL3sj6YUJfcoQtz8wJCMalsA%2BnVv%2BSPnqEVBphkl86YMbMv5ItH1rkIjSvCclFiysAYpQPnlWo6Iu%2FRlu2cD0MNLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
828511a3df94f671-NRT
expires
Sun, 17 Dec 2023 02:00:42 GMT
p.js
cdn.tsyndicate.com/sdk/v1/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tsyndicate.com/sdk/v1/p.js
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/knuggdm0869x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.255.53.121 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
311cba72a3181f33f1b4e39a56e15c5344b97bd82987f64cabd1ed1f2bd340e1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:01 GMT
content-encoding
gzip
last-modified
Mon, 30 Oct 2023 10:14:41 GMT
server
nginx
age
1699929
etag
W/"653f8211-256b"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
4524
/
du0pud0sdlmzf.cloudfront.net/ 		292 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://du0pud0sdlmzf.cloudfront.net/?dupud=908057
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/knuggdm0869x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2219:7200:13:4c71:26c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ac71ca940805f9bf45760e9ee3c8dbea8ce10f6d2442d58c15573b47c60d5114

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 02:37:01 GMT
content-encoding
gzip
via
1.1 4e4e6580839c116fc05c7f025b001a08.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
97249
x-amz-cf-id
4rcTN6CsieetxuKTtOrXcFR09vftucWK9Bybrhb3ihpadQGlVE87GQ==
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/knuggdm0869x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:813::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ds2play.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sun, 19 Nov 2023 02:37:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 19 Nov 2023 02:37:01 GMT
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:813::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12197
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 23:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Sun, 19 Nov 2023 02:37:01 GMT
cast_sender.js
www.gstatic.com/eureka/clank/119/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/119/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:813::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:17:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 19 Nov 2023 23:17:18 GMT
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		633 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6280b025f54d1e117f8515da139cc3d7c64955a5342fd81498431578336dd08

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
pwfbvzhzw3aalh5gl5xkenph
ds2play.com/pass_md5/128898511-0-0-1700361421-7e373516f414dc10563c1b8bd88cd24b/ 		107 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ds2play.com/pass_md5/128898511-0-0-1700361421-7e373516f414dc10563c1b8bd88cd24b/pwfbvzhzw3aalh5gl5xkenph
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e172ad14b2669a3ed1275a0220298561869864c57f626598c171b8200d38db82

Request headers

Accept
*/*
Referer
https://ds2play.com/e/knuggdm0869x
X-Requested-With
XMLHttpRequest
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BVqIJ24TgKHHxLs1bLmCnBt5MyglvyO80gRMEqpXjprsDIaJE8QoTYthqpg27Z53K5Ou6PY9AEh9%2FRLvEmOPX0uBA15TM0QqKTvsdsXS7sTA%2B6nf8kybQEQFb9cJRETJFjFsKFiy%2F7z"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
828511a4bc633c0e-NRT
alt-svc
h3=":443"; ma=86400
yoa9alq6ps8yfth8.jpg
img.doodcdn.co/splash/ 		80 KB
81 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.doodcdn.co/splash/yoa9alq6ps8yfth8.jpg
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:74a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c81754b3ccafe44b9e2d9288fa3f76e1dc879d514ccf679bc290dc9b6068ac8

Request headers

Accept
*/*
Referer
https://ds2play.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5224
cf-polished
origSize=82556
alt-svc
h3=":443"; ma=86400
content-length
82275
cf-bgj
imgq:100,h2pri
last-modified
Sat, 18 Nov 2023 15:25:09 GMT
server
cloudflare
etag
"6558d755-1427c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7TbEqwxvItZXgtsQ64tQq%2FLswgMGqr2EjPIURxh0njuFKDUJ%2Fk%2BvSc1sI3d89OLVRPyelAr1JHr42W4OHS8nnNGHbvJ1P7yypU%2Bd2%2BIsHPMRjBvKmqcLQhgQnTTS8tdi1h6tIJMLs9BuDWK"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
828511a4ce6faff7-NRT
expires
Sun, 03 Dec 2023 00:34:57 GMT
loader.svg
i.doodcdn.co/theme_2/img/
Redirect Chain
  • https://i.doodcdn.com/theme_2/img/loader.svg
  • https://i.doodcdn.co/theme_2/img/loader.svg
694 B
836 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.doodcdn.co/theme_2/img/loader.svg
Requested by
Host: i.doodcdn.co
URL: https://i.doodcdn.co/css/embed.css
Protocol
H3
Server
2606:4700:20::681a:74a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eec2c40d8b1bb98306990239204d8b90ca030f0def0e00dfe3117ae42991e126

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://i.doodcdn.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 03 Jan 2022 15:43:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
926
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1vLB9vbGJLcJMPGjNr03v3txWlqAGdehwf2X02sPPWF9myJdxPxWJnEmawXEBNjkzRkMWtIY3ISdDbY2tz8Qf6ZXbDwop20mK7iXA7KL1SziXCCpAxKPBuOpE8z1xzaxQ%2FnHIj1XIcf9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
828511a4ed09268e-NRT
alt-svc
h3=":443"; ma=86400
expires
Mon, 18 Dec 2023 10:26:20 GMT

Redirect headers

date
Sun, 19 Nov 2023 02:37:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7rUYNoI1uL8%2B93aLXZgWBa8B3r92WozLl2zc%2Biij5l6ou3NIJysbYZJqb17Xpg7FnMcHuVoMsbj3zV64LVz2DyZIgp92wYDUSc%2BunMR6YSIg%2FZwI6ZCUXMLwWylp9va2X3zK18da2VejLQc"}],"group":"cf-nel","max_age":604800}
location
https://i.doodcdn.co/theme_2/img/loader.svg
cache-control
max-age=3600
cf-ray
828511a4d8888a5a-NRT
alt-svc
h3=":443"; ma=86400
expires
Sun, 19 Nov 2023 03:37:01 GMT
avertastd-regular-webfont.woff2
i.doodcdn.co/fonts/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i.doodcdn.co/fonts/avertastd-regular-webfont.woff2
Requested by
Host: i.doodcdn.co
URL: https://i.doodcdn.co/css/embed.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:74a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
714e70103deac0d67f52a6285c5fabee6088ce4d710ce7e74353503837038baf

Request headers

Referer
https://i.doodcdn.co/css/embed.css
Origin
https://ds2play.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4203
alt-svc
h3=":443"; ma=86400
content-length
23812
last-modified
Mon, 03 Jan 2022 15:38:36 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zA2MnRyGgaVU%2BXP5QP1gl0wBumGueWckB5jgZzXhlVuFXFasLGSz8Sau3VpW%2BxeTJDv3oS1Bdp%2Fz6MtPdicdU%2B%2BHH4dDwGgZolJVm%2FIPo4U9gGydUgVsjILkdrEDDLdcwRETcw3i5E9JiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
828511a4ce73aff7-NRT
expires
Mon, 18 Dec 2023 10:25:16 GMT
yoa9alq6ps8yfth8.jpg
i.doodcdn.co/get_slides/994/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.doodcdn.co/get_slides/994/yoa9alq6ps8yfth8.jpg
Requested by
Host: i.doodcdn.co
URL: https://i.doodcdn.co/js/embed2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:74a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc9c3e339443cf4f9322360e223f027ad76a5bd35ed5d2bfef58aa43d8da4b9b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:01 GMT
cf-cache-status
HIT
last-modified
Sun, 19 Nov 2023 00:38:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5223
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTsGW4M6cGAyhgwp6Gvs7VgonHnxgpv5jRYX1ubPGPibhTqGD9rn2dkgvPWi29Ahl9WRQaIOlro%2BK0zApJGJj0LBzkgBLc1nOwYYqI1VOyCzEOgq%2B%2FFLW75eOnEXDQD6pQLEfj4dDxYiTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/vtt
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
828511a4ce75aff7-NRT
alt-svc
h3=":443"; ma=86400
logo-s.png
i.doodcdn.co/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.doodcdn.co/img/logo-s.png
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/knuggdm0869x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:74a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2577866b9d26cd6a4be764910f0913ae5b737ed1d130d635048051ebe15ae680

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23120
cf-polished
origFmt=png, origSize=6212
content-disposition
inline; filename="logo-s.webp"
alt-svc
h3=":443"; ma=86400
content-length
1932
cf-bgj
imgq:100,h2pri
last-modified
Mon, 03 Jan 2022 15:38:36 GMT
server
cloudflare
etag
"61d3187c-1844"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FPLBwunJN3Zk0z06LKc4YpACW0lrnhzs7keJlak1yuKgBd7H89yoYuMUco27CPQ0re5i9EheWdIiUGFNYdM8qRhaUh6HllHQh0grCX56oG0onDvVV%2Bfo%2FQ1tEInTunoplV%2FagH0O5bY85Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
828511a4ccec268e-NRT
expires
Mon, 18 Dec 2023 03:08:24 GMT
asd100.bin
pogothere.xyz/ 		100 KB
101 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: du0pud0sdlmzf.cloudfront.net
URL: https://du0pud0sdlmzf.cloudfront.net/?dupud=908057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.132.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1552
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 19 Nov 2023 02:11:09 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://ds2play.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PuWTUOLiaS4b3crdK%2Fb8TvYlSM%2BLwwDR0uImDJNJqy35tTPAu2VlxTlvrs5hTE9PplVS7oQmQUSJ6KUG9R8u3umi%2BoxKGDD0Rsgtby%2BGSUJuzPLJHmrs%2Bwnn9RQU1Tl5"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
828511a5ab5780d7-NRT
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		27 B
368 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: du0pud0sdlmzf.cloudfront.net
URL: https://du0pud0sdlmzf.cloudfront.net/?dupud=908057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.132.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a40ce7f9020d6ec0271d1821bda8e726ecad3a9f9aac8039ef523dd065a27523

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ewcnj2Waz3sVc%2Fs2KZlVhZepLsxEkdY8%2BbCW30vpBHXrmM4eDFYHdhhIe6Vhb7KA%2FRrfKD0H0SxAC9M9eoxtXUHOkCWXdN23bHVU6unxIm9kuegdTIKaqdPecKFtfPqM"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://ds2play.com
content-type
text/plain
access-control-allow-credentials
true
cf-ray
828511a5ab5680d7-NRT
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
utx
orgotitedu.info/ 		0
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://orgotitedu.info/utx?cb=XqxAGgLqiQmq&top=ds2play.com&tid=908057
Requested by
Host: du0pud0sdlmzf.cloudfront.net
URL: https://du0pud0sdlmzf.cloudfront.net/?dupud=908057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.52.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-52-99.nrt20.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 02:37:01 GMT
via
1.1 b7aac263ca63a866073824e6a67d4e5a.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop
NRT20-P2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://ds2play.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
nXvvS6UB1H_uto66Qojo8kz1COdnN2xRrrO4HsVtcFwkG0vNPeg-jw==
VExbA14gRGcWVTwydhNvKRN3E3wJMk0XURIEYgZ3LTVbDHUmGAAbbx0iEGd0MkRGPmE2PWURdTcwVANaMSRgB0YyIns8dyI+VwdbJw1UA1oxPnM+Xz0iUWd3EkF6AGErPVA5Dy4QUh8OJhwYGFw9N142dA8yVx9kXDNsDWxQI3MHDyRHRRpjMjlsH0EoLGU5ThUjZ...
orgotitedu.info/NmV0NVVXBxdYaldYFhMgRAlJEGdwQEZzMUNVBEAxBhYQWThMA1pWOVkQEFMnWQsAGztTEVEHE1gxM0E/Yx81Qxd3VUVxL1EmNgdhfAMyewFsAhBEFGQkTG0/TjI3QhMOJwx8FHUzPQEUXTAaZjxeMiNbA1UpJWAQVA0tRRdnJwF0AlkuNk8Qe... Frame F87E 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://orgotitedu.info/NmV0NVVXBxdYaldYFhMgRAlJEGdwQEZzMUNVBEAxBhYQWThMA1pWOVkQEFMnWQsAGztTEVEHE1gxM0E/Yx81Qxd3VUVxL1EmNgdhfAMyewFsAhBEFGQkTG0/TjI3QhMOJwx8FHUzPQEUXTAaZjxeMiNbA1UpJWAQVA0tRRdnJwF0AlkuNk8QeAAxBQ1/VExbA14gRGcWVTwydhNvKRN3E3wJMk0XURIEYgZ3LTVbDHUmGAAbbx0iEGd0MkRGPmE2PWURdTcwVANaMSRgB0YyIns8dyI+VwdbJw1UA1oxPnM+Xz0iUWd3EkF6AGErPVA5Dy4QUh8OJhwYGFw9N142dA8yVx9kXDNsDWxQI3MHDyRHRRpjMjlsH0EoLGU5ThUjZhcEJBpCHXUPHGM0YAkgexNjEzV0LQAjLAA3dyEAdhxBPDNRMn8uI1kfRy0aTRNgMjlwMGMzJ28yWhUjYxhRMCdaHnMxG2MzX1QjbBRSDCNzAwc3LHM0EA8HWjtGWBxnGX0cF283Qgw
Requested by
Host: du0pud0sdlmzf.cloudfront.net
URL: https://du0pud0sdlmzf.cloudfront.net/?dupud=908057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.52.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-52-99.nrt20.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
712d85ec26b52c181f62252225fba947549cfe0617e4bc3ed669605ec286ac4a

Request headers

Referer
https://ds2play.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1233
content-type
text/html
date
Sun, 19 Nov 2023 02:37:01 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 b7aac263ca63a866073824e6a67d4e5a.cloudfront.net (CloudFront)
x-amz-cf-id
lXSJ8UUzZz_Jba8gIlFVU3rcvuWWNyKUf5087o2AhUxBUyV8AkkBPQ==
x-amz-cf-pop
NRT20-P2
x-cache
Miss from cloudfront
GHAROBJvBQNbL2AZAl8+dDY7MSxzNmA6LFEHEQNNZQQWKRpnNh06P1IUCT8vdwkIAyh4AygEPXAqFiM0BHgXMy9BBwEuP2AQBSk4Zy0WJixzORgtAWQVFBwsexQVCBZkLTQoLgRwEjoedwgIHF9fMj8FCQg2Y1safRtlLDpkIyE
adiingsinspiri.org/eTVBUGsYVyI9VBgII3YeC1l8dVk/EHMWDwwFMSUPSUYlPAYDU28zBxZAJTYZFls1fgUcQWRiLRtRGQYeHQcQBywedBMHHDxWAjsbHWQqFggoBAcEIwEFGBMML3wGBTkscytgWyhcDGIhOEIGAQw8ZQI7Gx1gOTs7PmQPGT4ORhsSWxFwEh... Frame 58F1 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adiingsinspiri.org/eTVBUGsYVyI9VBgII3YeC1l8dVk/EHMWDwwFMSUPSUYlPAYDU28zBxZAJTYZFls1fgUcQWRiLRtRGQYeHQcQBywedBMHHDxWAjsbHWQqFggoBAcEIwEFGBMML3wGBTkscytgWyhcDGIhOEIGAQw8ZQI7Gx1gOTs7PmQPGT4ORhsSWxFwEhIyOHNxOAosZwQFODh4GBgDDm8AODE7ZzseCS5jEwE5SAAnFRMOVwI4DC13LRIIK0IuEj4/TQkGPi9XGTwhIXtwEggrTQwzLEhdBQE+IAYSYD0scRQeCiFeBxg5KA0JFikSZAYCIj59KScKLFkYKjo/GHAROBJvBQNbL2AZAl8+dDY7MSxzNmA6LFEHEQNNZQQWKRpnNh06P1IUCT8vdwkIAyh4AygEPXAqFiM0BHgXMy9BBwEuP2AQBSk4Zy0WJixzORgtAWQVFBwsexQVCBZkLTQoLgRwEjoedwgIHF9fMj8FCQg2Y1safRtlLDpkIyE
Requested by
Host: du0pud0sdlmzf.cloudfront.net
URL: https://du0pud0sdlmzf.cloudfront.net/?dupud=908057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.62.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-62-118.nrt20.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
3692813aed40c67bdad2a60a456478c7a07e1f049f14401a34c88a7c6b70fa04

Request headers

Referer
https://ds2play.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1213
content-type
text/html
date
Sun, 19 Nov 2023 02:37:01 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 e8bb727bbf7c462b3ab90d9119c37b44.cloudfront.net (CloudFront)
x-amz-cf-id
wsZQbSqVsXgHvbJVbWtdQuCyOhQmiPPtksg5hSesUmKFvXTP0pE3gw==
x-amz-cf-pop
NRT20-C4
x-cache
Miss from cloudfront
asd100.bin
pogothere.xyz/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: du0pud0sdlmzf.cloudfront.net
URL: https://du0pud0sdlmzf.cloudfront.net/?dupud=908057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.132.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1552
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 19 Nov 2023 02:11:09 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://ds2play.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N15suttfG5v0wzqkyb9vUWjo9uwJWSxTNWO9vvublCOhSjUD8BMGD7sdeeRfpMTjGElokgAqYfOmkV95kS%2FDKI7bmdWI0hg53ukSezq9GTZXvCYN2lFvfBVe5wCBz5Xy"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
828511a5eb9780d7-NRT
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		27 B
347 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: du0pud0sdlmzf.cloudfront.net
URL: https://du0pud0sdlmzf.cloudfront.net/?dupud=908057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.132.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
035e0a2a901c3b11beb9a6f34fac7e978f84985e7ea0835d809169f60edaea3e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=brS4QaIU7siN60ejvp4lBNc5rRNYNc1Rmg05uekxO5J0yXD3a22jlV1JpTWdb57QdB2mDmOn5qvkQZhOzj4SUdBPW8yoaYGD6Ut%2BAY077Tutc8WqKe63w6%2F%2B4sI0ijse"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://ds2play.com
content-type
text/plain
access-control-allow-credentials
true
cf-ray
828511a5eb9880d7-NRT
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
utx
adiingsinspiri.org/ 		0
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adiingsinspiri.org/utx?cb=lJaViOG7bFHg&top=ds2play.com&tid=901258
Requested by
Host: du0pud0sdlmzf.cloudfront.net
URL: https://du0pud0sdlmzf.cloudfront.net/?dupud=908057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.62.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-62-118.nrt20.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 02:37:01 GMT
via
1.1 e8bb727bbf7c462b3ab90d9119c37b44.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop
NRT20-C4
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://ds2play.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
8349hSA1W98mfjQ2u3keQVQHhGDkI_P6BpyoGjanELdjCb-fBTV-rA==
EwNuAh86MH1UfRoTYUIpLCkBdwUTHGIBGzQBYHE1BQxLWQc8AEh6BTIPcVl9PTR6B38UMHFlBwQ2QXsJDBdZXnwaLXtYeBhVbkIBAQ8LZRVkEXZZDB4HYEs1HCZfWQRnC1V3NzIOcnAANC57XHU2DAhHKQELD3YkAA93SRsbAl8GJDAIUEMoOAAAezQACXVJPjM0C...
adiingsinspiri.org/ZDgzTVUFWlAgagUFUWsgFlQOaGciHQELMREIQzgxVEtXITgeXh0uOQtNVysnC1ZHYzsBTBZ/ Frame 00A5 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adiingsinspiri.org/ZDgzTVUFWlAgagUFUWsgFlQOaGciHQELMREIQzgxVEtXITgeXh0uOQtNVysnC1ZHYzsBTBZ/EwNuAh86MH1UfRoTYUIpLCkBdwUTHGIBGzQBYHE1BQxLWQc8AEh6BTIPcVl9PTR6B38UMHFlBwQ2QXsJDBdZXnwaLXtYeBhVbkIBAQ8LZRVkEXZZDB4HYEs1HCZfWQRnC1V3NzIOcnAANC57XHU2DAhHKQELD3YkAA93SRsbAl8GJDAIUEMoOAAAezQACXVJPjM0CgIhDyVhBy8CMlNkFS0JYgALNyBVAiEPJgBfBzgiX2cVbS9bXhcMKnAGJzMxFQJoZyZddxQ+I3tyORwgfXgHLCFSUBs6L15kHz82VgpoZyZbXhcMPnt+aGcicXIYMgZvZhUBPA0HAi9UfHgaZAhicnUlL0JEegQzVAUXLwd5YyQ2UnVmfHBWencgDwhtZAdhAW95FDAsCQYXA1UJURoDD39KfSAqUWoPNDxXYRQDEA9pIAcNbFkhZD5fFScmC1ZDcB1QVEYkHBRuUhgPPVVg
Requested by
Host: du0pud0sdlmzf.cloudfront.net
URL: https://du0pud0sdlmzf.cloudfront.net/?dupud=908057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.62.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-62-118.nrt20.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
368cdd6153f1d78accf162c0c360207bd078587ff263083c9338f38f34b27e44

Request headers

Referer
https://ds2play.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1242
content-type
text/html
date
Sun, 19 Nov 2023 02:37:02 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 e8bb727bbf7c462b3ab90d9119c37b44.cloudfront.net (CloudFront)
x-amz-cf-id
nWMv0CjnwsUelr97xs_8Cj-l_aNGNpxRnTbRAC4nBG1KkPzSPIzEDw==
x-amz-cf-pop
NRT20-C4
x-cache
Miss from cloudfront
cDlESHZfBic7SyN9EiUXJU1zCiAmXScmMzVvdQ5TQnsnGTwlbhx8UARQIHVPQAF0fUFWSS0sS0EfNzwXBEw3dUdWUCouGU0fMnVHXgpwZkVEF3RuA00IYjwGEV55eVAATTAkS0EOdHhFRghwekdGAHY
setitoefanyor.org/ 		0
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://setitoefanyor.org/cDlESHZfBic7SyN9EiUXJU1zCiAmXScmMzVvdQ5TQnsnGTwlbhx8UARQIHVPQAF0fUFWSS0sS0EfNzwXBEw3dUdWUCouGU0fMnVHXgpwZkVEF3RuA00IYjwGEV55eVAATTAkS0EOdHhFRghwekdGAHY
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/knuggdm0869x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.42.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8lpyE2LrtMShj4%2BNVo1NKC6D5zC7nz6yWVW84QQ%2FBeWK7WeRuMAjCOB0089PA%2Bbk2hdthvJajwp0BUAazSUERqwM90%2FnlX2aeY8HjiwzEtJUtUSXwKSozLIVY4TaF7Yn3D28Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
828511a61e31f65d-NRT
alt-svc
h3=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/knuggdm0869x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AVQVeyzqmOn_XdA_AaNPXz9bLfI4s4jphcd13c9OFCrVHUd_7NAf9_jJZuWIzEx...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyxGr8-pgjXVQp-dHNUe9frfa4uxDL4N4-bMgT3A_Wg7mi-rxg1QChFdN1KUa0U8sKzGlvCC&passive=...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyxGr8-pgjXVQp-dHNUe9frfa4uxDL4N4-bMgT3A_Wg7mi-rxg1QChFdN1KUa0U8sKzGlvCC&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-183856564%3A1700361422079701&theme=glif
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/knuggdm0869x
Protocol
H3
Server
2404:6800:4004:821::200d , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

date
Sun, 19 Nov 2023 02:37:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Pcs6bvs1VmRL9kZKchdasQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
403
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyxGr8-pgjXVQp-dHNUe9frfa4uxDL4N4-bMgT3A_Wg7mi-rxg1QChFdN1KUa0U8sKzGlvCC&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-183856564%3A1700361422079701&theme=glif
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AVQVeyzegSpYfqRYRhUQcnNjaC_5XIUMDrYNDUuOeXdjqyB_s0K2_ZPxsIj...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyyNOLA2NjZeUSRcVFiojg9nSxfmDsRnmFQt9qQvaWwSLuNxn2o5SSxDIxCfV5lbufcbrUNuyA&passi...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyyNOLA2NjZeUSRcVFiojg9nSxfmDsRnmFQt9qQvaWwSLuNxn2o5SSxDIxCfV5lbufcbrUNuyA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1626480153%3A1700361421885171&theme=glif
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/knuggdm0869x
Protocol
H3
Server
2404:6800:4004:821::200d , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

date
Sun, 19 Nov 2023 02:37:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-dEZjMl905ADcWTHmO8Z-fw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
403
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyyNOLA2NjZeUSRcVFiojg9nSxfmDsRnmFQt9qQvaWwSLuNxn2o5SSxDIxCfV5lbufcbrUNuyA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1626480153%3A1700361421885171&theme=glif
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
VWVLY1d6WigQagcwMyEDOAlyBx89URMrZnBXDQA5JQcoK24vAHpTcSEML15uYlF5V2JzFSIHamRdbRAjNBE+EGpkQyINMTpYbRVqZEt7TWV7UW0WamRDPxM2Mlh6RSchESdeZmJVe1BhZFF5UmBmVg
setitoefanyor.org/ 		0
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://setitoefanyor.org/VWVLY1d6WigQagcwMyEDOAlyBx89URMrZnBXDQA5JQcoK24vAHpTcSEML15uYlF5V2JzFSIHamRdbRAjNBE+EGpkQyINMTpYbRVqZEt7TWV7UW0WamRDPxM2Mlh6RSchESdeZmJVe1BhZFF5UmBmVg
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/knuggdm0869x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.42.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KuMfRkGtHt%2BIlDeMKlocg7OY3Gcjc5pPWjzWdE1%2FDwt2kHyZZJeu%2FovXRm8uRPGsmIdmJUho5z7K7oJRj9zW8EjqLG6rhohBlU8W5j9D7kFnRq7cwY2BlRtUU%2BDPqb%2BUBSg%2B%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
828511a61e34f65d-NRT
alt-svc
h3=":443"; ma=86400
EgN2LhUGBiECOGUGIxxGNHYJDDNkImI+GzN4fXpDZXB8bAI+IXl4S3E2MCsGIjZ5e1Q+KyIlT3EzeXtcZ2tyelxkYzF3Q3ExNCsVanRiOgYjKXl7RWd1d3xDY3d1fUZi
setitoefanyor.org/V0VESnJ4eic5TwUACTA/ 		0
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://setitoefanyor.org/V0VESnJ4eic5TwUACTA/EgN2LhUGBiECOGUGIxxGNHYJDDNkImI+GzN4fXpDZXB8bAI+IXl4S3E2MCsGIjZ5e1Q+KyIlT3EzeXtcZ2tyelxkYzF3Q3ExNCsVanRiOgYjKXl7RWd1d3xDY3d1fUZi
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/knuggdm0869x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.42.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9e5NIpLvOOffjpiQr6SQ8kH3QmQ%2BqXjwOhsUYvYwD6ocl94ObVpTTlHk2%2BMsXZvwlEEhXzBDIlPQDRLCWw6QTsvWFjgNUA3flxRyA1IqwDvmAZq%2F1f1bxNEUlK38BxfAY18jg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
828511a61e36f65d-NRT
alt-svc
h3=":443"; ma=86400
puengine.js
cdn.tsyndicate.com/sdk/v1/ 		87 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tsyndicate.com/sdk/v1/puengine.js
Requested by
Host: cdn.tsyndicate.com
URL: https://cdn.tsyndicate.com/sdk/v1/p.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.255.53.121 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
016066d634922630d7cbb5bf83b022cd5cd07f8c346d4a21608ec1d6644ef2e0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:01 GMT
content-encoding
gzip
last-modified
Thu, 19 Jan 2023 15:15:58 GMT
server
nginx
age
9349948
etag
W/"63c95eae-15db6"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
33968
truncated
/ Frame 80EA 		66 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3cebef9af64dc70fd73b8a1af1bff877dc98747687ee96634a48adbc49ce949

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Content-Type
text/html;charset=utf-8
favicon.ico
wws306l.video-delivery.net/ Frame 80EA 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wws306l.video-delivery.net/favicon.ico?i
Requested by
Host: text
URL: data:text/html;charset=utf-8;base64,PGltZyBzcmM9Imh0dHBzOi8vd3dzMzA2bC52aWRlby1kZWxpdmVyeS5uZXQvZmF2aWNvbi5pY28/aSI+PC9pbWc+
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.83.239.67 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3167902.ip-51-83-239.eu
Software
nginx /
Resource Hash
a558a4796f60f07743027eec96b538b2e7758cca8c544ed796ff745837478555

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 02:37:02 GMT
Last-Modified
Sat, 29 Feb 2020 09:26:04 GMT
Server
nginx
ETag
"3c2e-59fb38b06e300"
Content-Type
image/vnd.microsoft.icon
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15406
nTGtjUzAvBA01DzgCB24JfFNTZgdqARA8XjxWCwF8BxIACVI4AkUnSihWWnVcLQUEbhYpBQBuAWoKBzENeE0XI18nVhE0RCcYFCFYLgBFJlFxBgwpWSAHAnYCCl5NYxV+W0skWSIPDCRDaVlTPURpWVNiAGJbRmByaVlTJFkiXVd2Aw5OUWNIel9KdgJ8Ch-MjXCk...
du0pud0sdlmzf.cloudfront.net/ Frame F87E 		846 B
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://du0pud0sdlmzf.cloudfront.net/nTGtjUzAvBA01DzgCB24JfFNTZgdqARA8XjxWCwF8BxIACVI4AkUnSihWWnVcLQUEbhYpBQBuAWoKBzENeE0XI18nVhE0RCcYFCFYLgBFJlFxBgwpWSAHAnYCCl5NYxV+W0skWSIPDCRDaVlTPURpWVNiAGJbRmByaVlTJFkiXVd2Aw5OUWNIel9KdgJ8Ch-MjXCkcBjFbJR9GYXZ5WFR9A3pOUWMYJwMXPlxpWSB2AnwHCjhVaVlTNFUvAAx6FX5bADtCIwYGdgIKWlJqHnxFVWMEeUVSZglpWVMgUSoKEToVfi1WYAdiWFV1RXFa
Requested by
Host: orgotitedu.info
URL: https://orgotitedu.info/NmV0NVVXBxdYaldYFhMgRAlJEGdwQEZzMUNVBEAxBhYQWThMA1pWOVkQEFMnWQsAGztTEVEHE1gxM0E/Yx81Qxd3VUVxL1EmNgdhfAMyewFsAhBEFGQkTG0/TjI3QhMOJwx8FHUzPQEUXTAaZjxeMiNbA1UpJWAQVA0tRRdnJwF0AlkuNk8QeAAxBQ1/VExbA14gRGcWVTwydhNvKRN3E3wJMk0XURIEYgZ3LTVbDHUmGAAbbx0iEGd0MkRGPmE2PWURdTcwVANaMSRgB0YyIns8dyI+VwdbJw1UA1oxPnM+Xz0iUWd3EkF6AGErPVA5Dy4QUh8OJhwYGFw9N142dA8yVx9kXDNsDWxQI3MHDyRHRRpjMjlsH0EoLGU5ThUjZhcEJBpCHXUPHGM0YAkgexNjEzV0LQAjLAA3dyEAdhxBPDNRMn8uI1kfRy0aTRNgMjlwMGMzJ28yWhUjYxhRMCdaHnMxG2MzX1QjbBRSDCNzAwc3LHM0EA8HWjtGWBxnGX0cF283Qgw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2219:7200:13:4c71:26c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ff710a197a64e99d2629787a46fa6f78c4538243f9c905dc5efb06ab62406b89

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://orgotitedu.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:02 GMT
content-encoding
gzip
via
1.1 4e4e6580839c116fc05c7f025b001a08.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
615
x-amz-cf-id
Jnq1pzKTPEVuE8TnMNSQ3G-8_q98AyY9LDHBxJ_-zz_Q93KsPLe9Mg==
b25e6007.js
fvcwqkkqmuv.com/aas/r45d/vki/1941940/ 		88 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fvcwqkkqmuv.com/aas/r45d/vki/1941940/b25e6007.js
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/knuggdm0869x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.106.127.147 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
187c36cd1da98aa59adf61c52ce1b20f4348a7db9611ed372f319930fca98f08

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:02 GMT
content-encoding
gzip
last-modified
Fri, 10 Nov 2023 13:37:17 GMT
server
nginx
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
etag
W/"654e320d-15e60"
vary
Accept-Encoding
content-type
application/javascript
x-js-ab2
var423
timing-allow-origin
*
/
d18t35yyry2k49.cloudfront.net/ 		181 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d18t35yyry2k49.cloudfront.net/?ryytd=919673
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/knuggdm0869x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2138:9c00:1:c788:1640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ec992d415007fbe20b323d139fd0a5df0d66d7127facaed6258c75dcaa3fd283

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 02:37:02 GMT
content-encoding
gzip
via
1.1 025de06f7deee324c277661a5d0ef5fa.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT12-C2
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
51649
x-amz-cf-id
Ng8sD2zTdb55nlhS54Za_Heovb-nnPzcTBoIPFx_bO61klKvIBkG5w==
bdXVud2QWGgARWwEcCkpdQkFcQ1FTHx0YCgVIGURUFj00QiM2JAwGQgEPCkpdUxkPGQNIUwsZB0hESBYAF0haUREUSAMYHhwZAhZBRzNbWVRQR15fExwbChgTBlBcRwoBUFxHVUVbXlJXN1BcRxMcG1hDQUY3S0VUDUNaXkFHRQ8HFBkQGRIGHhwaUlYzQF-1ASkZ...
du0pud0sdlmzf.cloudfront.net/ Frame 58F1 		300 B
544 B 		Script
General
Check archive.org
Download Go to
Full URL
https://du0pud0sdlmzf.cloudfront.net/bdXVud2QWGgARWwEcCkpdQkFcQ1FTHx0YCgVIGURUFj00QiM2JAwGQgEPCkpdUxkPGQNIUwsZB0hESBYAF0haUREUSAMYHhwZAhZBRzNbWVRQR15fExwbChgTBlBcRwoBUFxHVUVbXlJXN1BcRxMcG1hDQUY3S0VUDUNaXkFHRQ8HFBkQGRIGHhwaUlYzQF-1ASkZDS0VUXR4GAwkZUFw0QUdFAh4PEFBcRwMQFgUYTVBHXhQMBxoDEkFHM19GXVtFQEFUQUBARlFMUFxHFxQTDwUNUEcoQldCW11BQgBIXw
Requested by
Host: adiingsinspiri.org
URL: https://adiingsinspiri.org/eTVBUGsYVyI9VBgII3YeC1l8dVk/EHMWDwwFMSUPSUYlPAYDU28zBxZAJTYZFls1fgUcQWRiLRtRGQYeHQcQBywedBMHHDxWAjsbHWQqFggoBAcEIwEFGBMML3wGBTkscytgWyhcDGIhOEIGAQw8ZQI7Gx1gOTs7PmQPGT4ORhsSWxFwEhIyOHNxOAosZwQFODh4GBgDDm8AODE7ZzseCS5jEwE5SAAnFRMOVwI4DC13LRIIK0IuEj4/TQkGPi9XGTwhIXtwEggrTQwzLEhdBQE+IAYSYD0scRQeCiFeBxg5KA0JFikSZAYCIj59KScKLFkYKjo/GHAROBJvBQNbL2AZAl8+dDY7MSxzNmA6LFEHEQNNZQQWKRpnNh06P1IUCT8vdwkIAyh4AygEPXAqFiM0BHgXMy9BBwEuP2AQBSk4Zy0WJixzORgtAWQVFBwsexQVCBZkLTQoLgRwEjoedwgIHF9fMj8FCQg2Y1safRtlLDpkIyE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2219:7200:13:4c71:26c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0d58239457bf7c0dac958abe4e3f614c32d0ca32683179f082150688fca50325

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://adiingsinspiri.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:02 GMT
content-encoding
gzip
via
1.1 4e4e6580839c116fc05c7f025b001a08.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
266
x-amz-cf-id
xjzy1ql2n7ZNsBhKSPDzEJWYN4REUz4TZHbEOyRJRuXhfYjLjK0ojA==
IAUgbWUXTX54Oz0DKW1lZA8pKzw7QWl6ZzcAPic6MU1+DmZlUWJ4eWJYeH15ZV11bWVkGy0uNiYBaXoRYVt7ZmRiTjl1Zg
du0pud0sdlmzf.cloudfront.net/gV1RoTEg0OwYqdyM9DHFxZ2VaeXBxPhsjJidpIHgkIj0hPB42ATIVJQRyHDYsam1OICk5M1VqLTk3VX1uNjAKcXxxIBgjI2omDzgjJCMaJCo8ch0tdTo7EiUkOzVNfg5ielhpemd8HyUmMzsfP21lZAY4bWVkWXxmZ3FbDm1... Frame 00A5 		594 B
721 B 		Script
General
Check archive.org
Download Go to
Full URL
https://du0pud0sdlmzf.cloudfront.net/gV1RoTEg0OwYqdyM9DHFxZ2VaeXBxPhsjJidpIHgkIj0hPB42ATIVJQRyHDYsam1OICk5M1VqLTk3VX1uNjAKcXxxIBgjI2omDzgjJCMaJCo8ch0tdTo7EiUkOzVNfg5ielhpemd8HyUmMzsfP21lZAY4bWVkWXxmZ3FbDm1lZB8lJmFgTX8KcmZYNH5jfU-1+eDYkGCAtIDEKJyEjcVoKfWRjRn9+cmZYZCM/IAUgbWUXTX54Oz0DKW1lZA8pKzw7QWl6ZzcAPic6MU1+DmZlUWJ4eWJYeH15ZV11bWVkGy0uNiYBaXoRYVt7ZmRiTjl1Zg
Requested by
Host: adiingsinspiri.org
URL: https://adiingsinspiri.org/ZDgzTVUFWlAgagUFUWsgFlQOaGciHQELMREIQzgxVEtXITgeXh0uOQtNVysnC1ZHYzsBTBZ/EwNuAh86MH1UfRoTYUIpLCkBdwUTHGIBGzQBYHE1BQxLWQc8AEh6BTIPcVl9PTR6B38UMHFlBwQ2QXsJDBdZXnwaLXtYeBhVbkIBAQ8LZRVkEXZZDB4HYEs1HCZfWQRnC1V3NzIOcnAANC57XHU2DAhHKQELD3YkAA93SRsbAl8GJDAIUEMoOAAAezQACXVJPjM0CgIhDyVhBy8CMlNkFS0JYgALNyBVAiEPJgBfBzgiX2cVbS9bXhcMKnAGJzMxFQJoZyZddxQ+I3tyORwgfXgHLCFSUBs6L15kHz82VgpoZyZbXhcMPnt+aGcicXIYMgZvZhUBPA0HAi9UfHgaZAhicnUlL0JEegQzVAUXLwd5YyQ2UnVmfHBWencgDwhtZAdhAW95FDAsCQYXA1UJURoDD39KfSAqUWoPNDxXYRQDEA9pIAcNbFkhZD5fFScmC1ZDcB1QVEYkHBRuUhgPPVVg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2219:7200:13:4c71:26c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
20eddd2d353b08609d5ee227ce5b895567c9429ce57a6873cca366adfa3d4c20

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://adiingsinspiri.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:02 GMT
content-encoding
gzip
via
1.1 4e4e6580839c116fc05c7f025b001a08.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
445
x-amz-cf-id
kkSPb7Nw2GppVus6W_BI7AU_02YZLzKqdp7Qv7C9TJIcW1wo7od-nw==
popunder.gif
setitoefanyor.org/ 		35 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://setitoefanyor.org/popunder.gif
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/knuggdm0869x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.42.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
public
date
Sun, 19 Nov 2023 02:37:02 GMT
cf-cache-status
HIT
last-modified
Fri, 17 Nov 2023 19:17:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
112762
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OiDxgyydkclzSGShd%2BXz2rcSuMX%2FwVb%2Fmc6PXQ8m%2F1zXWMfgBRP%2BlwC1J3DRc08VT0F4ctkda3%2F6oZzZE30LPTYMgBkAlLwRlJLWEDEdYPqBG8iND3aQdQ6sJ%2B4byptcJ%2Fr4vA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
828511a858c4f65d-NRT
alt-svc
h3=":443"; ma=86400
multi
adiingsinspiri.org/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adiingsinspiri.org/multi?cs=Q3ZCWGtxQ3VqUnVDe21SdEZ0a1I&abt=0&red=1&sm=76&k=&v=1.0.60.3&sts=0&prn=0&emb=0&tid=901258&rxy=1600_1200&u=1026887319766914&agec=1700361421&fs=1&mbkb=2702.702702702703&ref=https%3A%2F%2Fds2play.com%2Fe%2Fknuggdm0869x&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F119.0.6045.159%20safari%2F537.36&tzd=9&uloc=&if=0&_NDRv=1700361422186&crc=1
Requested by
Host: du0pud0sdlmzf.cloudfront.net
URL: https://du0pud0sdlmzf.cloudfront.net/?dupud=908057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.62.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-62-118.nrt20.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
05fe1ce0c2859bcfa826437978f20a777d30cf2f52fa4dd7161a98b465985079

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 02:37:02 GMT
content-encoding
gzip
via
1.1 e8bb727bbf7c462b3ab90d9119c37b44.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop
NRT20-C4
x-cache
Miss from cloudfront
content-type
text/plain
access-control-allow-origin
https://ds2play.com
p3p
CP="NID DSP ALL COR"
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
content-length
1529
x-amz-cf-id
12bQIv9QWd0w8x0UiYJSb7qH7yxovtdiSELRfsmgElHqcZfI24SUPw==
solid.gif
fvcwqkkqmuv.com/ 		43 B
638 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fvcwqkkqmuv.com/solid.gif?z=1941940&nojs=0&abvar=423&febuild=417e16e865c50cb07b4364fa96d06091ab361eca&t=0&wcks=1&wgl=1&cnvs=1&os=-540&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=3770609583398400&eclog=0&sp=1&im=1
Requested by
Host: fvcwqkkqmuv.com
URL: https://fvcwqkkqmuv.com/aas/r45d/vki/1941940/b25e6007.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.106.127.147 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:02 GMT
x-route-id
stats.tag.loaded
server
nginx
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
timing-allow-origin
*
content-length
43
content-type
image/gif
utx
orgotitedu.info/ 		0
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://orgotitedu.info/utx?cb=QdC36WI6j8JT&top=ds2play.com&tid=919673
Requested by
Host: d18t35yyry2k49.cloudfront.net
URL: https://d18t35yyry2k49.cloudfront.net/?ryytd=919673
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.52.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-52-99.nrt20.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 02:37:02 GMT
via
1.1 b7aac263ca63a866073824e6a67d4e5a.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop
NRT20-P2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://ds2play.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
5PQf-uOzD271pSM1UXvceYydj1Ovu-CvHpKORsgzm2ETjK6Dhc2SKQ==
XTNrdHV6LAUTKWseFHR1eigKYAphET4iJH4xazQEVyYaKHMOBBUpC3sRYyAhVC1qNykAcQAZcgwoYWgFXHprICJ9C2Y3KgE+ARk0HiMhPilIdCUgJQEvMCYmX3E
orgotitedu.info/OElSUUdZKzE8eFl0MHcySiVvdHV+bGAXIwlxJmJyQTAgKHVTfWt/JFQmJzUhSiY8JWlWLCZ0dX4RBmEvYhoKOjRyMzEnFVI6OgEfagg0PwFOLzkhN3EgPTwBQnBjHS1fKzY4cw8ZOjYoWwFqaAZBPWMIAAAfHjgeHXsQNQEAOBg7NwgaFTo3a... Frame 7656 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://orgotitedu.info/OElSUUdZKzE8eFl0MHcySiVvdHV+bGAXIwlxJmJyQTAgKHVTfWt/JFQmJzUhSiY8JWlWLCZ0dX4RBmEvYhoKOjRyMzEnFVI6OgEfagg0PwFOLzkhN3EgPTwBQnBjHS1fKzY4cw8ZOjYoWwFqaAZBPWMIAAAfHjgeHXsQNQEAOBg7NwgaFTo3aBomFCIKfSYeFWEiNgIwVgEBPjJ1CjEyDAp9IRoCaSAYKApfDwEcN14BIXR1fiw/CzdaDCZ0dX4QEWUgfjAhPwtSOTE3H196Agc/ASwVOXJuemslJl89MTcfXzwbEyMNLxopcXd7ImcmbA8CNHV+cTdhLE0GEXwsVAEWNjN3MBsACAp4IBV3QHE0YiMOHWAhcVkeFwINQj5iGxFAcBFiPw8aARwvdSAqMiFgLndjBXQLPToNCwshAnQAOx8FNG8AO2B/XTNrdHV6LAUTKWseFHR1eigKYAphET4iJH4xazQEVyYaKHMOBBUpC3sRYyAhVC1qNykAcQAZcgwoYWgFXHprICJ9C2Y3KgE+ARk0HiMhPilIdCUgJQEvMCYmX3E
Requested by
Host: d18t35yyry2k49.cloudfront.net
URL: https://d18t35yyry2k49.cloudfront.net/?ryytd=919673
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.52.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-52-99.nrt20.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
938868cb669ded8df831a92d954121fa6913fc453ed192420d4030405ed9cbfd

Request headers

Referer
https://ds2play.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1248
content-type
text/html
date
Sun, 19 Nov 2023 02:37:02 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 b7aac263ca63a866073824e6a67d4e5a.cloudfront.net (CloudFront)
x-amz-cf-id
wb9Dbx0bMD3gS13jyNQoPM-Acro1B2-huFg_7bGd7Z_GA9MvDDd4lw==
x-amz-cf-pop
NRT20-P2
x-cache
Miss from cloudfront
VXIwODN6TVNLDgMZQA5kPkNdXVgfB1VVBm0hAnYEDEEFaFJmFRZMWjFPCQkKY0UDHkM8Fg0LAXMBRFlHIAENCRU8HFZXDnMEDQgdbFwCFgZzBw0JA2dECAAEZkMJDwVjSwEMFSECUV8OZFRATEc5TwEPA2VBBgkHZ0ACAQs
setitoefanyor.org/ 		0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://setitoefanyor.org/VXIwODN6TVNLDgMZQA5kPkNdXVgfB1VVBm0hAnYEDEEFaFJmFRZMWjFPCQkKY0UDHkM8Fg0LAXMBRFlHIAENCRU8HFZXDnMEDQgdbFwCFgZzBw0JA2dECAAEZkMJDwVjSwEMFSECUV8OZFRATEc5TwEPA2VBBgkHZ0ACAQs
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/knuggdm0869x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aSxhh15w10YvR0ro%2B%2Bpv1HdTppQjnwGNvuDj5%2FwhfWJqzQc1kbNiEj5pFQCW68MvPDBLgRQKAgNo%2F5sTwljdA4ScDmKW7CYYI9qSh6XB73bhOc86apVGK1a%2BpnTvPyzE8PNoYA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
828511a9781c34e1-NRT
alt-svc
h3=":443"; ma=86400
Rkh4Wm9pdxspUiMiKmo+EA4zGCo+eSIxJgUaIDIBEj86GAwBGV4uBiJ1QWtWcH9LfB8vLEVpXWA7DDsbMztFaF92f14zASAnRWhJMHVIdFZoelZvSTN1SWpdcHBAbVx3cU9sWX95THwbNikfZ15gOAwuA3t5T2pfdX5Jbl10e0hq
setitoefanyor.org/ 		0
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://setitoefanyor.org/Rkh4Wm9pdxspUiMiKmo+EA4zGCo+eSIxJgUaIDIBEj86GAwBGV4uBiJ1QWtWcH9LfB8vLEVpXWA7DDsbMztFaF92f14zASAnRWhJMHVIdFZoelZvSTN1SWpdcHBAbVx3cU9sWX95THwbNikfZ15gOAwuA3t5T2pfdX5Jbl10e0hq
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/knuggdm0869x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DMSqcZVscZC1R6Dp6xyRu%2BDdZ04qZEWkLuwEcmmOPeQ6nsxZOZJDe8KwUmeC3hLOK9PbCrYvozKMcZGQBmj2vUkdefk%2BidttNl5krqy1de%2BbOFPCewyILgLo%2BeRKzqbrUy0eXA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
828511a9781e34e1-NRT
alt-svc
h3=":443"; ma=86400
1941940
fvcwqkkqmuv.com/get/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fvcwqkkqmuv.com/get/1941940?zoneid=1941940&jp=_clsfyvfntj4go141pwlsnu&nojs=0&abvar=423&febuild=417e16e865c50cb07b4364fa96d06091ab361eca&t=0&wcks=1&wgl=1&cnvs=1&os=-540&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=3770609583398400&eclog=0&sp=1&im=1
Requested by
Host: fvcwqkkqmuv.com
URL: https://fvcwqkkqmuv.com/aas/r45d/vki/1941940/b25e6007.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.106.127.147 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
02052e6ece5b8ab576c772304952dd49d2ea4e8437975001cea27db87770404e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:02 GMT
content-encoding
gzip
server
nginx
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-route-id
config
timing-allow-origin
*
main.js
ds2play.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame E1C7
Redirect Chain
  • https://ds2play.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://ds2play.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ds2play.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/knuggdm0869x
Protocol
H3
Server
2606:4700:20::681a:8aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02e77fb919305b185355a3e5828e42af7e5ab6fe08744d4f8759f44d374e38c2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:02 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xR0St9HKOXwInWqd5visMs5bYpqAIFYfVV2tvRXl%2FugvfOfD5U1mMnpuhx5oI5TFCdvvwt%2Fc22%2FDoXo3cYdr%2F%2B7mz%2FLVRWMUk%2F7NHC1tPgXCUakbnd995pvvzNgUJEzthS9wPHPY5UMu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
828511a9a8c3688c-NRT
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sun, 19 Nov 2023 02:37:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9zQwrNyAQ7NlaPNp4b2fxhDr7Ka2i9wVWRthft9KOjdxpWeZcYdYQpwkrfb%2FokruSaDp0cBOz%2FZiMfmsk8XsLeLdcn3KVwD3HD17QPk4d7mmZMrX2vZDjKTnducbZzePFMNJc4UbiKc"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
828511a988b4688c-NRT
alt-svc
h3=":443"; ma=86400
828511a1a8f53c0e
ds2play.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame E1C7 		0
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ds2play.com/cdn-cgi/challenge-platform/h/g/jsd/r/828511a1a8f53c0e
Requested by
Host: ds2play.com
URL: https://ds2play.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 19 Nov 2023 02:37:02 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPC6Cmc%2FDCxodnOWnMz8vcgW1aht8ErxztVCy0sHD9psS1fhlK0Jl5pRSUKSKZYjndp9BEHZ156zxgW%2BTLPVLi9P%2BI5OLpvWrvNrSm%2BMIPyiipFuUne9esS5XzrNhPWrZE7c%2BHGHCClW"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
828511aa6970688c-NRT
alt-svc
h3=":443"; ma=86400
/
limurol.com/ssp/req/1941940/ 		7 B
600 B 		Script
General
Check archive.org
Download Go to
Full URL
https://limurol.com/ssp/req/1941940/?pb=8ccd49dcc4f91f0171019db31cbc3b7e1700368622&psp=9MJdFAU42K6QMux2ot11rX6Habfn2lwgnJhHrETp29dFJT8ju4cwbEIh2pkj2HlMIovlB_-zJeraF7q6-hZ01KbL_5SNKwDOx59eByKgs91f6agmdbUp0BTB-LV4yjETYwyB7P9xBKH07eob_lKW43pceoplmCtXtTg0KC6wF8dgikyzrZz6xk0Jy0sztXhVJFr6-bTRKxo9bwscL8YylgfzWvgeC3LUSNIHtP0L3_jLaDA-M-oEE8SAuXEDhYoA76W6gtiXraH_dlidg78Uybo4uWLnMt9skK97-k3GLvk0T1J_kDHlaugNDogUbyDJpQu-TNv3X569LTwElTeBtt86AWgNRQPCF2g6GFl0tqIMAzimX3yQbuZApymgkaSFrUjkt53DiqBDjcRB4cx2927_IU5aWyLRqMl1-p14u6QvraNjvSfZjRCKljRceAuX0jprmeDwmHulIrq8EqfF6ERXPEgzuOfY5jqPvkAvxIsezi5Le5nF9yuRm8v_K62HZkr4v7mVsXDwRwzLFL2YLPSzwKQ647F3r340OwMSpn4zDP6cRZ8nA0LJzEdqqd8I0R9gs2NxhZgqWShh0WgxYemjggjl6_6mJM97B3kb2k0IJUgfmrsDbTy-NvsuGEG_BWyi7QfS7SM2xUrZ1RpXpyp8kkGG3L77I07gMp6LaWfYCdpLYUlF35SpqRWBKn11HodQJTYfO9bd04jq26XDGMhPMwKj_NmStnlZruOGxU3lIebv2FDEdd3dB5OfOu4cCTgjaXpolxaLo7SaWV2LOGJ6ui977f51SwfBXqiDIkd0Xz_hJff44mHBJBKLibmlnjv-VqUQgkhBdQyIQuoCzm8exADzAFFrjHEmZRpvOClCC1Y8bwHMu42Q2KHWAAnLuE1NImz7m6xNKKH_5qFa6J6BCMlkzn9FA2jvckqNRsaO69zRPv1ZwsnoYYMWxfeboV5Dzbbqxuf8aqiJOHOWraSYONFPDDd2B5937eV5IjxIL8u7X-vFZ5CfUfyZdLgsg5Rv3T58kVV4WT3VPXY_edD9B6cBo9g5gKGz86CQ3Y77-0k7FaJYl_YSj-KlPZgyzUwVWijhhY8Q4XwLBLsshNfciicgwtbd9chn3U6FzSrUCW2NQ5K2ZwHl0AahH2Y5dzn9_zWgR0IwDA_3bWJCgxRFbJSQAC1k9vW7Fjc5JXVFN5X8WiPDpq16Q4bmZRV15YQ274IehlV8qjnxoDaS9XgxhiE=&im=1&cb=_cl3w41gij8muay2p39792r&nojs=0&abvar=423&febuild=417e16e865c50cb07b4364fa96d06091ab361eca&t=0&wcks=1&wgl=1&cnvs=1&os=-540&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=3770609583398400&eclog=0&sp=1&im=1
Requested by
Host: fvcwqkkqmuv.com
URL: https://fvcwqkkqmuv.com/aas/r45d/vki/1941940/b25e6007.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.106.127.154 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:02 GMT
x-route-id
ssp.bet
server
nginx
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
timing-allow-origin
*
content-length
7
content-type
text/javascript
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
YC4gFysnLjpcfXg3PVx9eGh5V39tagtcfXguIBd5fHx6O2p6aTFPe2F8e0kuOC-klHDgtOyIQO21rD0x8f3d6T2p6aWESJzw0JVx9C3x7SSMhMixcfXg+LBokJ3BsS38rMTsWIi18ez9+eWBnSWF+aX1MYXlscFx9eCooHy46MGxLCX1qfld8fn88RH54a39Bd39q...
d18t35yyry2k49.cloudfront.net/XT0hZSXksJzcvRjshPXRAfnFvfkppIiomFz91Ljgbdi47PhgocH89Ayt1YG8VLiY+dF8qJjp0SGkpPStEe24tORYkdSwnHSouMCccK24sKEQiJyMgFSMpfHs/emZpbEt/ Frame 7656 		458 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d18t35yyry2k49.cloudfront.net/XT0hZSXksJzcvRjshPXRAfnFvfkppIiomFz91Ljgbdi47PhgocH89Ayt1YG8VLiY+dF8qJjp0SGkpPStEe24tORYkdSwnHSouMCccK24sKEQiJyMgFSMpfHs/emZpbEt/YC4gFysnLjpcfXg3PVx9eGh5V39tagtcfXguIBd5fHx6O2p6aTFPe2F8e0kuOC-klHDgtOyIQO21rD0x8f3d6T2p6aWESJzw0JVx9C3x7SSMhMixcfXg+LBokJ3BsS38rMTsWIi18ez9+eWBnSWF+aX1MYXlscFx9eCooHy46MGxLCX1qfld8fn88RH54a39Bd39qeEB4fm9wSHs
Requested by
Host: orgotitedu.info
URL: https://orgotitedu.info/OElSUUdZKzE8eFl0MHcySiVvdHV+bGAXIwlxJmJyQTAgKHVTfWt/JFQmJzUhSiY8JWlWLCZ0dX4RBmEvYhoKOjRyMzEnFVI6OgEfagg0PwFOLzkhN3EgPTwBQnBjHS1fKzY4cw8ZOjYoWwFqaAZBPWMIAAAfHjgeHXsQNQEAOBg7NwgaFTo3aBomFCIKfSYeFWEiNgIwVgEBPjJ1CjEyDAp9IRoCaSAYKApfDwEcN14BIXR1fiw/CzdaDCZ0dX4QEWUgfjAhPwtSOTE3H196Agc/ASwVOXJuemslJl89MTcfXzwbEyMNLxopcXd7ImcmbA8CNHV+cTdhLE0GEXwsVAEWNjN3MBsACAp4IBV3QHE0YiMOHWAhcVkeFwINQj5iGxFAcBFiPw8aARwvdSAqMiFgLndjBXQLPToNCwshAnQAOx8FNG8AO2B/XTNrdHV6LAUTKWseFHR1eigKYAphET4iJH4xazQEVyYaKHMOBBUpC3sRYyAhVC1qNykAcQAZcgwoYWgFXHprICJ9C2Y3KgE+ARk0HiMhPilIdCUgJQEvMCYmX3E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2138:9c00:1:c788:1640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
03a7456507a9c52ac613d768fb09c024dceccf7871d9e44cf4f7558893e78d56

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://orgotitedu.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:02 GMT
content-encoding
gzip
via
1.1 025de06f7deee324c277661a5d0ef5fa.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT12-C2
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
355
x-amz-cf-id
0aI6XEOGI_3Ny_5xTprNLwbFth6a5Ze8_Bn9L6AwctrKoBxX0SP7ig==
czIGPnFmcEkpODQ2GilxZ3JfbWo8LAk1cWdkGWd8e3tBaGJgZBpnfWVwWWJ0YnFeY3tjdFZreHM2HzsraHNJKjghLlJre2VyXGx9YXBdYnxs
setitoefanyor.org/b1pMVUJAZS8mfzYNeRcQAgAeDSwDIxkDLjY5BGwTORw8ZSZeF2ohKwtndWR7WW1/ 		0
387 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://setitoefanyor.org/b1pMVUJAZS8mfzYNeRcQAgAeDSwDIxkDLjY5BGwTORw8ZSZeF2ohKwtndWR7WW1/czIGPnFmcEkpODQ2GilxZ3JfbWo8LAk1cWdkGWd8e3tBaGJgZBpnfWVwWWJ0YnFeY3tjdFZreHM2HzsraHNJKjghLlJre2VyXGx9YXBdYnxs
Requested by
Host: d18t35yyry2k49.cloudfront.net
URL: https://d18t35yyry2k49.cloudfront.net/?ryytd=919673
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1gx%2B3KHigqBu%2FSVcGPDbQO3cD69z0PnT1OipChTbgZn%2FVhGl%2BfjlQfDtnIodQHiLr2J5yo2bga9lEALh3c9lt3%2BAGZlwpC24%2BdyP2PnWgcpCfeSfL6nK%2Baw3%2Bu8X9%2F%2FvvMCcg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
828511ac8ab234e1-NRT
alt-svc
h3=":443"; ma=86400
floater
orgotitedu.info/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://orgotitedu.info/floater?cs=T09tNG9%2Ff1UAWHd5XA1ZentYBVo&abt=0&red=1&sm=83&k=&v=0.9.2.5&sts=0&prn=0&emb=0&tid=919673&rxy=1600_1200&u=1026887319766914&agec=1700361421&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=2702.702702702703&ref=https%3A%2F%2Fds2play.com%2Fe%2Fknuggdm0869x&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F119.0.6045.159%20safari%2F537.36&tzd=9&uloc=&if=0&aa=oi1_&_TkHv=1700361422811&crc=1
Requested by
Host: d18t35yyry2k49.cloudfront.net
URL: https://d18t35yyry2k49.cloudfront.net/?ryytd=919673
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.52.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-52-99.nrt20.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
7d8bfa9c6c95a3c8ad8f55fb1c4b33710a65a2955660f1778849a39d24cdd0b3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 02:37:03 GMT
content-encoding
gzip
via
1.1 b7aac263ca63a866073824e6a67d4e5a.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop
NRT20-P2
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://ds2play.com
p3p
CP="NID DSP ALL COR"
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
content-length
1164
x-amz-cf-id
ELScd_l_3A4JlTYz-DNBfU9xWKyw_XRbYHA6aj1I2UwzsEC6ZOntUw==
VWJxYm4aZ3R6cUJoamFuGWd1ZHpaYnxje11jc2J+VWtwcjwcOyNpeUoqMCAkUWtzZHhfbHVgelhrdmQ
setitoefanyor.org/VEhsWkR7dw8peQAdXR8TEixVPBwsOzUSEmMsOxwsMQAAIiUDAUouLTB1VWt9Yn9ffDQ9LFFpdnI7GDswITtRaHRkfUozKjInUWh0ZH5canFhcEltBzw8GCo3cXstf3YSbV4cMzEqHDMnP2UPPip6O190MSdlGz83IGVedCU5KRY1KjU/H3Q... 		0
382 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://setitoefanyor.org/VEhsWkR7dw8peQAdXR8TEixVPBwsOzUSEmMsOxwsMQAAIiUDAUouLTB1VWt9Yn9ffDQ9LFFpdnI7GDswITtRaHRkfUozKjInUWh0ZH5canFhcEltBzw8GCo3cXstf3YSbV4cMzEqHDMnP2UPPip6O190MSdlGz83IGVedCU5KRY1KjU/H3QnOyVJaAIzLRg2JT0sQjA0MS9JbQc6PQA2YWMLXWxyYX9daXBheFxic2R/VWJxYm4aZ3R6cUJoamFuGWd1ZHpaYnxje11jc2J+VWtwcjwcOyNpeUoqMCAkUWtzZHhfbHVgelhrdmQ
Requested by
Host: d18t35yyry2k49.cloudfront.net
URL: https://d18t35yyry2k49.cloudfront.net/?ryytd=919673
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:37:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hH0LDnPtW6JXh9427QHDpYX%2BP3biBWjzNp%2BoMT9jIPgOeELSc56zunoHUn%2FwEu9Uf3CLFPElyjBh6DsHrgPFvYP5g%2BAlUlR6yHpHLgUkM47THmalSzfdtyQQrAJTA0kZMzcHg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
828511b4b8ef34e1-NRT
alt-svc
h3=":443"; ma=86400
getlaid.jpeg
webpick-cdn.s3.us-west-2.amazonaws.com/ 		0
0
getlaid.jpeg
webpick-cdn.s3.us-west-2.amazonaws.com/ Frame E1A7 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webpick-cdn.s3.us-west-2.amazonaws.com/getlaid.jpeg
Requested by
Host: d18t35yyry2k49.cloudfront.net
URL: https://d18t35yyry2k49.cloudfront.net/?ryytd=919673
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.85.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e6a18e81d67bc6cfadbe2c86c78b99c0e01644cdeafb48144663121b629ea227

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 02:37:05 GMT
Last-Modified
Thu, 25 Jun 2020 08:18:14 GMT
Server
AmazonS3
x-amz-request-id
YR28KZ2QRRNBVS7Q
ETag
"e73bda30c82b74c32e5f03e4ed4e4bb1"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
9313
x-amz-id-2
RhuEBkgjVxJyk6z/pMJJOhvTmkQt0wjKWZXxqAxisllnvouAR6VZ9NmkATU6+FdTH2rh/R1MdyE1I+uZvCoj+w==
x-amz-meta-s3b-last-modified
20200625T081632Z
truncated
/ Frame E1A7 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63a428de16700f13f745cca888ee6d19b8c9470c623116b647c2a0cb431549a0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E1A7 		814 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01258ad47ff93fa506eeeeb68d76394891dd70751c894e3bb1cd1823e34e0a84

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
webpick-cdn.s3.us-west-2.amazonaws.com
URL
https://webpick-cdn.s3.us-west-2.amazonaws.com/getlaid.jpeg

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture function| $ function| jQuery boolean| googleAd string| oref string| oemb function| PushOpen function| errMsg function| hab number| punix number| prand string| pdomain string| pfurl string| prefe number| pwidth number| pheight function| supports_html5_storage function| dpload function| _0x2249bc undefined| standaloneFi string| userAgentFi boolean| safariFi boolean| chromebr boolean| iosFi boolean| Fitor function| _0x633c function| _0x238e object| canvas object| gl object| debugInfo string| vendor string| renderer string| oftor boolean| VIDEOJS_NO_BASE_THEME boolean| VIDEOJS_NO_DYNAMIC_STYLE boolean| HELP_IMPROVE_VIDEOJS number| ysel function| runBD function| __onGCastApiAvailable function| videoInfo object| vttjs function| WebVTT function| videojs undefined| returnExports function| videojsSeekButtons object| videojs_hotkeys function| videojsBrand function| videojsMobileUi function| Class number| ntt object| dsplayer boolean| sentPL object| dsvl function| StartPlay function| makePlay object| SILVERMINE_VIDEOJS_CHROMECAST_CONFIG object| span object| MTD object| cast number| LAST_CORRECT_EVENT_TIME object| utr_908057 number| userTrackingInterval number| _2087338140 number| _2437839626 function| sb function| x7$3x function| g6rbFg number| w6A_7$ function| V2ZW0 number| N$ai42 function| e0JHi function| E6m3Y_ function| U3EvY object| actions number| openedPop number| deli number| timer object| urls object| urls2 function| getUrl string| cb43a0 function| N4kk object| yCItbqoqYWzvmVikU function| nextPop number| r function| A0$909 function| b0uae function| U6yW0 number| G$nNdb function| k2bFB function| G5Oz2z number| s$TuDH function| X12lX string| dddc0206cd function| D777 object| PUENGINE function| _0xd965 function| _0x42a0 function| pcivwi object| 1941941__cngfg number| iinf function| handleException function| T5oo boolean| zfgloadedcode function| _clsfyvfntj4go141pwlsnu string| lklefsvsdg number| _4220797092 boolean| once boolean| oncet string| cookieIndex function| secondsTimeSpanToHMS function| loadSrtFromUrl function| loadSrtFromPc function| Load boolean| isNotScrolled function| changeSize number| customsubs function| parseSrt number| tryCount number| minimalUserResponseInMiliseconds function| check function| _cl3w41gij8muay2p39792r function| _clczeg7zidhcszpzeulixb function| onClickTrigger boolean| zfgloadedpopup string| a number| refS

13 Cookies

Domain/Path Name / Value
ds2play.com/e Name: file_id
Value: 128898511
ds2play.com/e Name: aff
Value: 322315
ds2play.com/e Name: ref_url
Value:
.ds2play.com/ Name: lang
Value: 1
ds2play.com/ Name: ts_popunder-cnt
Value: 0
ds2play.com/ Name: ts_popunder
Value: Sun%20Nov%2019%202023%2011%3A38%3A01%20GMT%2B0900%20(Japan%20Standard%20Time)
pogothere.xyz/ Name: csu
Value: 1026887319766914@1@1700361421
fvcwqkkqmuv.com/ Name: CHCK
Value: 1
fvcwqkkqmuv.com/ Name: UID
Value: 2311182137fe5e46464fc0477ea8c43b6043
ds2play.com/ Name: __PPU___PPU_SESSION_URL
Value: %2Fe%2Fknuggdm0869x
.ds2play.com/ Name: cf_clearance
Value: CgswgfUNbocu.q8bBF9YVupLUnoQZqxVUEC7WWdFFsg-1700361422-0-1-a7b61c8e.11a9d730.1013be97-0.2.1700361422
limurol.com/ Name: UID
Value: 2311182137c65e9dcb1fca48f7862ca9cfe1
limurol.com/ Name: CHCK
Value: 1

6 Console Messages

Source Level URL
Text
javascript warning URL: https://ds2play.com/e/knuggdm0869x
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ds2play.com/e/knuggdm0869x
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyyNOLA2NjZeUSRcVFiojg9nSxfmDsRnmFQt9qQvaWwSLuNxn2o5SSxDIxCfV5lbufcbrUNuyA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1626480153%3A1700361421885171&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyxGr8-pgjXVQp-dHNUe9frfa4uxDL4N4-bMgT3A_Wg7mi-rxg1QChFdN1KUa0U8sKzGlvCC&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-183856564%3A1700361422079701&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning URL: https://ds2play.com/e/knuggdm0869x
Message:
document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.
security warning URL: https://d18t35yyry2k49.cloudfront.net/?ryytd=919673(Line 153)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adiingsinspiri.org
cdn.tsyndicate.com
cdnjs.cloudflare.com
d18t35yyry2k49.cloudfront.net
ds2play.com
du0pud0sdlmzf.cloudfront.net
fvcwqkkqmuv.com
i.doodcdn.co
i.doodcdn.com
img.doodcdn.co
limurol.com
orgotitedu.info
pogothere.xyz
setitoefanyor.org
webpick-cdn.s3.us-west-2.amazonaws.com
wws306l.video-delivery.net
www.facebook.com
www.gstatic.com
webpick-cdn.s3.us-west-2.amazonaws.com
104.21.42.8
13.227.62.118
172.64.132.28
18.172.52.99
23.106.127.147
23.106.127.154
2404:6800:4004:813::2003
2404:6800:4004:821::200d
2600:9000:2138:9c00:1:c788:1640:21
2600:9000:2219:7200:13:4c71:26c0:21
2606:4700:20::681a:74a
2606:4700:20::681a:8aa
2606:4700:3031::6815:22d2
2606:4700::6811:180e
2a03:2880:f10f:83:face:b00c:0:25de
3.5.85.14
51.83.239.67
8.255.53.121
01258ad47ff93fa506eeeeb68d76394891dd70751c894e3bb1cd1823e34e0a84
016066d634922630d7cbb5bf83b022cd5cd07f8c346d4a21608ec1d6644ef2e0
01c49e02b98bc8a4275650b65787cdd100c362abc7e54e8b9e99396b6117c2c6
02052e6ece5b8ab576c772304952dd49d2ea4e8437975001cea27db87770404e
02e77fb919305b185355a3e5828e42af7e5ab6fe08744d4f8759f44d374e38c2
035e0a2a901c3b11beb9a6f34fac7e978f84985e7ea0835d809169f60edaea3e
03a7456507a9c52ac613d768fb09c024dceccf7871d9e44cf4f7558893e78d56
05fe1ce0c2859bcfa826437978f20a777d30cf2f52fa4dd7161a98b465985079
0d58239457bf7c0dac958abe4e3f614c32d0ca32683179f082150688fca50325
187c36cd1da98aa59adf61c52ce1b20f4348a7db9611ed372f319930fca98f08
1c81754b3ccafe44b9e2d9288fa3f76e1dc879d514ccf679bc290dc9b6068ac8
20eddd2d353b08609d5ee227ce5b895567c9429ce57a6873cca366adfa3d4c20
2577866b9d26cd6a4be764910f0913ae5b737ed1d130d635048051ebe15ae680
311cba72a3181f33f1b4e39a56e15c5344b97bd82987f64cabd1ed1f2bd340e1
368cdd6153f1d78accf162c0c360207bd078587ff263083c9338f38f34b27e44
3692813aed40c67bdad2a60a456478c7a07e1f049f14401a34c88a7c6b70fa04
3716878d3ceb2042b22c092b31c6f43cc862f8464e92ddde416a49624b32716e
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
63a428de16700f13f745cca888ee6d19b8c9470c623116b647c2a0cb431549a0
70d6a17097a8c27edfaad6740e11359d9363f3f04bff1b93483e29c25609fa6c
712d85ec26b52c181f62252225fba947549cfe0617e4bc3ed669605ec286ac4a
714e70103deac0d67f52a6285c5fabee6088ce4d710ce7e74353503837038baf
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7d8bfa9c6c95a3c8ad8f55fb1c4b33710a65a2955660f1778849a39d24cdd0b3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ce048d50e4943e33b84a9ce2afc862c4133b1fac20dacc7f2abea48222fb6ed
938868cb669ded8df831a92d954121fa6913fc453ed192420d4030405ed9cbfd
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a3cebef9af64dc70fd73b8a1af1bff877dc98747687ee96634a48adbc49ce949
a40ce7f9020d6ec0271d1821bda8e726ecad3a9f9aac8039ef523dd065a27523
a558a4796f60f07743027eec96b538b2e7758cca8c544ed796ff745837478555
ac71ca940805f9bf45760e9ee3c8dbea8ce10f6d2442d58c15573b47c60d5114
b6280b025f54d1e117f8515da139cc3d7c64955a5342fd81498431578336dd08
cc9c3e339443cf4f9322360e223f027ad76a5bd35ed5d2bfef58aa43d8da4b9b
d33d9d5fc2eef77dd7cda0770e9bc8213f058f2ead19b7d9b7ed731bcd081a47
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
e172ad14b2669a3ed1275a0220298561869864c57f626598c171b8200d38db82
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a18e81d67bc6cfadbe2c86c78b99c0e01644cdeafb48144663121b629ea227
ec992d415007fbe20b323d139fd0a5df0d66d7127facaed6258c75dcaa3fd283
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eec2c40d8b1bb98306990239204d8b90ca030f0def0e00dfe3117ae42991e126
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ff710a197a64e99d2629787a46fa6f78c4538243f9c905dc5efb06ab62406b89