| cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/js/materialize.min.js | 104.17.25.14 | 200 OK | 37 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/js/materialize.min.js IP104.17.25.14:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65357) Hash87d84bf8b4cc051c16092d27b1a7d9b3 c8b4c65651921d888cf5f27430dfe2ad190d35bf 53f7070cc4c81c278c72f7a106fd71434e766cf49b26d6ee8b0e1003d7132b3d
GET /ajax/libs/materialize/1.0.0/js/materialize.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 05:37:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 36877
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03efe-2c375"
last-modified: Mon, 04 May 2020 16:12:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 630273
expires: Tue, 08 Apr 2025 05:37:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2Fr2esQts2Df6TiLV7YAydq1LjcBiT5p5B9NMDVsMjTiCkz6n10FRXiAjt0HRIs2%2BgJJTvijfKbmvHu9Nov6vC8jYN1tvEMT8KMZLJ6Fudc4CxYgzjL8FhCZJAK095Juw7A727bS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87624df00f86b500-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css | 104.17.25.14 | 200 OK | 5.6 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css IP104.17.25.14:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 05:37:42 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 212147
expires: Tue, 08 Apr 2025 05:37:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BQ2K9MPU%2F6sfMQG7CUHV5iW%2FJvUjj4f%2FKJabyj9a%2BcvWnA24Vw9vJgUeAZYQ0OeFl3%2B05sqmnqua0eStXULuCWfcRHQJ6s575%2FQTDw5SAP2zoEhSpU2RrSaq49jBb0VQojJl2Wq%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87624df00f8cb500-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/turnstile/v0/api.js | 104.17.2.184 | 302 Found | 0 B |
URL GET HTTP/2challenges.cloudflare.com/turnstile/v0/api.js IP104.17.2.184:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 18 Apr 2024 05:37:42 GMT
content-length: 0
cache-control: max-age=300, public
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/g/54ea73d52131/api.js
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 87624df00bb31c06-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| new2.gdtot.dad/assets/img/yourlogo.png | 104.21.85.211 | 200 OK | 6.9 kB |
URL GET HTTP/3new2.gdtot.dad/assets/img/yourlogo.png IP104.21.85.211:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerGoogle Trust Services LLC Subjectgdtot.dad Fingerprint80:B0:17:A8:68:9F:8D:02:AE:91:6B:29:64:6B:06:B6:F4:8C:C5:1C ValidityMon, 08 Apr 2024 07:17:22 GMT - Sun, 07 Jul 2024 07:17:21 GMT
File typePNG image data, 145 x 56, 8-bit/color RGBA, non-interlaced Hashef828afcc39740064de4ac075396b2cb ea137e2ffb0c3b61203089e5bfc12e8aa0ffcd8a 12fb3d7a292f300b5cd167e05eee8823d1c998ddcbc61e1e09357868241838ca
GET /assets/img/yourlogo.png HTTP/1.1
Host: new2.gdtot.dad
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/file/2516425463
Cookie: PHPSESSID=id8pco9pfa88jahek3n467q0pa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:37:42 GMT
content-type: image/png
content-length: 6865
last-modified: Mon, 14 Sep 2020 08:36:34 GMT
etag: "5f5f2b92-1ad1"
expires: Thu, 18 Apr 2024 05:38:42 GMT
cache-control: max-age=14400
strict-transport-security: max-age=31536000
x-cache: HIT
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HCII%2FZg9M3JkJvTa0qaPlVSHZG63MzY0VTjSx12zcIQlW3oESBvtSdYsDTWwwrCnt9QzguCqAuIm6bbSIBrV2K8X19KOGbowpIfcFAxmSx%2F%2FJjgDMqubhQ5ighiBcbT3dg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87624def9da9b4ed-OSL
alt-svc: h3=":443"; ma=86400
|
|
| code.jquery.com/jquery-3.7.1.min.js | 151.101.130.137 | 200 OK | 30 kB |
URL GET HTTP/2code.jquery.com/jquery-3.7.1.min.js IP151.101.130.137:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
GET /jquery-3.7.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-155ed"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 18 Apr 2024 05:37:42 GMT
age: 18617999
x-served-by: cache-lga21978-LGA, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 74, 228402
x-timer: S1713418662.406811,VS0,VE0
vary: Accept-Encoding
content-length: 30336
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.6.0.min.js | 151.101.130.137 | 200 OK | 31 kB |
URL GET HTTP/2code.jquery.com/jquery-3.6.0.min.js IP151.101.130.137:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 18 Apr 2024 05:37:42 GMT
age: 5876282
x-served-by: cache-lga21931-LGA, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 22, 896316
x-timer: S1713418662.484049,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-HKW4S7DDMP | 142.250.74.168 | 200 OK | 100 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-HKW4S7DDMP IP142.250.74.168:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size100 kB (100132 bytes) Hash53c65dbfdcc186cf44a04dd86246d6bc 6b899a0d41b3313f9397ae184ef543c468985e87 051b80ee0f414c7c647daaf5d72123e3b6f836765df5e233c36737932f52fdd9
GET /gtag/js?id=G-HKW4S7DDMP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 05:37:42 GMT
expires: Thu, 18 Apr 2024 05:37:42 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100132
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.datatables.net/1.13.6/css/jquery.dataTables.css | 104.26.9.123 | 200 OK | 3.9 kB |
URL GET HTTP/2cdn.datatables.net/1.13.6/css/jquery.dataTables.css IP104.26.9.123:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerGoogle Trust Services LLC Subjectdatatables.net Fingerprint90:1B:E4:09:AA:D0:D8:54:84:42:01:61:2A:F3:FD:AA:42:CC:89:6D ValidityWed, 27 Mar 2024 23:37:26 GMT - Tue, 25 Jun 2024 23:37:25 GMT
File typeUnicode text, UTF-8 text, with very long lines (546) Hash5f4dd87776924198bfa18978d45bd358 13c2260392fae1be5ff8190bf22a90ebaffec6de 8cf8a4dbb01c028a16eb2d85abf26f1acee3b45e05ce07ed091611ecad8ea909
GET /1.13.6/css/jquery.dataTables.css HTTP/1.1
Host: cdn.datatables.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 05:37:42 GMT
content-type: text/css; charset=utf-8
x-frame-options: SAMEORIGIN
last-modified: Mon, 06 Nov 2023 12:01:13 GMT
etag: W/"1122153-650b-6097a9c4efbb0-gzip"
cache-control: max-age=31536000
expires: Sun, 24 Nov 2024 07:58:50 GMT
vary: Accept-Encoding,User-Agent
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: GET
cf-cache-status: HIT
age: 12519531
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qRGsx8OzvMgd5J0AwBg355uw0qQcgSHvGDkPhvb7cv31i%2FORcUG2GpGfvYtm6QnZ8R5jHjv%2F4%2BAv3CPVJZWp%2B96PE%2FDxq7hKxmmzeGm7W9W%2FIo3kLTHOqJvEwhXPtgiG5o0ucg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87624defeb8e56b5-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| greenfox.ink/d/asyncjs.php | 5.45.74.150 | 200 OK | 4.4 kB |
URL GET HTTP/1.1greenfox.ink/d/asyncjs.php IP5.45.74.150:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerLet's Encrypt Subjectgreenfox.ink Fingerprint82:2D:5F:1E:AC:8C:02:92:BB:CF:26:E1:04:FA:B7:70:35:A5:91:70 ValidityMon, 15 Apr 2024 06:21:32 GMT - Sun, 14 Jul 2024 06:21:31 GMT
File typeJavaScript source, ASCII text, with very long lines (4401), with no line terminators Hash7dd2e8fda9c2505366169943cbf2d2d2 3b64b2fc61220dfc88ed53644eb786e313183c61 aad5623efaae82ad301a146d1437b18fff9885db2a872538bc5f885a7632fb89
GET /d/asyncjs.php HTTP/1.1
Host: greenfox.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Thu, 18 Apr 2024 05:37:42 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.30
ETag: 1d63e790351363d29b61f9cf59b98fad
Expire: Thu, 18 Apr 2024 06:37:42 GMT
Cache-Control: private, max-age=3600
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAGEO=2%7CNO%7CEU%7C%7COslo%7C0478%7C59.9016%7C10.7343%7C10%7CEurope%2FOslo%7C%7C03%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; path=/; secure; SameSite=none
|
|
| fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i | 216.58.207.234 | 200 OK | 1.4 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i IP216.58.207.234:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hashffa11a8da26740b0e2b0a61c46f6841c 6fbccb9f082bad8541d1c0a093acb38186b79b11 e1930822daee15aac4a7f9402a1b03ec431f99d633491f03e26b77ea93847805
GET /css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 05:37:42 GMT
date: Thu, 18 Apr 2024 05:37:42 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 | 104.17.25.14 | 200 OK | 77 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 IP104.17.25.14:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://new2.gdtot.dad
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:37:42 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4277878
expires: Tue, 08 Apr 2025 05:37:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ee9Pq3NhAJVpmAB7q3AFVOnAYq5hL31pGdcAiOhCtz8ANHhxG3GsDxngp1zJPqH5xGivHfNDA963FxLefTDk1T9OHqGWOHOZgI6eTqFQS92rwvy5KgtjnAt99a12uuzLz6qTigm6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87624df32dd756b9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 | 216.58.207.227 | 200 OK | 39 kB |
URL GET HTTP/2fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 IP216.58.207.227:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 39124, version 1.0 Hash86b73ab5f530be7984b704414f2a711d 8e297794ed7b6f5ea476d14b5270df12e8f3e42a 1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
GET /s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://new2.gdtot.dad
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 39124
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:54:15 GMT
expires: Fri, 18 Apr 2025 02:54:15 GMT
cache-control: public, max-age=31536000
age: 9807
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/turnstile/v0/g/54ea73d52131/api.js | 104.17.2.184 | 200 OK | 53 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/g/54ea73d52131/api.js IP104.17.2.184:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42414) Hash374fec8b5e50cd6ab980f3fef21a5aa0 7f474607991a19b6f1b78cc32e0f75b501b60774 8af2da74872f03e058ab79a584176d2086afc01bbd42dd2ed14259179341be6a
GET /turnstile/v0/g/54ea73d52131/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new2.gdtot.dad/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:37:42 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87624df2194bb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 | 216.58.207.227 | 200 OK | 39 kB |
URL GET HTTP/2fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 IP216.58.207.227:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 39124, version 1.0 Hash86b73ab5f530be7984b704414f2a711d 8e297794ed7b6f5ea476d14b5270df12e8f3e42a 1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
GET /s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://new2.gdtot.dad
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 39124
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:54:15 GMT
expires: Fri, 18 Apr 2025 02:54:15 GMT
cache-control: public, max-age=31536000
age: 9807
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| greenfox.ink/d/asyncspc.php?zones=6%7C7&prefix=revive-0-&cphost=43509b58b68d940f8734726dfed6c5c8%7C1%7Cnew1.gdtot.zip&loc=https%3A%2F%2Fnew2.gdtot.dad%2Ffile%2F2516425463 | 5.45.74.150 | 200 OK | 1.2 kB |
URL GET HTTP/1.1greenfox.ink/d/asyncspc.php?zones=6%7C7&prefix=revive-0-&cphost=43509b58b68d940f8734726dfed6c5c8%7C1%7Cnew1.gdtot.zip&loc=https%3A%2F%2Fnew2.gdtot.dad%2Ffile%2F2516425463 IP5.45.74.150:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerLet's Encrypt Subjectgreenfox.ink Fingerprint82:2D:5F:1E:AC:8C:02:92:BB:CF:26:E1:04:FA:B7:70:35:A5:91:70 ValidityMon, 15 Apr 2024 06:21:32 GMT - Sun, 14 Jul 2024 06:21:31 GMT
Hash165134dfb7a4a70b8b52d97743121b0c a142332d90a2ccbca03278e8cd57926d372068a3 540ea6ead20e084b06d8fc9647a80b7ac6238d82b8c0f6f465afb407134b5b34
GET /d/asyncspc.php?zones=6%7C7&prefix=revive-0-&cphost=43509b58b68d940f8734726dfed6c5c8%7C1%7Cnew1.gdtot.zip&loc=https%3A%2F%2Fnew2.gdtot.dad%2Ffile%2F2516425463 HTTP/1.1
Host: greenfox.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new2.gdtot.dad
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Cookie: OAGEO=2%7CNO%7CEU%7C%7COslo%7C0478%7C59.9016%7C10.7343%7C10%7CEurope%2FOslo%7C%7C03%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Thu, 18 Apr 2024 05:37:43 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/8.0.30
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=e4112b54aaee4d5547787db3ac5b7948; expires=Fri, 18-Apr-2025 05:37:43 GMT; Max-Age=31536000; path=/; secure; SameSite=none
Access-Control-Allow-Origin: https://new2.gdtot.dad
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
|
|
| new2.gdtot.dad/assets/vendor/fontawesome-free/webfonts/fa-solid-900.woff2 | 104.21.85.211 | 200 OK | 75 kB |
URL GET HTTP/3new2.gdtot.dad/assets/vendor/fontawesome-free/webfonts/fa-solid-900.woff2 IP104.21.85.211:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerGoogle Trust Services LLC Subjectgdtot.dad Fingerprint80:B0:17:A8:68:9F:8D:02:AE:91:6B:29:64:6B:06:B6:F4:8C:C5:1C ValidityMon, 08 Apr 2024 07:17:22 GMT - Sun, 07 Jul 2024 07:17:21 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 75408, version 330.15859 Hashd6d8d5da9214dc7d46b297672a602d55 9991033ce701c9a3d092ba2263a6a89c4d7e21da 80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff
GET /assets/vendor/fontawesome-free/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: new2.gdtot.dad
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/assets/vendor/fontawesome-free/css/all.min.css
Cookie: PHPSESSID=id8pco9pfa88jahek3n467q0pa; _ga_HKW4S7DDMP=GS1.1.1713418662.1.0.1713418662.0.0.0; _ga=GA1.1.58961308.1713418663
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:37:43 GMT
content-type: font/woff2
content-length: 75408
last-modified: Wed, 15 Apr 2020 12:50:02 GMT
etag: "5e9702fa-12690"
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 05:38:43 GMT
cache-control: max-age=14400
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dmr%2FuB7gBDHyGiRUCjW70Exfer94DdA3%2BZDzi2IRRtfVi0QK0ZCfEalwhc%2FClN6HbkAuW78x5L%2FD6gs4kQ1aJLOkv5XFBHW86APcTTJQokeFQsTFaYLsgkE2b%2FLEvDmc4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87624df2d983b4ed-OSL
alt-svc: h3=":443"; ma=86400
|
|
| greenfox.ink/d/lg.php?bannerid=4&campaignid=1&zoneid=6&loc=https%3A%2F%2Fnew2.gdtot.dad%2Ffile%2F2516425463&cb=c166b4b426 | 5.45.74.150 | 200 OK | 43 B |
URL GET HTTP/1.1greenfox.ink/d/lg.php?bannerid=4&campaignid=1&zoneid=6&loc=https%3A%2F%2Fnew2.gdtot.dad%2Ffile%2F2516425463&cb=c166b4b426 IP5.45.74.150:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerLet's Encrypt Subjectgreenfox.ink Fingerprint82:2D:5F:1E:AC:8C:02:92:BB:CF:26:E1:04:FA:B7:70:35:A5:91:70 ValidityMon, 15 Apr 2024 06:21:32 GMT - Sun, 14 Jul 2024 06:21:31 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /d/lg.php?bannerid=4&campaignid=1&zoneid=6&loc=https%3A%2F%2Fnew2.gdtot.dad%2Ffile%2F2516425463&cb=c166b4b426 HTTP/1.1
Host: greenfox.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Cookie: OAGEO=2%7CNO%7CEU%7C%7COslo%7C0478%7C59.9016%7C10.7343%7C10%7CEurope%2FOslo%7C%7C03%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; OAID=e4112b54aaee4d5547787db3ac5b7948
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Thu, 18 Apr 2024 05:37:43 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.30
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=e4112b54aaee4d5547787db3ac5b7948; expires=Fri, 18-Apr-2025 05:37:43 GMT; Max-Age=31536000; path=/; secure; SameSite=none
|
|
| px.greenfox.ink/pixel.gif?ad_type=1&banner=4&advertiser=1&cp_host=43509b58b68d940f8734726dfed6c5c8|1|new1.gdtot.zip&event_type=1&rand=c166b4b426 | 172.67.190.65 | 200 OK | 42 B |
URL GET HTTP/2px.greenfox.ink/pixel.gif?ad_type=1&banner=4&advertiser=1&cp_host=43509b58b68d940f8734726dfed6c5c8|1|new1.gdtot.zip&event_type=1&rand=c166b4b426 IP172.67.190.65:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerLet's Encrypt Subjectgreenfox.ink FingerprintCC:32:BD:2E:96:38:50:AF:30:3F:FF:D0:08:B5:D4:0F:43:9A:FA:15 ValidityThu, 22 Feb 2024 11:21:07 GMT - Wed, 22 May 2024 11:21:06 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pixel.gif?ad_type=1&banner=4&advertiser=1&cp_host=43509b58b68d940f8734726dfed6c5c8|1|new1.gdtot.zip&event_type=1&rand=c166b4b426 HTTP/1.1
Host: px.greenfox.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 05:37:43 GMT
content-type: image/gif
content-length: 42
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
set-cookie: unq-user-id=aaaaaaaaaa; Path=/; Domain=px.greenfox.ink; Max-Age=31536000; HttpOnly; Secure; SameSite=None
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bqr8FYgTiJSWU8g9zioF547%2BsPQZNHylElr8sum2U5knRvRix1FvxmewzHhoZR5iI%2F6057OHxZ9qepXohOEBed6RRNif1aeLnz2%2Fr2P%2FhqaOj764nzyUbhafZUp9r9Im3PA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87624df469e456b4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| new2.gdtot.dad/file/2516425463 | 104.21.85.211 | 200 OK | 16 kB |
URL HEAD HTTP/3new2.gdtot.dad/file/2516425463 IP104.21.85.211:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerGoogle Trust Services LLC Subjectgdtot.dad Fingerprint80:B0:17:A8:68:9F:8D:02:AE:91:6B:29:64:6B:06:B6:F4:8C:C5:1C ValidityMon, 08 Apr 2024 07:17:22 GMT - Sun, 07 Jul 2024 07:17:21 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (569) Hash266fc89f57622f02c434539ddc71d8f3 3d80f90d09fd354865b4e5bf4b5e3ffec560f385 55c2b34224693594b3ba79e878eb51214f4be77b1de34ece2ccbb5f04dde6fb5
GET /file/2516425463 HTTP/1.1
Host: new2.gdtot.dad
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 05:37:42 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=id8pco9pfa88jahek3n467q0pa; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, no-cache
pragma: no-cache
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uPTOFkWM1IDZgLAFlTuRadMxEyHV6nR0u4Qbs%2B%2BGHM%2BsCdt%2B1p%2Fw3%2Fl%2BWyfgq%2By6tnvhMV7McW%2FNycmlI%2Fth2riYWtjtHUS%2BTnhiFd6BfNC6sisZGI6SBKMzfdIE3yMSOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87624ded08740b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ausoafab.net/tag.min.js | 139.45.197.239 | 200 OK | 25 kB |
IP139.45.197.239:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerLet's Encrypt Subjectausoafab.net Fingerprint33:F7:E4:A2:F2:C5:7C:F7:5D:6D:04:07:63:1B:94:6B:99:7D:33:A9 ValiditySat, 24 Feb 2024 05:17:49 GMT - Fri, 24 May 2024 05:17:48 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash8aa3978b40509f8fa662e6ced412222e 71ae04ed1ec259a70027a3fced8b9e28b3fb1dcf 0ace61137665f71c72d727387965ad06a9cf5e05dc11ee156484fa224baec435
GET /tag.min.js HTTP/1.1
Host: ausoafab.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 05:37:43 GMT
content-type: text/javascript; charset=utf-8
content-length: 25301
content-encoding: br
x-trace-id: 415604f768e5affdd2b175c2833ddb81
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Wed, 17 Apr 2024 13:37:29 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| new2.gdtot.dad/assets/vendor/bootstrap/js/bootstrap.bundle.min.js | 104.21.85.211 | 200 OK | 23 kB |
URL GET HTTP/3new2.gdtot.dad/assets/vendor/bootstrap/js/bootstrap.bundle.min.js IP104.21.85.211:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerGoogle Trust Services LLC Subjectgdtot.dad Fingerprint80:B0:17:A8:68:9F:8D:02:AE:91:6B:29:64:6B:06:B6:F4:8C:C5:1C ValidityMon, 08 Apr 2024 07:17:22 GMT - Sun, 07 Jul 2024 07:17:21 GMT
File typeJavaScript source, ASCII text, with very long lines (65297) Hasha454220fc07088bf1fdd19313b6bfd50 265a733cb7fbc481fd2510a659a85ad55c93c895 7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
GET /assets/vendor/bootstrap/js/bootstrap.bundle.min.js HTTP/1.1
Host: new2.gdtot.dad
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/file/2516425463
Cookie: PHPSESSID=id8pco9pfa88jahek3n467q0pa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:37:42 GMT
content-type: application/javascript
last-modified: Wed, 15 Apr 2020 12:49:58 GMT
vary: Accept-Encoding
etag: W/"5e9702f6-1332b"
expires: Thu, 18 Apr 2024 05:38:42 GMT
cache-control: max-age=14400
strict-transport-security: max-age=31536000
x-cache: HIT
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vnpj%2FyhifX5fsMIglqDzWJ%2B5%2BNxB%2B5Hm8r2CWDijTEasDlxcFMnwhr14CrddmNJZLeXCWGderI2W33eUs3vfbCeqXrx1p1Po0%2FlPi7uUJjp3D7DsHYWNXhgiYH2HkJhFbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87624def9daab4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| rghptoxhai.com/t.min.js | 172.67.178.139 | 200 OK | 44 kB |
IP172.67.178.139:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerGoogle Trust Services LLC Subjectrghptoxhai.com FingerprintE4:69:08:33:DA:14:0F:D5:8B:5E:EF:BC:0B:EB:02:68:C2:50:FC:BF ValiditySat, 30 Mar 2024 10:58:21 GMT - Fri, 28 Jun 2024 10:58:20 GMT
File typeJavaScript source, ASCII text, with very long lines (65427) Hashf5445acf7fae3bc72e78f0cedfe309ca d96fd6bf571a0c720cad89bd2bead1a1e3faac8f b734f632e8cdf2ade9b3fb34e4b5c3e675e2c13af69a43411c1435c6e3730ca1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /t.min.js HTTP/1.1
Host: rghptoxhai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 05:37:42 GMT
content-type: application/javascript
last-modified: Tue, 12 Mar 2024 17:31:24 GMT
etag: W/"65f0916c-10458"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NugpIXpr00PO53XCb%2BziBIN8Xrhj2P%2Fch60mg8R96DyLnwKDiPfV28tua3J6bqZ%2FbjSFdqcBN%2FKxsqUhyd%2BdmsXCSa9AJwl43o9%2BX3wEJWqwc4iIjvgME8yWu6zlkeRfMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87624df00e49b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| new2.gdtot.dad/assets/vendor/jquery-easing/jquery.easing.min.js | 104.21.85.211 | 200 OK | 9.8 kB |
URL GET HTTP/3new2.gdtot.dad/assets/vendor/jquery-easing/jquery.easing.min.js IP104.21.85.211:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerGoogle Trust Services LLC Subjectgdtot.dad Fingerprint80:B0:17:A8:68:9F:8D:02:AE:91:6B:29:64:6B:06:B6:F4:8C:C5:1C ValidityMon, 08 Apr 2024 07:17:22 GMT - Sun, 07 Jul 2024 07:17:21 GMT
File typeJavaScript source, ASCII text, with very long lines (2532), with no line terminators Hashe2d41e5c8fed838d9014fea53d45ce75 bde98133f735398b27339c423a817e755329f7d1 1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
GET /assets/vendor/jquery-easing/jquery.easing.min.js HTTP/1.1
Host: new2.gdtot.dad
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/file/2516425463
Cookie: PHPSESSID=id8pco9pfa88jahek3n467q0pa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:37:42 GMT
content-type: application/javascript
last-modified: Wed, 15 Apr 2020 12:50:02 GMT
vary: Accept-Encoding
etag: W/"5e9702fa-9e4"
expires: Thu, 18 Apr 2024 05:38:42 GMT
cache-control: max-age=14400
strict-transport-security: max-age=31536000
x-cache: HIT
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mUsOvHxQJHA1LSSVPUDXlaG0Kc8sojUoszEU5pow9tCn%2FMMTJ0nP8IkGtfWpLVnSWJbtVr9oXNGPSsI778cEsjvN9%2F%2F5FTyzB7HSArWSEZWJgAL3eMXRMKPz8XA2jAS%2FTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87624def9dabb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| my.rtmark.net/gid.js?userId=00804220826041bff12f14b4ab79e8ad | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=00804220826041bff12f14b4ab79e8ad IP139.45.195.8:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hash2d5d883da38b2b20e1603acbcf814289 e2507339cc9333f9cada557ea116036a6115e386 ea1d5fae857bfd912469bda96a3848ae0ec81ddf999b74b98a488318633d77f7
GET /gid.js?userId=00804220826041bff12f14b4ab79e8ad HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new2.gdtot.dad
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 05:37:43 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://new2.gdtot.dad
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=00804220826041bff12f14b4ab79e8ad; expires=Fri, 18 Apr 2025 05:37:43 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| amd-cdn-1.custacin-crowlexing-i-283.site/content/stream/Batery/500x200_ipl_2024_22_march.jpg | 50.7.24.35 | 200 OK | 47 kB |
URL GET HTTP/2amd-cdn-1.custacin-crowlexing-i-283.site/content/stream/Batery/500x200_ipl_2024_22_march.jpg IP50.7.24.35:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerLet's Encrypt Subject*.custacin-crowlexing-i-283.site Fingerprint15:5C:FC:4D:37:46:2F:F0:59:3C:41:3A:E8:5D:BD:7E:EE:75:81:01 ValidityTue, 20 Feb 2024 08:44:50 GMT - Mon, 20 May 2024 08:44:49 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2024:03:21 01:33:00], baseline, precision 8, 500x200, components 3 Hash312149af823f3abf1ad97f0f62772348 0a972ac818b8bb014ccd6586955496edf367424e 49223161e0b9a2832de2e5841ff7219ecbd3f1947c2da8f3377967e880c01b08
GET /content/stream/Batery/500x200_ipl_2024_22_march.jpg HTTP/1.1
Host: amd-cdn-1.custacin-crowlexing-i-283.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new2.gdtot.dad/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 05:37:43 GMT
content-type: image/jpeg
content-length: 47139
last-modified: Sun, 24 Mar 2024 14:06:40 GMT
etag: "66003370-b823"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ausoafab.net/?rb=KL8mmD2jv5dd33NT6F9H-lRIb6jgGif1Gu80QQ45z4O2NGZUwNTEsTPuGulxCtbDU7V7DNh2v5z3hCs2OzTKY8bw9QAVPMY3sL2-jQ99pwrfadU17G9O8_HUlkvtcyQa2Ar34aPxvhkoNN-605dJtxHB8gw6RMkJCVN7WIBTfbtToq1r2ToStpkqXko5X22v50ekw3FgtcLrjAtDba6K23MxB6aJgmjgk_EUq4XYD0SqgBjsESY0zaPlLeobWKIR4CfW2cV0wEqI5BzHxHJpwA%3D%3D&request_ab2=0&zoneid=3621940&js_build=iclick-v1.773.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=2&pl=https%3A%2F%2Fnew2.gdtot.dad%2Ffile%2F2516425463&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.773.0&navlng=en-US&pnt=0&pnrc=0&wasm=1&bs=d611f105-3da8-4920-9518-3fdccd030cdb&userId=00804220826041bff12f14b4ab79e8ad&m=link | 139.45.197.239 | 200 OK | 10 kB |
URL GET HTTP/2ausoafab.net/?rb=KL8mmD2jv5dd33NT6F9H-lRIb6jgGif1Gu80QQ45z4O2NGZUwNTEsTPuGulxCtbDU7V7DNh2v5z3hCs2OzTKY8bw9QAVPMY3sL2-jQ99pwrfadU17G9O8_HUlkvtcyQa2Ar34aPxvhkoNN-605dJtxHB8gw6RMkJCVN7WIBTfbtToq1r2ToStpkqXko5X22v50ekw3FgtcLrjAtDba6K23MxB6aJgmjgk_EUq4XYD0SqgBjsESY0zaPlLeobWKIR4CfW2cV0wEqI5BzHxHJpwA%3D%3D&request_ab2=0&zoneid=3621940&js_build=iclick-v1.773.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=2&pl=https%3A%2F%2Fnew2.gdtot.dad%2Ffile%2F2516425463&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.773.0&navlng=en-US&pnt=0&pnrc=0&wasm=1&bs=d611f105-3da8-4920-9518-3fdccd030cdb&userId=00804220826041bff12f14b4ab79e8ad&m=link IP139.45.197.239:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerLet's Encrypt Subjectausoafab.net Fingerprint33:F7:E4:A2:F2:C5:7C:F7:5D:6D:04:07:63:1B:94:6B:99:7D:33:A9 ValiditySat, 24 Feb 2024 05:17:49 GMT - Fri, 24 May 2024 05:17:48 GMT
File typegzip compressed data, max speed, from Unix Hash04557af24bbebe5a2b1c870e4d4afd40 b7bd0bf4b9d147285bb63c4964c456e4a9a220d3 57f64c870ffdee7c9d474f825dc1c77f06ff89113c785a73aa0451f0ddb555c6
GET /?rb=KL8mmD2jv5dd33NT6F9H-lRIb6jgGif1Gu80QQ45z4O2NGZUwNTEsTPuGulxCtbDU7V7DNh2v5z3hCs2OzTKY8bw9QAVPMY3sL2-jQ99pwrfadU17G9O8_HUlkvtcyQa2Ar34aPxvhkoNN-605dJtxHB8gw6RMkJCVN7WIBTfbtToq1r2ToStpkqXko5X22v50ekw3FgtcLrjAtDba6K23MxB6aJgmjgk_EUq4XYD0SqgBjsESY0zaPlLeobWKIR4CfW2cV0wEqI5BzHxHJpwA%3D%3D&request_ab2=0&zoneid=3621940&js_build=iclick-v1.773.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=2&pl=https%3A%2F%2Fnew2.gdtot.dad%2Ffile%2F2516425463&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.773.0&navlng=en-US&pnt=0&pnrc=0&wasm=1&bs=d611f105-3da8-4920-9518-3fdccd030cdb&userId=00804220826041bff12f14b4ab79e8ad&m=link HTTP/1.1
Host: ausoafab.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new2.gdtot.dad/
Origin: https://new2.gdtot.dad
DNT: 1
Connection: keep-alive
Cookie: OAID=00804220826041bff12f14b4ab79e8ad; oaidts=1713418663
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 05:37:43 GMT
content-type: application/json
x-trace-id: a80b53d024b52a986a7dd1efc18770f6
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://new2.gdtot.dad
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=00804220826041bff12f14b4ab79e8ad; expires=Fri, 18 Apr 2025 05:37:43 GMT; path=/; secure; SameSite=None
oaidts=1713418663; expires=Fri, 18 Apr 2025 05:37:43 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 25 Apr 2024 05:37:43 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| unpkg.com/sweetalert/dist/sweetalert.min.js | 104.17.248.203 | 302 Found | 41 kB |
URL GET HTTP/2unpkg.com/sweetalert/dist/sweetalert.min.js IP104.17.248.203:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerGoogle Trust Services LLC Subjectunpkg.com Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3 ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sweetalert/dist/sweetalert.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 18 Apr 2024 05:37:42 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /sweetalert@2.1.2/dist/sweetalert.min.js
vary: Accept, Accept-Encoding
content-encoding: br
via: 1.1 fly.io
fly-request-id: 01HVQV55KX3KVTW8FEDB66EGA9-arn
cf-cache-status: HIT
age: 220
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87624defcb6156b5-OSL
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/j8u8v/0x4AAAAAAADch0Ba3E6N-jTt/auto/normal | 104.17.2.184 | 200 OK | 80 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/j8u8v/0x4AAAAAAADch0Ba3E6N-jTt/auto/normal IP104.17.2.184:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41702) Hash4c8a4e2dc792e4cb8c468caaa9ca6789 15eb0dd4485859b490de83ff6dc173b9da323ddf 98bf2a000f4ad9b71c5d13d53294037d094470b59e969cc543cff4754fc84cb5
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/j8u8v/0x4AAAAAAADch0Ba3E6N-jTt/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:37:43 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 87624df42b45b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.datatables.net/1.13.6/js/jquery.dataTables.js | 104.26.9.123 | 200 OK | 457 kB |
URL GET HTTP/2cdn.datatables.net/1.13.6/js/jquery.dataTables.js IP104.26.9.123:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerGoogle Trust Services LLC Subjectdatatables.net Fingerprint90:1B:E4:09:AA:D0:D8:54:84:42:01:61:2A:F3:FD:AA:42:CC:89:6D ValidityWed, 27 Mar 2024 23:37:26 GMT - Tue, 25 Jun 2024 23:37:25 GMT
Size457 kB (457199 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1.13.6/js/jquery.dataTables.js HTTP/1.1
Host: cdn.datatables.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 05:37:42 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
last-modified: Mon, 06 Nov 2023 12:01:13 GMT
etag: W/"112218c-6f9ef-6097a9c4f1708-gzip"
cache-control: max-age=31536000
expires: Fri, 22 Nov 2024 08:23:18 GMT
vary: Accept-Encoding,User-Agent
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: GET
cf-cache-status: HIT
age: 12690863
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TQtRqp%2FjhTvDYZh2mCZCZTlbhhgziQC17drMf3TwRn2N1pN%2F7TOJz7CwDrzAu%2F71gwBsXCKFwAtGmJKfvzGeFW4h4o57bqTKrqcmUp4Z0ZhjJvbkaPdQxhV38X1S%2B8D0hPbcjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87624defcb6256b5-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| new2.gdtot.dad/assets/css/sb-admin-2.min.css | 104.21.85.211 | 200 OK | 168 kB |
URL GET HTTP/3new2.gdtot.dad/assets/css/sb-admin-2.min.css IP104.21.85.211:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerGoogle Trust Services LLC Subjectgdtot.dad Fingerprint80:B0:17:A8:68:9F:8D:02:AE:91:6B:29:64:6B:06:B6:F4:8C:C5:1C ValidityMon, 08 Apr 2024 07:17:22 GMT - Sun, 07 Jul 2024 07:17:21 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size168 kB (167808 bytes) Hash54e6431e3465bfb553322b2013cc8b9b 94a4aa15128463bb03dd46e558862918cfee27fb 448798a73abf99a736eb3a5ba61d5d377ddbfab67d9326a2db23170bcdc4016f
GET /assets/css/sb-admin-2.min.css HTTP/1.1
Host: new2.gdtot.dad
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/file/2516425463
Cookie: PHPSESSID=id8pco9pfa88jahek3n467q0pa
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:37:42 GMT
content-type: text/css
last-modified: Wed, 29 Apr 2020 06:12:46 GMT
vary: Accept-Encoding
etag: W/"5ea91ade-28f80"
expires: Thu, 18 Apr 2024 05:38:42 GMT
cache-control: max-age=14400
strict-transport-security: max-age=31536000
x-cache: HIT
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ddPZWDhQACknAmvsegtxDUZf9Cy9B3ffL1MkW1wIPTy4Q3bnhda%2BQQzBqbCH%2FHjpkhR%2BlyKeIMwxI8g3V%2B7GLkvcpoPtunSsUMFqrUgt4raAA24mplAJOANz8KlMhir6Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87624def7da0b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js | 104.17.248.203 | 200 OK | 41 kB |
URL GET HTTP/2unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js IP104.17.248.203:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerGoogle Trust Services LLC Subjectunpkg.com Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3 ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT
File typeJavaScript source, ASCII text, with very long lines (40808), with no line terminators Hashf3b8ce97ff6ce324da6232da353adf40 2a3daabc70232c6350ab48d32605dc4a6ac1f1fa 2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
GET /sweetalert@2.1.2/dist/sweetalert.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new2.gdtot.dad/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 05:37:42 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"9f68-Kj2qvHAjLGNQq0jTJgXcSmrB8fo"
via: 1.1 fly.io
fly-request-id: 01HFTTAHA38FKXHYAKJFYNFQAJ-arn
cf-cache-status: HIT
age: 12785331
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87624df1de1d56b5-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1254834450:1713417220:WQxyv9hAxeiZcQ7bYSl2UEy7cJaaaruB8MybGG39DGo/87624df42b45b4f7/b3a991f567558ff | 104.17.2.184 | 200 OK | 23 kB |
URL POST HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1254834450:1713417220:WQxyv9hAxeiZcQ7bYSl2UEy7cJaaaruB8MybGG39DGo/87624df42b45b4f7/b3a991f567558ff IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/j8u8v/0x4AAAAAAADch0Ba3E6N-jTt/auto/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (22576), with no line terminators Hash9adc62436c673189686b289b685e4ae4 63739e034bc46172f60b4c47d326031daa2b4fb7 8bc1e4907c3ce126bd5cb6156d39d711ffaad58d615432a9713516e4c4276793
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1254834450:1713417220:WQxyv9hAxeiZcQ7bYSl2UEy7cJaaaruB8MybGG39DGo/87624df42b45b4f7/b3a991f567558ff HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/j8u8v/0x4AAAAAAADch0Ba3E6N-jTt/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: b3a991f567558ff
Content-Length: 25398
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:37:44 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 5DzvmtMjSXjE2W+DLuMMo+tBVnPiyX5XIybctHuREGS+L30agb6zkOXSpczv1hD4$CTHnnAlXbOHJ8u1eFf4F5w==
server: cloudflare
cf-ray: 87624dfe2e7db4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css | 104.18.10.207 | 200 OK | 160 kB |
URL GET HTTP/2stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css IP104.18.10.207:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (65324) Size160 kB (159515 bytes) Hash7cc40c199d128af6b01e74a28c5900b0 d305110fb79113a961394b433d851a3410342b8c 2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
GET /bootstrap/4.4.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new2.gdtot.dad
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 05:37:42 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"7cc40c199d128af6b01e74a28c5900b0"
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-cachedat: 03/18/2024 12:50:34
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 874
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 2838cfa97566e6538a53d37b479bd278
cdn-cache: HIT
cf-cache-status: HIT
age: 1432868
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87624defd8387129-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| revive.stats.rip/?type=2&service=test&advertiser=BATERY_PageBanners&custom=43509b58b68d940f8734726dfed6c5c8|1|new1.gdtot.zip&atype=2&banner=BATERY_ipl&redirect=https%3A%2F%2Famd-cdn-1.custacin-crowlexing-i-283.site%2Fcontent%2Fstream%2FBatery%2F500x200_ipl_2024_22_march.jpg | 104.21.94.75 | 302 Found | 47 kB |
URL GET HTTP/2revive.stats.rip/?type=2&service=test&advertiser=BATERY_PageBanners&custom=43509b58b68d940f8734726dfed6c5c8|1|new1.gdtot.zip&atype=2&banner=BATERY_ipl&redirect=https%3A%2F%2Famd-cdn-1.custacin-crowlexing-i-283.site%2Fcontent%2Fstream%2FBatery%2F500x200_ipl_2024_22_march.jpg IP104.21.94.75:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerGoogle Trust Services LLC Subjectstats.rip Fingerprint01:FE:22:14:7E:44:24:CD:0B:5D:67:ED:83:98:B3:65:F8:35:32:A4 ValidityFri, 05 Apr 2024 02:49:12 GMT - Thu, 04 Jul 2024 02:49:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?type=2&service=test&advertiser=BATERY_PageBanners&custom=43509b58b68d940f8734726dfed6c5c8|1|new1.gdtot.zip&atype=2&banner=BATERY_ipl&redirect=https%3A%2F%2Famd-cdn-1.custacin-crowlexing-i-283.site%2Fcontent%2Fstream%2FBatery%2F500x200_ipl_2024_22_march.jpg HTTP/1.1
Host: revive.stats.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 18 Apr 2024 05:37:43 GMT
content-type: text/html; charset=UTF-8
location: https://amd-cdn-1.custacin-crowlexing-i-283.site/content/stream/Batery/500x200_ipl_2024_22_march.jpg
set-cookie: user_uniq_id=23719F612B53086108CCB1E79A49A2D4; expires=Fri, 18-Apr-2025 05:37:43 GMT; Max-Age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IqEVtMA40CGk71E756iKUzt1g7ZAU8%2BV4ljkzRJ9D3XHWwONOOylppVUFGfNtnIWuSoij6Sy7XG%2FpXQ255dJ4DYzWpKvgZfkrYJr%2BpYQFoKGriy%2B1hJMNGpWdh%2FYlp6S%2FtjS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87624df46a3b5699-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87624df42b45b4f7/1713418663483/R4cmhsnEi0fGu1W | 104.17.2.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87624df42b45b4f7/1713418663483/R4cmhsnEi0fGu1W IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/j8u8v/0x4AAAAAAADch0Ba3E6N-jTt/auto/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 93 x 72, 8-bit/color RGB, non-interlaced Hash1932267306aa2080e34dddcf6d3c960d 8a26b69e55a09960dcdb185476603be7157c0061 fbcbb7f1f8c14ffd58125bc5d9b0b8da97aceae072e74e9f7a61ccd19b44230e
GET /cdn-cgi/challenge-platform/h/g/i/87624df42b45b4f7/1713418663483/R4cmhsnEi0fGu1W HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/j8u8v/0x4AAAAAAADch0Ba3E6N-jTt/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:37:43 GMT
content-type: image/png
server: cloudflare
cf-ray: 87624df8a8a2b4f7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| new2.gdtot.dad/assets/vendor/fontawesome-free/css/all.min.css | 104.21.85.211 | 200 OK | 56 kB |
URL GET HTTP/3new2.gdtot.dad/assets/vendor/fontawesome-free/css/all.min.css IP104.21.85.211:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerGoogle Trust Services LLC Subjectgdtot.dad Fingerprint80:B0:17:A8:68:9F:8D:02:AE:91:6B:29:64:6B:06:B6:F4:8C:C5:1C ValidityMon, 08 Apr 2024 07:17:22 GMT - Sun, 07 Jul 2024 07:17:21 GMT
File typeASCII text, with very long lines (56331) Hash164a58dcca37a5b00c22e06ee8e2fc68 72fee61a5a92cdc35b77313f3637a117310119f5 ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d
GET /assets/vendor/fontawesome-free/css/all.min.css HTTP/1.1
Host: new2.gdtot.dad
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/file/2516425463
Cookie: PHPSESSID=id8pco9pfa88jahek3n467q0pa
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:37:42 GMT
content-type: text/css
last-modified: Wed, 15 Apr 2020 12:50:00 GMT
vary: Accept-Encoding
etag: W/"5e9702f8-dcc5"
expires: Thu, 18 Apr 2024 05:38:42 GMT
cache-control: max-age=14400
strict-transport-security: max-age=31536000
x-cache: HIT
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cYXXy0rueIAYTk3RJr%2FPNXd3txaOcxV4TiLym1gyVMLcbkpvy%2B1U%2Br%2BR5Qm40Tkyeg3pzAxgFLC6bvUAKIXo2zwKo6%2BHY%2B1EjPsBSpqWDK7n1dVwYJRbpHbuBLV7AkWszg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87624def7d9fb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| new2.gdtot.dad/assets/js/sb-admin-2.min.js | 104.21.85.211 | 200 OK | 1.1 kB |
URL GET HTTP/3new2.gdtot.dad/assets/js/sb-admin-2.min.js IP104.21.85.211:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerGoogle Trust Services LLC Subjectgdtot.dad Fingerprint80:B0:17:A8:68:9F:8D:02:AE:91:6B:29:64:6B:06:B6:F4:8C:C5:1C ValidityMon, 08 Apr 2024 07:17:22 GMT - Sun, 07 Jul 2024 07:17:21 GMT
File typeJavaScript source, ASCII text, with very long lines (1158), with no line terminators Hash77b306f87b1fe0fed1c0c13fec8378b9 bee1caf67e8cc425b9a86bd82549179b8a8f03c4 10d44e8c887749bcb0b49196b6e00b1ea18f7de6c0a6f01acbcceb29224cc914
GET /assets/js/sb-admin-2.min.js HTTP/1.1
Host: new2.gdtot.dad
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/file/2516425463
Cookie: PHPSESSID=id8pco9pfa88jahek3n467q0pa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:37:42 GMT
content-type: application/javascript
last-modified: Wed, 15 Apr 2020 12:49:58 GMT
vary: Accept-Encoding
etag: W/"5e9702f6-452"
expires: Thu, 18 Apr 2024 05:38:42 GMT
cache-control: max-age=14400
strict-transport-security: max-age=31536000
x-cache: HIT
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F6Ar%2B4bWpJpZ35bB%2F%2BOt2OWWcmwOCq0YuR3CovWgr3KaljAltNIANQZlaIRW0Xm16vUXnMKu0jze7RVuGAUyYV1YDc1GobN6xl%2BUfg96gZkkTQO9VQOYNV%2Fb5jXNXX1u8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87624def9db2b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.2.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/j8u8v/0x4AAAAAAADch0Ba3E6N-jTt/auto/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/j8u8v/0x4AAAAAAADch0Ba3E6N-jTt/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:37:43 GMT
content-type: image/png
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87624df4fc2fb4f7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ausoafab.net/5/3621940/?oo=1&aab=1&var=control | 139.45.197.239 | 200 OK | 2.9 kB |
URL GET HTTP/2ausoafab.net/5/3621940/?oo=1&aab=1&var=control IP139.45.197.239:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerLet's Encrypt Subjectausoafab.net Fingerprint33:F7:E4:A2:F2:C5:7C:F7:5D:6D:04:07:63:1B:94:6B:99:7D:33:A9 ValiditySat, 24 Feb 2024 05:17:49 GMT - Fri, 24 May 2024 05:17:48 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3156), with no line terminators Hasha07bbb3ed586880cefff828e325e6f7a 2c538b872a6ebc48c9e21c4d8ab4a0701b00e851 e47d25a861d20a4c29d3147117a04f8ed7498b2a4cb56959311723b0bdb798c9
GET /5/3621940/?oo=1&aab=1&var=control HTTP/1.1
Host: ausoafab.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new2.gdtot.dad
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 05:37:43 GMT
content-type: application/json
x-trace-id: da4f666cd85142f86cf0483f59d5f588
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://new2.gdtot.dad
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=00804220826041bff12f14b4ab79e8ad; expires=Fri, 18 Apr 2025 05:37:43 GMT; path=/; secure; SameSite=None
oaidts=1713418663; expires=Fri, 18 Apr 2025 05:37:43 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| greenfox.ink/d/lg.php?bannerid=0&campaignid=0&zoneid=7&loc=https%3A%2F%2Fnew2.gdtot.dad%2Ffile%2F2516425463&cb=78c0b70f87 | 5.45.74.150 | 200 OK | 43 B |
URL GET HTTP/1.1greenfox.ink/d/lg.php?bannerid=0&campaignid=0&zoneid=7&loc=https%3A%2F%2Fnew2.gdtot.dad%2Ffile%2F2516425463&cb=78c0b70f87 IP5.45.74.150:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerLet's Encrypt Subjectgreenfox.ink Fingerprint82:2D:5F:1E:AC:8C:02:92:BB:CF:26:E1:04:FA:B7:70:35:A5:91:70 ValidityMon, 15 Apr 2024 06:21:32 GMT - Sun, 14 Jul 2024 06:21:31 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /d/lg.php?bannerid=0&campaignid=0&zoneid=7&loc=https%3A%2F%2Fnew2.gdtot.dad%2Ffile%2F2516425463&cb=78c0b70f87 HTTP/1.1
Host: greenfox.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Cookie: OAGEO=2%7CNO%7CEU%7C%7COslo%7C0478%7C59.9016%7C10.7343%7C10%7CEurope%2FOslo%7C%7C03%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; OAID=e4112b54aaee4d5547787db3ac5b7948
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Thu, 18 Apr 2024 05:37:43 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.30
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=e4112b54aaee4d5547787db3ac5b7948; expires=Fri, 18-Apr-2025 05:37:43 GMT; Max-Age=31536000; path=/; secure; SameSite=none
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1254834450:1713417220:WQxyv9hAxeiZcQ7bYSl2UEy7cJaaaruB8MybGG39DGo/87624df42b45b4f7/b3a991f567558ff | 104.17.2.184 | 200 OK | 91 kB |
URL POST HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1254834450:1713417220:WQxyv9hAxeiZcQ7bYSl2UEy7cJaaaruB8MybGG39DGo/87624df42b45b4f7/b3a991f567558ff IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/j8u8v/0x4AAAAAAADch0Ba3E6N-jTt/auto/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hashca92f8f6fb91bb9856a9f0e590503da8 9d5a3d7b5d624e30e4b36273c2dd8bfa16e10199 e5e62eaaa56bc6fe033f7c30d6aa2b2ea57a339e0563417fce73180bf81e9398
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1254834450:1713417220:WQxyv9hAxeiZcQ7bYSl2UEy7cJaaaruB8MybGG39DGo/87624df42b45b4f7/b3a991f567558ff HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/j8u8v/0x4AAAAAAADch0Ba3E6N-jTt/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: b3a991f567558ff
Content-Length: 2430
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:37:43 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: wzYzPGsQJ8qUwoxpuksPcb9FQxHGmp4nWgGLVjjVluNGzxI6/v3YRJAewe9oC3Vpact9RouAtycpP+dOvhowdg0Y5adnAyWlO2NxmsKHepBWDEuqagxOz7oD48eH3QTf9pvQebLM+DgjfH4tJ3of09zOhw6BaFf7lXdsfnbuePaMH+Iiz9Ze5mzsyA8t5+TlROeIyzSz+RFUYjobHwjARC00oDZBA8xIOTMNRQv704cQ2u2G4H/Y+e3kN/CF4YwFxkp7DOH8y2fU3SxNloLYXgILToeEPy5B1HVTEk8+iMsBFlnSF5fOqf6PX0h/zdp2SRH/dFC5n1ZtaOrJppE39SH4qcSJdIERRwee+F45mok8EajZin1QixrLDjnfCzJL$5Ittt9IJjo5WtCI4fDJItA==
server: cloudflare
cf-ray: 87624df6ade6b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| new2.gdtot.dad/favicon.ico | 104.21.85.211 | 200 OK | 52 kB |
URL GET HTTP/3new2.gdtot.dad/favicon.ico IP104.21.85.211:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerGoogle Trust Services LLC Subjectgdtot.dad Fingerprint80:B0:17:A8:68:9F:8D:02:AE:91:6B:29:64:6B:06:B6:F4:8C:C5:1C ValidityMon, 08 Apr 2024 07:17:22 GMT - Sun, 07 Jul 2024 07:17:21 GMT
File typePNG image data, 270 x 266, 8-bit/color RGBA, non-interlaced Hash0ce163a25d12b2650b3e3fca0f9f458a 2e6a3acb721e315ec74db652b8a68374cbd346ec 0678b92efcf97bf978aedd1de01174b839d3c7f28e254759c48e1ed06c74e6d0
GET /favicon.ico HTTP/1.1
Host: new2.gdtot.dad
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/file/2516425463
Cookie: PHPSESSID=id8pco9pfa88jahek3n467q0pa; _ga_HKW4S7DDMP=GS1.1.1713418662.1.0.1713418662.0.0.0; _ga=GA1.1.58961308.1713418663
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:37:43 GMT
content-type: image/x-icon
last-modified: Thu, 10 Sep 2020 03:00:40 GMT
etag: W/"5f5996d8-cd41"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vcsiSic50lX%2FqiYgsapQlJuU9g2f1Ovke8OahG3%2FBid0yJAo%2FHKVVTtGi2NGXgOaRaTBQagXEIosWjdQRCcX0aTDLSeoXqQhqoC%2BUFyrHk37xZlNoZHm3fzZ4qpfYphRPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87624df6adffb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/87624df42b45b4f7/1713418663485/c6ffbc85f6295da0c841f4344a92bddff02229d14b979b7023fca4b3c472cb26/biAj8caE6oNVxGU | 104.17.2.184 | 401 Unauthorized | 1 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/87624df42b45b4f7/1713418663485/c6ffbc85f6295da0c841f4344a92bddff02229d14b979b7023fca4b3c472cb26/biAj8caE6oNVxGU IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/j8u8v/0x4AAAAAAADch0Ba3E6N-jTt/auto/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typevery short file (no magic) Hashff44570aca8241914870afbc310cdb85 58668e7669fd564d99db5d581fcdb6a5618440b5 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/g/pat/87624df42b45b4f7/1713418663485/c6ffbc85f6295da0c841f4344a92bddff02229d14b979b7023fca4b3c472cb26/biAj8caE6oNVxGU HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/j8u8v/0x4AAAAAAADch0Ba3E6N-jTt/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 401 Unauthorized
date: Thu, 18 Apr 2024 05:37:43 GMT
content-type: text/plain; charset=UTF-8
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gxv-8hfYpXaDIQfQ0SpK93_AiKdFLl5twI_yks8RyyyYAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArny_u1wyrVg8e-Kmwxyfb2WoiwwZ2VR7QAnot_CrcySq56Rui-jZM9090K9_dW6HmpAKhOjYXLCJ7g4U74G4z6SRM_YRj-GLp3EaBxay798DZIeAtv_N7Z9CHI_0VTYiqNXVm2z1bF5VtFasnv3JDaWb4yIjBd8vMfNUM4Y4nXXIeMIyXdVK2hlzVO8VxBkXca7UzhCq51WDKlSYPWUy9ieZTdwNf5Q49DwdF9woTnuKPY26TxVlEHMcf8JJiXLUR2bbdG-Qv1fqbwQloSjintj5uXWLsZd84bMpNedRNJBV22T0PgKNeip6oalvdYbaiHiyDATsKlA6-8KJ-CUQTQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIMb_vIX2KV2gyEH0NEqSvd_wIinRS5ebcCP8pLPEcssmABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 87624df8e936b4f7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| new2.gdtot.dad/assets/js/gdt.min.js?v=3 | 104.21.85.211 | 200 OK | 8.7 kB |
URL GET HTTP/3new2.gdtot.dad/assets/js/gdt.min.js?v=3 IP104.21.85.211:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerGoogle Trust Services LLC Subjectgdtot.dad Fingerprint80:B0:17:A8:68:9F:8D:02:AE:91:6B:29:64:6B:06:B6:F4:8C:C5:1C ValidityMon, 08 Apr 2024 07:17:22 GMT - Sun, 07 Jul 2024 07:17:21 GMT
File typeASCII text, with very long lines (9321), with no line terminators Hash6f67c532d7612dd9145c0e40fb0f7f7b debef60231956fcb381ede56f0b2865e11477bcc 373a0e63958c40f6c4f408ffad03eb45bc3b0793517154c46f0975b0670ea5e6
GET /assets/js/gdt.min.js?v=3 HTTP/1.1
Host: new2.gdtot.dad
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/file/2516425463
Cookie: PHPSESSID=id8pco9pfa88jahek3n467q0pa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:37:42 GMT
content-type: application/javascript
last-modified: Tue, 16 Apr 2024 05:22:58 GMT
vary: Accept-Encoding
etag: W/"661e0b32-21ea"
expires: Thu, 18 Apr 2024 05:38:42 GMT
cache-control: max-age=14400
strict-transport-security: max-age=31536000
x-cache: HIT
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7EkGP7EClE6KGxRKlLTLuE2i7hnw%2FUi0gXOZ1t5NplLQBww7DsvrOuNor2%2BI8%2F85xOgsLR6%2FbSm2li8erNMDNXafA7wsLcd3yp8bB18KxBismDVlIR8opwV14qvcV2jVxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87624def6d90b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| new2.gdtot.dad/assets/js/gdtot.min.js | 104.21.85.211 | 200 OK | 41 kB |
URL GET HTTP/3new2.gdtot.dad/assets/js/gdtot.min.js IP104.21.85.211:443
Requested byhttps://new2.gdtot.dad/file/2516425463 CertificateIssuerGoogle Trust Services LLC Subjectgdtot.dad Fingerprint80:B0:17:A8:68:9F:8D:02:AE:91:6B:29:64:6B:06:B6:F4:8C:C5:1C ValidityMon, 08 Apr 2024 07:17:22 GMT - Sun, 07 Jul 2024 07:17:21 GMT
File typeJavaScript source, ASCII text, with very long lines (40808), with no line terminators Hashf3b8ce97ff6ce324da6232da353adf40 2a3daabc70232c6350ab48d32605dc4a6ac1f1fa 2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
GET /assets/js/gdtot.min.js HTTP/1.1
Host: new2.gdtot.dad
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/file/2516425463
Cookie: PHPSESSID=id8pco9pfa88jahek3n467q0pa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:37:42 GMT
content-type: application/javascript
last-modified: Sat, 02 May 2020 08:19:58 GMT
vary: Accept-Encoding
etag: W/"5ead2d2e-9f68"
expires: Thu, 18 Apr 2024 05:38:42 GMT
cache-control: max-age=14400
strict-transport-security: max-age=31536000
x-cache: HIT
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XAvCrDEYxOLh6rRS56SXpXOr4Q5qD0CfG1HMyEVK0vPdgvUbjGXm%2FEeQOaQEIDW%2FSJqPdv4SFS%2B9RhQZqIC4ADnWnOLOtK39NLSUU8p3Ay4O1M38xmQk5nnqBxADVn9L9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87624def7d96b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87624df42b45b4f7 | 104.17.2.184 | 200 OK | 440 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87624df42b45b4f7 IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/j8u8v/0x4AAAAAAADch0Ba3E6N-jTt/auto/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size440 kB (439938 bytes) Hash1469ef94075e217b14fed3562910f7ed 4ef7f40b474d999ec049b9d4cd2131ac247e7402 c39c19e51be15502c17d76bf7fff9bc86ddda7ff194ecb1cda28a3e702758767
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87624df42b45b4f7 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/j8u8v/0x4AAAAAAADch0Ba3E6N-jTt/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:37:43 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 87624df4fc30b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|