urlscan.io logo urlscan.io
SecurityTrails logo

ds2play.com Open in urlscan Pro
2606:4700:20::681a:9aa  Public Scan

Go To Rescan Add Verdict Report
URL: https://ds2play.com/e/4uo2lz80oe81
Submission: On December 14 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 5 countries across 14 domains to perform 36 HTTP transactions. The main IP is 2606:4700:20::681a:9aa, located in United States and belongs to CLOUDFLARENET, US. The main domain is ds2play.com. The Cisco Umbrella rank of the primary domain is 51641.
TLS certificate: Issued by GTS CA 1P5 on November 30th 2023. Valid for: 3 months.
This is the only time ds2play.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
9 2606:4700:20:... 13335 (CLOUDFLAR...)
2 8.238.191.121 3356 (LEVEL3)
3 2600:9000:211... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 51.255.84.146 16276 (OVH)
2 188.114.97.3 13335 (CLOUDFLAR...)
2 143.204.215.14 16509 (AMAZON-02)
1 18.245.86.23 16509 (AMAZON-02)
3 172.67.172.232 13335 (CLOUDFLAR...)
1 2a03:2880:f17... 32934 (FACEBOOK)
4 6 2a00:1450:400... 15169 (GOOGLE)
36 16
5    2606:4700:20::681a:9aa (United States)

ASN13335 (CLOUDFLARENET, US)
ds2play.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
9    2606:4700:20::ac43:46be (United States)

ASN13335 (CLOUDFLARENET, US)
i.doodcdn.co
img.doodcdn.co
2    8.238.191.121 (United States)

ASN3356 (LEVEL3, US)
cdn.tsyndicate.com
3    2600:9000:211e:be00:12:8107:3100:21 (United States)

ASN16509 (AMAZON-02, US)
d3eub2e21dc6h0.cloudfront.net
3    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700:20::681a:74a (United States)

ASN13335 (CLOUDFLARENET, US)
img.doodcdn.co
1    2606:4700:3031::6815:22d2 (United States)

ASN13335 (CLOUDFLARENET, US)
i.doodcdn.com
1    51.255.84.146 (France)

ASN16276 (OVH, FR)
PTR: ns3042051.ip-51-255-84.eu
ri176ll.video-delivery.net
2    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
pogothere.xyz
2    143.204.215.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-14.fra53.r.cloudfront.net
orgotitedu.info
1    18.245.86.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-23.fra60.r.cloudfront.net
tbradshedm.org
3    172.67.172.232 (United States)

ASN13335 (CLOUDFLARENET, US)
idonhisdhilte.info
1    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    2a00:1450:400c:c0a::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
accounts.google.com
Apex Domain
Subdomains		 Transfer
10 doodcdn.co
i.doodcdn.co — Cisco Umbrella Rank: 41192
img.doodcdn.co — Cisco Umbrella Rank: 41132
578 KB
6 google.com
accounts.google.com — Cisco Umbrella Rank: 23
3 KB
5 ds2play.com
ds2play.com — Cisco Umbrella Rank: 51641
50 KB
3 idonhisdhilte.info
idonhisdhilte.info
1 KB
3 gstatic.com
www.gstatic.com
29 KB
3 cloudfront.net
d3eub2e21dc6h0.cloudfront.net
70 KB
2 orgotitedu.info
orgotitedu.info — Cisco Umbrella Rank: 45924
2 KB
2 pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 34161
101 KB
2 tsyndicate.com
cdn.tsyndicate.com — Cisco Umbrella Rank: 15215
38 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
29 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
1 tbradshedm.org
tbradshedm.org
2 KB
1 video-delivery.net
ri176ll.video-delivery.net — Cisco Umbrella Rank: 403231
15 KB
1 doodcdn.com
i.doodcdn.com — Cisco Umbrella Rank: 48952
457 B
36 14
Domain Requested by
8 i.doodcdn.co ds2play.com
i.doodcdn.co
6 accounts.google.com 4 redirects ds2play.com
5 ds2play.com 1 redirects cdnjs.cloudflare.com
ds2play.com
3 idonhisdhilte.info ds2play.com
3 www.gstatic.com ds2play.com
www.gstatic.com
3 d3eub2e21dc6h0.cloudfront.net ds2play.com
orgotitedu.info
tbradshedm.org
2 orgotitedu.info d3eub2e21dc6h0.cloudfront.net
2 pogothere.xyz d3eub2e21dc6h0.cloudfront.net
2 cdn.tsyndicate.com ds2play.com
cdn.tsyndicate.com
2 img.doodcdn.co ds2play.com
cdnjs.cloudflare.com
2 cdnjs.cloudflare.com ds2play.com
1 www.facebook.com ds2play.com
1 tbradshedm.org d3eub2e21dc6h0.cloudfront.net
1 ri176ll.video-delivery.net text
1 i.doodcdn.com 1 redirects
36 15

This site contains links to these domains. Also see Links.

Domain
doodstream.com
Subject Issuer Validity Valid
ds2play.com
GTS CA 1P5		 2023-11-30 -
2024-02-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
cdn.tsyndicate.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-14 -
2024-07-14		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.video-delivery.net
Sectigo RSA Domain Validation Secure Server CA		 2023-08-07 -
2024-08-07		 a year crt.sh
orgotitedu.info
Amazon RSA 2048 M02		 2023-10-12 -
2024-11-10		 a year crt.sh
tbradshedm.org
Amazon RSA 2048 M02		 2023-12-09 -
2025-01-06		 a year crt.sh
idonhisdhilte.info
E1		 2023-12-13 -
2024-03-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-22 -
2023-12-21		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://ds2play.com/e/4uo2lz80oe81
Frame ID: D6A96AF09CFE035A591A926035395A8E
Requests: 31 HTTP requests in this frame

Frame: data://truncated
Frame ID: 560D10D0459C3D9CA957CA820EBFCF25
Requests: 2 HTTP requests in this frame

Frame: https://orgotitedu.info/UWxhMUQwDgJcezBRAxcxIwBcFHYXSVN3IGIJFFN2NF5QVSdnBFEfJz0DFFUiIwMPRWo/CRUUdhcuLFweBA0ndxYSOA5+Jjo1MXwCBwsgXR42OyZoBgAoVVMUPRs2UBUUATZgIzk8GUUCGzhVWx49H1JSLCYeN10wPTgLABASKC9nIGAPKH91BwsncCcmLwxGAwAvIGgUPQADfzwUBTZzJzktCwgBEzQoVQkQVC1+PBhYOVYrYDg2f3QEXxFoIBAuNlcGaVg5cA1mJBh4HAcrMHYOAwg0awI9BCl3Hik7GXwcByswVwsXFDBoAWAFAnQKPDsiWgEEAkwACggbKHkOEwtYZzwUFCJbNDMpD3clFxsFZx1hNghzAR8BNnkoCygIcAIBPgVkAmFdC3AjPlUgSxUJOiZgFB8qJH8LYSpRcAIIXyByCjUvG3cKCF8zaR49BEQDAhAHCVgTFgstYgMHNQBzIAQ2I0IzBy0CXAUJPSB4AxcOO1k8BzUKBS8VXQIXLiIDD0F5OBsKXzEGJhZyLhpbCGA
Frame ID: A424B5698D4843D1FEC127C26B259821
Requests: 2 HTTP requests in this frame

Frame: https://tbradshedm.org/VUFTbnk0IzADRjR8MUgMJy1uS0sTZGEoHWYkJgxLMHNiChpjKWNAGjkuJgofJy49Glc7JCdLSxMMBgQrZxs5JwECOTQvPQYbNysVJgUKCSsWFzQ4FBApJDghATkWPQ5gcxsoQQQXBS9ADzYkOCg9cAE/DhAUGQVNBhYkIEkCAzAnLwJ5ACsOPRMxGS8EA2I3DhYUGS8rLwwZKQ45CBxfHjQDKwoeNiodJzg7IhQ8EmAHHF8WBgIGOxEQFAE5IRYYATw/DAUKBgkSECQrKBAUATkrATUyPz8cGQo2IwEXEicIFCoZPj9nABYoAQ8CAwI8FwBiL0wNEH4kPRQDAiwrAwQwNygfFQUvM2MZK1oqDTtnPCsWFAs3OAQgF18SZgQGPC4DFTc2MQQqMQoODwYROBYyFisdPRNzERcrZBAQCDgHGAYvMycFBQYhFCwgPCsTGxEjSBwZFSgNZgM5LC0UFgYPKwMABiQOOQl1BAo6LyNTEREPOAhKNy4AFAolDjZbHg
Frame ID: 1A5727E3DF0A7277398BD38713181B03
Requests: 2 HTTP requests in this frame

Frame: https://ds2play.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Frame ID: 170BFB0506CAC4B1541DB2174F4212AD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Laruan (2022) 720p WEB-DL AAC2 0 x264-[www uiiumovies com] - DoodStream

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

89 %
HTTPS

60 %
IPv6

14
Domains

15
Subdomains

16
IPs

5
Countries

915 kB
Transfer

1303 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://i.doodcdn.com/theme_2/img/loader.svg HTTP 301
  • https://i.doodcdn.co/theme_2/img/loader.svg
Request Chain 29
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp0IVoJtfGMiwhhfchNMPxDs7aQpb0OV9vJWK14cGctyJhXfmMvxhcaYIfVgromvEy3Mty7zQA HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp2DNVCTchkm0orNgyO9vp1tGUbY62DTwYxf-BzZivmBxKdMmlCPRcvs3_lyjoxonpGim5GQzQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S823127102%3A1702557909715188&theme=glif
Request Chain 30
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp3gi2jMNSRWWNJMDCSdTmYC2voXXlGH6bmHbWmrFzFqpoSv4bdExlWv8On-xqmkvCwST9Wi8A HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0pjA1ImOlhJMriuM9E84oi1vNc9PjVBESCnJ9Sir6VvqJRQWkX8-d2KQ8InOxLVhgdiFAoUg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1661982370%3A1702557909717024&theme=glif
Request Chain 32
  • https://ds2play.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://ds2play.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 4uo2lz80oe81
ds2play.com/e/ 		120 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ds2play.com/e/4uo2lz80oe81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7fae0cdc873d9c576c05a164db5869806cbfd20a3c879ab438c247799c7fca1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83568ad19bc571bf-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 14 Dec 2023 12:45:08 GMT
expires
Wed, 13 Dec 2023 12:45:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VCSR0H5smoljjLcC0KNsRHsyuK8sOiJoqjm%2BbxgWQU%2FZakfMoRY%2B7pfHDAxXe0ixQvAhMe3Ni7m0a6ypi9x2K02IV1jclgxwbY4vTgRHE8ffrdvsOOgh8EwPLjBO2826kuWh6VYpKBMZ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/4uo2lz80oe81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:45:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1853060
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27958
last-modified
Mon, 04 May 2020 23:01:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb09ed3-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OOHypnwqjhSa6nAM6uZAIUoOEtjPU2Pp8fIrceV7Oq1UHJTIXLyQ7%2BCUYzuLm6UoPy3QXHQWVG9HMXnw4NtfW36w8k%2B8uu6RCXDnbUaIBQ328eDHmzosFH62GGr%2BWHl8Wr5EkVk0dPnMvc%2BZYyfFMd9c"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83568ad25e7b2681-TXL
expires
Tue, 03 Dec 2024 12:45:08 GMT
jquery.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 		1 KB
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/4uo2lz80oe81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:45:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1857001
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
591
last-modified
Mon, 04 May 2020 16:11:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec1-514"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rHlfLVgfIeZkN3HwNFSKV%2BTveOF%2BxzPV85qwogbAq5fU3dPBRYyr50i9Gc3ZbCyit2XBndCP%2Fhi%2Fn8D07c%2BlS3g%2FFLz%2FY3kn1PQF0gyhUwA3nd9RSGbVowQWS5ZIjxiOHM4scNwOO3jsLwNfdaWKe1xz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83568ad25e802681-TXL
expires
Tue, 03 Dec 2024 12:45:08 GMT
ad.js
i.doodcdn.co/ads/ 		18 B
408 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.doodcdn.co/ads/ad.js
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/4uo2lz80oe81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3716878d3ceb2042b22c092b31c6f43cc862f8464e92ddde416a49624b32716e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:45:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39058
cf-polished
origSize=20
alt-svc
h3=":443"; ma=86400
content-length
18
cf-bgj
minify
last-modified
Mon, 03 Jan 2022 15:38:36 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=emzVX7kU%2FroO%2FP2WGxEFZHl3HC9XEqV%2FnjzspvLMdNj7uts%2Fu1otgx%2Fa%2FzB%2BgWZWhKrPUcI%2Fh8sYo7ynoj2QYzC%2FZ1OdnIR2w6KX8TouxJQNPW5mW4eW5VmdzkOmPD5Wi30tSPB566KuIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
83568ad299eabb62-FRA
expires
Thu, 12 Dec 2024 02:26:35 GMT
no_video_3.svg
i.doodcdn.co/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.doodcdn.co/img/no_video_3.svg
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/4uo2lz80oe81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d6a17097a8c27edfaad6740e11359d9363f3f04bff1b93483e29c25609fa6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:45:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
27121
alt-svc
h3=":443"; ma=86400
content-length
2812
last-modified
Mon, 03 Jan 2022 15:38:36 GMT
server
cloudflare
etag
"61d3187c-afc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSunIUBX6RVmeBGqKPL0sL1sQmLsIhLgYfCBNHIZ9Cg86IqqCzPQQBSRZXAwkhprG4FBg1TRgoWjEW1DNjRgfbzHPt4CDbjHrM4t%2BPW0xccMfe2Rt72sX%2BbOzsBm3jyth43az96rF0pGoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
83568ad299efbb62-FRA
expires
Fri, 12 Jan 2024 00:19:04 GMT
embed.css
i.doodcdn.co/css/ 		78 KB
78 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.doodcdn.co/css/embed.css
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/4uo2lz80oe81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d33d9d5fc2eef77dd7cda0770e9bc8213f058f2ead19b7d9b7ed731bcd081a47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:45:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19903
cf-polished
origSize=79890
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 03 Jan 2022 15:38:36 GMT
server
cloudflare
etag
W/"61d3187c-13812"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S2B6PvLT35uK3VWa3kGxOGORQwSGAP3c54yExNJYOupiDsSRrnBay9RoGy%2FD06zUnuIXcUgmvxP4HK%2B2%2Fv%2FMZQskav%2Bpy095xw7OlpGZegDYKlp6RgX6H1ebju3M8xFQOata523xuF8gdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-transform
cf-ray
83568ad299edbb62-FRA
expires
Sat, 13 Jan 2024 01:54:36 GMT
0vvpty5buvjyhz7b.jpg
img.doodcdn.co/splash/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.doodcdn.co/splash/0vvpty5buvjyhz7b.jpg
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/4uo2lz80oe81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
828f939ee5e4f646be53241201902d617200091a57e22638c4e2d9c993c4f4bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=67605
alt-svc
h3=":443"; ma=86400
content-length
67552
cf-bgj
imgq:100,h2pri
last-modified
Sat, 18 Mar 2023 15:43:39 GMT
server
cloudflare
etag
"6415dc2b-10815"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKYlz%2BGozzYjF2H8lZ6JMPyBtRN2luakwtZzGcjVozSnYTsDQwBJknTLmX15K20IF72jGyB%2BZVQ1xsCjQHZN3YWF%2Fs2YzT9OBeqfGC80Rehoej32N53LuIGQ2x7%2BrklyOqNnnO%2FEbP2H9qJM"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
83568ad30a92bb62-FRA
expires
Thu, 28 Dec 2023 08:00:35 GMT
embed2.js
i.doodcdn.co/js/ 		331 KB
332 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.doodcdn.co/js/embed2.js
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/4uo2lz80oe81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01c49e02b98bc8a4275650b65787cdd100c362abc7e54e8b9e99396b6117c2c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:45:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20927
cf-polished
origSize=339527
alt-svc
h3=":443"; ma=86400
content-length
339271
cf-bgj
minify
last-modified
Mon, 03 Jan 2022 15:38:36 GMT
server
cloudflare
etag
"61d3187c-52e47"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UXwmTSnWUVDpg7j8jV2KjTJtayBOvsEBCHNxGO3UpO7h8gJ85KG9nj6Zh1DFQrBMTcDkgFwp%2FQZUkNP0BKFtP3aum8dIrcD4taCh6Iry%2FxC33PZon5QcKohrREoFFx67lAFW%2BdAV1xYnJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
83568ad31ab0bb62-FRA
expires
Sat, 13 Jan 2024 05:55:06 GMT
p.js
cdn.tsyndicate.com/sdk/v1/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tsyndicate.com/sdk/v1/p.js
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/4uo2lz80oe81
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.238.191.121 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
311cba72a3181f33f1b4e39a56e15c5344b97bd82987f64cabd1ed1f2bd340e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:45:09 GMT
content-encoding
gzip
last-modified
Mon, 30 Oct 2023 10:14:53 GMT
server
nginx
age
90814
etag
W/"653f821d-256b"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
4524
/
d3eub2e21dc6h0.cloudfront.net/ 		205 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3eub2e21dc6h0.cloudfront.net/?ebued=1004073
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/4uo2lz80oe81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:be00:12:8107:3100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e5d5040bfcc5be4bf5f2059c1718ccb060926c8cd0a4df2daba3bbfecd1cc883

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 12:45:09 GMT
content-encoding
gzip
via
1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
69577
x-amz-cf-id
1ewBjTVSJfAp6UFC53peOiEFU4HOHWZPuPwBXd_CjTByS2s5HktmhQ==
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/4uo2lz80oe81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ds2play.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 14 Dec 2023 12:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 12:45:09 GMT
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12197
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 23:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Thu, 14 Dec 2023 12:45:09 GMT
cast_sender.js
www.gstatic.com/eureka/clank/120/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/120/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 11:39:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3957
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 15:04:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Fri, 15 Dec 2023 11:39:12 GMT
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		633 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6280b025f54d1e117f8515da139cc3d7c64955a5342fd81498431578336dd08

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
3uwstoul04bqupunatuz7p3r
ds2play.com/pass_md5/84358614-0-0-1702557908-ca7e4cd454425332f89d388e950d950b/ 		107 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ds2play.com/pass_md5/84358614-0-0-1702557908-ca7e4cd454425332f89d388e950d950b/3uwstoul04bqupunatuz7p3r
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a48dd4af6bceaa2407fe3a14bf3d8ea44ba1aaa21b0c9a471f5c24bb12b04e7

Request headers

Accept
*/*
Referer
https://ds2play.com/e/4uo2lz80oe81
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:45:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NG%2FdTnrr3u3CIEXV93PGsJgy4z18RueEKyf%2F%2Bc5B6aYFvF210OI%2BebbxK0RSCPPxpjBcPYH260ClybCT%2F3fWaxQfFHbVgjN6A2JpQQGD%2FMVq8G3mN%2FlgMoqyH4y9nNvJlQczCxYjoQ%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
83568ad529cb71bf-FRA
alt-svc
h3=":443"; ma=86400
0vvpty5buvjyhz7b.jpg
img.doodcdn.co/splash/ 		66 KB
67 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.doodcdn.co/splash/0vvpty5buvjyhz7b.jpg
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:74a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
828f939ee5e4f646be53241201902d617200091a57e22638c4e2d9c993c4f4bb

Request headers

Accept
*/*
Referer
https://ds2play.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=67605
alt-svc
h3=":443"; ma=86400
content-length
67552
cf-bgj
imgq:100,h2pri
last-modified
Sat, 18 Mar 2023 15:43:39 GMT
server
cloudflare
etag
"6415dc2b-10815"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvR1nxBLSQI1%2FA9j0DFVOChJRNFa1xlDy3DrgQ7aRYASg4FlhNyaCW2Mgrkr%2B0m6ZjQ0Kp6KpyJfWAo%2BPifLOW9EXPHtCfGDp5mokWtr1SLbmLjcOWo6ZxKUcOgK2XV9JRIQSHircjFyOlmT"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
83568ad59a8e3648-FRA
expires
Thu, 28 Dec 2023 12:36:23 GMT
loader.svg
i.doodcdn.co/theme_2/img/
Redirect Chain
  • https://i.doodcdn.com/theme_2/img/loader.svg
  • https://i.doodcdn.co/theme_2/img/loader.svg
694 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.doodcdn.co/theme_2/img/loader.svg
Requested by
Host: i.doodcdn.co
URL: https://i.doodcdn.co/css/embed.css
Protocol
H3
Server
2606:4700:20::ac43:46be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eec2c40d8b1bb98306990239204d8b90ca030f0def0e00dfe3117ae42991e126

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.doodcdn.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:45:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 03 Jan 2022 15:43:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
27201
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXxTiq4UVzPLGgaX6SAw9sZkTjDkN2tbAXcH%2FUfbp75wnPWmxRXaqjQG8bHaYBqFRDx312kJfuicxFqg027ncZxXX4eTz1DvcPhNGFchkojUa2CiAKUG0f2mqHlamXw3sCSo9%2BCF9S%2BTXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
83568ad60af371bf-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 13 Jan 2024 05:06:40 GMT

Redirect headers

date
Thu, 14 Dec 2023 12:45:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjdnE21DlIf65AnVhbxCN4mfSVh5muDqgFjibJTvU0J3LgFOyRyGgnyqYqRbydDjkii0GOC1z866DyqHMYsRT2e5iNkrH4YOb8vk%2BZFYbJpaeOctYMRjyuko4msLTmFw0hxb%2BwbIVuT94FOJ"}],"group":"cf-nel","max_age":604800}
location
https://i.doodcdn.co/theme_2/img/loader.svg
cache-control
max-age=3600
cf-ray
83568ad5a9323730-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 14 Dec 2023 13:45:09 GMT
avertastd-regular-webfont.woff2
i.doodcdn.co/fonts/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i.doodcdn.co/fonts/avertastd-regular-webfont.woff2
Requested by
Host: i.doodcdn.co
URL: https://i.doodcdn.co/css/embed.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:46be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
714e70103deac0d67f52a6285c5fabee6088ce4d710ce7e74353503837038baf

Request headers

Referer
https://i.doodcdn.co/css/embed.css
Origin
https://ds2play.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37421
alt-svc
h3=":443"; ma=86400
content-length
23812
last-modified
Mon, 03 Jan 2022 15:38:36 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHJDIk2U37h1jIkS%2FxNqLnNxMEOvEo8ZejZ5EG2kvZPQ8Oywv4Yc4uBu0ZSXl4Y71Fwh40mfDuUvsAI1rv6PCfu1C7Imu2qMQ4ytGx8kZ%2F5gse1rCChpuII6Zar9BOjmO2Qbg%2Bzn5EyK2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
83568ad559e13722-FRA
expires
Fri, 12 Jan 2024 03:35:50 GMT
0vvpty5buvjyhz7b.jpg
i.doodcdn.co/get_slides/5196/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.doodcdn.co/get_slides/5196/0vvpty5buvjyhz7b.jpg
Requested by
Host: i.doodcdn.co
URL: https://i.doodcdn.co/js/embed2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:46be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75ce067aee801847ed39b5edbbf6f7edad4664d261c6e61c592b4620c4681efc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:45:09 GMT
cf-cache-status
HIT
last-modified
Thu, 14 Dec 2023 08:00:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nIbVggZxZpbeR9lX5%2Fin2F0QW0VZrQxKmiwD6wqUv71W77ZXZWTMhb5xgeoINZeg5NCNx3X1Ofaj0Hy7JfclB4GGtc%2BriCZ1qyIb7NLVS7hPadoi%2FF%2BL8XbSjm0jL7WlnEn%2BrCheAvpilg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/vtt
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
83568ad559df3722-FRA
alt-svc
h3=":443"; ma=86400
logo-s.png
i.doodcdn.co/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.doodcdn.co/img/logo-s.png
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/4uo2lz80oe81
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:46be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2577866b9d26cd6a4be764910f0913ae5b737ed1d130d635048051ebe15ae680

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38561
cf-polished
origFmt=png, origSize=6212
content-disposition
inline; filename="logo-s.webp"
alt-svc
h3=":443"; ma=86400
content-length
1932
cf-bgj
imgq:100,h2pri
last-modified
Mon, 03 Jan 2022 15:38:36 GMT
server
cloudflare
etag
"61d3187c-1844"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NbQT1Y78Fq3adSIvmRldN9HnW%2FPrGp8YwSOYDe7uZWDh0ShQ0oJZfM%2BdcNXeKRY5nagIsD2xxVDOYq0APlrgznsuTr3ws%2Blb6nYISlRI35Y3qsxWWdonQJn2ee993BSm%2FkFB92KiAc1Ebg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
83568ad539dc71bf-FRA
expires
Fri, 12 Jan 2024 16:32:17 GMT
truncated
/ Frame 560D 		66 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
918c8b90dd73b29fb9d668a200d853a4875be4abb5a0741d32f0a6b0df0868d1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Type
text/html;charset=utf-8
favicon.ico
ri176ll.video-delivery.net/ Frame 560D 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ri176ll.video-delivery.net/favicon.ico?i
Requested by
Host: text
URL: data:text/html;charset=utf-8;base64,PGltZyBzcmM9Imh0dHBzOi8vcmkxNzZsbC52aWRlby1kZWxpdmVyeS5uZXQvZmF2aWNvbi5pY28/aSI+PC9pbWc+
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.255.84.146 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3042051.ip-51-255-84.eu
Software
nginx /
Resource Hash
a558a4796f60f07743027eec96b538b2e7758cca8c544ed796ff745837478555

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 12:45:09 GMT
Last-Modified
Sat, 29 Feb 2020 09:26:04 GMT
Server
nginx
ETag
"3c2e-59fb38b06e300"
Content-Type
image/vnd.microsoft.icon
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15406
asd100.bin
pogothere.xyz/ 		100 KB
101 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d3eub2e21dc6h0.cloudfront.net
URL: https://d3eub2e21dc6h0.cloudfront.net/?ebued=1004073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3740
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 11:42:49 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://ds2play.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZfzK5jmJh5x8A%2FFvGB17Vquv7TBqwKfBY2PoBhIzOqP%2FpUuSdxov2Y0M%2BmLaYtqTk%2FPBpHdDbLW9zU7JZbAvlzFeP%2BeuqCxXlq24LpPt0qQUJvInU2YVscrUho0OcGHO"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
83568ad66a7518d1-FRA
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		26 B
367 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d3eub2e21dc6h0.cloudfront.net
URL: https://d3eub2e21dc6h0.cloudfront.net/?ebued=1004073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea14f5abbaef1f7edae981f7e716dda574977eb8c21afb40aacc14cc07080472

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:45:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZyJzzg1PQCf4%2BDIuTn8HHCfhoCYX%2B%2FVIGL1wXdSz4RtoiRwrNAjmTlzN1Ap85JTbTNk487OJbfeowu2amiybeoy16RluGZetgmmIYflxMaOluWJq4uRxGnfCkfu6oiMh"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://ds2play.com
content-type
text/plain
access-control-allow-credentials
true
cf-ray
83568ad66a7318d1-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
utx
orgotitedu.info/ 		0
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://orgotitedu.info/utx?cb=EDUYg6ym9knp&top=ds2play.com&tid=1004073
Requested by
Host: d3eub2e21dc6h0.cloudfront.net
URL: https://d3eub2e21dc6h0.cloudfront.net/?ebued=1004073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-14.fra53.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 12:45:09 GMT
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://ds2play.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
Vg5W1-FeJgNBONm_bVrtQmubyO1nmQaxqTfkUjBRq1MulEW6nVdbsA==
CRUUdhcuLFweBA0ndxYSOA5+Jjo1MXwCBwsgXR42OyZoBgAoVVMUPRs2UBUUATZgIzk8GUUCGzhVWx49H1JSLCYeN10wPTgLABASKC9nIGAPKH91BwsncCcmLwxGAwAvIGgUPQADfzwUBTZzJzktCwgBEzQoVQkQVC1+PBhYOVYrYDg2f3QEXxFoIBAuNlcGaVg5c...
orgotitedu.info/UWxhMUQwDgJcezBRAxcxIwBcFHYXSVN3IGIJFFN2NF5QVSdnBFEfJz0DFFUiIwMPRWo/ Frame A424 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://orgotitedu.info/UWxhMUQwDgJcezBRAxcxIwBcFHYXSVN3IGIJFFN2NF5QVSdnBFEfJz0DFFUiIwMPRWo/CRUUdhcuLFweBA0ndxYSOA5+Jjo1MXwCBwsgXR42OyZoBgAoVVMUPRs2UBUUATZgIzk8GUUCGzhVWx49H1JSLCYeN10wPTgLABASKC9nIGAPKH91BwsncCcmLwxGAwAvIGgUPQADfzwUBTZzJzktCwgBEzQoVQkQVC1+PBhYOVYrYDg2f3QEXxFoIBAuNlcGaVg5cA1mJBh4HAcrMHYOAwg0awI9BCl3Hik7GXwcByswVwsXFDBoAWAFAnQKPDsiWgEEAkwACggbKHkOEwtYZzwUFCJbNDMpD3clFxsFZx1hNghzAR8BNnkoCygIcAIBPgVkAmFdC3AjPlUgSxUJOiZgFB8qJH8LYSpRcAIIXyByCjUvG3cKCF8zaR49BEQDAhAHCVgTFgstYgMHNQBzIAQ2I0IzBy0CXAUJPSB4AxcOO1k8BzUKBS8VXQIXLiIDD0F5OBsKXzEGJhZyLhpbCGA
Requested by
Host: d3eub2e21dc6h0.cloudfront.net
URL: https://d3eub2e21dc6h0.cloudfront.net/?ebued=1004073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-14.fra53.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
4936e150cf3bc5634b5deefcdab7a4a29c9446b450c1b20e5c7955391aa51382

Request headers

Referer
https://ds2play.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1242
content-type
text/html
date
Thu, 14 Dec 2023 12:45:09 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-id
sYyMDBTgZfilZpWfNnR7yJD3-4EOf9_2KPLFHORDpG6W-Me8i6BQ8g==
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
DAUKBgkSECQrKBAUATkrATUyPz8cGQo2IwEXEicIFCoZPj9nABYoAQ8CAwI8FwBiL0wNEH4kPRQDAiwrAwQwNygfFQUvM2MZK1oqDTtnPCsWFAs3OAQgF18SZgQGPC4DFTc2MQQqMQoODwYROBYyFisdPRNzERcrZBAQCDgHGAYvMycFBQYhFCwgPCsTGxEjSBwZF...
tbradshedm.org/VUFTbnk0IzADRjR8MUgMJy1uS0sTZGEoHWYkJgxLMHNiChpjKWNAGjkuJgofJy49Glc7JCdLSxMMBgQrZxs5JwECOTQvPQYbNysVJgUKCSsWFzQ4FBApJDghATkWPQ5gcxsoQQQXBS9ADzYkOCg9cAE/DhAUGQVNBhYkIEkCAzAnLwJ5ACsOPR... Frame 1A57 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tbradshedm.org/VUFTbnk0IzADRjR8MUgMJy1uS0sTZGEoHWYkJgxLMHNiChpjKWNAGjkuJgofJy49Glc7JCdLSxMMBgQrZxs5JwECOTQvPQYbNysVJgUKCSsWFzQ4FBApJDghATkWPQ5gcxsoQQQXBS9ADzYkOCg9cAE/DhAUGQVNBhYkIEkCAzAnLwJ5ACsOPRMxGS8EA2I3DhYUGS8rLwwZKQ45CBxfHjQDKwoeNiodJzg7IhQ8EmAHHF8WBgIGOxEQFAE5IRYYATw/DAUKBgkSECQrKBAUATkrATUyPz8cGQo2IwEXEicIFCoZPj9nABYoAQ8CAwI8FwBiL0wNEH4kPRQDAiwrAwQwNygfFQUvM2MZK1oqDTtnPCsWFAs3OAQgF18SZgQGPC4DFTc2MQQqMQoODwYROBYyFisdPRNzERcrZBAQCDgHGAYvMycFBQYhFCwgPCsTGxEjSBwZFSgNZgM5LC0UFgYPKwMABiQOOQl1BAo6LyNTEREPOAhKNy4AFAolDjZbHg
Requested by
Host: d3eub2e21dc6h0.cloudfront.net
URL: https://d3eub2e21dc6h0.cloudfront.net/?ebued=1004073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-23.fra60.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
a74467b675eea10b6c8380cca4f214ceb6336c5281dd838fd3061e1859821b7e

Request headers

Referer
https://ds2play.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1226
content-type
text/html
date
Thu, 14 Dec 2023 12:45:09 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
x-amz-cf-id
2q26vNacGXRZ1kw2kCrmlct4pKE3K8xqvcUfGbVCA5XF8imkOmmmnA==
x-amz-cf-pop
FRA60-P6
x-cache
Miss from cloudfront
T3hpNEZgRwpHex1JPEwRISpMBgAVOQVdFwccB3Z0IzYNYyULIQJDYDsRDQl3f0hdBHF8XhldInJJT0cyLgwcR3t+XgBaICBFT0J7flZaAGh8TEcEYDpFWBIyPxkOCXdpCB1AKnJJXgR0ek1eDXZ2S1AH
idonhisdhilte.info/ 		0
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idonhisdhilte.info/T3hpNEZgRwpHex1JPEwRISpMBgAVOQVdFwccB3Z0IzYNYyULIQJDYDsRDQl3f0hdBHF8XhldInJJT0cyLgwcR3t+XgBaICBFT0J7flZaAGh8TEcEYDpFWBIyPxkOCXdpCB1AKnJJXgR0ek1eDXZ2S1AH
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/4uo2lz80oe81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.172.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:45:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1wppn%2FDKH%2FP2I3gq3kklA%2B%2FuVaU0AG1UaeikTPdD9C%2BvPP%2FTpKfePh6JuWLKOQKvQjwQBm5t4ERES5RneYmp6DzwC0DKcSpeIgl2sCR5rPLAGVTG1oPExcEYHpTJ1MluWiQhIE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
83568ad6ea5f2c6b-FRA
alt-svc
h3=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/4uo2lz80oe81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp0IVoJtfGMiwhhfchNMPxDs7aQpb0OV9vJWK14cGctyJhXfmMvxhcaYIfV...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp2DNVCTchkm0orNgyO9vp1tGUbY62DTwYxf-BzZivmBxKdMmlCPRcvs3_lyjoxonpGim5GQzQ&passiv...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp2DNVCTchkm0orNgyO9vp1tGUbY62DTwYxf-BzZivmBxKdMmlCPRcvs3_lyjoxonpGim5GQzQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S823127102%3A1702557909715188&theme=glif
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/4uo2lz80oe81
Protocol
H2
Server
2a00:1450:400c:c0a::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

date
Thu, 14 Dec 2023 12:45:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-g1nlG6q98n3cJkIyMQ38wQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
403
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp2DNVCTchkm0orNgyO9vp1tGUbY62DTwYxf-BzZivmBxKdMmlCPRcvs3_lyjoxonpGim5GQzQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S823127102%3A1702557909715188&theme=glif
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp3gi2jMNSRWWNJMDCSdTmYC2voXXlGH6bmHbWmrFzFqpoSv4bdExlW...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0pjA1ImOlhJMriuM9E84oi1vNc9PjVBESCnJ9Sir6VvqJRQWkX8-d2KQ8InOxLVhgdiFAoUg&passi...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0pjA1ImOlhJMriuM9E84oi1vNc9PjVBESCnJ9Sir6VvqJRQWkX8-d2KQ8InOxLVhgdiFAoUg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1661982370%3A1702557909717024&theme=glif
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/4uo2lz80oe81
Protocol
H2
Server
2a00:1450:400c:c0a::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

date
Thu, 14 Dec 2023 12:45:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-mya9Y8LoyRRZ7LdTlofvAQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
402
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0pjA1ImOlhJMriuM9E84oi1vNc9PjVBESCnJ9Sir6VvqJRQWkX8-d2KQ8InOxLVhgdiFAoUg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1661982370%3A1702557909717024&theme=glif
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
THNtUlhjTA4hZS0kOyAMGCkOCh4CVl8QHCAfDgoQKzI4FAIYFgp0LCUXUGNofEddZWxqAwQ2ZX1LSyEsLQcYIWV9VQQ8PiNOSyRlfV1dfGpiR0snZX1VGSI5K05cdCg4BwFvaXtDX2dte0pda2x+RA
idonhisdhilte.info/ 		0
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idonhisdhilte.info/THNtUlhjTA4hZS0kOyAMGCkOCh4CVl8QHCAfDgoQKzI4FAIYFgp0LCUXUGNofEddZWxqAwQ2ZX1LSyEsLQcYIWV9VQQ8PiNOSyRlfV1dfGpiR0snZX1VGSI5K05cdCg4BwFvaXtDX2dte0pda2x+RA
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/4uo2lz80oe81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.172.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:45:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jiSzPjklMqpl5CvPWYao7lWTS%2BdnhbMSn1%2FyQOkjyjmcifVjXqNLjj4shYrm7EeLzfGEuVWGMAjLFBk83j1cq2HlJ9yjXuFsjd0sn26B9Ec444LMvigBgE4i9fi%2F0yLi%2FHbRxek%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
83568ad6ea622c6b-FRA
alt-svc
h3=":443"; ma=86400
main.js
ds2play.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/ Frame 170B
Redirect Chain
  • https://ds2play.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://ds2play.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ds2play.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/4uo2lz80oe81
Protocol
H3
Server
2606:4700:20::681a:9aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6a57984c522e05a3d9925e8b101651aee61a16c541eeaf337570132f4960be0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=maqWlm2eVuz6MmeFqeMMdslbJiOgutiN3HX%2BZro5DuB1WqY3%2Bn853dtV2OrPj%2B%2B7i5T34xPb235g%2F5vQ7tAByy2ErO8bcrg9k1gjFH4Fga%2FZ%2BmH0rNijNwgkP%2BBMLEKCrZwv%2FRylASso"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
83568ad66ff790e8-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 14 Dec 2023 12:45:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zsvp5etrbr3%2FcjovvO0R5oxFSdslFsgiYE7c1jdtVuqTCNVq3EL7J%2F6fpDvDD3qHwuKvmbD7TFF58CmexxJa0AaQWtLOaaEgZZH3AeyngCDgNXh%2B0SsNwyfQN0U1F%2Bic6aGBHDlDZ1c6"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
cache-control
max-age=300, public
cf-ray
83568ad62fbb90e8-FRA
alt-svc
h3=":443"; ma=86400
83568ad19bc571bf
ds2play.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 170B 		0
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ds2play.com/cdn-cgi/challenge-platform/h/b/jsd/r/83568ad19bc571bf
Requested by
Host: ds2play.com
URL: https://ds2play.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:9aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Dec 2023 12:45:09 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GsVTcBYYec%2FAS7DjMnsDBjoLoe2zh6TbFE%2BpKAWD1tpNyV9iPf8xS2kCdJ9IGUBvmzzQPqPQMY1EQ0Bk18vxsBQo4NlYBP1ULmeglVK8aj7dtwm9kOP7TxgtPgh3UszoSvCb99l0%2BtVf"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
83568ad7088590e8-FRA
alt-svc
h3=":443"; ma=86400
AkhiWGgLSGVYaBdUZBswVAcmAXQAIGFbZhxVYk4kD1c
d3eub2e21dc6h0.cloudfront.net/BMmZUaFFRCToObkYPMFVgAlZgWGYBQD4bPlwWaQEmWQghPxtFJT4jZls3chwrVltlTj1TCDNVd1cIN1VgFAcwCmwGQCAYPllbNxEiWBchAj9EBXIdMA8LOxI4Xgo1TWN0U3pYdABWfB84XAI7HyIXVGQGJRdUZFlhHFZxWx... Frame A424 		834 B
864 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3eub2e21dc6h0.cloudfront.net/BMmZUaFFRCToObkYPMFVgAlZgWGYBQD4bPlwWaQEmWQghPxtFJT4jZls3chwrVltlTj1TCDNVd1cIN1VgFAcwCmwGQCAYPllbNxEiWBchAj9EBXIdMA8LOxI4Xgo1TWN0U3pYdABWfB84XAI7HyIXVGQGJRdUZFlhHFZxWxMXVGQfOFxQYE1icENmWCkEUn-1NYwIHJBg9VxExCjpbEnFaFwdVY0ZiBENmWHlZDiAFPRdUF01jAgo9AzQXVGQPNFENO0F0AFY3ACNdCzFNY3RXZlh/AkhiWGgLSGVYaBdUZBswVAcmAXQAIGFbZhxVYk4kD1c
Requested by
Host: orgotitedu.info
URL: https://orgotitedu.info/UWxhMUQwDgJcezBRAxcxIwBcFHYXSVN3IGIJFFN2NF5QVSdnBFEfJz0DFFUiIwMPRWo/CRUUdhcuLFweBA0ndxYSOA5+Jjo1MXwCBwsgXR42OyZoBgAoVVMUPRs2UBUUATZgIzk8GUUCGzhVWx49H1JSLCYeN10wPTgLABASKC9nIGAPKH91BwsncCcmLwxGAwAvIGgUPQADfzwUBTZzJzktCwgBEzQoVQkQVC1+PBhYOVYrYDg2f3QEXxFoIBAuNlcGaVg5cA1mJBh4HAcrMHYOAwg0awI9BCl3Hik7GXwcByswVwsXFDBoAWAFAnQKPDsiWgEEAkwACggbKHkOEwtYZzwUFCJbNDMpD3clFxsFZx1hNghzAR8BNnkoCygIcAIBPgVkAmFdC3AjPlUgSxUJOiZgFB8qJH8LYSpRcAIIXyByCjUvG3cKCF8zaR49BEQDAhAHCVgTFgstYgMHNQBzIAQ2I0IzBy0CXAUJPSB4AxcOO1k8BzUKBS8VXQIXLiIDD0F5OBsKXzEGJhZyLhpbCGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:be00:12:8107:3100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
36f678c8ef05021b5705a47277c6ee1a716cdf856f3fefb4dab1f17c309f2758

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orgotitedu.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:45:09 GMT
content-encoding
gzip
via
1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
586
x-amz-cf-id
ho9Fjd5NJ7vLTYiKZ1T4RbuquuouFqjQU8fqCSv7ORa4-6KWybJVmw==
puengine.js
cdn.tsyndicate.com/sdk/v1/ 		88 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tsyndicate.com/sdk/v1/puengine.js
Requested by
Host: cdn.tsyndicate.com
URL: https://cdn.tsyndicate.com/sdk/v1/p.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.238.191.121 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
812c28a468803d12c38be96714757ed7b2b4db0b9f7262b97e4a86cbdea234a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:45:09 GMT
content-encoding
gzip
last-modified
Wed, 13 Dec 2023 10:11:57 GMT
server
nginx
age
95108
etag
W/"6579836d-15e24"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
33572
MUjR2ZjIxWxgADSZdElsDYgRCVgVmEhwVXTxESw52HF8QVVA9ZwwVQh1RQwEUJk4SWwN0WBcIVW8SEwhRbwVQB1YwCUJARzMJGwlIO1gaBxdgckNIAncGRk5FO1oSCUUhEURWXCYRRFYDYhpGQwEQEURWRTtaQFIXYXZTVAIqAkJPF2AEFxZCPlEBA1A5XQ-JDABQ...
d3eub2e21dc6h0.cloudfront.net/ Frame 1A57 		300 B
542 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3eub2e21dc6h0.cloudfront.net/MUjR2ZjIxWxgADSZdElsDYgRCVgVmEhwVXTxESw52HF8QVVA9ZwwVQh1RQwEUJk4SWwN0WBcIVW8SEwhRbwVQB1YwCUJARzMJGwlIO1gaBxdgckNIAncGRk5FO1oSCUUhEURWXCYRRFYDYhpGQwEQEURWRTtaQFIXYXZTVAIqAkJPF2AEFxZCPlEBA1A5XQ-JDABQBRVEcYQJTVAJ6Xx4SXz4RRCUXYAQaD1k3EURWVTdXHQkbdwZGBVogWxsDF2ByR1QCfARYUAJrDVhXAmsRRFZBM1IXFFt3BjBTAWUaRVAUJwlH
Requested by
Host: tbradshedm.org
URL: https://tbradshedm.org/VUFTbnk0IzADRjR8MUgMJy1uS0sTZGEoHWYkJgxLMHNiChpjKWNAGjkuJgofJy49Glc7JCdLSxMMBgQrZxs5JwECOTQvPQYbNysVJgUKCSsWFzQ4FBApJDghATkWPQ5gcxsoQQQXBS9ADzYkOCg9cAE/DhAUGQVNBhYkIEkCAzAnLwJ5ACsOPRMxGS8EA2I3DhYUGS8rLwwZKQ45CBxfHjQDKwoeNiodJzg7IhQ8EmAHHF8WBgIGOxEQFAE5IRYYATw/DAUKBgkSECQrKBAUATkrATUyPz8cGQo2IwEXEicIFCoZPj9nABYoAQ8CAwI8FwBiL0wNEH4kPRQDAiwrAwQwNygfFQUvM2MZK1oqDTtnPCsWFAs3OAQgF18SZgQGPC4DFTc2MQQqMQoODwYROBYyFisdPRNzERcrZBAQCDgHGAYvMycFBQYhFCwgPCsTGxEjSBwZFSgNZgM5LC0UFgYPKwMABiQOOQl1BAo6LyNTEREPOAhKNy4AFAolDjZbHg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:be00:12:8107:3100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3901d2d2bfcc247bf957f6992bfbb1de217329ec315a31b99fdfe2a081a11db6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbradshedm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:45:09 GMT
content-encoding
gzip
via
1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
264
x-amz-cf-id
1ZU_C6Sk5L7RfTVXlBeTTeeXfBCrM70yePZhxnxFQJdy4-CH9yrVcg==
popunder.gif
idonhisdhilte.info/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idonhisdhilte.info/popunder.gif
Requested by
Host: ds2play.com
URL: https://ds2play.com/e/4uo2lz80oe81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.172.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ds2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Thu, 14 Dec 2023 12:45:09 GMT
cf-cache-status
HIT
last-modified
Thu, 14 Dec 2023 11:42:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3775
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1vYYoi%2FQcxNBxXumgSr9rRYEQBg1pR3Y2wZe0QhNx5fqGe4aT0QuPzVndW8JHBC01YO1bpzVZtLqHmn3R%2FPFCr02zDryb8IAGSeUMQCWkBeAHU4C4Va8e42%2Bix58LdPHqVL0iU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
83568ad8bc872c6b-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture function| $ function| jQuery boolean| googleAd string| oref string| oemb function| PushOpen function| errMsg function| hab number| punix number| prand string| pdomain string| pfurl string| prefe number| pwidth number| pheight function| supports_html5_storage function| dpload function| _0x2249bc undefined| standaloneFi string| userAgentFi boolean| safariFi boolean| chromebr boolean| iosFi boolean| Fitor function| _0x633c function| _0x238e object| canvas object| gl object| debugInfo string| vendor string| renderer string| oftor boolean| VIDEOJS_NO_BASE_THEME boolean| VIDEOJS_NO_DYNAMIC_STYLE boolean| HELP_IMPROVE_VIDEOJS number| ysel function| runBD function| __onGCastApiAvailable function| videoInfo object| vttjs function| WebVTT function| videojs undefined| returnExports function| videojsSeekButtons object| videojs_hotkeys function| videojsBrand function| videojsMobileUi function| Class number| ntt object| dsplayer boolean| sentPL object| dsvl function| StartPlay function| makePlay object| SILVERMINE_VIDEOJS_CHROMECAST_CONFIG object| span object| MTD number| LAST_CORRECT_EVENT_TIME object| utr_1004073 number| userTrackingInterval number| _505506734 function| x7$3x function| g6rbFg number| w6A_7$ function| V2ZW0 number| N$ai42 function| e0JHi function| E6m3Y_ function| U3EvY object| actions number| openedPop number| deli number| timer object| urls object| urls2 function| getUrl string| cb43a0 function| N4kk object| yCItbqoqYWzvmVikU function| nextPop number| r boolean| once boolean| oncet string| cookieIndex function| secondsTimeSpanToHMS function| loadSrtFromUrl function| loadSrtFromPc function| Load boolean| isNotScrolled function| changeSize number| customsubs function| parseSrt number| tryCount number| minimalUserResponseInMiliseconds function| check object| cast function| k2bFB function| G5Oz2z number| s$TuDH function| X12lX string| aab7 object| PUENGINE number| iinf

8 Cookies

Domain/Path Name / Value
ds2play.com/e Name: file_id
Value: 84358614
ds2play.com/e Name: aff
Value: 4007
ds2play.com/e Name: ref_url
Value:
.ds2play.com/ Name: lang
Value: 1
pogothere.xyz/ Name: csu
Value: 969033977912804@1@1702557909
.ds2play.com/ Name: cf_clearance
Value: x0HR.RxtfIIOTJvUuuOMYm9wFjS9DU5UQLq1GVTFyns-1702557909-0-1-4f1effa1.ba90428a.6a04ab95-0.2.1702557909
ds2play.com/ Name: ts_popunder-cnt
Value: 0
ds2play.com/ Name: ts_popunder
Value: Thu%20Dec%2014%202023%2013%3A46%3A09%20GMT%2B0100%20(Central%20European%20Standard%20Time)

5 Console Messages

Source Level URL
Text
javascript warning URL: https://ds2play.com/e/4uo2lz80oe81
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ds2play.com/e/4uo2lz80oe81
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0pjA1ImOlhJMriuM9E84oi1vNc9PjVBESCnJ9Sir6VvqJRQWkX8-d2KQ8InOxLVhgdiFAoUg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1661982370%3A1702557909717024&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp2DNVCTchkm0orNgyO9vp1tGUbY62DTwYxf-BzZivmBxKdMmlCPRcvs3_lyjoxonpGim5GQzQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S823127102%3A1702557909715188&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning URL: https://ds2play.com/e/4uo2lz80oe81
Message:
document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
cdn.tsyndicate.com
cdnjs.cloudflare.com
d3eub2e21dc6h0.cloudfront.net
ds2play.com
i.doodcdn.co
i.doodcdn.com
idonhisdhilte.info
img.doodcdn.co
orgotitedu.info
pogothere.xyz
ri176ll.video-delivery.net
tbradshedm.org
www.facebook.com
www.gstatic.com
143.204.215.14
172.67.172.232
18.245.86.23
188.114.97.3
2600:9000:211e:be00:12:8107:3100:21
2606:4700:20::681a:74a
2606:4700:20::681a:9aa
2606:4700:20::ac43:46be
2606:4700:3031::6815:22d2
2606:4700::6811:190e
2a00:1450:4001:830::2003
2a00:1450:400c:c0a::54
2a03:2880:f176:84:face:b00c:0:25de
51.255.84.146
8.238.191.121
01c49e02b98bc8a4275650b65787cdd100c362abc7e54e8b9e99396b6117c2c6
1a48dd4af6bceaa2407fe3a14bf3d8ea44ba1aaa21b0c9a471f5c24bb12b04e7
2577866b9d26cd6a4be764910f0913ae5b737ed1d130d635048051ebe15ae680
311cba72a3181f33f1b4e39a56e15c5344b97bd82987f64cabd1ed1f2bd340e1
36f678c8ef05021b5705a47277c6ee1a716cdf856f3fefb4dab1f17c309f2758
3716878d3ceb2042b22c092b31c6f43cc862f8464e92ddde416a49624b32716e
3901d2d2bfcc247bf957f6992bfbb1de217329ec315a31b99fdfe2a081a11db6
4936e150cf3bc5634b5deefcdab7a4a29c9446b450c1b20e5c7955391aa51382
70d6a17097a8c27edfaad6740e11359d9363f3f04bff1b93483e29c25609fa6c
714e70103deac0d67f52a6285c5fabee6088ce4d710ce7e74353503837038baf
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
75ce067aee801847ed39b5edbbf6f7edad4664d261c6e61c592b4620c4681efc
812c28a468803d12c38be96714757ed7b2b4db0b9f7262b97e4a86cbdea234a1
828f939ee5e4f646be53241201902d617200091a57e22638c4e2d9c993c4f4bb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
918c8b90dd73b29fb9d668a200d853a4875be4abb5a0741d32f0a6b0df0868d1
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a558a4796f60f07743027eec96b538b2e7758cca8c544ed796ff745837478555
a74467b675eea10b6c8380cca4f214ceb6336c5281dd838fd3061e1859821b7e
b6280b025f54d1e117f8515da139cc3d7c64955a5342fd81498431578336dd08
c7fae0cdc873d9c576c05a164db5869806cbfd20a3c879ab438c247799c7fca1
d33d9d5fc2eef77dd7cda0770e9bc8213f058f2ead19b7d9b7ed731bcd081a47
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d5040bfcc5be4bf5f2059c1718ccb060926c8cd0a4df2daba3bbfecd1cc883
ea14f5abbaef1f7edae981f7e716dda574977eb8c21afb40aacc14cc07080472
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eec2c40d8b1bb98306990239204d8b90ca030f0def0e00dfe3117ae42991e126
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f6a57984c522e05a3d9925e8b101651aee61a16c541eeaf337570132f4960be0
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d