br.do4a.me Open in urlscan Pro
2606:4700:3033::ac43:d7d1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://do4a.me/
Effective URL:
https://br.do4a.me/
Submission: On November 26 via api (November 26th 2024, 9:09:09 pm UTC) from US — Scanned from CA

Summary HTTP 62 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 62 HTTP transactions. The main IP is 2606:4700:3033::ac43:d7d1, located in United States and belongs to CLOUDFLARENET, US. The main domain is br.do4a.me.
TLS certificate: Issued by WE1 on October 22nd 2024. Valid for: 3 months.

This is the only time br.do4a.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 25	172.67.215.209 172.67.215.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:303... 2606:4700:3033::ac43:d7d1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c19::61	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c0b::5f	15169 (GOOGLE) (GOOGLE)
11	172.67.140.28 172.67.140.28	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	87.240.129.133 87.240.129.133	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS VKontakte Ltd)
3 8	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX YA...) (YANDEX YANDEX LLC)
4	2607:f8b0:400... 2607:f8b0:4004:c17::66	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::5d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c19::77	15169 (GOOGLE) (GOOGLE)
4	142.251.179.94 142.251.179.94	15169 (GOOGLE) (GOOGLE)
1	93.186.225.194 93.186.225.194	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS VKontakte Ltd)
62	12

25 172.67.215.209 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

do4a.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.do4a.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
br.do4a.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3033::ac43:d7d1 (United States)

ASN13335 (CLOUDFLARENET, US)

br.do4a.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c0b::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.67.140.28 (United States)

ASN13335 (CLOUDFLARENET, US)

bannernetwork.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 87.240.129.133 (Russian Federation) 1 redirects

ASN47541 (VKONTAKTE-SPB-AS VKontakte Ltd, RU)
PTR: srv133-129-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX YANDEX LLC, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c17::66 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::5d (Washington, United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::77 (Washington, United States)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.179.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.186.225.194 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS VKontakte Ltd, RU)

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	do4a.me 2 redirects do4a.me d.do4a.me br.do4a.me	3 MB
11	bannernetwork.net bannernetwork.net	24 MB
6	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 9443	4 KB
4	gstatic.com fonts.gstatic.com	103 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	22 KB
4	vk.com 1 redirects vk.com — Cisco Umbrella Rank: 7357	19 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4577	76 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	174 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 106	16 KB
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 79
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
62	11

	Domain	Requested by
30	br.do4a.me	br.do4a.me
11	bannernetwork.net	br.do4a.me
6	mc.yandex.com	2 redirects br.do4a.me mc.yandex.ru
4	fonts.gstatic.com	fonts.googleapis.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com br.do4a.me
4	vk.com	1 redirects br.do4a.me vk.com
2	mc.yandex.ru	1 redirects br.do4a.me
2	www.googletagmanager.com	br.do4a.me www.googletagmanager.com
1	i.ytimg.com	br.do4a.me
1	www.youtube.com	br.do4a.me
1	fonts.googleapis.com	br.do4a.me
1	d.do4a.me	1 redirects
1	do4a.me	1 redirects
62	13

This site contains links to these domains. Also see Links.

Domain
g.anaboliki10.net
dj.ruanabol.org
a.real-pump1.top
1.inforubelfarma.ru
do4a.brutal-market.net
do4a.strong-pharm.site
do4a.profarm.site
bq.do4a.me
p10.rumassa.store
cli.re
t.farmacent.ru
ru67.homosteron.vip
do4a.net
sportwiki.to
zen.yandex.ru
xenforo.com
www.xf-russia.ru

Subject Issuer	Validity	Valid
do4a.me WE1	`2024-10-22` - `2025-01-20`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
bannernetwork.net WE1	`2024-11-11` - `2025-02-09`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-10-20` - `2025-04-01`	5 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
edgestatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.vk.com GlobalSign ECC OV SSL CA 2018	`2024-10-04` - `2025-03-02`	5 months	crt.sh

This page contains 4 frames:

Primary Page: https://br.do4a.me/
Frame ID: 0E6D9B956A50407DB06CF226F6CA642E
Requests: 59 HTTP requests in this frame

Frame: https://www.youtube.com/embed/wsCpHNUkNeQ
Frame ID: F4DCB809BA9ABBDB47BC26CB80CC84B4
Requests: 1 HTTP requests in this frame

Frame: https://vk.com/widget_community.php?app=0&width=260px&_ver=1&gid=26456494&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=400&url=https%3A%2F%2Fbr.do4a.me%2F&referrer=&title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%7C%20Do4a.com%20-%20%D0%92%D1%82%D0%BE%D1%80%D0%BE%D0%B5%20%D0%B4%D1%8B%D1%85%D0%B0%D0%BD%D0%B8%D0%B5&1936a4e49b2
Frame ID: 9CEBE9516E8D432A67B83B2BB11649B6
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: D6A409F2A980D1D2088FBB1CF69F756C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новости | Do4a.com - Второе дыхание

Page URL History Show full URLs

https://do4a.me/ HTTP 301
https://d.do4a.me/ HTTP 301
https://br.do4a.me/ Page URL

Detected technologies

XenForo (Message Boards) Expand

Overall confidence: 100%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

62
Requests

95 %
HTTPS

58 %
IPv6

11
Domains

13
Subdomains

12
IPs

2
Countries

27866 kB
Transfer

28699 kB
Size

29
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://g.anaboliki10.net/

Search URL Search Domain Scan URL

URL: http://dj.ruanabol.org/

Search URL Search Domain Scan URL

URL: https://a.real-pump1.top/

Search URL Search Domain Scan URL

URL: http://1.inforubelfarma.ru/

Search URL Search Domain Scan URL

URL: https://do4a.brutal-market.net/?utm_source=do4a

Search URL Search Domain Scan URL

URL: https://do4a.strong-pharm.site/?utm_source=do4a

Search URL Search Domain Scan URL

URL: https://do4a.profarm.site/?utm_source=do4a

Search URL Search Domain Scan URL

URL: https://bq.do4a.me/misc/contact
Title: https://bq.do4a.me/misc/contact

Search URL Search Domain Scan URL

URL: https://p10.rumassa.store/

Search URL Search Domain Scan URL

URL: https://cli.re/53ZJYB

Search URL Search Domain Scan URL

URL: https://t.farmacent.ru/

Search URL Search Domain Scan URL

URL: https://ru67.homosteron.vip/

Search URL Search Domain Scan URL

URL: https://do4a.net/wiki
Title: Do4a's Wiki

Search URL Search Domain Scan URL

URL: http://sportwiki.to/
Title: Библиотека

Search URL Search Domain Scan URL

URL: https://zen.yandex.ru/id/5c13d9caaddb5800abea9ad5

Search URL Search Domain Scan URL

URL: https://xenforo.com/community/resources/s9e-media-bbcodes-pack.2476/
Title: Media embeds by s9e

Search URL Search Domain Scan URL

URL: http://www.xf-russia.ru/
Title: XF-Russia.ru

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://do4a.me/ HTTP 301
https://d.do4a.me/ HTTP 301
https://br.do4a.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://vk.com/js/api/openapi.js?116 HTTP 302
https://vk.com/dist/public/api/openapi.c340c125c61ec5745ebb2a98626e46ab.js?116

Request Chain 48

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10576.dDhD3aJsXi8mGu1IdxZzo7XgOUN20PDKFx-M8M_DrzVG6aunxvb2o0YWvUvPAcjn.bEXIyXMRiGRa6NIpqEWFe7_IXTo%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10576.MgMS9DPsPSPd70mucivxJu7jmmK-7eCq-6allD4INT46ovcVvxR5xU1_SwOclaaT85f4G9syMZE-B7RGRpWhG9NKkh3GcvzWRrYU5ikKb5ivg8OjJJEpQ0sQ9mxCzxjhzNzUu2l3XJ_i6D0o3uv0QpuVoAquYJunRJQeKt6kzDVuHN_H2VwQcHO_GkqSTNNRiJb6P-KGUvUDf3WU8BlIEgrvnruTinKKnq0-5XtppFs%2C.Fczx9oqeKMh7Pl21yrmKgkxbt74%2C

Request Chain 59

https://mc.yandex.com/watch/50963516?wmode=7&page-url=https%3A%2F%2Fbr.do4a.me%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A1530%3Acn%3A1%3Adp%3A0%3Als%3A390204739083%3Ahid%3A1056244458%3Az%3A-480%3Ai%3A20241126130855%3Aet%3A1732655336%3Ac%3A1%3Arn%3A541562530%3Arqn%3A1%3Au%3A1732655336685797832%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3297%3Awv%3A2%3Ads%3A58%2C76%2C773%2C29%2C1255%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1732655331639%3Agi%3AR0ExLjIuNTE4MDUyNjUyLjE3MzI2NTUzMzU%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1732655337%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%7C%20Do4a.com%20-%20%D0%92%D1%82%D0%BE%D1%80%D0%BE%D0%B5%20%D0%B4%D1%8B%D1%85%D0%B0%D0%BD%D0%B8%D0%B5&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009088)ti(1) HTTP 302
https://mc.yandex.com/watch/50963516/1?wmode=7&page-url=https%3A%2F%2Fbr.do4a.me%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A1530%3Acn%3A1%3Adp%3A0%3Als%3A390204739083%3Ahid%3A1056244458%3Az%3A-480%3Ai%3A20241126130855%3Aet%3A1732655336%3Ac%3A1%3Arn%3A541562530%3Arqn%3A1%3Au%3A1732655336685797832%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3297%3Awv%3A2%3Ads%3A58%2C76%2C773%2C29%2C1255%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1732655331639%3Agi%3AR0ExLjIuNTE4MDUyNjUyLjE3MzI2NTUzMzU%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1732655337%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%7C%20Do4a.com%20-%20%D0%92%D1%82%D0%BE%D1%80%D0%BE%D0%B5%20%D0%B4%D1%8B%D1%85%D0%B0%D0%BD%D0%B8%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29ti%281%29

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
br.do4a.me/
Redirect Chain

https://do4a.me/
https://d.do4a.me/
https://br.do4a.me/

103 KB
24 KB

911ms
776ms

Document
text/html

2606:4700:3033::ac43:d7d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://br.do4a.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d7d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.21

Resource Hash

52a96390fc745db8722acba833a6200e7523dcb446d3d2ed88a81ffc35dfa255

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN SAMEORIGIN SAMEORIGIN SAMEORIGIN SAMEORIGIN SAMEORIGIN SAMEORIGIN SAMEORIGIN SAMEORIGIN SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1 1 1 1 1 1 1 1 1 1 1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8e8cdb378c11a2ec-YUL
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Tue, 26 Nov 2024 21:08:53 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Tue, 26 Nov 2024 21:19:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Km8H8Ki%2Fmrh%2Bdm7ZQ6arzxSkVp5SZQbiKkU1USNgEY8o55Z%2FPvByWwTEtSb6fI%2BLwIFFQZ01JlHsdFb74OPf%2BdDRX8xDM9kDCT3m9SDf3n4C3BhbtQt0FqDKrw2TaWrx3QUvOa07%2B49z"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=19533&min_rtt=18766&rtt_var=4454&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3955&recv_bytes=2277&delivery_rate=204940&cwnd=253&unsent_bytes=0&cid=772738b0a08a3e06&ts=808&x=0"
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-frame-options: SAMEORIGIN SAMEORIGIN SAMEORIGIN SAMEORIGIN SAMEORIGIN SAMEORIGIN SAMEORIGIN SAMEORIGIN SAMEORIGIN SAMEORIGIN SAMEORIGIN
x-powered-by: PHP/5.6.21
x-xss-protection: 1 1 1 1 1 1 1 1 1 1 1

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e8cdb340b98ac60-YYZ
content-type: text/html
date: Tue, 26 Nov 2024 21:08:52 GMT
location: https://br.do4a.me/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hrro7MIqL80KlDzAd6WMSPv%2BnmqEiU3%2F5rbGVClw7j%2FEu7K9AOc1IYxr2gOQu6E9DSBvjK4oGcq7H0SyOcQbvm5Y%2ByFwNFLRqc7Z3eIwOJTzGhaVeffXgsv4iyE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=32775&sent=15&recv=14&lost=0&retrans=0&sent_bytes=5165&recv_bytes=6201&delivery_rate=533&cwnd=12000&unsent_bytes=0&cid=e1a560135390d0e1&ts=1143&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security: max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
80 KB 157ms
57ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-120595707-1

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b749c11a682993ebd3e5388c095dd36743ed39935970904d22e6f7cd9ef84f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 26 Nov 2024 21:08:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 21:08:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81511
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 css.php
br.do4a.me/ 81 KB
21 KB 149ms
139ms Stylesheet
text/css 2606:4700:3033::ac43:d7d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://br.do4a.me/css.php?css=xenforo,form,public&style=6&dir=LTR&d=1732392419

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d7d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.21

Resource Hash

0a2f3885e1e5ff78b82c46c52e039aaade8c53a1e9087bd7c3506a62adbe40ca

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ys%2BTHQfVyrcknbFG%2Fa5igHvZBE43g%2FbERSwYzhol8VeN7fmnP3uJSbzuD%2BuhzYbP5PynhFxGGorpkoIIdsEJuXR3KfdMMO3spIgpgY%2B5rRSIXTDo6WfTwQXkaqd%2FuI16StbjTCWxQCP3"}],"group":"cf-nel","max_age":604800}
expires: Wed, 01 Jan 2020 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=24671&min_rtt=18759&rtt_var=10265&sent=40&recv=34&lost=0&retrans=0&sent_bytes=29413&recv_bytes=2954&delivery_rate=784596&cwnd=257&unsent_bytes=0&cid=772738b0a08a3e06&ts=1056&x=0"
date: Tue, 26 Nov 2024 21:08:54 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Sat, 23 Nov 2024 20:06:59 GMT
strict-transport-security: max-age=31536000
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb3d1bffa2ec-YUL
content-length: 21128
x-powered-by: PHP/5.6.21
server: cloudflare
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000

GET
H2 200 css.php
br.do4a.me/ 39 KB
11 KB 392ms
384ms Stylesheet
text/css 2606:4700:3033::ac43:d7d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://br.do4a.me/css.php?css=MinimalismToTop,cmf_block,cmf_news,discussion_list,do4a,login_bar,message,message_user_info,nat_public_css,notices&style=6&dir=LTR&d=1732392419

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d7d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.21

Resource Hash

e47aeb307ed0ad3f0f2d89a5093af92228e03847ccc511de1ba89ff1547bac24

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r9hjDWI%2B1RdMtezW1kFwtR4We%2BLu9PAse%2BFLKRDXkajN0d7A7m%2FxLh%2FX%2BSuYHwX%2FifVMNYzuL426%2B4fCi4hOBipLIGtIRjEWnIRM2%2B0TNfr5Abgzih1KNORcANMXBVzq5Zgli0%2Fz803U"}],"group":"cf-nel","max_age":604800}
expires: Wed, 01 Jan 2020 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=23938&min_rtt=18759&rtt_var=773&sent=64&recv=58&lost=0&retrans=0&sent_bytes=51565&recv_bytes=2954&delivery_rate=1162273&cwnd=257&unsent_bytes=0&cid=772738b0a08a3e06&ts=1303&x=0"
date: Tue, 26 Nov 2024 21:08:54 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Sat, 23 Nov 2024 20:06:59 GMT
strict-transport-security: max-age=31536000
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb3d1c02a2ec-YUL
content-length: 10499
x-powered-by: PHP/5.6.21
server: cloudflare
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 168ms
58ms Stylesheet
text/css 2607:f8b0:4004:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif:400,700,400italic,700italic&subset=latin,cyrillic-ext,latin-ext,cyrillic

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0dcc2c33d01d1fbe81c88119fa535d76caaf79a375f005ddb6f89095b72e5e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:08:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 21:08:54 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 26 Nov 2024 21:08:54 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 jquery-1.11.0.min.js Show response
br.do4a.me/js/jquery/ 94 KB
35 KB 517ms
509ms Script
application/javascript 2606:4700:3033::ac43:d7d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://br.do4a.me/js/jquery/jquery-1.11.0.min.js

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d7d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

content-encoding: zstd
cf-cache-status: BYPASS
etag: W/"5aaa248a-1787d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=re37LtC30pAZV%2BmFesJ56AYiOKpI8VoDzX7KVmcx%2BWtuOavYyo3iGa32m4ZiaFoUxA8ARXkyN7PCKEX7gbnr3pVvPm5wyFLKF6NHlXJYuh0%2FjUP9IWyE3objoQzoamrrdd2MetnFISrA"}],"group":"cf-nel","max_age":604800}
expires: Tue, 26 Nov 2024 22:19:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21360&min_rtt=18759&rtt_var=1220&sent=83&recv=77&lost=0&retrans=0&sent_bytes=66805&recv_bytes=2954&delivery_rate=1162273&cwnd=257&unsent_bytes=0&cid=772738b0a08a3e06&ts=1425&x=0"
date: Tue, 26 Nov 2024 21:08:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 15 Mar 2018 07:45:14 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb3d1c03a2ec-YUL
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
server: cloudflare

GET
H2 200 xenforo.js Show response
br.do4a.me/js/xenforo/ 165 KB
55 KB 557ms
550ms Script
application/javascript 2606:4700:3033::ac43:d7d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://br.do4a.me/js/xenforo/xenforo.js?_v=a4977791

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d7d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0baa35b068dd1c4a80020f01ccd76eab83058bd6bb98877a59035771ad07d8fa

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

content-encoding: zstd
cf-cache-status: BYPASS
etag: W/"5aaa248a-295a6"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u4GDerw7tljb8s1FBT3xnXBl7LXSi%2FjpXfwKPz4FI7fPd9j3iK7LBkJBQ0tpbgG5cPalaGG1l27jeLEN4oD3R5wRoG1xDa5vSkBapw1%2BwaPBBGfmLLJDRXcGRLEgwodv2ll07WyxBRcu"}],"group":"cf-nel","max_age":604800}
expires: Tue, 26 Nov 2024 22:19:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21572&min_rtt=18759&rtt_var=1338&sent=84&recv=78&lost=0&retrans=0&sent_bytes=67369&recv_bytes=2954&delivery_rate=1162273&cwnd=257&unsent_bytes=0&cid=772738b0a08a3e06&ts=1464&x=0"
date: Tue, 26 Nov 2024 21:08:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 15 Mar 2018 07:45:14 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb3d1c05a2ec-YUL
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
server: cloudflare

GET
H2 200 news.js Show response
br.do4a.me/js/cmf/news/ 6 KB
3 KB 434ms
426ms Script
application/javascript 2606:4700:3033::ac43:d7d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://br.do4a.me/js/cmf/news/news.js?_v=a4977791

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d7d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b84a2fab0b77340eb97cee076421f6d77203eff2fd28597ae898b1fffce7a2f5

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

content-encoding: zstd
cf-cache-status: BYPASS
etag: W/"5410b471-1855"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J9rHceLiMhbHKqCCW75KGAtQTHE8HCOHJEbPGNLa7ZRNTulEEcbaskltcnpsTA3ctqvt8snSD%2BCnovEIS11qG7aFdiZH6%2Bwg8VEgLCT5lXp%2FYbvPBbguipVjgUDJ%2FS5eUX5dAUmqAiPl"}],"group":"cf-nel","max_age":604800}
expires: Tue, 26 Nov 2024 22:19:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=20645&min_rtt=18759&rtt_var=805&sent=79&recv=73&lost=0&retrans=0&sent_bytes=64129&recv_bytes=2954&delivery_rate=1162273&cwnd=257&unsent_bytes=0&cid=772738b0a08a3e06&ts=1346&x=0"
date: Tue, 26 Nov 2024 21:08:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 10 Sep 2014 20:28:33 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb3d1c06a2ec-YUL
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
server: cloudflare

GET
H2 200 jquery.ui.totop.js Show response
br.do4a.me/js/Minimalism/ 2 KB
1 KB 407ms
400ms Script
application/javascript 2606:4700:3033::ac43:d7d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://br.do4a.me/js/Minimalism/jquery.ui.totop.js?_v=a4977791

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d7d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

972120582a22b0e9e83bca1713ebebdf2356dda9d7c9c81c156f72f934261ec9

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

content-encoding: zstd
cf-cache-status: BYPASS
etag: W/"4b8ff632-6ca"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I8kdKm1A03St6%2BHM5JHx9AJAZIBwVA4co3yHVZOzO0NNuz770GPbFNatZsogRd%2FzbQGCEezeUw6ZEdmRWU5IkbUKblt3ZSX7gV90MDOL7ZcC1NQNB6DUq0VrPMxBE6qaPZm%2B2ILFF85v"}],"group":"cf-nel","max_age":604800}
expires: Tue, 26 Nov 2024 22:19:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=23938&min_rtt=18759&rtt_var=773&sent=76&recv=58&lost=0&retrans=0&sent_bytes=62721&recv_bytes=2954&delivery_rate=1162273&cwnd=257&unsent_bytes=0&cid=772738b0a08a3e06&ts=1319&x=0"
date: Tue, 26 Nov 2024 21:08:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 04 Mar 2010 18:04:34 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb3d1c07a2ec-YUL
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
server: cloudflare

GET
H3 200 bwyanab.gif
bannernetwork.net/do4a/ 2 MB
2 MB 212ms
87ms Image
image/gif 172.67.140.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bannernetwork.net/do4a/bwyanab.gif
Requested by: Host: br.do4a.me
URL: https://br.do4a.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.140.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7aad57c0bb95e4b89778634414c58dabbdc17eb128bf6bda35bd69c3c689d0f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

cf-cache-status: HIT
etag: "674489e9-1c7343"
age: 3754
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VycIa6tIeGfd21Fm0NpvDlx0%2BQ1L6ziVB2WUXuv8NLYdJ4Kh98PnJ7Av8QfoqUtZgzDc%2FyOJf381wgtJfq%2Fun0vDfEuK9BrXpZzTqvdaD05JDuVj%2Fr%2F0rDlC1UEo%2BW99Zs4kow%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30809&sent=21&recv=8&lost=0&retrans=0&sent_bytes=15553&recv_bytes=4662&delivery_rate=95705&cwnd=12000&unsent_bytes=0&cid=064b04c656459928&ts=62&x=1", cfExtPri, cfHdrFlush;dur=41
date: Tue, 26 Nov 2024 21:08:54 GMT
content-type: image/gif
last-modified: Mon, 25 Nov 2024 14:30:01 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb3ddc35398d-YYZ
accept-ranges: bytes
content-length: 1864515
server: cloudflare

GET
H3 200 phl25s.gif
bannernetwork.net/do4a/ 1 MB
1 MB 169ms
45ms Image
image/gif 172.67.140.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bannernetwork.net/do4a/phl25s.gif
Requested by: Host: br.do4a.me
URL: https://br.do4a.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.140.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d34c0dbd661cdde64a7d255ee3b38f2b39ff8de44dcfed9c49fbce34440086b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

cf-cache-status: HIT
etag: "647718e4-17c9bd"
age: 3396
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NQpsz8t5yhp3sJyPFJLg4lst1zVFSehrHtkE%2BZZyP7t6yaSV3WjujyhF6owVFu%2By%2BqOi%2BEL7Cr%2Bxk2uJobAXQPMqd3Y3S4NgivqoTVPT%2BE%2BqZpDFQX9VTnLqmJYcd2aYwEBp5g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30809&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4135&recv_bytes=4662&delivery_rate=95705&cwnd=12000&unsent_bytes=0&cid=064b04c656459928&ts=59&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 21:08:54 GMT
content-type: image/gif
last-modified: Wed, 31 May 2023 09:52:36 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb3ddc36398d-YYZ
accept-ranges: bytes
content-length: 1558973
server: cloudflare

GET
H3 200 realbig.gif
bannernetwork.net/do4a/ 253 KB
253 KB 66ms
57ms Image
image/gif 172.67.140.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bannernetwork.net/do4a/realbig.gif
Requested by: Host: br.do4a.me
URL: https://br.do4a.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.140.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f738aca08124efed4c6230de1f30fa12620dca691d882e60632cb9814d7b106

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

cf-cache-status: HIT
etag: "618cd148-3f277"
age: 1609
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Phw2DpwiR11wxacrerhXcobYfD2draNESwzBV3pw8m%2BAJuVe1d34Rc12sBTeqtZdvao3eetY7bsGkgFSgdXP%2B4AFBsdvh%2FY%2BmyF%2BuviJ7BDQZM7cJ6vqNnfQ7Qou5XGtUKEV6g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28233&sent=1124&recv=395&lost=8&retrans=8&sent_bytes=1300720&recv_bytes=25027&delivery_rate=2224520&cwnd=69029&unsent_bytes=0&cid=064b04c656459928&ts=758&x=1", cfExtPri, cfHdrFlush;dur=7
date: Tue, 26 Nov 2024 21:08:54 GMT
content-type: image/gif
last-modified: Thu, 11 Nov 2021 08:16:08 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb4228f5398d-YYZ
accept-ranges: bytes
content-length: 258679
server: cloudflare

GET
H3 200 rubelfarma.gif
bannernetwork.net/do4a/ 4 MB
4 MB 66ms
54ms Image
image/gif 172.67.140.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bannernetwork.net/do4a/rubelfarma.gif
Requested by: Host: br.do4a.me
URL: https://br.do4a.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.140.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4c9b4a4fb0a1ee0d1ff9e2d3cc20c40a2c1f62749ab0ad2cd16a3e61c06e58d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

cf-cache-status: HIT
etag: "5fdc8fb3-3fd20c"
age: 563
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J64G7kiRbajuXq%2Fkh2YyBKgMW%2BT23WEoDjEuaRRQe04LXFX0E0P72qoZr6YxyMRox2drExM1GP6uQo26JeLo%2F6TUllUYQlEt5fijoaDfLKRJnCM3SespQQnVg6HkpcQtIp92pA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28233&sent=1124&recv=395&lost=8&retrans=8&sent_bytes=1300720&recv_bytes=25027&delivery_rate=2224520&cwnd=69029&unsent_bytes=0&cid=064b04c656459928&ts=755&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 21:08:54 GMT
content-type: image/gif
last-modified: Fri, 18 Dec 2020 11:17:07 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb423902398d-YYZ
accept-ranges: bytes
content-length: 4182540
server: cloudflare

GET
H3 200 brutal.gif
bannernetwork.net/do4a/ 6 MB
6 MB 66ms
53ms Image
image/gif 172.67.140.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bannernetwork.net/do4a/brutal.gif
Requested by: Host: br.do4a.me
URL: https://br.do4a.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.140.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13aaede5a128c09a368f24eb1c1166c3d50c09741a4ff2f7c0de21d983e155e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

cf-cache-status: HIT
etag: "65658fce-5f9ed4"
age: 1609
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fLjENSp%2B%2FX0usqgCumZ0SO%2FOvPsL2FFL7HU5%2BjwKVIMooWQ4qYoKOu2Plm0RsH7AzK4a%2FMaeM4egT4uC5qmVQJB0ZmL2fGRmYYiVTOqSKn7mVjA7iU6LOBNgV5sNCabQQl7l2w%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28233&sent=1124&recv=395&lost=8&retrans=8&sent_bytes=1300720&recv_bytes=25027&delivery_rate=2224520&cwnd=69029&unsent_bytes=0&cid=064b04c656459928&ts=756&x=1", cfExtPri, cfHdrFlush;dur=9
date: Tue, 26 Nov 2024 21:08:54 GMT
content-type: image/gif
last-modified: Tue, 28 Nov 2023 06:59:26 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb423907398d-YYZ
accept-ranges: bytes
content-length: 6266580
server: cloudflare

GET
H3 200 d4strongf.gif
bannernetwork.net/do4a/ 2 MB
2 MB 7266ms
7253ms Image
image/gif 172.67.140.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bannernetwork.net/do4a/d4strongf.gif
Requested by: Host: br.do4a.me
URL: https://br.do4a.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.140.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8f1b2c3e38022541e1371871daafdd9b7dffebad967fa5f119a5a07fbfbb2f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

cf-cache-status: HIT
etag: "65870baf-26764f"
age: 2542
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jr1uKaEo8z7AgRfywOtb98q%2BLmx8BWVUlAWk%2Fx3IE9gHhvvwW7sJJ5736BYtniLQ19Pb8dNNEJpL3f9lwORN6QdyvKIY61YwDALwxbPCx4PO79ZL0xbhQb0AgFM%2BdAc7Jr010Q%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28233&sent=1124&recv=395&lost=8&retrans=8&sent_bytes=1300720&recv_bytes=25027&delivery_rate=2224520&cwnd=69029&unsent_bytes=0&cid=064b04c656459928&ts=761&x=1", cfExtPri, cfHdrFlush;dur=4
date: Tue, 26 Nov 2024 21:08:54 GMT
content-type: image/gif
last-modified: Sat, 23 Dec 2023 16:32:47 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb42390d398d-YYZ
accept-ranges: bytes
content-length: 2520655
server: cloudflare

GET
H3 200 d4profarm.gif
bannernetwork.net/do4a/ 1 MB
1 MB 7274ms
7261ms Image
image/gif 172.67.140.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bannernetwork.net/do4a/d4profarm.gif
Requested by: Host: br.do4a.me
URL: https://br.do4a.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.140.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e3bf9c2ef97543f863ffb4bc558a78cb65fa9fb8ed4a8cf4a2dde813f9fa9e7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

cf-cache-status: HIT
etag: "5fda0d69-1383c9"
age: 1192
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v0MPTbsDDGONn1dqr40FPvLgJAKy%2F4VTdDmma%2FjORDyEFu53SIwN7tHu8m6c2SiaFfkjHtPH77L7T4pdfVn9hsTB%2FD1TtPY%2Fw0coV5GGJfSmxLA8VSt1PQsmfCfafqzgcgnyQA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28233&sent=1124&recv=395&lost=8&retrans=8&sent_bytes=1300720&recv_bytes=25027&delivery_rate=2224520&cwnd=69029&unsent_bytes=0&cid=064b04c656459928&ts=758&x=1", cfExtPri, cfHdrFlush;dur=7
date: Tue, 26 Nov 2024 21:08:54 GMT
content-type: image/gif
last-modified: Wed, 16 Dec 2020 13:36:41 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb423910398d-YYZ
accept-ranges: bytes
content-length: 1278921
server: cloudflare

GET
H3 200 rmassa.gif
bannernetwork.net/do4a/ 6 MB
6 MB 7265ms
7253ms Image
image/gif 172.67.140.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bannernetwork.net/do4a/rmassa.gif
Requested by: Host: br.do4a.me
URL: https://br.do4a.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.140.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9cd06489eb8c66fd0ed7c205d613d1a0352994bba15a51949b0d1cedcdbe6db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

cf-cache-status: HIT
etag: "5fd0edd4-5bb3d0"
age: 3395
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3f5SDAhguNoo2L1mpcuyKZ8z2OmAujWFzAnEZdLrmsjhYAWyHmMWET17TIzzZy8Atz6KXLnrUcGY98ylfw6MwcwlIQtim0pQt96y%2BqBDIuNaAX9HCOgL2ZntzodSsOljL%2FEg8w%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28233&sent=1124&recv=395&lost=8&retrans=8&sent_bytes=1300720&recv_bytes=25027&delivery_rate=2224520&cwnd=69029&unsent_bytes=0&cid=064b04c656459928&ts=760&x=1", cfExtPri, cfHdrFlush;dur=5
date: Tue, 26 Nov 2024 21:08:54 GMT
content-type: image/gif
last-modified: Wed, 09 Dec 2020 15:31:32 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb423913398d-YYZ
accept-ranges: bytes
content-length: 6009808
server: cloudflare

GET
H3 200 eventhilma.gif
bannernetwork.net/do4a/ 44 KB
45 KB 7273ms
7261ms Image
image/gif 172.67.140.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bannernetwork.net/do4a/eventhilma.gif
Requested by: Host: br.do4a.me
URL: https://br.do4a.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.140.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5a868fd4f5e7490ff10dc2bfd718ce2594c29f12f1e714b7d642ffa91520422

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

cf-cache-status: HIT
etag: "673b1cb9-b12a"
age: 3490
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cNmI5M39UUjPvtyT4my9O0Ah%2B5lBfrPa%2B%2BNPi3Vpg4iSEFjxvcezjtuW67CSzWJW6%2FL2iEyASCd52INj9GG49w%2FzD2renOG07pEYqk93Hm5253MLYohGhFFa9xe%2BR7hyKx%2FAbg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28233&sent=1124&recv=395&lost=8&retrans=8&sent_bytes=1300720&recv_bytes=25027&delivery_rate=2224520&cwnd=69029&unsent_bytes=0&cid=064b04c656459928&ts=760&x=1", cfExtPri, cfHdrFlush;dur=5
date: Tue, 26 Nov 2024 21:08:54 GMT
content-type: image/gif
last-modified: Mon, 18 Nov 2024 10:53:45 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb423914398d-YYZ
accept-ranges: bytes
content-length: 45354
server: cloudflare

GET
H3 200 farmdo4a.gif
bannernetwork.net/do4a/ 565 KB
566 KB 7272ms
7260ms Image
image/gif 172.67.140.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bannernetwork.net/do4a/farmdo4a.gif
Requested by: Host: br.do4a.me
URL: https://br.do4a.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.140.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bafed46a8ab75e7a050a95faafdaa0476f2afc8f5490492981e8101039e3560b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

cf-cache-status: HIT
etag: "65211947-8d546"
age: 1417
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GKySwKGpQRDXY1N45yl5hCAv4qwebwaxBf%2B9%2Bhkc%2BN9Qh0uPuwVf5g%2B7tBscClorJlWqfzp0IIW0SKkDoYsmNT9%2BfXJ45GKnw04DFFWGRGtgJXVjH9Ekse9CcFLVsf6UkXcxjA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28233&sent=1124&recv=395&lost=8&retrans=8&sent_bytes=1300720&recv_bytes=25027&delivery_rate=2224520&cwnd=69029&unsent_bytes=0&cid=064b04c656459928&ts=762&x=1", cfExtPri, cfHdrFlush;dur=3
date: Tue, 26 Nov 2024 21:08:54 GMT
content-type: image/gif
last-modified: Sat, 07 Oct 2023 08:39:35 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb423917398d-YYZ
accept-ranges: bytes
content-length: 578886
server: cloudflare

GET
H3 200 homosteron.gif
bannernetwork.net/do4a/ 72 KB
73 KB 7270ms
7259ms Image
image/gif 172.67.140.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bannernetwork.net/do4a/homosteron.gif
Requested by: Host: br.do4a.me
URL: https://br.do4a.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.140.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 408cd81fde12aeaa1eb73fdc912cee9206690316b7c4385601bf49cb9da6497d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

cf-cache-status: HIT
etag: "65f9e5ef-120d1"
age: 1684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tZN%2B%2F3a4UdSOuKfKvuwMAwsgFAlQNgEBVuo2nRSqR84he3wMGKFrduzvB39gs4oB2ialC6dYDGy7PnO9%2FVjzc9Oku8JXY4gkmgw6PpFYRReKP4TaJPSUweTa6Y0OOqdRvg5y%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28233&sent=1124&recv=395&lost=8&retrans=8&sent_bytes=1300720&recv_bytes=25027&delivery_rate=2224520&cwnd=69029&unsent_bytes=0&cid=064b04c656459928&ts=761&x=1", cfExtPri, cfHdrFlush;dur=4
date: Tue, 26 Nov 2024 21:08:54 GMT
content-type: image/gif
last-modified: Tue, 19 Mar 2024 19:22:23 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb42391a398d-YYZ
accept-ranges: bytes
content-length: 73937
server: cloudflare

GET
H3 200 /
br.do4a.me/attachments/instagram-tonio_burton-stories-3507332970920668966-jpg.333153/ 208 KB
209 KB 271ms
259ms Image
image/jpeg 172.67.215.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://br.do4a.me/attachments/instagram-tonio_burton-stories-3507332970920668966-jpg.333153/

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.215.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.21

Resource Hash

681b16ec0d24ba02941f07135fae453d52441c3af8b5cb143fe5d3bc9741779d

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

cf-cache-status: DYNAMIC
etag: "1732447667"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nrD5H4yIrC6FWu3D4xY83Z%2Bt4htmmjwDR1cWmnd3clRj8drGrITgNJ8W55LT6clLxWnotQU0GhRKH7T1GgsNC5qjt7f3Piieoc2U%2BOPYV3%2FQ01TrbuOW09v3Y3m8"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27903&min_rtt=25966&rtt_var=6901&sent=14&recv=26&lost=0&retrans=0&sent_bytes=4253&recv_bytes=11821&delivery_rate=506&cwnd=12000&unsent_bytes=0&cid=86b58d04b9a65f42&ts=1052&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 21:08:54 GMT
content-disposition: inline; filename="Instagram tonio_burton stories 3507332970920668966.jpg"
content-type: image/jpeg
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Tue, 26 Nov 2024 21:19:13 GMT
cf-ray: 8e8cdb423945a23a-YYZ
content-length: 212991
x-xss-protection: 1
x-powered-by: PHP/5.6.21
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
server: cloudflare

GET
H3 200 /
br.do4a.me/attachments/13476487777794185674994788774977877scale_1200-jpg.333069/ 193 KB
194 KB 727ms
714ms Image
image/jpeg 172.67.215.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://br.do4a.me/attachments/13476487777794185674994788774977877scale_1200-jpg.333069/

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.215.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.21

Resource Hash

e5bc640727d05aa7a0155ced393f2e6df5d60302946ebb9b2cad81a3421e55a1

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

cf-cache-status: DYNAMIC
etag: "1732253242"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vmc%2B5xLKr%2F7a39YnV5VmGs81JhJFNzN8hZV4RjX7DfUdJsRHVJWfkgAxxWqPyKXoYTGoHHof9qqElxxhrDpL8J8zDGNNKGax8S8IUHDCbl05RRcwma%2Fi5xy27OVs"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=86414&min_rtt=25966&rtt_var=22829&sent=250&recv=103&lost=0&retrans=0&sent_bytes=273149&recv_bytes=15236&delivery_rate=358637&cwnd=70200&unsent_bytes=0&cid=86b58d04b9a65f42&ts=1480&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 21:08:55 GMT
content-disposition: inline; filename="13476487777794185674994788774977877scale_1200.jpg"
content-type: image/jpeg
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Tue, 26 Nov 2024 21:19:13 GMT
cf-ray: 8e8cdb423947a23a-YYZ
content-length: 197377
x-xss-protection: 1
x-powered-by: PHP/5.6.21
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
server: cloudflare

GET
H3 200 /
br.do4a.me/attachments/74994788774977877scale_1200-jpg.333000/ 210 KB
211 KB 1433ms
1418ms Image
image/jpeg 172.67.215.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://br.do4a.me/attachments/74994788774977877scale_1200-jpg.333000/

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.215.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.21

Resource Hash

e11d2e0d15b75e22a9c4d9465af23f77d9ae62f584955f45579d9f0579bbee5e

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

cf-cache-status: DYNAMIC
etag: "1732031031"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hx6WTCBrOIrNKrMkYiQ2IsbcXd90Ib9751v5aP5iqFpg8rHL%2FwDXLoe388Twa2cbh2GwF4qgJ6b8zoHiEsNPfQcx%2FyPaAsTDGMXQ3JhqoNI%2FXXmVm151Uaiksris"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34408&min_rtt=25167&rtt_var=7910&sent=1044&recv=352&lost=17&retrans=16&sent_bytes=1192086&recv_bytes=30214&delivery_rate=1155183&cwnd=92850&unsent_bytes=0&cid=86b58d04b9a65f42&ts=2205&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 21:08:56 GMT
content-disposition: inline; filename="74994788774977877scale_1200.jpg"
content-type: image/jpeg
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Tue, 26 Nov 2024 21:19:14 GMT
cf-ray: 8e8cdb424956a23a-YYZ
content-length: 215131
x-xss-protection: 1
x-powered-by: PHP/5.6.21
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
server: cloudflare

GET
H3 200 /
br.do4a.me/attachments/877scale_1200-jpg.332908/ 1 MB
1 MB 1100ms
1086ms Image
image/jpeg 172.67.215.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://br.do4a.me/attachments/877scale_1200-jpg.332908/

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.215.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.21

Resource Hash

0123c6b41a0a234e889a4ecb57d1efbb8bda272756b89c6518f395dafc97213f

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

cf-cache-status: DYNAMIC
etag: "1731833609"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y7uDhc6unzL5AuBh0VxXdm%2FIs9QonBrpPjMW1sksYqBYlIA1DYYcmNvsrEJ9WIQccJ%2F%2F2jq%2BMgTIEID%2FABFWdMFEqhI1ACngjkbxZecEaVmZFfYFe2qGDddUKA9b"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=32734&min_rtt=25399&rtt_var=5017&sent=709&recv=267&lost=9&retrans=8&sent_bytes=801357&recv_bytes=22786&delivery_rate=1047320&cwnd=89250&unsent_bytes=0&cid=86b58d04b9a65f42&ts=1872&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 21:08:55 GMT
content-disposition: inline; filename="877scale_1200.jpg"
content-type: image/jpeg
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Tue, 26 Nov 2024 21:19:14 GMT
cf-ray: 8e8cdb42495aa23a-YYZ
content-length: 1093937
x-xss-protection: 1
x-powered-by: PHP/5.6.21
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
server: cloudflare

GET
H3 200 /
br.do4a.me/attachments/7197987778899999873200000001-2-jpg.332822/ 297 KB
298 KB 672ms
658ms Image
image/jpeg 172.67.215.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://br.do4a.me/attachments/7197987778899999873200000001-2-jpg.332822/

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.215.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.21

Resource Hash

93431fc30d82860eab4c0de7a18986b70961d74ace4674465f7037869acb8e30

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

cf-cache-status: DYNAMIC
etag: "1731648455"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2t%2F0Qs5PqwG519LK%2BCjH%2FgvnNgc7X5Uh%2FqE3YzR0TXETZzr%2FKU8tvoKlVT1tG4XOkrN%2BXP4RmhsHO5iPOry2e3YZ%2FOoTFLKFuSDWl2WEtRn8Ojfrb03F1Sngcitd"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=62789&min_rtt=25966&rtt_var=15129&sent=145&recv=81&lost=0&retrans=0&sent_bytes=151556&recv_bytes=14242&delivery_rate=319602&cwnd=42300&unsent_bytes=0&cid=86b58d04b9a65f42&ts=1313&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 21:08:55 GMT
content-disposition: inline; filename="7197987778899999873200000001 (2).jpg"
content-type: image/jpeg
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Tue, 26 Nov 2024 21:19:13 GMT
cf-ray: 8e8cdb42495da23a-YYZ
content-length: 304426
x-xss-protection: 1
x-powered-by: PHP/5.6.21
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
server: cloudflare

GET
H3 200 /
br.do4a.me/attachments/7778899999873200000001-jpg.332754/ 183 KB
184 KB 802ms
788ms Image
image/jpeg 172.67.215.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://br.do4a.me/attachments/7778899999873200000001-jpg.332754/

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.215.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.21

Resource Hash

af30dd52436a2f76159752809771bf93eb2760a922c8c2dd1918281650d5cc23

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

cf-cache-status: DYNAMIC
etag: "1731390730"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E8FE7aCL2XjO2RIZbVk9pps%2FJefIwPn8FcyEsh96GXLoNczOXb5ftkmYNh9wf4%2Byec%2FQpCRhkIU2QJcpopkpfaw3ClbvRkVSoNW7AQWyfTcIK5PzCyhKG38F8kVl"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=32059&min_rtt=25966&rtt_var=6870&sent=422&recv=172&lost=9&retrans=8&sent_bytes=465828&recv_bytes=18445&delivery_rate=2194597&cwnd=89250&unsent_bytes=0&cid=86b58d04b9a65f42&ts=1575&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 21:08:55 GMT
content-disposition: inline; filename="7778899999873200000001.jpg"
content-type: image/jpeg
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Tue, 26 Nov 2024 21:19:14 GMT
cf-ray: 8e8cdb424963a23a-YYZ
content-length: 187471
x-xss-protection: 1
x-powered-by: PHP/5.6.21
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
server: cloudflare

GET
H3 200 /
br.do4a.me/attachments/77747988img_4690-jpeg.332676/ 302 KB
303 KB 1335ms
1321ms Image
image/jpeg 172.67.215.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://br.do4a.me/attachments/77747988img_4690-jpeg.332676/

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.215.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.21

Resource Hash

709d9bcc8941ca44817a42314bed189c35856208bbd76ee8a6e447145a87b9fb

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

cf-cache-status: DYNAMIC
etag: "1731154303"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1%2FOXerTCcYuwdWXgV990XiaOql8i%2BSITMHZcmYC5S%2FwGO9ob3gYeCDrBbxZH6el5RIZFUie7NoWZJMREPHQGfeTwSVMOSe3vtarzPGm6b4VygAah6aFxUG67gC6K"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=40807&min_rtt=25167&rtt_var=8318&sent=893&recv=303&lost=9&retrans=8&sent_bytes=1019343&recv_bytes=27902&delivery_rate=744228&cwnd=89250&unsent_bytes=0&cid=86b58d04b9a65f42&ts=2075&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 21:08:56 GMT
content-disposition: inline; filename="77747988IMG_4690.JPEG"
content-type: image/jpeg
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Tue, 26 Nov 2024 21:19:14 GMT
cf-ray: 8e8cdb42496ca23a-YYZ
content-length: 308764
x-xss-protection: 1
x-powered-by: PHP/5.6.21
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
server: cloudflare

GET
H3 200 /
br.do4a.me/attachments/875-jpg.332604/ 562 KB
563 KB 1013ms
999ms Image
image/jpeg 172.67.215.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://br.do4a.me/attachments/875-jpg.332604/

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.215.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.21

Resource Hash

4122a3744769e86ed2fff2860c224a6b1e9ab30be74712e8e248cc1b1116dfc1

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

cf-cache-status: DYNAMIC
etag: "1730881138"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GDHKnIA%2Fyd2eN66Qi5dGP%2Bgi1Pms1wbPXgeS6Esw0ouoIxnt5CTzWzmLPg3Ie3kkONS8xU15irLfLWyaF10NJBcn8Xp8UrGaDCd%2BHe9XCeDQ9%2B5xKfC%2FRXPk%2BTky"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31895&min_rtt=25399&rtt_var=5843&sent=608&recv=231&lost=9&retrans=8&sent_bytes=683860&recv_bytes=21144&delivery_rate=1060712&cwnd=89250&unsent_bytes=0&cid=86b58d04b9a65f42&ts=1764&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 21:08:55 GMT
content-disposition: inline; filename="875.jpg"
content-type: image/jpeg
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Tue, 26 Nov 2024 21:19:14 GMT
cf-ray: 8e8cdb42496aa23a-YYZ
content-length: 575348
x-xss-protection: 1
x-powered-by: PHP/5.6.21
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
server: cloudflare

GET
H2

200

openapi.c340c125c61ec5745ebb2a98626e46ab.js Show response
vk.com/dist/public/api/
Redirect Chain

https://vk.com/js/api/openapi.js?116
https://vk.com/dist/public/api/openapi.c340c125c61ec5745ebb2a98626e46ab.js?116

56 KB
17 KB

332ms
329ms

Script
text/javascript

87.240.129.133
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/dist/public/api/openapi.c340c125c61ec5745ebb2a98626e46ab.js?116
Requested by: Host: br.do4a.me
URL: https://br.do4a.me/
Protocol: H2
Server: 87.240.129.133 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS VKontakte Ltd, RU),
Reverse DNS: srv133-129-240-87.vk.com
Software: kittenx /
Resource Hash: 0794ec55ac26233eb8ceed5fc64073eea5d00df95da9cc31f18b578a64762782

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

x-frontend: front653608, front661000
cache-control: max-age=345600
access-control-expose-headers: X-Frontend
content-encoding: br
x-trace-id: oXaj4A88AsNyjEdGRVcGQ8_rIDyCQQ
expires: Sat, 30 Nov 2024 21:08:55 GMT
server-timing: tid;desc="9z32NulrTicgBFf4gT8ZUcCrfprBlQ",tid;desc="oXaj4A88AsNyjEdGRVcGQ8_rIDyCQQ",front;dur=0.148
date: Tue, 26 Nov 2024 21:08:55 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 06 Nov 2024 03:02:12 GMT
server: kittenx
vary: Accept-Encoding, Available-Dictionary

Redirect headers

x-frontend: front661000
reporting-endpoints: default="https://vk.com/browser_reports?dest=default_reports"
strict-transport-security: max-age=15768000
cache-control: no-store
location: /dist/public/api/openapi.c340c125c61ec5745ebb2a98626e46ab.js?116
content-encoding: gzip
access-control-expose-headers: X-Frontend
x-trace-id: kjwf82EVhM1RSjQ29beBnBsxLFvE6w
server-timing: tid;desc="kjwf82EVhM1RSjQ29beBnBsxLFvE6w"
content-length: 20
date: Tue, 26 Nov 2024 21:08:55 GMT
content-type: text/html; charset=windows-1251
x-powered-by: KPHP/7.4.119714
server: kittenx

GET
H3 200 logo.png
br.do4a.me/styles/default/do4a/ 23 KB
23 KB 701ms
687ms Image
image/png 172.67.215.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://br.do4a.me/styles/default/do4a/logo.png

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.215.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e6b26193f6a7a8c1eec51c52d555e88a21cab04e6d4cdc4e8f383090254ab42

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

cf-cache-status: BYPASS
etag: "519e3da7-5a78"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H2TxkhKW%2BRC7SBsJCk97fEQLbPUAMS%2BgEdCGYp8zqJ9NcLVAhkFf75Xbjzkk8LWrkkPRyxVrzNq8l8TBOFJv2kGAG9p7My8owADWR0UC3fLVmyKzKx%2BGBDAKaFFu"}],"group":"cf-nel","max_age":604800}
expires: Tue, 03 Dec 2024 21:19:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=56676&min_rtt=25966&rtt_var=7230&sent=200&recv=92&lost=0&retrans=0&sent_bytes=214860&recv_bytes=14742&delivery_rate=738762&cwnd=55200&unsent_bytes=0&cid=86b58d04b9a65f42&ts=1384&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 21:08:55 GMT
content-type: image/png
last-modified: Thu, 23 May 2013 16:02:47 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=31536000
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb42496ea23a-YYZ
accept-ranges: bytes
content-length: 23160
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
server: cloudflare

GET
H3 200 yzen.jpg
br.do4a.me/ 11 KB
12 KB 672ms
658ms Image
image/jpeg 172.67.215.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://br.do4a.me/yzen.jpg

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.215.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dd1493091907b5182922be0bf59eb7ea105fd8c9638dccdc77ac2268474f323

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

cf-cache-status: BYPASS
etag: "5c1cb051-2df9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2BZnp8RBUnsbmgEUutKxy%2FHZ8Wjt3nqjDY4oWnImKy%2FchdPF1ArUdpf84bn%2BsloTkwf7O8FHwtUHP%2BkgOjqom%2F3KLRfF808GQlLd9%2FcuL8tGFi%2Bw7IHlfvD6I7cg"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=57973&min_rtt=25966&rtt_var=16856&sent=160&recv=85&lost=0&retrans=0&sent_bytes=168481&recv_bytes=14422&delivery_rate=459225&cwnd=42300&unsent_bytes=0&cid=86b58d04b9a65f42&ts=1315&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 21:08:55 GMT
content-type: image/jpeg
last-modified: Fri, 21 Dec 2018 09:20:17 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb424970a23a-YYZ
accept-ranges: bytes
content-length: 11769
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
server: cloudflare

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 220 KB
76 KB 722ms
336ms Script
application/javascript 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

327792de13e41955dc633dd61184895624555a736af01aec05229ed2694f0058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
content-encoding: br
etag: "673e04f1-12b1a"
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Tue, 26 Nov 2024 22:08:55 GMT
access-control-allow-origin: *
content-length: 76570
date: Tue, 26 Nov 2024 21:08:55 GMT
last-modified: Wed, 20 Nov 2024 15:49:05 GMT
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
94 KB 78ms
60ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-98JGTJBXV1&l=dataLayer&cx=c&gtm=457e4bk0za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-120595707-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f6fd917754181fa2ec9dc8c765c23c9bcb7f943e04bae107829ea69f5464a5bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 26 Nov 2024 21:08:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 21:08:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 96323
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 420ms
39ms Script
text/javascript 2607:f8b0:4004:c17::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-120595707-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

content-encoding: gzip
age: 2059
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 22:34:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 20:34:36 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 wsCpHNUkNeQ
www.youtube.com/embed/ Frame F4DC 0
0 545ms
162ms Document
text/html 2607:f8b0:4004:c08::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/wsCpHNUkNeQ

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://br.do4a.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce--0QeH4sFVjVVTg_mhBKEVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 21:08:55 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 button.png
br.do4a.me/styles/default/do4a/background/ 154 B
975 B 415ms
404ms Image
image/png 172.67.215.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://br.do4a.me/styles/default/do4a/background/button.png

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/css.php?css=MinimalismToTop,cmf_block,cmf_news,discussion_list,do4a,login_bar,message,message_user_info,nat_public_css,notices&style=6&dir=LTR&d=1732392419

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.215.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3847d4745ab20d5e517068c9221f70459299ecdb84a32c8bb72f141881ac03ff

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/css.php?css=MinimalismToTop,cmf_block,cmf_news,discussion_list,do4a,login_bar,message,message_user_info,nat_public_css,notices&style=6&dir=LTR&d=1732392419

Response headers

cf-cache-status: BYPASS
etag: "519e3da7-9a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bYJ2dGp7nWV95idFTy8b86mjTmoNcgxybxW5IXUPn5Kjzwna6izOgxVfaxnO93dCBwEddBGOutui69887fbirpdYM1dnEH2jj%2Fec0V5G9UORvqtf8D%2BiEoceGENC"}],"group":"cf-nel","max_age":604800}
expires: Tue, 03 Dec 2024 21:19:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=40814&min_rtt=25966&rtt_var=3579&sent=91&recv=56&lost=0&retrans=0&sent_bytes=90280&recv_bytes=13128&delivery_rate=641113&cwnd=35100&unsent_bytes=0&cid=86b58d04b9a65f42&ts=1205&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 21:08:55 GMT
content-type: image/png
last-modified: Thu, 23 May 2013 16:02:47 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=31536000
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb424973a23a-YYZ
accept-ranges: bytes
content-length: 154
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
server: cloudflare

GET
H3 200 xenforo-ui-sprite.png
br.do4a.me/styles/default/xenforo/ 4 KB
5 KB 449ms
438ms Image
image/png 172.67.215.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://br.do4a.me/styles/default/xenforo/xenforo-ui-sprite.png

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/css.php?css=xenforo,form,public&style=6&dir=LTR&d=1732392419

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.215.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

148805ef840df5f06de10c18349522ea3f2ce394218c5515f54e9265828691e5

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/css.php?css=xenforo,form,public&style=6&dir=LTR&d=1732392419

Response headers

cf-cache-status: BYPASS
etag: "5aaa248a-f36"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XQBtb9jaVaRiMu7YQzmX6Fq7hNbGCurPdBtysQkGLWaz0zE33N0RxqlCSsBJa%2F7Xu%2BGFiaPnENV88%2B5h5PI8CWmGPum6cbdF5rPMkaEFRrvTdtWbe%2Bu2CRVujuYD"}],"group":"cf-nel","max_age":604800}
expires: Tue, 03 Dec 2024 21:19:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=40814&min_rtt=25966&rtt_var=3579&sent=92&recv=56&lost=0&retrans=0&sent_bytes=91278&recv_bytes=13128&delivery_rate=641113&cwnd=35100&unsent_bytes=0&cid=86b58d04b9a65f42&ts=1212&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 21:08:55 GMT
content-type: image/png
last-modified: Thu, 15 Mar 2018 07:45:14 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=31536000
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb424975a23a-YYZ
accept-ranges: bytes
content-length: 3894
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
server: cloudflare

GET
H3 200 tab-selected-light.png
br.do4a.me/styles/default/xenforo/gradients/ 1006 B
2 KB 669ms
658ms Image
image/png 172.67.215.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://br.do4a.me/styles/default/xenforo/gradients/tab-selected-light.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.215.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5097da42217e110eb92e74d0834e712ea85c4795f54125cab5cd1c3d46103f7

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/css.php?css=MinimalismToTop,cmf_block,cmf_news,discussion_list,do4a,login_bar,message,message_user_info,nat_public_css,notices&style=6&dir=LTR&d=1732392419

Response headers

cf-cache-status: BYPASS
etag: "5aaa248a-3ee"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hPnztMuvoZErtY62DqVmaoCCLP3rH61za4Zty6Hk970hNXW6O0nTfMSVlF1IDLTpNwAu%2B3nztY4kZ%2Flo9G%2FB4wNJ9eJxtwCv1KkITxcIpTLME8rkENzjeWyMw6nP"}],"group":"cf-nel","max_age":604800}
expires: Tue, 03 Dec 2024 21:19:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47631&min_rtt=25966&rtt_var=7959&sent=126&recv=74&lost=0&retrans=0&sent_bytes=129650&recv_bytes=13931&delivery_rate=541490&cwnd=37800&unsent_bytes=0&cid=86b58d04b9a65f42&ts=1278&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 21:08:55 GMT
content-type: image/png
last-modified: Thu, 15 Mar 2018 07:45:14 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=31536000
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb424977a23a-YYZ
accept-ranges: bytes
content-length: 1006
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
server: cloudflare

GET
H3 200 122014.jpg
br.do4a.me/data/avatars/m/122/ 16 KB
17 KB 697ms
686ms Image
image/jpeg 172.67.215.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://br.do4a.me/data/avatars/m/122/122014.jpg?1732517986

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.215.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0a07695683802fd010a8c5cbf4b2b12a7a5feeef49f5a0b7b94df3b83c7fd8b

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

cf-cache-status: BYPASS
etag: "67442062-3f7e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tg7g6LJUWRGyWuQFJJ2fra%2F8VwoOBny6khAU2KhKyPNZTncxDPhJg90NgDN2AMepT8SsmeMgv5GTU33ZW2Xu%2Fg64pc3G%2FYPVDd6hcOft7BM0MXzPTKYAOBOoR618"}],"group":"cf-nel","max_age":604800}
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=56676&min_rtt=25966&rtt_var=7230&sent=208&recv=92&lost=0&retrans=0&sent_bytes=223681&recv_bytes=14742&delivery_rate=738762&cwnd=55200&unsent_bytes=0&cid=86b58d04b9a65f42&ts=1404&x=1", cfExtPri, cfHdrFlush;dur=61
date: Tue, 26 Nov 2024 21:08:55 GMT
content-type: image/jpeg
last-modified: Mon, 25 Nov 2024 06:59:46 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=31536000
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb42497aa23a-YYZ
accept-ranges: bytes
content-length: 16254
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
server: cloudflare

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/wsCpHNUkNeQ/ 16 KB
16 KB 440ms
62ms Image
image/jpeg 2607:f8b0:4004:c19::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/wsCpHNUkNeQ/hqdefault.jpg

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::77 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97b21bd731d92bd43d60cdeeb0b243399b3a4dcd113846a2d12cd757eba73733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

etag: "1730767324"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 23:08:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 21:08:55 GMT
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 16174
x-xss-protection: 0
server: sffe

GET
H3 200 105546.jpg
br.do4a.me/data/avatars/m/105/ 2 KB
3 KB 666ms
656ms Image
image/jpeg 172.67.215.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://br.do4a.me/data/avatars/m/105/105546.jpg?1509465179

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.215.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a77aa432c1e49686dff4537b59379d4909ee77469c366f01dcf93c936e67e4c7

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

cf-cache-status: BYPASS
etag: "59f89c5b-92f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G2569Gjt5p0PSyi67ZirOE%2BMucS1VzgmDzQKCKr5GhvKhX6rtpMxlexmasmagl9xezeMfoUh5jlf11OPj7H2FW8tgmcEvPpGmxZogmUTHhy%2FBWSwFdlwHFD%2Fd9zd"}],"group":"cf-nel","max_age":604800}
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47631&min_rtt=25966&rtt_var=7959&sent=128&recv=74&lost=0&retrans=0&sent_bytes=131530&recv_bytes=13931&delivery_rate=541490&cwnd=37800&unsent_bytes=0&cid=86b58d04b9a65f42&ts=1284&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 21:08:55 GMT
content-type: image/jpeg
last-modified: Tue, 31 Oct 2017 15:52:59 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=31536000
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb42497ca23a-YYZ
accept-ranges: bytes
content-length: 2351
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
server: cloudflare

GET
H3 200 category-23px-light.png
br.do4a.me/styles/default/xenforo/gradients/ 1 KB
2 KB 417ms
407ms Image
image/png 172.67.215.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://br.do4a.me/styles/default/xenforo/gradients/category-23px-light.png

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/css.php?css=xenforo,form,public&style=6&dir=LTR&d=1732392419

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.215.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cc4cae0bb86846428c4d8471ec2cd1627e7df4ce1fc4e4bb11c94cf557f9c8e

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/css.php?css=xenforo,form,public&style=6&dir=LTR&d=1732392419

Response headers

cf-cache-status: BYPASS
etag: "5aaa248a-430"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f8LBqP6SLemEV2whR8Ea5eAsaaM1HZ7gBaWmVdKaVdieYYlnOutV5E9m0%2FDox%2FPjNEhHYZPqA%2BgPpZzT2i0AfG9cR%2FlxFGEE8EzfuO2aw0pvRIRQXdkaZU1aG6b9"}],"group":"cf-nel","max_age":604800}
expires: Tue, 03 Dec 2024 21:19:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=40814&min_rtt=25966&rtt_var=3579&sent=89&recv=56&lost=0&retrans=0&sent_bytes=88336&recv_bytes=13128&delivery_rate=641113&cwnd=35100&unsent_bytes=0&cid=86b58d04b9a65f42&ts=1202&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 21:08:55 GMT
content-type: image/png
last-modified: Thu, 15 Mar 2018 07:45:14 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=31536000
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb424980a23a-YYZ
accept-ranges: bytes
content-length: 1072
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
server: cloudflare

GET
H3 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ 32 KB
32 KB 336ms
57ms Font
font/woff2 142.251.179.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700,400italic,700italic&subset=latin,cyrillic-ext,latin-ext,cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f94.1e100.net

Software

sffe /

Resource Hash

4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://br.do4a.me
Referer: https://fonts.googleapis.com/

Response headers

age: 435153
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 20:16:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 20:16:22 GMT
last-modified: Tue, 02 May 2023 15:52:25 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33116
x-xss-protection: 0
server: sffe

GET
H3 200 EJRSQgYoZZY2vCFuvAnt66qWVyvHpA.woff2
fonts.gstatic.com/s/ptserif/v18/ 20 KB
20 KB 365ms
86ms Font
font/woff2 142.251.179.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRSQgYoZZY2vCFuvAnt66qWVyvHpA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700,400italic,700italic&subset=latin,cyrillic-ext,latin-ext,cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f94.1e100.net

Software

sffe /

Resource Hash

acf9911eaa381e18fbd67241d47323ca848dfa1fe1fd0e1c02ba90e319809649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://br.do4a.me
Referer: https://fonts.googleapis.com/

Response headers

age: 456038
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 14:28:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 14:28:17 GMT
last-modified: Tue, 02 May 2023 15:31:10 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20904
x-xss-protection: 0
server: sffe

GET
H3 200 EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v18/ 29 KB
29 KB 366ms
87ms Font
font/woff2 142.251.179.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700,400italic,700italic&subset=latin,cyrillic-ext,latin-ext,cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f94.1e100.net

Software

sffe /

Resource Hash

bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://br.do4a.me
Referer: https://fonts.googleapis.com/

Response headers

age: 414876
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 01:54:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 01:54:19 GMT
last-modified: Tue, 02 May 2023 15:28:35 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 29588
x-xss-protection: 0
server: sffe

GET
H3 200 EJRVQgYoZZY2vCFuvAFSzr-tdg.woff2
fonts.gstatic.com/s/ptserif/v18/ 22 KB
22 KB 398ms
119ms Font
font/woff2 142.251.179.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFSzr-tdg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700,400italic,700italic&subset=latin,cyrillic-ext,latin-ext,cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f94.1e100.net

Software

sffe /

Resource Hash

089baa8e2efa0d4452f21704412d6f34aad7060c3aaa69cc7e661610f4048673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://br.do4a.me
Referer: https://fonts.googleapis.com/

Response headers

age: 405488
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 04:30:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 04:30:47 GMT
last-modified: Tue, 02 May 2023 16:04:05 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22084
x-xss-protection: 0
server: sffe

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 154ms
40ms Fetch
text/plain 2607:f8b0:4004:c17::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-98JGTJBXV1&gtm=45je4bk0v9107395365za200&_p=1732655333927&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=518052652.1732655335&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1732655335&sct=1&seg=0&dl=https%3A%2F%2Fbr.do4a.me%2F&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%7C%20Do4a.com%20-%20%D0%92%D1%82%D0%BE%D1%80%D0%BE%D0%B5%20%D0%B4%D1%8B%D1%85%D0%B0%D0%BD%D0%B8%D0%B5&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3672
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-98JGTJBXV1&l=dataLayer&cx=c&gtm=457e4bk0za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://br.do4a.me
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 21:08:55 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
281 B 84ms
40ms XHR
text/plain 2607:f8b0:4004:c17::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1112872781&t=pageview&_s=1&dl=https%3A%2F%2Fbr.do4a.me%2F&ul=en-ca&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%7C%20Do4a.com%20-%20%D0%92%D1%82%D0%BE%D1%80%D0%BE%D0%B5%20%D0%B4%D1%8B%D1%85%D0%B0%D0%BD%D0%B8%D0%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1730657469&gjid=1156092867&cid=518052652.1732655335&tid=UA-120595707-1&_gid=1953894817.1732655335&_r=1&gtm=457e4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&jsscut=1&z=1770682914

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://br.do4a.me/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 21:08:55 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://br.do4a.me
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H2 200 collect
www.google-analytics.com/ 35 B
368 B 73ms
33ms Image
image/gif 2607:f8b0:4004:c17::66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1112872781&t=pageview&_s=2&dl=https%3A%2F%2Fbr.do4a.me%2F&ul=en-ca&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%7C%20Do4a.com%20-%20%D0%92%D1%82%D0%BE%D1%80%D0%BE%D0%B5%20%D0%B4%D1%8B%D1%85%D0%B0%D0%BD%D0%B8%D0%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=518052652.1732655335&tid=UA-120595707-1&_gid=1953894817.1732655335&gtm=457e4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&jsscut=1&z=685708035

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

age: 65449
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 02:58:06 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10576.dDhD3aJsXi8mGu1IdxZzo7XgOUN20PDKFx-M8M_DrzVG6aunxvb2o0YWvUvPAcjn.bEXIyXMRiGRa6NIpqEWFe7_IXTo%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10576.MgMS9DPsPSPd70mucivxJu7jmmK-7eCq-6allD4INT46ovcVvxR5xU1_SwOclaaT85f4G9syMZE-B7RGRpWhG9NKkh3GcvzWRrYU5ikKb5ivg8OjJJEpQ0sQ9mxCzxjhzNzUu2l3XJ...

43 B
483 B

238ms
103ms

Image
image/gif

2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10576.MgMS9DPsPSPd70mucivxJu7jmmK-7eCq-6allD4INT46ovcVvxR5xU1_SwOclaaT85f4G9syMZE-B7RGRpWhG9NKkh3GcvzWRrYU5ikKb5ivg8OjJJEpQ0sQ9mxCzxjhzNzUu2l3XJ_i6D0o3uv0QpuVoAquYJunRJQeKt6kzDVuHN_H2VwQcHO_GkqSTNNRiJb6P-KGUvUDf3WU8BlIEgrvnruTinKKnq0-5XtppFs%2C.Fczx9oqeKMh7Pl21yrmKgkxbt74%2C

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
date: Tue, 26 Nov 2024 21:08:56 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=31536000
location: https://mc.yandex.com/sync_cookie_image_decide?token=10576.MgMS9DPsPSPd70mucivxJu7jmmK-7eCq-6allD4INT46ovcVvxR5xU1_SwOclaaT85f4G9syMZE-B7RGRpWhG9NKkh3GcvzWRrYU5ikKb5ivg8OjJJEpQ0sQ9mxCzxjhzNzUu2l3XJ_i6D0o3uv0QpuVoAquYJunRJQeKt6kzDVuHN_H2VwQcHO_GkqSTNNRiJb6P-KGUvUDf3WU8BlIEgrvnruTinKKnq0-5XtppFs%2C.Fczx9oqeKMh7Pl21yrmKgkxbt74%2C
x-xss-protection: 1; mode=block
date: Tue, 26 Nov 2024 21:08:56 GMT

GET
H2 200 upload.gif
vk.com/images/ 230 B
527 B 198ms
194ms Image
image/gif 87.240.129.133
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vk.com/images/upload.gif
Requested by: Host: br.do4a.me
URL: https://br.do4a.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.240.129.133 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS VKontakte Ltd, RU),
Reverse DNS: srv133-129-240-87.vk.com
Software: kittenx /
Resource Hash: 0d7e358637c1b1caa66949aefc529c1e4488923f99e499d6be09eb8cdd0b4202

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

x-frontend: front652536
cache-control: max-age=604800
x-trace-id: W001OgTlXY0jTQJfAYfSPtDSX9oRZw
expires: Tue, 03 Dec 2024 21:08:55 GMT
server-timing: tid;desc="bDgLyiziUxFf2uUNNCGAQwbM0uRmzg",tid;desc="W001OgTlXY0jTQJfAYfSPtDSX9oRZw",front;dur=0.192
content-length: 230
date: Tue, 26 Nov 2024 21:08:55 GMT
content-type: image/gif
last-modified: Sun, 17 Nov 2024 03:08:20 GMT
server: kittenx

GET
H3 200 header-middle.png
br.do4a.me/styles/default/do4a/background/ 57 KB
58 KB 1356ms
1354ms Image
image/png 172.67.215.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://br.do4a.me/styles/default/do4a/background/header-middle.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.215.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3d83a3a346c0e0daeab4e8c6a35fe7bb8ed1fc0bd831d39a019c07894e3af8c

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/css.php?css=MinimalismToTop,cmf_block,cmf_news,discussion_list,do4a,login_bar,message,message_user_info,nat_public_css,notices&style=6&dir=LTR&d=1732392419

Response headers

cf-cache-status: BYPASS
etag: "519e3da7-e525"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MigTKhWl1PcYm%2BgPlSVn9VRb5OoNFbLGDxg0ZxJDYQEH9vGAW99XeaGW5ZjicgH4VyPBJs4%2FJAlUuQ9KaFOyUuRRVHz1ykZfjfHeKDItiyQkL1Yx1Vfz0qXfBZHW"}],"group":"cf-nel","max_age":604800}
expires: Tue, 03 Dec 2024 21:19:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30196&min_rtt=24943&rtt_var=1375&sent=2082&recv=664&lost=18&retrans=17&sent_bytes=2404053&recv_bytes=44523&delivery_rate=1053383&cwnd=103650&unsent_bytes=0&cid=86b58d04b9a65f42&ts=3275&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 21:08:57 GMT
content-type: image/png
last-modified: Thu, 23 May 2013 16:02:47 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=31536000
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb497ba1a23a-YYZ
accept-ranges: bytes
content-length: 58661
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
server: cloudflare

GET
H3 200 header-repeat.png
br.do4a.me/styles/default/do4a/background/ 1 KB
2 KB 1141ms
1139ms Image
image/png 172.67.215.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://br.do4a.me/styles/default/do4a/background/header-repeat.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.215.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d439b2ba91eba302241a286778b34deadb403db4e7eaaaf20c61c41b80f3225b

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/css.php?css=MinimalismToTop,cmf_block,cmf_news,discussion_list,do4a,login_bar,message,message_user_info,nat_public_css,notices&style=6&dir=LTR&d=1732392419

Response headers

cf-cache-status: BYPASS
etag: "519e3da7-56e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lv4S0XVQXcdJo0er5iveEg76fXqXzz76OcwwJoqgE6rPXGl4ZXHMD%2Bj9JukAwLSzgX3h5N1ItZ%2BfyaDs%2F5qxllGhgHGk2SOsnveEQBMk1mjKUsMr3NgcThjG9tCH"}],"group":"cf-nel","max_age":604800}
expires: Tue, 03 Dec 2024 21:19:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29334&min_rtt=24947&rtt_var=2201&sent=1889&recv=611&lost=18&retrans=17&sent_bytes=2176837&recv_bytes=42112&delivery_rate=1087106&cwnd=103650&unsent_bytes=0&cid=86b58d04b9a65f42&ts=3065&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 21:08:56 GMT
content-type: image/png
last-modified: Thu, 23 May 2013 16:02:47 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=31536000
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb497ba7a23a-YYZ
accept-ranges: bytes
content-length: 1390
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
server: cloudflare

GET
H3 200 navTabs.png
br.do4a.me/styles/default/do4a/background/ 5 KB
6 KB 1177ms
1176ms Image
image/png 172.67.215.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://br.do4a.me/styles/default/do4a/background/navTabs.png

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/css.php?css=xenforo,form,public&style=6&dir=LTR&d=1732392419

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.215.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

370aa4b40c9f6e0c362e4c68d21f29b52c140e18d00258ccce17dcf6b15a8ebb

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/css.php?css=xenforo,form,public&style=6&dir=LTR&d=1732392419

Response headers

cf-cache-status: BYPASS
etag: "519e3da7-132f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bn%2F%2Bd%2F120sp8qlbfGIbA9Tv5UfDPxmx6ChpUDX%2Bag%2BuWYGKP6OAGaT6nmLX6LapMscQp9632pUPPYRtyhYUWK1YS4UCUQ4G%2FI9sKiiQpgI6PlpRNOeMvNurVRaLb"}],"group":"cf-nel","max_age":604800}
expires: Tue, 03 Dec 2024 21:19:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28785&min_rtt=24943&rtt_var=2748&sent=1923&recv=613&lost=18&retrans=17&sent_bytes=2217093&recv_bytes=42202&delivery_rate=91006&cwnd=103650&unsent_bytes=0&cid=86b58d04b9a65f42&ts=3104&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 21:08:57 GMT
content-type: image/png
last-modified: Thu, 23 May 2013 16:02:47 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=31536000
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb497ba9a23a-YYZ
accept-ranges: bytes
content-length: 4911
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
server: cloudflare

GET
H3 200 navTab.png
br.do4a.me/styles/default/do4a/background/ 2 KB
3 KB 1164ms
1163ms Image
image/png 172.67.215.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://br.do4a.me/styles/default/do4a/background/navTab.png

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/css.php?css=xenforo,form,public&style=6&dir=LTR&d=1732392419

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.215.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59840f0f69f826c3cf93f3ea73b400d38677a81367819f6459e76f0fdd3dad22

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/css.php?css=xenforo,form,public&style=6&dir=LTR&d=1732392419

Response headers

cf-cache-status: BYPASS
etag: "519e3da7-9cf"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lH2ngYFXdkG0apU34sJFXp0VWwfcEDXmc57Sx225LRT8ss%2BDOS%2B6j%2FI4J3mE4f0WhAT%2BHHLJrvzZy40qYN9R91i%2Flt8A3BhnyZTWtSdPbd5bU5wDxmF80y0eO0Ca"}],"group":"cf-nel","max_age":604800}
expires: Tue, 03 Dec 2024 21:19:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29334&min_rtt=24947&rtt_var=2201&sent=1906&recv=611&lost=18&retrans=17&sent_bytes=2196923&recv_bytes=42112&delivery_rate=1087106&cwnd=103650&unsent_bytes=0&cid=86b58d04b9a65f42&ts=3086&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 21:08:57 GMT
content-type: image/png
last-modified: Thu, 23 May 2013 16:02:47 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=31536000
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb497baba23a-YYZ
accept-ranges: bytes
content-length: 2511
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
server: cloudflare

GET
H3 200 footer_center.png
br.do4a.me/styles/default/do4a/background/ 56 KB
57 KB 1311ms
1310ms Image
image/png 172.67.215.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://br.do4a.me/styles/default/do4a/background/footer_center.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.215.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c114810a6123b95b0169a70a8ec481a8880f68b093e322efb7a12e8607ebbf4

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/css.php?css=MinimalismToTop,cmf_block,cmf_news,discussion_list,do4a,login_bar,message,message_user_info,nat_public_css,notices&style=6&dir=LTR&d=1732392419

Response headers

cf-cache-status: BYPASS
etag: "53ddddd8-ded9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TOP1fQrN9Cv6Rqe6yWbFU1fHSqkwK%2BhPbEOFyNLTE46vOacrJUEs%2BAKfZ2Qc4KyZxKofcn8KRpbmcBM%2B5MDhIriWO4EJp1bqawUZ5VJ5mUqrupxuE5XGPIa%2F9zZ3"}],"group":"cf-nel","max_age":604800}
expires: Tue, 03 Dec 2024 21:19:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31606&min_rtt=24943&rtt_var=3906&sent=2055&recv=650&lost=18&retrans=17&sent_bytes=2371960&recv_bytes=43885&delivery_rate=1587034&cwnd=103650&unsent_bytes=0&cid=86b58d04b9a65f42&ts=3240&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 21:08:57 GMT
content-type: image/png
last-modified: Sun, 03 Aug 2014 06:59:36 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=31536000
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb497baea23a-YYZ
accept-ranges: bytes
content-length: 57049
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
server: cloudflare

GET
H3 200 footer_repeat.png
br.do4a.me/styles/default/do4a/background/ 210 B
1 KB 1134ms
1133ms Image
image/png 172.67.215.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://br.do4a.me/styles/default/do4a/background/footer_repeat.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.215.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ad84f0388ef8b6f53e56faedb564aaa37b9e3e7e431afd7b808beb26f82f87d

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/css.php?css=MinimalismToTop,cmf_block,cmf_news,discussion_list,do4a,login_bar,message,message_user_info,nat_public_css,notices&style=6&dir=LTR&d=1732392419

Response headers

cf-cache-status: BYPASS
etag: "53dddddc-d2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1oJoZODipJK711XGUuSlxVrKGD7uXWpjxa9BuYShiHTJjck7jtO3B7UbAR0A1IWfHJPUfd9X%2FRfkDSif97WotJXRe4qoBGp%2Fu0OSXISMsYo%2Brg264oPrDAINIyKA"}],"group":"cf-nel","max_age":604800}
expires: Tue, 03 Dec 2024 21:19:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29334&min_rtt=24947&rtt_var=2201&sent=1891&recv=611&lost=18&retrans=17&sent_bytes=2179107&recv_bytes=42112&delivery_rate=1087106&cwnd=103650&unsent_bytes=0&cid=86b58d04b9a65f42&ts=3067&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 21:08:56 GMT
content-type: image/png
last-modified: Sun, 03 Aug 2014 06:59:40 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=31536000
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb497bafa23a-YYZ
accept-ranges: bytes
content-length: 210
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
server: cloudflare

GET
H2 200 widget_community.php
vk.com/ Frame 9CEB 0
0 828ms
400ms Document
text/html 93.186.225.194
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/widget_community.php?app=0&width=260px&_ver=1&gid=26456494&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=400&url=https%3A%2F%2Fbr.do4a.me%2F&referrer=&title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%7C%20Do4a.com%20-%20%D0%92%D1%82%D0%BE%D1%80%D0%BE%D0%B5%20%D0%B4%D1%8B%D1%85%D0%B0%D0%BD%D0%B8%D0%B5&1936a4e49b2

Requested by

Host: vk.com
URL: https://vk.com/js/api/openapi.js?116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

93.186.225.194 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS VKontakte Ltd, RU),

Reverse DNS

Software

kittenx / KPHP/7.4.119714

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://.vk.com https://vk.ru https://.vk.ru https://static.vk.me https://.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://.yandex.ru https://.google-analytics.com https://.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://.google.com https://google.com https://.vkpartner.ru https://.moatads.com https://.adlooxtracking.ru https://.serving-sys.ru https://.weborama-tech.ru https://.gstatic.com https://.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://.vk-cdn.net https://.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://.vk.com https://vk.ru https://.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=15768000
X-Xss-Protection	1; report=/xss_reports

Request headers

Referer: https://br.do4a.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-expose-headers: X-Frontend
cache-control: no-store
content-encoding: gzip
content-length: 20819
content-security-policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline'
content-type: text/html; charset=windows-1251
date: Tue, 26 Nov 2024 21:08:56 GMT
origin-agent-cluster: ?0
reporting-endpoints: default="https://vk.com/browser_reports?dest=default_reports"
server: kittenx
server-timing: tid;desc="hqvhz2TNGkO3pX2mKVn8jKIIPJEdJw",front;dur=0.102
strict-transport-security: max-age=15768000
x-frontend: front661502
x-powered-by: KPHP/7.4.119714
x-trace-id: hqvhz2TNGkO3pX2mKVn8jKIIPJEdJw
x-xss-protection: 1; report=/xss_reports

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
598 B 237ms
232ms Image
image/gif 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
etag: "673e04f1-2b"
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Tue, 26 Nov 2024 22:08:56 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43
date: Tue, 26 Nov 2024 21:08:56 GMT
last-modified: Wed, 20 Nov 2024 15:49:05 GMT
content-type: image/gif

GET
H2 200 metrika_match.html
mc.yandex.com/metrika/ Frame D6A4 0
0 669ms
201ms Document
text/html 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://br.do4a.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 1452
content-type: text/html
date: Tue, 26 Nov 2024 21:08:57 GMT
etag: "673e04f1-5ac"
expires: Tue, 26 Nov 2024 22:08:57 GMT
last-modified: Wed, 20 Nov 2024 15:49:05 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2

200

1 Show response
mc.yandex.com/watch/50963516/
Redirect Chain

https://mc.yandex.com/watch/50963516?wmode=7&page-url=https%3A%2F%2Fbr.do4a.me%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...
https://mc.yandex.com/watch/50963516/1?wmode=7&page-url=https%3A%2F%2Fbr.do4a.me%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3...

615 B
835 B

187ms
181ms

Fetch
application/json

2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/50963516/1?wmode=7&page-url=https%3A%2F%2Fbr.do4a.me%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A1530%3Acn%3A1%3Adp%3A0%3Als%3A390204739083%3Ahid%3A1056244458%3Az%3A-480%3Ai%3A20241126130855%3Aet%3A1732655336%3Ac%3A1%3Arn%3A541562530%3Arqn%3A1%3Au%3A1732655336685797832%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3297%3Awv%3A2%3Ads%3A58%2C76%2C773%2C29%2C1255%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1732655331639%3Agi%3AR0ExLjIuNTE4MDUyNjUyLjE3MzI2NTUzMzU%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1732655337%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%7C%20Do4a.com%20-%20%D0%92%D1%82%D0%BE%D1%80%D0%BE%D0%B5%20%D0%B4%D1%8B%D1%85%D0%B0%D0%BD%D0%B8%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29ti%281%29

Requested by

Host: br.do4a.me
URL: https://br.do4a.me/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

324913f108c535e58899e8b037c098686586e6cf4c78ab53d84314083f6b4c02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma: no-cache
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Tue, 26-Nov-2024 21:08:56 GMT
access-control-allow-origin: https://br.do4a.me
content-length: 615
x-xss-protection: 1; mode=block
date: Tue, 26 Nov 2024 21:08:56 GMT
last-modified: Tue, 26-Nov-2024 21:08:56 GMT
content-type: application/json; charset=utf-8

Redirect headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: /watch/50963516/1?wmode=7&page-url=https%3A%2F%2Fbr.do4a.me%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A1530%3Acn%3A1%3Adp%3A0%3Als%3A390204739083%3Ahid%3A1056244458%3Az%3A-480%3Ai%3A20241126130855%3Aet%3A1732655336%3Ac%3A1%3Arn%3A541562530%3Arqn%3A1%3Au%3A1732655336685797832%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3297%3Awv%3A2%3Ads%3A58%2C76%2C773%2C29%2C1255%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1732655331639%3Agi%3AR0ExLjIuNTE4MDUyNjUyLjE3MzI2NTUzMzU%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1732655337%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%7C%20Do4a.com%20-%20%D0%92%D1%82%D0%BE%D1%80%D0%BE%D0%B5%20%D0%B4%D1%8B%D1%85%D0%B0%D0%BD%D0%B8%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29ti%281%29
pragma: no-cache
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials: true
expires: Tue, 26-Nov-2024 21:08:56 GMT
access-control-allow-origin: https://br.do4a.me
x-xss-protection: 1; mode=block
date: Tue, 26 Nov 2024 21:08:56 GMT
last-modified: Tue, 26-Nov-2024 21:08:56 GMT

GET
H3 200 favicon.ico
br.do4a.me/ 1 KB
1 KB 402ms
398ms Other
image/x-icon 172.67.215.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://br.do4a.me/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.215.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c21749fafcf76df68e02bef45c19055c1aac9d51de778e931c1df4d3f1ab898

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://br.do4a.me/

Response headers

content-encoding: zstd
cf-cache-status: BYPASS
etag: W/"519e3da7-47e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=msRNOxtwxDSf8yt%2FGCTtQoZBWScqvOFRwZVY6CpDrWg0NdCRruyaDHQHFHeCw%2BcGSXc9Y2gRLeC6qo4cObYCFTL%2BJMUNtD8VVxQ4woLBAGOrI4o0%2BXFCuA4j%2BYrj"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34268&min_rtt=24900&rtt_var=9306&sent=2927&recv=918&lost=18&retrans=17&sent_bytes=3396614&recv_bytes=56598&delivery_rate=791008&cwnd=103650&unsent_bytes=0&cid=86b58d04b9a65f42&ts=12709&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 21:09:06 GMT
content-type: image/x-icon
last-modified: Thu, 23 May 2013 16:02:47 GMT
vary: Accept-Encoding
priority: u=1,i
strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8cdb8a2b6da23a-YYZ
public-key-pins: pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
server: cloudflare

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: nrNj39yid_Q
.youtube.com/	1970-01-21 05:36:47	Name: VISITOR_INFO1_LIVE Value: esLFCsA02Xw
.youtube.com/	1970-01-21 05:36:47	Name: VISITOR_PRIVACY_METADATA Value: CgJDQRIEGgAgNA%3D%3D
.do4a.me/	1970-01-21 10:53:35	Name: _ga_98JGTJBXV1 Value: GS1.1.1732655335.1.0.1732655335.0.0.0
.do4a.me/	1970-01-21 10:53:35	Name: _ga Value: GA1.2.518052652.1732655335
.do4a.me/	1970-01-21 01:19:01	Name: _gid Value: GA1.2.1953894817.1732655335
.do4a.me/	1970-01-21 01:17:35	Name: _gat_gtag_UA_120595707_1 Value: 1
.vk.com/	1970-01-21 10:04:44	Name: remixlang Value: 3
.vk.com/	1970-01-21 10:03:11	Name: remixstlid Value: 9069032216263160679_Q56JMiC2WOeMtxNzqeSIj26YkTGYQHKGs1edI83AlJL
.yandex.ru/	1970-01-21 10:53:35	Name: i Value: CBb6+7f5YRcKO0vG9TlmwR400dRr14GL3doG3ETAnOnBxJXFGHm+zhpz8tqAxr1TJBAuRjAaD1LQECAJal4xX+WIDjA=
.yandex.ru/	1970-01-21 10:53:35	Name: yandexuid Value: 3479823891732655335
.yandex.ru/	1970-01-21 10:03:11	Name: yashr Value: 9950951381732655335
.do4a.me/	1970-01-21 10:03:11	Name: _ym_uid Value: 1732655336685797832
.do4a.me/	1970-01-21 10:03:11	Name: _ym_d Value: 1732655336
.mc.yandex.com/	1970-01-21 01:17:35	Name: sync_cookie_csrf Value: 2490959337fake
br.do4a.me/	1969-12-31 23:59:59	Name: xf_session Value: e15f1bf6d372c901c5b0bc3e08fb2e74
.mc.yandex.ru/	1970-01-21 01:17:35	Name: sync_cookie_csrf Value: 3612419932fake
.yandex.com/	1970-01-21 10:03:11	Name: yashr Value: 2234830971732655336
.do4a.me/	1970-01-21 01:18:47	Name: _ym_isad Value: 2
.yandex.com/	1970-01-21 10:53:35	Name: yandexuid Value: 3479823891732655335
.yandex.com/	1970-01-21 10:53:35	Name: yuidss Value: 3479823891732655335
.yandex.com/	1970-01-21 10:53:35	Name: i Value: CBb6+7f5YRcKO0vG9TlmwR400dRr14GL3doG3ETAnOnBxJXFGHm+zhpz8tqAxr1TJBAuRjAaD1LQECAJal4xX+WIDjA=
.mc.yandex.com/	1970-01-21 01:19:01	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 548238071732655336
.yandex.com/	1970-01-21 10:03:11	Name: ymex Value: 2048015336.yrts.1732655336
.yandex.com/	1970-01-21 10:03:11	Name: receive-cookie-deprecation Value: 1
.vk.com/	1970-01-21 10:07:00	Name: remixstid Value: 1364073129_KFZaG32UEICMeygS1eB89uZgZd64FcD46UMcJqcYtqk
.yandex.com/	1970-01-21 10:53:35	Name: bh Value: KgI/MGDo8Zi6Bg==
.vk.com/	1970-01-21 01:17:36	Name: remixsts Value: %7B%22data%22%3A%5B%5B1732655341%2C%22entries_requests%22%2C1%2C%22polyfills%22%2C%22widgets%22%5D%2C%5B1732655341%2C%22entries_requests%22%2C1%2C%22ui_common%22%2C%22web%22%5D%2C%5B1732655341%2C%22entries_requests%22%2C1%2C%22audioplayer%22%2C%22web%22%5D%2C%5B1732655341%2C%22entries_requests%22%2C1%2C%22likes%22%2C%22web%22%5D%2C%5B1732655341%2C%22entries_requests%22%2C1%2C%22community%22%2C%22widgets%22%5D%5D%2C%22uniqueId%22%3A478245171.94356847%7D

23 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://br.do4a.me/ Message: Mixed Content: The page at 'https://br.do4a.me/' was loaded over HTTPS, but requested an insecure element 'http://bannernetwork.net/do4a/bwyanab.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://br.do4a.me/ Message: Mixed Content: The page at 'https://br.do4a.me/' was loaded over HTTPS, but requested an insecure element 'http://bannernetwork.net/do4a/phl25s.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://br.do4a.me/ Message: Mixed Content: The page at 'https://br.do4a.me/' was loaded over HTTPS, but requested an insecure element 'http://bannernetwork.net/do4a/realbig.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://br.do4a.me/ Message: Mixed Content: The page at 'https://br.do4a.me/' was loaded over HTTPS, but requested an insecure element 'http://bannernetwork.net/do4a/rubelfarma.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://br.do4a.me/ Message: Mixed Content: The page at 'https://br.do4a.me/' was loaded over HTTPS, but requested an insecure element 'http://bannernetwork.net/do4a/brutal.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://br.do4a.me/ Message: Mixed Content: The page at 'https://br.do4a.me/' was loaded over HTTPS, but requested an insecure element 'http://bannernetwork.net/do4a/d4strongf.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://br.do4a.me/ Message: Mixed Content: The page at 'https://br.do4a.me/' was loaded over HTTPS, but requested an insecure element 'http://bannernetwork.net/do4a/d4profarm.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://br.do4a.me/ Message: Mixed Content: The page at 'https://br.do4a.me/' was loaded over HTTPS, but requested an insecure element 'http://bannernetwork.net/do4a/rmassa.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://br.do4a.me/ Message: Mixed Content: The page at 'https://br.do4a.me/' was loaded over HTTPS, but requested an insecure element 'http://bannernetwork.net/do4a/eventhilma.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://br.do4a.me/ Message: Mixed Content: The page at 'https://br.do4a.me/' was loaded over HTTPS, but requested an insecure element 'http://bannernetwork.net/do4a/farmdo4a.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://br.do4a.me/ Message: Mixed Content: The page at 'https://br.do4a.me/' was loaded over HTTPS, but requested an insecure element 'http://bannernetwork.net/do4a/homosteron.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://br.do4a.me/(Line 1633) Message: Mixed Content: The page at 'https://br.do4a.me/' was loaded over HTTPS, but requested an insecure element 'http://bannernetwork.net/do4a/bwyanab.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://br.do4a.me/(Line 1633) Message: Mixed Content: The page at 'https://br.do4a.me/' was loaded over HTTPS, but requested an insecure element 'http://bannernetwork.net/do4a/phl25s.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://br.do4a.me/(Line 1633) Message: Mixed Content: The page at 'https://br.do4a.me/' was loaded over HTTPS, but requested an insecure element 'http://bannernetwork.net/do4a/realbig.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://br.do4a.me/(Line 1633) Message: Mixed Content: The page at 'https://br.do4a.me/' was loaded over HTTPS, but requested an insecure element 'http://bannernetwork.net/do4a/rubelfarma.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://br.do4a.me/(Line 1633) Message: Mixed Content: The page at 'https://br.do4a.me/' was loaded over HTTPS, but requested an insecure element 'http://bannernetwork.net/do4a/brutal.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://br.do4a.me/(Line 1633) Message: Mixed Content: The page at 'https://br.do4a.me/' was loaded over HTTPS, but requested an insecure element 'http://bannernetwork.net/do4a/d4strongf.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://br.do4a.me/(Line 1633) Message: Mixed Content: The page at 'https://br.do4a.me/' was loaded over HTTPS, but requested an insecure element 'http://bannernetwork.net/do4a/d4profarm.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://br.do4a.me/(Line 1633) Message: Mixed Content: The page at 'https://br.do4a.me/' was loaded over HTTPS, but requested an insecure element 'http://bannernetwork.net/do4a/rmassa.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://br.do4a.me/(Line 1633) Message: Mixed Content: The page at 'https://br.do4a.me/' was loaded over HTTPS, but requested an insecure element 'http://bannernetwork.net/do4a/eventhilma.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://br.do4a.me/(Line 1633) Message: Mixed Content: The page at 'https://br.do4a.me/' was loaded over HTTPS, but requested an insecure element 'http://bannernetwork.net/do4a/farmdo4a.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://br.do4a.me/(Line 1633) Message: Mixed Content: The page at 'https://br.do4a.me/' was loaded over HTTPS, but requested an insecure element 'http://bannernetwork.net/do4a/homosteron.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
recommendation	verbose	URL: https://br.do4a.me/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Public-Key-Pins	pin-sha256="ihuShc0WDhVQ+2ntnX1EEo/i2a8UN/57IkzcVyPBpT4="; max-age=5184000
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN SAMEORIGIN SAMEORIGIN SAMEORIGIN SAMEORIGIN SAMEORIGIN SAMEORIGIN SAMEORIGIN SAMEORIGIN SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1 1 1 1 1 1 1 1 1 1 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bannernetwork.net
br.do4a.me
d.do4a.me
do4a.me
fonts.googleapis.com
fonts.gstatic.com
i.ytimg.com
mc.yandex.com
mc.yandex.ru
vk.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
142.251.179.94
172.67.140.28
172.67.215.209
2606:4700:3033::ac43:d7d1
2607:f8b0:4004:c08::5d
2607:f8b0:4004:c0b::5f
2607:f8b0:4004:c17::66
2607:f8b0:4004:c19::61
2607:f8b0:4004:c19::77
2a02:6b8::1:119
87.240.129.133
93.186.225.194
0123c6b41a0a234e889a4ecb57d1efbb8bda272756b89c6518f395dafc97213f
0794ec55ac26233eb8ceed5fc64073eea5d00df95da9cc31f18b578a64762782
089baa8e2efa0d4452f21704412d6f34aad7060c3aaa69cc7e661610f4048673
0a2f3885e1e5ff78b82c46c52e039aaade8c53a1e9087bd7c3506a62adbe40ca
0baa35b068dd1c4a80020f01ccd76eab83058bd6bb98877a59035771ad07d8fa
0d7e358637c1b1caa66949aefc529c1e4488923f99e499d6be09eb8cdd0b4202
13aaede5a128c09a368f24eb1c1166c3d50c09741a4ff2f7c0de21d983e155e2
148805ef840df5f06de10c18349522ea3f2ce394218c5515f54e9265828691e5
2c21749fafcf76df68e02bef45c19055c1aac9d51de778e931c1df4d3f1ab898
324913f108c535e58899e8b037c098686586e6cf4c78ab53d84314083f6b4c02
327792de13e41955dc633dd61184895624555a736af01aec05229ed2694f0058
370aa4b40c9f6e0c362e4c68d21f29b52c140e18d00258ccce17dcf6b15a8ebb
3847d4745ab20d5e517068c9221f70459299ecdb84a32c8bb72f141881ac03ff
408cd81fde12aeaa1eb73fdc912cee9206690316b7c4385601bf49cb9da6497d
4122a3744769e86ed2fff2860c224a6b1e9ab30be74712e8e248cc1b1116dfc1
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
4cc4cae0bb86846428c4d8471ec2cd1627e7df4ce1fc4e4bb11c94cf557f9c8e
4e3bf9c2ef97543f863ffb4bc558a78cb65fa9fb8ed4a8cf4a2dde813f9fa9e7
52a96390fc745db8722acba833a6200e7523dcb446d3d2ed88a81ffc35dfa255
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59840f0f69f826c3cf93f3ea73b400d38677a81367819f6459e76f0fdd3dad22
681b16ec0d24ba02941f07135fae453d52441c3af8b5cb143fe5d3bc9741779d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
709d9bcc8941ca44817a42314bed189c35856208bbd76ee8a6e447145a87b9fb
7aad57c0bb95e4b89778634414c58dabbdc17eb128bf6bda35bd69c3c689d0f2
7ad84f0388ef8b6f53e56faedb564aaa37b9e3e7e431afd7b808beb26f82f87d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c114810a6123b95b0169a70a8ec481a8880f68b093e322efb7a12e8607ebbf4
8f738aca08124efed4c6230de1f30fa12620dca691d882e60632cb9814d7b106
93431fc30d82860eab4c0de7a18986b70961d74ace4674465f7037869acb8e30
972120582a22b0e9e83bca1713ebebdf2356dda9d7c9c81c156f72f934261ec9
97b21bd731d92bd43d60cdeeb0b243399b3a4dcd113846a2d12cd757eba73733
9dd1493091907b5182922be0bf59eb7ea105fd8c9638dccdc77ac2268474f323
9e6b26193f6a7a8c1eec51c52d555e88a21cab04e6d4cdc4e8f383090254ab42
a77aa432c1e49686dff4537b59379d4909ee77469c366f01dcf93c936e67e4c7
acf9911eaa381e18fbd67241d47323ca848dfa1fe1fd0e1c02ba90e319809649
af30dd52436a2f76159752809771bf93eb2760a922c8c2dd1918281650d5cc23
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b749c11a682993ebd3e5388c095dd36743ed39935970904d22e6f7cd9ef84f1d
b84a2fab0b77340eb97cee076421f6d77203eff2fd28597ae898b1fffce7a2f5
b8f1b2c3e38022541e1371871daafdd9b7dffebad967fa5f119a5a07fbfbb2f6
bafed46a8ab75e7a050a95faafdaa0476f2afc8f5490492981e8101039e3560b
bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f
c5097da42217e110eb92e74d0834e712ea85c4795f54125cab5cd1c3d46103f7
d34c0dbd661cdde64a7d255ee3b38f2b39ff8de44dcfed9c49fbce34440086b3
d439b2ba91eba302241a286778b34deadb403db4e7eaaaf20c61c41b80f3225b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0a07695683802fd010a8c5cbf4b2b12a7a5feeef49f5a0b7b94df3b83c7fd8b
e11d2e0d15b75e22a9c4d9465af23f77d9ae62f584955f45579d9f0579bbee5e
e3d83a3a346c0e0daeab4e8c6a35fe7bb8ed1fc0bd831d39a019c07894e3af8c
e47aeb307ed0ad3f0f2d89a5093af92228e03847ccc511de1ba89ff1547bac24
e4c9b4a4fb0a1ee0d1ff9e2d3cc20c40a2c1f62749ab0ad2cd16a3e61c06e58d
e5bc640727d05aa7a0155ced393f2e6df5d60302946ebb9b2cad81a3421e55a1
e9cd06489eb8c66fd0ed7c205d613d1a0352994bba15a51949b0d1cedcdbe6db
f0dcc2c33d01d1fbe81c88119fa535d76caaf79a375f005ddb6f89095b72e5e1
f5a868fd4f5e7490ff10dc2bfd718ce2594c29f12f1e714b7d642ffa91520422
f6fd917754181fa2ec9dc8c765c23c9bcb7f943e04bae107829ea69f5464a5bf

br.do4a.me Open in urlscan Pro 2606:4700:3033::ac43:d7d1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

95 %HTTPS

58 %IPv6

11 Domains

13 Subdomains

12 IPs

2 Countries

27866 kBTransfer

28699 kBSize

29 Cookies

17 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

br.do4a.me Open in urlscan Pro
2606:4700:3033::ac43:d7d1 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

95 %
HTTPS

58 %
IPv6

11
Domains

13
Subdomains

12
IPs

2
Countries

27866 kB
Transfer

28699 kB
Size

29
Cookies

62 HTTP transactions
0 data transactions