destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
172.67.68.250200 OK 36 kB URL User Request GET HTTP/1.1 destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
IP 172.67.68.250:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26650), with CRLF, LF line terminators
Hash 2ddd53b0b6bc3d84ae421cc1af4fe2db
c338b4170da65ae31341b80fb453d4eaaa22d527
b8f88d1ddbb14cdfc918d6729157a759df437db322c1b1f6ee519379e7c528d4
GET /egIasn?utm_source=&utm_medium=QL&utm_name=1 HTTP/1.1
Host: destyy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:00:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40-0+deb8u16
Set-Cookie: PHPSESSID=jdl46ddbq08pj0cpvb4i0atgp7; expires=Wed, 07-Jun-2023 07:00:55 GMT; Max-Age=3600; path=/; domain=.shorte.st; HttpOnly
hl=en; expires=Thu, 06-Jun-2024 06:00:55 GMT; Max-Age=31536000; path=/
cookies-enable=1; path=/; httponly
Cache-Control: no-cache
X-Frame-Options: DENY
X-Server-ID: shn09
X-UA-Compatible: IE=Edge
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1eotStNs4YxbsQh8mjzD5pPFwHJZrVhPARQ%2BWaCc9Z9NZOkQdUBJXdznmjl4kbGZU0%2BK4XL8UmbzP%2B2rNi%2FPKlCjQBagC8He%2Bndij8GNNrfSGq%2Bq3WGkUprro0nX"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7d36ad721f320b59-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400
static.sh.st/js/packed/interstitial-page.js?2022-06-29.0
104.26.6.218200 OK 25 kB URL GET HTTP/1.1 static.sh.st/js/packed/interstitial-page.js?2022-06-29.0
IP 104.26.6.218:80
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
File type Unicode text, UTF-8 text, with very long lines (20454)
Hash 06eb8d871dccb0da41b67abac7022ba9
dbe95283dcf49fac294a7d3445efad665c2ee790
88bb3be0111402f5ca81aaa36cbf7c4a2755099c5d0446831331e1d1d8e7a1ef
GET /js/packed/interstitial-page.js?2022-06-29.0 HTTP/1.1
Host: static.sh.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:00:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400
Cf-Bgj: minify
Cf-Polished: origSize=102880
ETag: W/"62bc140d-191e0"
Expires: Wed, 07 Jun 2023 19:36:56 GMT
Last-Modified: Wed, 29 Jun 2022 08:57:49 GMT
Vary: Accept-Encoding
X-Server-ID: shn03
X-UA-Compatible: IE=Edge
CF-Cache-Status: HIT
Age: 37439
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDfSx9SK3OETSTstZK3fSrB1wN%2BY7Rrd55%2Ff7%2Bi6OEvynzJfHoZ2t4dVuRdiX5LfsjEXwr4N%2Bog6y8w%2BKVIMjoRWzEzoXWhR5XDHmKeF9QXZO0T6EWtgQW6lQyQW9w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7d36ad748dedb4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
static.sh.st/b5/4c/45/48/be/0d/ca/35/64/1c/e2/75/9d/8f/9e/2c/logo1707.png?2022-06-29.0
104.26.6.218200 OK 6.2 kB URL GET HTTP/1.1 static.sh.st/b5/4c/45/48/be/0d/ca/35/64/1c/e2/75/9d/8f/9e/2c/logo1707.png?2022-06-29.0
IP 104.26.6.218:80
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
File type PNG image data, 249 x 62, 8-bit/color RGBA, non-interlaced\012- data
Hash 9ca44d211b1779ef13c1f7406a76c1ff
8b5ab1222409a144c8f1d3bd2a098985bd0bcba7
fd7607ab554a8c5af9aed32593ae99aaf0682198dbbd277372e8b663bd98b001
GET /b5/4c/45/48/be/0d/ca/35/64/1c/e2/75/9d/8f/9e/2c/logo1707.png?2022-06-29.0 HTTP/1.1
Host: static.sh.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:00:55 GMT
Content-Type: image/png
Content-Length: 6226
Connection: keep-alive
Last-Modified: Fri, 17 Jul 2015 13:29:04 GMT
ETag: "55a90320-1852"
X-Server-ID: shn01
X-UA-Compatible: IE=Edge
Expires: Wed, 07 Jun 2023 14:06:57 GMT
Cache-Control: max-age=86400
CF-Cache-Status: HIT
Age: 57238
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2Bk5PX4YYOS2FJ2b7aYVuJb%2FlxhG8JFbcadqEoAwUj0LIIk4qG6f7f2h4OYyZEa%2BL2dVTxpBUx9hEqSsIk2chxdqv07rm4jflFOBUJ%2BQIdVRg17%2BGhfBKHxorxUXmg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d36ad74de5bb4ff-OSL
alt-svc: h2=":443"; ma=60
ja.rewashwudu.com/fmwhVStpL4dxap/46223
172.255.6.232200 OK 26 B URL GET HTTP/1.1 ja.rewashwudu.com/fmwhVStpL4dxap/46223
IP 172.255.6.232:80
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
File type ASCII text, with no line terminators
Hash 4fc71bf68a1d477bd1523733e34d1e90
15119105cffbe108b6cf290146ab02c9aa8517ba
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce
GET /fmwhVStpL4dxap/46223 HTTP/1.1
Host: ja.rewashwudu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Jun 2023 06:00:55 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://destyy.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Thu, 08-Jun-2023 06:00:55 GMT; Max-Age=86400; path=/
GL_GI10=eJxNjMuqwjAURWuquRalsuF%2BgD9g8TlwqvN24AeEUo8SqDkhiY%2F69doK4mSzWbBWFEXiP4XQFuPtItvOs%2FUyW2zWiM%2FEEHmBccVXE1yjTHkhyJzdvWwgHZ01G4j5CqPPVxUfCYO8mP2wThoVvubpvu006Fe63RYhaf%2FH%2B3t7HYu1t0h3tX5MD1xfw7vikRgKyluiI5I9O8uuDIT0S7uGjDHUXlnHj0b2MAn6Qk82pPh08hSkQO8mxQs5rUge; expires=Thu, 08-Jun-2023 06:00:55 GMT; Max-Age=86400; path=/
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
sh.st/st/67bc8ab5ab558c89e176234140e8de87/drop.hitmoe.com/goto/mexa.sh/FWqWsz3tDPBM.zip
104.26.6.218302 Found 228 kB URL User Request GET HTTP/2 sh.st/st/67bc8ab5ab558c89e176234140e8de87/drop.hitmoe.com/goto/mexa.sh/FWqWsz3tDPBM.zip
IP 104.26.6.218:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC6:7F:86:BA:DE:5A:E8:C6:45:7C:7C:55:01:BC:71:BB:54:01:6B:CF
ValiditySun, 30 Apr 2023 00:00:00 GMT - Mon, 29 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (38142)
Size 228 kB (228139 bytes)
Hash cae9c8866e7e32ac9b63aa2c1a4cfbb5
2d23c1ce04f95aee7e5ff2089a2501b520eb8cc1
dbb879a0d9663a969b66a342c2b405e24592e46121654705bc54a1bb960e58f7
GET /st/67bc8ab5ab558c89e176234140e8de87/drop.hitmoe.com/goto/mexa.sh/FWqWsz3tDPBM.zip HTTP/1.1
Host: sh.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 07 Jun 2023 06:00:55 GMT
content-type: text/html; charset=UTF-8
location: http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
x-powered-by: PHP/5.6.40-0+deb8u16
cache-control: no-cache
x-server-id: shn06
x-ua-compatible: IE=Edge
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: PHPSESSID=su2b8mp9eeamn5s6br1ig37p03; expires=Wed, 07-Jun-2023 07:00:55 GMT; Max-Age=3600; path=/; domain=.shorte.st; HttpOnly
hl=en; expires=Thu, 06-Jun-2024 06:00:55 GMT; Max-Age=31536000; path=/
cookies-enable=1; path=/; httponly
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ON3HKivp9Ij5Un6sOsXcOXR2TwjMPFDXqDQhu8eIGCKP4t%2FfCVP5VceugAWBcz2tXuokP0mPB1F%2FCa0uPSk63LejuxqWZwH13OH0%2FfB%2Bur2fLYrEaE4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d36ad712ecc0b51-OSL
X-Firefox-Spdy: h2
destyy.com/bundles/smeweb/img/tracking-168861.gif?t=1686117655
172.67.68.250200 OK 43 B URL GET HTTP/1.1 destyy.com/bundles/smeweb/img/tracking-168861.gif?t=1686117655
IP 172.67.68.250:80
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /bundles/smeweb/img/tracking-168861.gif?t=1686117655 HTTP/1.1
Host: destyy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Cookie: hl=en; cookies-enable=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:00:55 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
X-Server-ID: shn03
X-UA-Compatible: IE=Edge
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GORxvrRy0PthF0hu84GdYonLR0oHeLbj5h5lcNxM%2FJe91oCUAmaMFlBh8XRjFONLCjQI3YQ9VxtDqCJKbQkSzFhPAjGc8z%2FZwFrLYHh%2Bdw%2FtR8mjVLbAH1WtVODu"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d36ad74da140b59-OSL
alt-svc: h3=":443"; ma=86400
destyy.com/bundles/advertisement/img/tracking.gif?test=2216ab39e21a124ae5967ee7ac604303e0969aad
172.67.68.250200 OK 0 B URL GET HTTP/1.1 destyy.com/bundles/advertisement/img/tracking.gif?test=2216ab39e21a124ae5967ee7ac604303e0969aad
IP 172.67.68.250:80
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bundles/advertisement/img/tracking.gif?test=2216ab39e21a124ae5967ee7ac604303e0969aad HTTP/1.1
Host: destyy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Cookie: hl=en; cookies-enable=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:00:55 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 08:56:54 GMT
ETag: "62bc13d6-0"
X-Server-ID: shn07
X-UA-Compatible: IE=Edge
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ouxpsnm5Mw41rs8L9RlzV3SYJAv8CPayCU2g1774MrG7%2FJRd1Hs5nwLC1ZNgGsrF60bxciQa7WXcZIf6nMfCZIX4aiJ7JtQdq8H9rt7lWFNH944WHIyhTMAuyODK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d36ad74dc35b4f4-OSL
alt-svc: h3=":443"; ma=86400
destyy.com/bundles/smeweb/img/advertisement-tracking-168861.gif?t=1686117655
172.67.68.250200 OK 43 B URL GET HTTP/1.1 destyy.com/bundles/smeweb/img/advertisement-tracking-168861.gif?t=1686117655
IP 172.67.68.250:80
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /bundles/smeweb/img/advertisement-tracking-168861.gif?t=1686117655 HTTP/1.1
Host: destyy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Cookie: hl=en; cookies-enable=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:00:55 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
X-Server-ID: shn06
X-UA-Compatible: IE=Edge
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NbXRbY%2FRGp4WMonJY1d3WHxs9nQ4mjmjHCZATarbehTeS%2FfRCDfuHewR7QK3El0OCwzfyyvRHJki%2FhlEuc2YV9v9XVBcalxfMZS6tqTz9BLbHLoq41Pxa0yY0glC"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d36ad74da6b1c0a-OSL
alt-svc: h3=":443"; ma=86400
static.sh.st/bundles/smeweb/img/widget-sprite.png?2022-06-29.0
104.26.6.218200 OK 84 kB URL GET HTTP/1.1 static.sh.st/bundles/smeweb/img/widget-sprite.png?2022-06-29.0
IP 104.26.6.218:80
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
File type PNG image data, 1000 x 2704, 8-bit colormap, non-interlaced\012- data
Hash 0eb6767d5ee6d6e7b3884a01b7730c80
4bc5d39918bcea70e852e0fb7b3d15caf0993434
8146dfca511f063c33c05e13e151ed3d3456441590a4b1358bbc99b320a02b8d
GET /bundles/smeweb/img/widget-sprite.png?2022-06-29.0 HTTP/1.1
Host: static.sh.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:00:56 GMT
Content-Type: image/png
Content-Length: 84545
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 08:56:53 GMT
ETag: "62bc13d5-14a41"
X-Server-ID: shn07
X-UA-Compatible: IE=Edge
Expires: Wed, 07 Jun 2023 10:56:28 GMT
Cache-Control: max-age=86400
CF-Cache-Status: HIT
Age: 68668
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rI96Kin%2BjJE2yTHb22XeayDE0sgOK%2FpymZ52WM8I7wZH%2B90S4KktJa4et1Odf%2Fg6YYsbOYeFCpzs4Pa9lF4dFW0KFsVbxjjMUCDUrZyCPb6Jakb233CjDq4ExcOHTg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d36ad75ffb8b4ff-OSL
alt-svc: h2=":443"; ma=60
endangersquarereducing.com/34/c6/b3/34c6b37755370ea4318f4ff4946df449.js
192.243.61.225403 Forbidden 0 B URL GET HTTP/1.1 endangersquarereducing.com/34/c6/b3/34c6b37755370ea4318f4ff4946df449.js
IP 192.243.61.225:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /34/c6/b3/34c6b37755370ea4318f4ff4946df449.js HTTP/1.1
Host: endangersquarereducing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Wed, 07 Jun 2023 06:00:55 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.227200 OK 46 kB URL GET HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.227:443
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Jun 2023 10:39:52 GMT
expires: Wed, 05 Jun 2024 10:39:52 GMT
cache-control: public, max-age=31536000
age: 69664
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.227200 OK 46 kB URL GET HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.227:443
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Jun 2023 10:39:52 GMT
expires: Wed, 05 Jun 2024 10:39:52 GMT
cache-control: public, max-age=31536000
age: 69664
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-5SFMWPJ
142.250.74.168200 OK 42 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5SFMWPJ
IP 142.250.74.168:443
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type ASCII text, with very long lines (2271)
Hash 63436e519d9e154e17c3ec1c848a0d62
2732808d889b7ffe2cb7984f1414979e310c208b
8b7ec7d06cf3485476e6789c0aa435b5109639f66cb5aae4663fc73bac7ffeeb
GET /gtm.js?id=GTM-5SFMWPJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Jun 2023 06:00:56 GMT
expires: Wed, 07 Jun 2023 06:00:56 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41629
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ptauxofi.net/zone?pub=0&zone_id=4157053&is_mobile=false&domain=destyy.com&var=&ymid=&var_3=
139.45.197.250200 OK 908 B URL GET HTTP/2 ptauxofi.net/zone?pub=0&zone_id=4157053&is_mobile=false&domain=destyy.com&var=&ymid=&var_3=
IP 139.45.197.250:443
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectptauxofi.net
FingerprintAF:B4:C4:7A:83:50:A4:53:5D:0F:35:13:C2:AB:4D:74:A3:C8:E3:1B
ValidityTue, 21 Mar 2023 05:09:12 GMT - Mon, 19 Jun 2023 05:09:11 GMT
File type JSON data\012- , ASCII text, with very long lines (907)
Hash aa10e80f23b05dd956f0e6d06a8349fc
94b31c78d69a09eb52a5a4a98fcb87f6e986732c
06569a30fc27c6f587f908ef3e90d0bd7ef489a4d2c24664937a491097857382
GET /zone?pub=0&zone_id=4157053&is_mobile=false&domain=destyy.com&var=&ymid=&var_3= HTTP/1.1
Host: ptauxofi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 06:00:56 GMT
content-type: application/json; charset=utf-8
content-length: 908
x-trace-id: d690af28913e88c73d973d0091e8fc6d
access-control-allow-origin: http://destyy.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
xngqoc.com/er?a=1
185.162.85.1200 OK 0 B IP 185.162.85.1:443
ASN #39572 DataWeb Global Group B.V.
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectxngqoc.com
Fingerprint4D:ED:76:7E:B2:4F:87:9C:A3:0B:79:50:6F:CF:19:D2:D9:16:F6:BF
ValidityTue, 02 May 2023 05:01:15 GMT - Mon, 31 Jul 2023 05:01:14 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /er?a=1 HTTP/1.1
Host: xngqoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Jun 2023 06:00:56 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-credentials: true
X-Firefox-Spdy: h2
xngqoc.com/cuload?a=1&e=aeyJwaWQiOjExNDQ2NDYsInNpZCI6MTE5MDM3NSwid2lkIjo0MzMzNDAsImQiOiIiLCJsaSI6MX0=&tz=0&if=0&u=aHR0cDovL2Rlc3R5eS5jb20vZWdJYXNu
185.162.85.1204 No Content 0 B URL GET HTTP/2 xngqoc.com/cuload?a=1&e=aeyJwaWQiOjExNDQ2NDYsInNpZCI6MTE5MDM3NSwid2lkIjo0MzMzNDAsImQiOiIiLCJsaSI6MX0=&tz=0&if=0&u=aHR0cDovL2Rlc3R5eS5jb20vZWdJYXNu
IP 185.162.85.1:443
ASN #39572 DataWeb Global Group B.V.
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectxngqoc.com
Fingerprint4D:ED:76:7E:B2:4F:87:9C:A3:0B:79:50:6F:CF:19:D2:D9:16:F6:BF
ValidityTue, 02 May 2023 05:01:15 GMT - Mon, 31 Jul 2023 05:01:14 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /cuload?a=1&e=aeyJwaWQiOjExNDQ2NDYsInNpZCI6MTE5MDM3NSwid2lkIjo0MzMzNDAsImQiOiIiLCJsaSI6MX0=&tz=0&if=0&u=aHR0cDovL2Rlc3R5eS5jb20vZWdJYXNu HTTP/1.1
Host: xngqoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.18.0
date: Wed, 07 Jun 2023 06:00:56 GMT
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-997869120&l=dataLayer&cx=c
142.250.74.168200 OK 54 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=AW-997869120&l=dataLayer&cx=c
IP 142.250.74.168:443
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type ASCII text, with very long lines (2271)
Hash b74edeea544b7190a4fd9fc59603d8ba
5d1841540bd48f18408ae0bff48461794e57efde
497ea29fad3e4a053901b61963e7f741552083e39cacb5bae86018e5fa8f9cd9
GET /gtag/js?id=AW-997869120&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Jun 2023 06:00:56 GMT
expires: Wed, 07 Jun 2023 06:00:56 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 54489
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
xngqoc.com/trt?a=1&t=132
185.162.85.1200 OK 0 B IP 185.162.85.1:443
ASN #39572 DataWeb Global Group B.V.
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectxngqoc.com
Fingerprint4D:ED:76:7E:B2:4F:87:9C:A3:0B:79:50:6F:CF:19:D2:D9:16:F6:BF
ValidityTue, 02 May 2023 05:01:15 GMT - Mon, 31 Jul 2023 05:01:14 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /trt?a=1&t=132 HTTP/1.1
Host: xngqoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Jun 2023 06:00:56 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ptauxofi.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:443
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectptauxofi.net
FingerprintAF:B4:C4:7A:83:50:A4:53:5D:0F:35:13:C2:AB:4D:74:A3:C8:E3:1B
ValidityTue, 21 Mar 2023 05:09:12 GMT - Mon, 19 Jun 2023 05:09:11 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: ptauxofi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 06:00:56 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: http://destyy.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
ptauxofi.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:443
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectptauxofi.net
FingerprintAF:B4:C4:7A:83:50:A4:53:5D:0F:35:13:C2:AB:4D:74:A3:C8:E3:1B
ValidityTue, 21 Mar 2023 05:09:12 GMT - Mon, 19 Jun 2023 05:09:11 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: ptauxofi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 06:00:56 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: http://destyy.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
ptauxofi.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:443
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectptauxofi.net
FingerprintAF:B4:C4:7A:83:50:A4:53:5D:0F:35:13:C2:AB:4D:74:A3:C8:E3:1B
ValidityTue, 21 Mar 2023 05:09:12 GMT - Mon, 19 Jun 2023 05:09:11 GMT
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: ptauxofi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Content-Type: application/json
Content-Length: 395
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 06:00:56 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 1ba890547e8837a2017b3120068979c5
access-control-allow-origin: http://destyy.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ptauxofi.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:443
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectptauxofi.net
FingerprintAF:B4:C4:7A:83:50:A4:53:5D:0F:35:13:C2:AB:4D:74:A3:C8:E3:1B
ValidityTue, 21 Mar 2023 05:09:12 GMT - Mon, 19 Jun 2023 05:09:11 GMT
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: ptauxofi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Content-Type: application/json
Content-Length: 751
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 06:00:56 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 647bee4950cfb3cff0d2f8297e211588
access-control-allow-origin: http://destyy.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=8e35bde894c54ae08885bc41e6ad7a34&zoneId=4157053&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL GET HTTP/2 my.rtmark.net/gid.js?pub=0&userId=8e35bde894c54ae08885bc41e6ad7a34&zoneId=4157053&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:443
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint84:56:36:C3:24:DE:FB:F0:E7:EB:EB:9D:C8:B6:28:31:B5:3C:8B:80
ValiditySat, 06 May 2023 08:48:01 GMT - Fri, 04 Aug 2023 08:48:00 GMT
File type JSON data\012- , ASCII text
Hash 07ee9d96ce0736dec89e825d0f8b28dc
522efbb279fafd97ecba5565ac8f159d5a8e0235
190669f86ae5d8b19c555a9c1642184723cbfdff7c561532ed6ffe60d002d066
GET /gid.js?pub=0&userId=8e35bde894c54ae08885bc41e6ad7a34&zoneId=4157053&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 06:00:56 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://destyy.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=8e35bde894c54ae08885bc41e6ad7a34; expires=Thu, 06 Jun 2024 06:00:56 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
prhzxq.com/wnload?a=1&e=aeyJwaWQiOjExMDIzNjAsInNpZCI6MTE5NDYyMywid2lkIjo0Mzk2MzQsImQiOiIiLCJsaSI6Mn0=&tz=0&if=0&u=aHR0cDovL2Rlc3R5eS5jb20vZWdJYXNu&inc=1
185.162.85.1200 OK 332 B URL GET HTTP/2 prhzxq.com/wnload?a=1&e=aeyJwaWQiOjExMDIzNjAsInNpZCI6MTE5NDYyMywid2lkIjo0Mzk2MzQsImQiOiIiLCJsaSI6Mn0=&tz=0&if=0&u=aHR0cDovL2Rlc3R5eS5jb20vZWdJYXNu&inc=1
IP 185.162.85.1:443
ASN #39572 DataWeb Global Group B.V.
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectprhzxq.com
FingerprintE2:7B:B2:5A:29:BC:18:8B:54:42:18:94:DC:A8:70:6D:AC:91:62:83
ValidityTue, 21 Mar 2023 21:20:12 GMT - Mon, 19 Jun 2023 21:20:11 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (394), with no line terminators
Hash e17d64411fdc7b5f4c0f9cf7634b17a8
71e3712384182c473159b82a70bb33e06bc51cf1
dc458a91ea962eb6ceb92560fbb4b0a4738fd8a9b1c4bd244242956cfefc2edd
GET /wnload?a=1&e=aeyJwaWQiOjExMDIzNjAsInNpZCI6MTE5NDYyMywid2lkIjo0Mzk2MzQsImQiOiIiLCJsaSI6Mn0=&tz=0&if=0&u=aHR0cDovL2Rlc3R5eS5jb20vZWdJYXNu&inc=1 HTTP/1.1
Host: prhzxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Jun 2023 06:00:56 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
amunfezanttor.com/event
139.45.197.250200 OK 0 B IP 139.45.197.250:443
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint06:75:EF:D1:99:AE:A5:FA:8B:93:D3:D4:ED:BD:88:51:DA:2A:62:B3
ValidityFri, 31 Mar 2023 10:01:30 GMT - Thu, 29 Jun 2023 10:01:29 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 06:00:56 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: http://destyy.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
amunfezanttor.com/event
139.45.197.250200 OK 0 B IP 139.45.197.250:443
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint06:75:EF:D1:99:AE:A5:FA:8B:93:D3:D4:ED:BD:88:51:DA:2A:62:B3
ValidityFri, 31 Mar 2023 10:01:30 GMT - Thu, 29 Jun 2023 10:01:29 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 06:00:56 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: http://destyy.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
amunfezanttor.com/event
139.45.197.250200 OK 94 B IP 139.45.197.250:443
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint06:75:EF:D1:99:AE:A5:FA:8B:93:D3:D4:ED:BD:88:51:DA:2A:62:B3
ValidityFri, 31 Mar 2023 10:01:30 GMT - Thu, 29 Jun 2023 10:01:29 GMT
File type JSON data\012- , ASCII text
Hash 9d73cf03e043f21cc0dfe3e33ce4fb13
d3243ae2b234bef0a27bcec8be6259342d03c2db
bf284808a288659bda9f01e39036a4d9619826790455e1450f1cbbce27ef6c62
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Content-Type: application/json
Content-Length: 518
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 06:00:56 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: f53092fa94e8389e7c8580bebfeea5d9
access-control-allow-origin: http://destyy.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
amunfezanttor.com/event
139.45.197.250200 OK 94 B IP 139.45.197.250:443
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint06:75:EF:D1:99:AE:A5:FA:8B:93:D3:D4:ED:BD:88:51:DA:2A:62:B3
ValidityFri, 31 Mar 2023 10:01:30 GMT - Thu, 29 Jun 2023 10:01:29 GMT
File type JSON data\012- , ASCII text
Hash 86f16ce631677aced9bf75555ceaffa7
0c756b22c7ebf97f8e6a934b439955fade69803d
8bd690727297cd556339231397aaae7ad16adf83486a0faefc97e1f7fda85ee8
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Content-Type: application/json
Content-Length: 518
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 06:00:56 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 02ec0d8831eb94eca8c08f531e293100
access-control-allow-origin: http://destyy.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ptauxofi.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:443
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectptauxofi.net
FingerprintAF:B4:C4:7A:83:50:A4:53:5D:0F:35:13:C2:AB:4D:74:A3:C8:E3:1B
ValidityTue, 21 Mar 2023 05:09:12 GMT - Mon, 19 Jun 2023 05:09:11 GMT
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: ptauxofi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Content-Type: application/json
Content-Length: 396
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 06:00:56 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: f399cc89c65ad07fc09aff282139e3f5
access-control-allow-origin: http://destyy.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
destyy.com/shortest-url/end-adsession?adSessionId=2216ab39e21a124ae5967ee7ac604303e0969aad&adbd=0&callback=reqwest_1686117655357
172.67.68.250200 OK 141 B URL GET HTTP/1.1 destyy.com/shortest-url/end-adsession?adSessionId=2216ab39e21a124ae5967ee7ac604303e0969aad&adbd=0&callback=reqwest_1686117655357
IP 172.67.68.250:80
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
File type ASCII text, with no line terminators
Hash d40a17ecdc37b80a90846c8c4af6ee10
d456e9d904a91523581c27950db0f6eafae51b09
f5b68a568570cdabaa281da421d29997a4338a07d94c06ca659ae190b51ccfd3
GET /shortest-url/end-adsession?adSessionId=2216ab39e21a124ae5967ee7ac604303e0969aad&adbd=0&callback=reqwest_1686117655357 HTTP/1.1
Host: destyy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Cookie: hl=en; cookies-enable=1; _gcl_au=1.1.1335033579.1686117656
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:01:02 GMT
Content-Type: text/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40-0+deb8u16
Set-Cookie: PHPSESSID=n8om8uojqh4rpnh4ftgqt1npf7; expires=Wed, 07-Jun-2023 07:01:02 GMT; Max-Age=3600; path=/; domain=.shorte.st; HttpOnly
referrer_url=http%3A%2F%2Fdestyy.com%2FegIasn%3Futm_source%3D%26utm_medium%3DQL%26utm_name%3D1; expires=Thu, 08-Jun-2023 06:01:02 GMT; Max-Age=86400; path=/; httponly
cookies-enable=1; path=/; httponly
Cache-Control: no-cache
X-Server-ID: shn08
X-UA-Compatible: IE=Edge
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5aN2fAMV1X4sxHyg%2BzPGU%2BwJfXUl1Jdp0grzhDAlqWoNwZlGvtvSjQB9BjPr8xO2NBKPusL%2FCuwFZ7qhzwxWpSWFkurTTFZ0x3asZLyELX73Ko%2FoGEyX6NTUjDo"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7d36ad9d7c741c0a-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400
ptauxofi.net/pfe/current/universal.min.js?v=3.1.438
139.45.197.250200 OK 103 kB URL GET HTTP/2 ptauxofi.net/pfe/current/universal.min.js?v=3.1.438
IP 139.45.197.250:443
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectptauxofi.net
FingerprintAF:B4:C4:7A:83:50:A4:53:5D:0F:35:13:C2:AB:4D:74:A3:C8:E3:1B
ValidityTue, 21 Mar 2023 05:09:12 GMT - Mon, 19 Jun 2023 05:09:11 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 103 kB (103263 bytes)
Hash 88abe13cd309c4d0ebbf8a298e5bdffe
f40d8541f2f56659251117a14e336aecf7eecb4a
d3df0432dffd1232981b9d981cd6c4618f56ae992502729c36dd2e25be41b642
GET /pfe/current/universal.min.js?v=3.1.438 HTTP/1.1
Host: ptauxofi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 06:00:56 GMT
content-type: application/javascript
last-modified: Fri, 02 Jun 2023 13:08:32 GMT
etag: W/"6479e9d0-1935f"
access-control-allow-origin: http://destyy.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway:400,700
142.250.74.106200 OK 3.3 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Raleway:400,700
IP 142.250.74.106:443
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (3420), with no line terminators
Hash 72a2e829ec44370c62ec35ff9856e477
721218c8cef4bacbccb86cf872d10f0b8c9bf093
5f38247aaacdf3b2f9954c2290dd948e61d1d5a4b6abe1dc5fa4620ed607f744
GET /css?family=Raleway:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Jun 2023 06:00:55 GMT
date: Wed, 07 Jun 2023 06:00:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ptauxofi.net/pfe/current/tag.min.js?z=4157053
139.45.197.250200 OK 15 kB URL GET HTTP/2 ptauxofi.net/pfe/current/tag.min.js?z=4157053
IP 139.45.197.250:443
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectptauxofi.net
FingerprintAF:B4:C4:7A:83:50:A4:53:5D:0F:35:13:C2:AB:4D:74:A3:C8:E3:1B
ValidityTue, 21 Mar 2023 05:09:12 GMT - Mon, 19 Jun 2023 05:09:11 GMT
File type C source, ASCII text, with very long lines (14679), with no line terminators
Hash a638f334f18bf9bef5435cdffe56f9f0
503868073788922413ff3cad1d6404928280acce
79956329e90a4e4abfdf9c3a4d69d4c78e32b8b1d9f602add95d9e9d0cc32b29
GET /pfe/current/tag.min.js?z=4157053 HTTP/1.1
Host: ptauxofi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 06:00:55 GMT
content-type: application/javascript
last-modified: Fri, 02 Jun 2023 13:08:32 GMT
etag: W/"6479e9d0-3957"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ubbfpm.com/ms/1102360/inpage.js
95.216.206.230200 OK 201 kB URL GET HTTP/1.1 ubbfpm.com/ms/1102360/inpage.js
IP 95.216.206.230:443
ASN #24940 Hetzner Online GmbH
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectubbfpm.com
FingerprintA2:0C:E1:AA:B3:4F:02:D9:6C:68:9E:FE:AA:AD:20:F2:F2:F3:CB:7C
ValiditySun, 28 May 2023 13:41:52 GMT - Sat, 26 Aug 2023 13:41:51 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 201 kB (200738 bytes)
Hash af413834dffb762ffcfa6c20ce98ad42
1cc019785a20cf05f8804da008409a6ed8ba4a72
37800f9f2bb9d6543c17667dca9695da535d5b01fcf095db9d20d9782f1d22d0
GET /ms/1102360/inpage.js HTTP/1.1
Host: ubbfpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Jun 2023 06:00:55 GMT
Content-Type: application/javascript
Content-Length: 200738
Last-Modified: Fri, 21 Apr 2023 15:45:14 GMT
Connection: keep-alive
ETag: "6442af8a-31022"
X-Frame-Options: sameorigin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Referrer-Policy: strict-origin
Accept-Ranges: bytes
xdiwbc.com/template/social.html
172.64.107.34200 OK 4.6 kB URL GET HTTP/2 xdiwbc.com/template/social.html
IP 172.64.107.34:443
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subjectxdiwbc.com
Fingerprint61:FF:DC:7A:FB:AC:AA:50:F3:3E:E2:87:38:DC:6A:46:09:4F:B8:D9
ValidityMon, 05 Jun 2023 18:53:28 GMT - Sun, 03 Sep 2023 18:53:27 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4639), with no line terminators
Hash 474cf430e4f70fc61a3695cb75f686de
8c14127415e490dff27896747f730ca8e49a957a
12fe3666e6b24360e737799e0cb1eafc47e6f11ccc109562f5426767a8529ef7
GET /template/social.html HTTP/1.1
Host: xdiwbc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 07 Jun 2023 06:00:56 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: http://destyy.com
cache-control: max-age=14400
cf-cache-status: HIT
age: 585
last-modified: Wed, 07 Jun 2023 05:51:11 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAbBuMM4JVxvV%2BDe6VkGnYsCxDuvjx34L08KTrVFgHqz42j5k5o5P83WWMOQNtuExPjCDv2ugCrlM3u4SwpklxwyDqyKctlZa2jNceaWyTNgwi8xNEf3SKfiOmFM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d36ad79783e0722-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
prhzxq.com/wnrw?aid=6909918252326666566&a=1
185.162.85.1200 OK 0 B URL GET HTTP/2 prhzxq.com/wnrw?aid=6909918252326666566&a=1
IP 185.162.85.1:443
ASN #39572 DataWeb Global Group B.V.
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectprhzxq.com
FingerprintE2:7B:B2:5A:29:BC:18:8B:54:42:18:94:DC:A8:70:6D:AC:91:62:83
ValidityTue, 21 Mar 2023 21:20:12 GMT - Mon, 19 Jun 2023 21:20:11 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wnrw?aid=6909918252326666566&a=1 HTTP/1.1
Host: prhzxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Jun 2023 06:00:56 GMT
content-length: 0
access-control-allow-origin: http://destyy.com
X-Firefox-Spdy: h2
ptauxofi.net/pfe/current/defaultSkin.min.js
139.45.197.250200 OK 57 kB URL GET HTTP/2 ptauxofi.net/pfe/current/defaultSkin.min.js
IP 139.45.197.250:443
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectptauxofi.net
FingerprintAF:B4:C4:7A:83:50:A4:53:5D:0F:35:13:C2:AB:4D:74:A3:C8:E3:1B
ValidityTue, 21 Mar 2023 05:09:12 GMT - Mon, 19 Jun 2023 05:09:11 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/defaultSkin.min.js HTTP/1.1
Host: ptauxofi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 06:00:56 GMT
content-type: application/javascript
last-modified: Fri, 02 Jun 2023 13:08:32 GMT
etag: W/"6479e9d0-df63"
access-control-allow-origin: http://destyy.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
i.wmgtr.com/cim/u1a7YOlSqOHS_OZ5054Pd3wsY96uiWEK.png
0.0.0.0 0 B URL GET i.wmgtr.com/cim/u1a7YOlSqOHS_OZ5054Pd3wsY96uiWEK.png
IP 0.0.0.0:0
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjecti.wmgtr.com
Fingerprint7D:1B:65:9B:B8:35:3F:63:AA:D6:0E:B1:DB:13:80:AA:F0:55:75:FC
ValiditySun, 23 Apr 2023 23:02:02 GMT - Sat, 22 Jul 2023 23:02:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cim/u1a7YOlSqOHS_OZ5054Pd3wsY96uiWEK.png HTTP/1.1
Host: i.wmgtr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 07 Jun 2023 06:00:56 GMT
content-type: image/png
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-option: nosniff
content-encoding: gzip
cache-control: max-age=82800
expires: Thu, 08 Jun 2023 05:00:56 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
i.wmgtr.com/cic/d186Z1xqbgoLvkVafC4w0Mh9PeSfEmlg.png
0.0.0.0 0 B URL GET i.wmgtr.com/cic/d186Z1xqbgoLvkVafC4w0Mh9PeSfEmlg.png
IP 0.0.0.0:0
Requested by http://destyy.com/egIasn?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjecti.wmgtr.com
Fingerprint7D:1B:65:9B:B8:35:3F:63:AA:D6:0E:B1:DB:13:80:AA:F0:55:75:FC
ValiditySun, 23 Apr 2023 23:02:02 GMT - Sat, 22 Jul 2023 23:02:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cic/d186Z1xqbgoLvkVafC4w0Mh9PeSfEmlg.png HTTP/1.1
Host: i.wmgtr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 07 Jun 2023 06:00:56 GMT
content-type: image/png
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-option: nosniff
content-encoding: gzip
cache-control: max-age=82800
expires: Thu, 08 Jun 2023 05:00:56 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2