sh.st/st/67bc8ab5ab558c89e176234140e8de87/drop.hitmoe.com/goto/mexa.sh/Eh8gsV3pkEzQ.zip
104.26.7.218302 Found 64 kB URL User Request GET HTTP/2 sh.st/st/67bc8ab5ab558c89e176234140e8de87/drop.hitmoe.com/goto/mexa.sh/Eh8gsV3pkEzQ.zip
IP 104.26.7.218:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC6:7F:86:BA:DE:5A:E8:C6:45:7C:7C:55:01:BC:71:BB:54:01:6B:CF
ValiditySun, 30 Apr 2023 00:00:00 GMT - Mon, 29 Apr 2024 23:59:59 GMT
Hash 952ae09aaa5b261c32e25cb2fe29797b
0873c307611e21cfb36bde06e7a89aa5ba040466
61d5814530e9f57bd3599c81718bf368554f8c4cebdc3e89b0a224adb1ed92dd
GET /st/67bc8ab5ab558c89e176234140e8de87/drop.hitmoe.com/goto/mexa.sh/Eh8gsV3pkEzQ.zip HTTP/1.1
Host: sh.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 07 Jun 2023 06:00:54 GMT
content-type: text/html; charset=UTF-8
location: http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
x-powered-by: PHP/5.6.40-0+deb8u16
cache-control: no-cache
x-server-id: shn08
x-ua-compatible: IE=Edge
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: PHPSESSID=59rdhqnsgnkkbejl1ojj0u6ea6; expires=Wed, 07-Jun-2023 07:00:53 GMT; Max-Age=3600; path=/; domain=.shorte.st; HttpOnly
hl=en; expires=Thu, 06-Jun-2024 06:00:54 GMT; Max-Age=31536000; path=/
cookies-enable=1; path=/; httponly
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Himq4rQxRCuK4ETSFU56vgenh30lAWucBJ%2F8XeDUJClbtXv0q%2BrEs6WFnalK6ODNoSt%2BWzkIE94g4CheVW0laNg%2FwKRKnDRnaTH8So4nYv7ZNPQ8dtrv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d36ad68fc7bb51d-OSL
X-Firefox-Spdy: h2
static.sh.st/js/packed/interstitial-page.js?2022-06-29.0
172.67.68.250200 OK 25 kB URL GET HTTP/1.1 static.sh.st/js/packed/interstitial-page.js?2022-06-29.0
IP 172.67.68.250:80
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
File type Unicode text, UTF-8 text, with very long lines (20454)
Hash 06eb8d871dccb0da41b67abac7022ba9
dbe95283dcf49fac294a7d3445efad665c2ee790
88bb3be0111402f5ca81aaa36cbf7c4a2755099c5d0446831331e1d1d8e7a1ef
GET /js/packed/interstitial-page.js?2022-06-29.0 HTTP/1.1
Host: static.sh.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:00:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400
Cf-Bgj: minify
Cf-Polished: origSize=102880
ETag: W/"62bc140d-191e0"
Expires: Wed, 07 Jun 2023 19:36:56 GMT
Last-Modified: Wed, 29 Jun 2022 08:57:49 GMT
Vary: Accept-Encoding
X-Server-ID: shn03
X-UA-Compatible: IE=Edge
CF-Cache-Status: HIT
Age: 37438
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TpWKKExLTKWqAUa1qPiPPrQgE2MDx%2BknYVIBK%2FRAyCWS7b%2F44K%2BxxT%2F9IwSXJuS7YjfQ1A7gGx6dT2ysz3u9BryhiDPhvILcNWzHvkMdsqVssZNZJzLmd8Jk6fExOA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7d36ad6c5fd2b517-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
d3t3z4teexdk2r.cloudfront.net/?etztd=962089
54.230.245.161200 OK 116 kB URL GET HTTP/1.1 d3t3z4teexdk2r.cloudfront.net/?etztd=962089
IP 54.230.245.161:80
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 116 kB (115523 bytes)
Hash 7c08766529ab8fbca6965502b98e1d4a
2497de44b8897bd92533eb03fd816a2c75b36e8f
e2285a1e0a9fdd9afab19efec05b23adf5e84274a35f16ef65dc7ec60547bc4b
GET /?etztd=962089 HTTP/1.1
Host: d3t3z4teexdk2r.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 115523
Connection: keep-alive
Date: Wed, 07 Jun 2023 06:00:50 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Hit from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CVskxrEG9hanocOePcTPLPUlWLmGRhBhxE7V0Nh3hDXFio0h7pXEcA==
Age: 4
ja.rewashwudu.com/fmwhVStpL4dxap/46223
172.255.6.49200 OK 26 B URL GET HTTP/1.1 ja.rewashwudu.com/fmwhVStpL4dxap/46223
IP 172.255.6.49:80
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
File type ASCII text, with no line terminators
Hash 4fc71bf68a1d477bd1523733e34d1e90
15119105cffbe108b6cf290146ab02c9aa8517ba
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce
GET /fmwhVStpL4dxap/46223 HTTP/1.1
Host: ja.rewashwudu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Jun 2023 06:00:54 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://destyy.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Thu, 08-Jun-2023 06:00:54 GMT; Max-Age=86400; path=/
GL_GI10=eJxNjMuqwjAURWuquRalsuF%2BgD9g8TlwqvN24AeEUo8SqDkhiY%2F69doK4mSzWbBWFEXiP4XQFuPtItvOs%2FUyW2zWiM%2FEEHmBccVXE1yjTHkhyJzdvWwgHZ01G4j5CqPPVxUfCYO8mP2wThoVvubpvu006Fe63RYhaf%2FH%2B3t7HYu1t0h3tX5MD1xfw7vikRgKyluiI5I9O8uuDIT0S7uGjDHUXlnHj0b2MAn6Qk82pPh08hSkQO8mxQs5rUge; expires=Thu, 08-Jun-2023 06:00:54 GMT; Max-Age=86400; path=/
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 127406f9d5b6ed0dc9ce35b801001438
eeef1443d9d5bd27cbe5d48d258cd665c6062da2
081e26abb2c6c81aade966b9d94fe5fb9b93a7396167d495041ae6e150097139
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Jun 2023 06:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash b01d4e21c731153dda355584e22ac8bc
e9413a5fb5566bb42223bd93255222c240ceffd5
3d8ba602054811310a70e4026e5bd99b28b9e94482ff0a120fb6d4428622bf75
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Jun 2023 06:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
142.250.74.132200 OK 580 B URL GET HTTP/2 www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
IP 142.250.74.132:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintA8:95:C3:CB:D6:3F:BC:0A:7D:FF:36:72:5E:2F:56:26:9F:EB:77:0E
ValidityFri, 19 May 2023 12:58:13 GMT - Fri, 11 Aug 2023 12:58:12 GMT
File type ASCII text, with very long lines (909), with no line terminators
Hash 8e055afe54e9e0d67f724297e191e757
0b82e24fae4480f991fc219e0848051be387bf37
8fd146827927a570e4e3fd38baafa730433194e08f6e2a0bd89efb521ebb2ebf
GET /recaptcha/api.js?onload=onloadCallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Wed, 07 Jun 2023 06:00:54 GMT
date: Wed, 07 Jun 2023 06:00:54 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 580
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ubbfpm.com/ms/1102360/inpage.js
95.216.206.230200 OK 201 kB URL GET HTTP/1.1 ubbfpm.com/ms/1102360/inpage.js
IP 95.216.206.230:443
ASN #24940 Hetzner Online GmbH
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectubbfpm.com
FingerprintA2:0C:E1:AA:B3:4F:02:D9:6C:68:9E:FE:AA:AD:20:F2:F2:F3:CB:7C
ValiditySun, 28 May 2023 13:41:52 GMT - Sat, 26 Aug 2023 13:41:51 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 201 kB (200738 bytes)
Hash af413834dffb762ffcfa6c20ce98ad42
1cc019785a20cf05f8804da008409a6ed8ba4a72
37800f9f2bb9d6543c17667dca9695da535d5b01fcf095db9d20d9782f1d22d0
GET /ms/1102360/inpage.js HTTP/1.1
Host: ubbfpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Jun 2023 06:00:54 GMT
Content-Type: application/javascript
Content-Length: 200738
Last-Modified: Fri, 21 Apr 2023 15:45:14 GMT
Connection: keep-alive
ETag: "6442af8a-31022"
X-Frame-Options: sameorigin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Referrer-Policy: strict-origin
Accept-Ranges: bytes
static.sh.st/b5/4c/45/48/be/0d/ca/35/64/1c/e2/75/9d/8f/9e/2c/logo1707.png?2022-06-29.0
172.67.68.250200 OK 6.2 kB URL GET HTTP/1.1 static.sh.st/b5/4c/45/48/be/0d/ca/35/64/1c/e2/75/9d/8f/9e/2c/logo1707.png?2022-06-29.0
IP 172.67.68.250:80
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
File type PNG image data, 249 x 62, 8-bit/color RGBA, non-interlaced\012- data
Hash 9ca44d211b1779ef13c1f7406a76c1ff
8b5ab1222409a144c8f1d3bd2a098985bd0bcba7
fd7607ab554a8c5af9aed32593ae99aaf0682198dbbd277372e8b663bd98b001
GET /b5/4c/45/48/be/0d/ca/35/64/1c/e2/75/9d/8f/9e/2c/logo1707.png?2022-06-29.0 HTTP/1.1
Host: static.sh.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:00:54 GMT
Content-Type: image/png
Content-Length: 6226
Connection: keep-alive
Last-Modified: Fri, 17 Jul 2015 13:29:04 GMT
ETag: "55a90320-1852"
X-Server-ID: shn01
X-UA-Compatible: IE=Edge
Expires: Wed, 07 Jun 2023 14:06:57 GMT
Cache-Control: max-age=86400
CF-Cache-Status: HIT
Age: 57237
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F63M5N6C6%2B73QnRcj5UiIilN3eGfqzWFfgl4C7JQ4QvRf4%2FBaZoJWRE9fTpRALdIZLXIpD93IuU%2BazAYdf%2BhC5Cf7QFRGSANVMIWIxqzfxtrhy%2BYUP436GFSz6ypXA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d36ad6d48cbb517-OSL
alt-svc: h2=":443"; ma=60
destyy.com/bundles/smeweb/img/tracking-168861.gif?t=1686117654
104.26.7.218200 OK 43 B URL GET HTTP/1.1 destyy.com/bundles/smeweb/img/tracking-168861.gif?t=1686117654
IP 104.26.7.218:80
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /bundles/smeweb/img/tracking-168861.gif?t=1686117654 HTTP/1.1
Host: destyy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Cookie: hl=en; cookies-enable=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:00:54 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
X-Server-ID: shn03
X-UA-Compatible: IE=Edge
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLERDRigah1%2BGOPjqQHSk4Rb%2BT7ie9Jpvc53J8172JrRyhnI%2FhCxzXfiaNsGWJGxUx2K0b8B1qboPKW9Rz3VElQ1YCkJ5UQQpRW5pfZFJFxr6GlMvBoZWlEjWgcL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d36ad6d4a110afe-OSL
alt-svc: h3=":443"; ma=86400
destyy.com/bundles/smeweb/img/advertisement-tracking-168861.gif?t=1686117654
104.26.7.218200 OK 43 B URL GET HTTP/1.1 destyy.com/bundles/smeweb/img/advertisement-tracking-168861.gif?t=1686117654
IP 104.26.7.218:80
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /bundles/smeweb/img/advertisement-tracking-168861.gif?t=1686117654 HTTP/1.1
Host: destyy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Cookie: hl=en; cookies-enable=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:00:54 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
X-Server-ID: shn06
X-UA-Compatible: IE=Edge
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7XbB%2BdAyDR26%2B2uwjJBrUj8pLcsO8wGMeMuuq4cdGVXyh9o8RzVkDk51WOYN%2FaSLwJMJncjxm38%2FUeH%2BpSRfqavuapCEtEynoGofbFCsoffiXIbmhbEzAja6xlg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d36ad6d4d93b529-OSL
alt-svc: h3=":443"; ma=86400
destyy.com/bundles/advertisement/img/tracking.gif?test=4a1c520aedf3035a46bdab72bda6c924aa0b788c
104.26.7.218200 OK 0 B URL GET HTTP/1.1 destyy.com/bundles/advertisement/img/tracking.gif?test=4a1c520aedf3035a46bdab72bda6c924aa0b788c
IP 104.26.7.218:80
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bundles/advertisement/img/tracking.gif?test=4a1c520aedf3035a46bdab72bda6c924aa0b788c HTTP/1.1
Host: destyy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Cookie: hl=en; cookies-enable=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:00:54 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 08:56:54 GMT
ETag: "62bc13d6-0"
X-Server-ID: shn07
X-UA-Compatible: IE=Edge
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLsGDy%2FvCEXmgxbkOcZYRQT2AxLjK50gSSvMO0MvzEPZUDD35nT9b%2BcB%2BbtkdswfpeHAs2oxcI9b4iqsYGLf048hWZc0F2Zt65i2D5UtMZvrN3MsgMgHwqbKWAS%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d36ad6d4df5fab8-OSL
alt-svc: h3=":443"; ma=86400
static.sh.st/bundles/smeweb/img/widget-sprite.png?2022-06-29.0
172.67.68.250200 OK 84 kB URL GET HTTP/1.1 static.sh.st/bundles/smeweb/img/widget-sprite.png?2022-06-29.0
IP 172.67.68.250:80
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
File type PNG image data, 1000 x 2704, 8-bit colormap, non-interlaced\012- data
Hash 0eb6767d5ee6d6e7b3884a01b7730c80
4bc5d39918bcea70e852e0fb7b3d15caf0993434
8146dfca511f063c33c05e13e151ed3d3456441590a4b1358bbc99b320a02b8d
GET /bundles/smeweb/img/widget-sprite.png?2022-06-29.0 HTTP/1.1
Host: static.sh.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:00:54 GMT
Content-Type: image/png
Content-Length: 84545
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 08:56:53 GMT
ETag: "62bc13d5-14a41"
X-Server-ID: shn07
X-UA-Compatible: IE=Edge
Expires: Wed, 07 Jun 2023 10:56:28 GMT
Cache-Control: max-age=86400
CF-Cache-Status: HIT
Age: 68666
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFv8KWr6Z05Rm8TSDNtYbzDvYCmwrVOBqXJF6bmtbsaySme5roZqASKUM9Jes8XmgMvTedeV6acat7zKL%2BCvmKYFkz%2BFXB08CjHopxR%2FTYzKVDrM5l6l%2FEakfC%2Bv3g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d36ad6eba66b517-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 127406f9d5b6ed0dc9ce35b801001438
eeef1443d9d5bd27cbe5d48d258cd665c6062da2
081e26abb2c6c81aade966b9d94fe5fb9b93a7396167d495041ae6e150097139
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Jun 2023 06:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash fa8e79fb0e18e81028cfa427d87bb2ae
8a9161e346469dad848953f5bfa5a642b2260aa4
52018dada7692144689b5345f695af35e0dc01a5584d95f6bea9c96c33fc8a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Jun 2023 06:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash b2ec6c1f0c77c6e9a2796d3ac3294d0e
9fd82891ead5aec13abee83cf6b7a59375b2c3c5
63cb3c8767a9e5925cf61dce28b4d578aad09e7ba9358039648f05c9d98b4484
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Jun 2023 06:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash b2ec6c1f0c77c6e9a2796d3ac3294d0e
9fd82891ead5aec13abee83cf6b7a59375b2c3c5
63cb3c8767a9e5925cf61dce28b4d578aad09e7ba9358039648f05c9d98b4484
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Jun 2023 06:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.227200 OK 46 kB URL GET HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.227:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Jun 2023 10:39:52 GMT
expires: Wed, 05 Jun 2024 10:39:52 GMT
cache-control: public, max-age=31536000
age: 69662
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.227200 OK 46 kB URL GET HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.227:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Jun 2023 10:39:52 GMT
expires: Wed, 05 Jun 2024 10:39:52 GMT
cache-control: public, max-age=31536000
age: 69662
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash fca7925d7c1a1c76360af29ed6eaba8a
942a1bce3f9f64d89586b5138952004ea9da86d9
dad98384ece0c3c5c70c34027bb5e8e558e65922713ef20af6c6560c2c762c4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Jun 2023 06:00:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-5SFMWPJ
142.250.74.168200 OK 42 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5SFMWPJ
IP 142.250.74.168:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type ASCII text, with very long lines (2271)
Hash af324999e3a15031ecc443fdf14dcaaa
3373aac3d623a49a93dc40254427ffddaac7cf66
c7ecea5e5538c90da5fffa6e446f33503020c9c36da00c64e130e57059d114b0
GET /gtm.js?id=GTM-5SFMWPJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Jun 2023 06:00:55 GMT
expires: Wed, 07 Jun 2023 06:00:55 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41629
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ptauxofi.net/pfe/current/tag.min.js?z=4157053
139.45.197.250200 OK 6.0 kB URL GET HTTP/2 ptauxofi.net/pfe/current/tag.min.js?z=4157053
IP 139.45.197.250:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectptauxofi.net
FingerprintAF:B4:C4:7A:83:50:A4:53:5D:0F:35:13:C2:AB:4D:74:A3:C8:E3:1B
ValidityTue, 21 Mar 2023 05:09:12 GMT - Mon, 19 Jun 2023 05:09:11 GMT
File type C source, ASCII text, with very long lines (14679), with no line terminators
Hash a638f334f18bf9bef5435cdffe56f9f0
503868073788922413ff3cad1d6404928280acce
79956329e90a4e4abfdf9c3a4d69d4c78e32b8b1d9f602add95d9e9d0cc32b29
GET /pfe/current/tag.min.js?z=4157053 HTTP/1.1
Host: ptauxofi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 06:00:54 GMT
content-type: application/javascript
last-modified: Fri, 02 Jun 2023 13:08:32 GMT
etag: W/"6479e9d0-3957"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
kultingecauyuksehinkitw.info/ZWRLN2sEBihaVARZKREeFwh2ElkjQXlxD1YQeE1fEQEuTw8OVjkZCAkLPlMNFwslQ0ULAT8SWSMWHnEIVzYDbhEqIixeODY1bgUpMAonZzEyUANTPlBWG2I+FyMIdRo0HAYEIicqbgUtNSceXScOPRh1ExEcGl1fNgYcVDouJigSWScpCkMCIB5/ByhWMhp6PysxLmIhVy17bhktM3sHPxwxEX0SXCEbdT5VBx56BzYeewM/JlQqZy88MC9dKQkBGm0DNyMJElkjMCVhIwEzGQcyMDYseFpdFQpOAxwmA2YkBCMNRwgOLnptIzcMGXAqCTUMcS0gMxJwDTMMLFEDSCp5ZQEGHR1kUz8AHGEcAQ8RXzESPnplBiMdCX86NCsYYT8sDCBYCAI1CGVZIwkMfzk0LhxYI0MOOFgFFVk+YCoVIAJPOBYdO2EaLg
52.85.242.41200 OK 1.2 kB URL GET HTTP/1.1 kultingecauyuksehinkitw.info/ZWRLN2sEBihaVARZKREeFwh2ElkjQXlxD1YQeE1fEQEuTw8OVjkZCAkLPlMNFwslQ0ULAT8SWSMWHnEIVzYDbhEqIixeODY1bgUpMAonZzEyUANTPlBWG2I+FyMIdRo0HAYEIicqbgUtNSceXScOPRh1ExEcGl1fNgYcVDouJigSWScpCkMCIB5/ByhWMhp6PysxLmIhVy17bhktM3sHPxwxEX0SXCEbdT5VBx56BzYeewM/JlQqZy88MC9dKQkBGm0DNyMJElkjMCVhIwEzGQcyMDYseFpdFQpOAxwmA2YkBCMNRwgOLnptIzcMGXAqCTUMcS0gMxJwDTMMLFEDSCp5ZQEGHR1kUz8AHGEcAQ8RXzESPnplBiMdCX86NCsYYT8sDCBYCAI1CGVZIwkMfzk0LhxYI0MOOFgFFVk+YCoVIAJPOBYdO2EaLg
IP 52.85.242.41:80
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3025), with no line terminators
Hash 14c64f4bed8a3dcb5588813df48701be
494dcfe299e8df7a74abbb60b51e710e2848637e
397764dce38dd518b073a8baceb12fa9433780c65850e746befdd3f004cbb790
GET /ZWRLN2sEBihaVARZKREeFwh2ElkjQXlxD1YQeE1fEQEuTw8OVjkZCAkLPlMNFwslQ0ULAT8SWSMWHnEIVzYDbhEqIixeODY1bgUpMAonZzEyUANTPlBWG2I+FyMIdRo0HAYEIicqbgUtNSceXScOPRh1ExEcGl1fNgYcVDouJigSWScpCkMCIB5/ByhWMhp6PysxLmIhVy17bhktM3sHPxwxEX0SXCEbdT5VBx56BzYeewM/JlQqZy88MC9dKQkBGm0DNyMJElkjMCVhIwEzGQcyMDYseFpdFQpOAxwmA2YkBCMNRwgOLnptIzcMGXAqCTUMcS0gMxJwDTMMLFEDSCp5ZQEGHR1kUz8AHGEcAQ8RXzESPnplBiMdCX86NCsYYT8sDCBYCAI1CGVZIwkMfzk0LhxYI0MOOFgFFVk+YCoVIAJPOBYdO2EaLg HTTP/1.1
Host: kultingecauyuksehinkitw.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1178
Connection: keep-alive
Date: Wed, 07 Jun 2023 06:00:55 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
X-Cache: Miss from cloudfront
Via: 1.1 67d9c6999f4bc9c9c60e1e5f24b316e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN1-C1
X-Amz-Cf-Id: y5_HY-2nzOhgqEvs1Wwh4T1KC8ahtPlZtbKk9DKgEQYeBcamz1O6Dg==
kultingecauyuksehinkitw.info/MWpYVmdQCDs7WFBXOnASQwZlc1V3T2oQAwIeayxTRQ89LgNaWCp4BF0FLTIBQwU2IklfDyxzVXcfFT0QSDgQEDV4Wy8/M1ozNAAJXSMaHlNyDB0xMnsBHSQvASAgMCVGPz0+XkkpDG4mcD8ePyVkDTcSVGMyAD9WUiNoITJ6PC84M3AkKQMecD4cZQBkJxkQA3sdYDgkdycyBDNGLgs/XmYzPwQzUjxgJCQAGT8ODmc/GRcIeQszEz9XDRIlJGAkYRBUUhAeZVNyIRo+BH4/KD42RiNoFQl4HxoeAGkOIhs/Vw0RZCVJDn1kIVJZDhQkAyMbNDFgKz4QSmQCHToMWyxrD1RwIi8SA3QvHDAmfwIJIS5APSIPMmcpFh0+ZCRoMDZ/WwAhLUA4azomFwArOQlBVxYOAnk5GxspAycr
52.85.242.41200 OK 1.2 kB URL GET HTTP/1.1 kultingecauyuksehinkitw.info/MWpYVmdQCDs7WFBXOnASQwZlc1V3T2oQAwIeayxTRQ89LgNaWCp4BF0FLTIBQwU2IklfDyxzVXcfFT0QSDgQEDV4Wy8/M1ozNAAJXSMaHlNyDB0xMnsBHSQvASAgMCVGPz0+XkkpDG4mcD8ePyVkDTcSVGMyAD9WUiNoITJ6PC84M3AkKQMecD4cZQBkJxkQA3sdYDgkdycyBDNGLgs/XmYzPwQzUjxgJCQAGT8ODmc/GRcIeQszEz9XDRIlJGAkYRBUUhAeZVNyIRo+BH4/KD42RiNoFQl4HxoeAGkOIhs/Vw0RZCVJDn1kIVJZDhQkAyMbNDFgKz4QSmQCHToMWyxrD1RwIi8SA3QvHDAmfwIJIS5APSIPMmcpFh0+ZCRoMDZ/WwAhLUA4azomFwArOQlBVxYOAnk5GxspAycr
IP 52.85.242.41:80
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3018), with no line terminators
Hash e3daf4dbdf813cb900d26a1e676773b0
28f5d501836013dd64508aeef01d35d841911941
d92b9d32ee57801682f34b2e1953cc5f5f2bb750aeb0fa4f43d5f5e45dfc8bfa
GET /MWpYVmdQCDs7WFBXOnASQwZlc1V3T2oQAwIeayxTRQ89LgNaWCp4BF0FLTIBQwU2IklfDyxzVXcfFT0QSDgQEDV4Wy8/M1ozNAAJXSMaHlNyDB0xMnsBHSQvASAgMCVGPz0+XkkpDG4mcD8ePyVkDTcSVGMyAD9WUiNoITJ6PC84M3AkKQMecD4cZQBkJxkQA3sdYDgkdycyBDNGLgs/XmYzPwQzUjxgJCQAGT8ODmc/GRcIeQszEz9XDRIlJGAkYRBUUhAeZVNyIRo+BH4/KD42RiNoFQl4HxoeAGkOIhs/Vw0RZCVJDn1kIVJZDhQkAyMbNDFgKz4QSmQCHToMWyxrD1RwIi8SA3QvHDAmfwIJIS5APSIPMmcpFh0+ZCRoMDZ/WwAhLUA4azomFwArOQlBVxYOAnk5GxspAycr HTTP/1.1
Host: kultingecauyuksehinkitw.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1172
Connection: keep-alive
Date: Wed, 07 Jun 2023 06:00:55 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
X-Cache: Miss from cloudfront
Via: 1.1 844de3d616579278fb702fc6b9b5c9a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN1-C1
X-Amz-Cf-Id: 1teZhXiZAgTsvzlG09Ex7GKzE2XExd8oKsNx9D9fWRLgmJpLw-d8OA==
kultingecauyuksehinkitw.info/YnNTVUQDETA4ewNOMXMxEB9ucHYkVmETIFEHYC9wFhY2LSAJQSF7Jw4cJjEiEBw9IWoMFidwdiQrBAIoAyQbFHIgGQJwdiAnKmUFMh4FHyZTByIMEShWYRMFGxhgHS0OJhcXN1IwOWwyMhoSPwgIOSIeBRUWNRYzKSMFBzUEGyRhBhhCPwMuFTscAhIgFSQyYVAxHD51FicqbXE2JwISDSY2MBsVClZhEyUIKSAHdhJKAjgoIDo+OQYENTwMIjc5IxcQL0ERBgIvEhQyDTslaxMmCSFrAiwKSgI4LwA/G2QAJTU7JB00RiMEDFsCAhFwLzwHGCIENSA2JQkxPAITTwMjBAMKPjISIzU+ESZhUDUDPXwKJxQyITMkOwwgJRsEGQIwAXU/Nw0dI2gSITcAA3EEIykSLFArBiI
52.85.242.41200 OK 1.2 kB URL GET HTTP/1.1 kultingecauyuksehinkitw.info/YnNTVUQDETA4ewNOMXMxEB9ucHYkVmETIFEHYC9wFhY2LSAJQSF7Jw4cJjEiEBw9IWoMFidwdiQrBAIoAyQbFHIgGQJwdiAnKmUFMh4FHyZTByIMEShWYRMFGxhgHS0OJhcXN1IwOWwyMhoSPwgIOSIeBRUWNRYzKSMFBzUEGyRhBhhCPwMuFTscAhIgFSQyYVAxHD51FicqbXE2JwISDSY2MBsVClZhEyUIKSAHdhJKAjgoIDo+OQYENTwMIjc5IxcQL0ERBgIvEhQyDTslaxMmCSFrAiwKSgI4LwA/G2QAJTU7JB00RiMEDFsCAhFwLzwHGCIENSA2JQkxPAITTwMjBAMKPjISIzU+ESZhUDUDPXwKJxQyITMkOwwgJRsEGQIwAXU/Nw0dI2gSITcAA3EEIykSLFArBiI
IP 52.85.242.41:80
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3006), with no line terminators
Hash 178c071656aa9a1364f7dea48f812e33
a13078b227b239ab9fd6eb05209667826c5328a6
f013dfebb4d90ac20854dcaf5ee542b5afe9872ca3d85e8a02026c3fe147fffc
GET /YnNTVUQDETA4ewNOMXMxEB9ucHYkVmETIFEHYC9wFhY2LSAJQSF7Jw4cJjEiEBw9IWoMFidwdiQrBAIoAyQbFHIgGQJwdiAnKmUFMh4FHyZTByIMEShWYRMFGxhgHS0OJhcXN1IwOWwyMhoSPwgIOSIeBRUWNRYzKSMFBzUEGyRhBhhCPwMuFTscAhIgFSQyYVAxHD51FicqbXE2JwISDSY2MBsVClZhEyUIKSAHdhJKAjgoIDo+OQYENTwMIjc5IxcQL0ERBgIvEhQyDTslaxMmCSFrAiwKSgI4LwA/G2QAJTU7JB00RiMEDFsCAhFwLzwHGCIENSA2JQkxPAITTwMjBAMKPjISIzU+ESZhUDUDPXwKJxQyITMkOwwgJRsEGQIwAXU/Nw0dI2gSITcAA3EEIykSLFArBiI HTTP/1.1
Host: kultingecauyuksehinkitw.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1163
Connection: keep-alive
Date: Wed, 07 Jun 2023 06:00:55 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
X-Cache: Miss from cloudfront
Via: 1.1 23c0f38b3232ce0b791a0dc79e0ef642.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN1-C1
X-Amz-Cf-Id: F5yoMTe5R16Lxrq92bDtszLFpwT2LnAxgWsoikHb0NbcvuwJ6k23kw==
thycantyoubelike.com/V2QzOEh4W1BLdQIyfkEcOl1DYT8BXWtVAjAla1wsDSN2ei0RDxVMITNZCg56Z10BHjg+AA4JcHEXR1k8IhcOCW4+ClVXdXESDglmZ0oBFntxEQ4JbiMUUl91ZkJDTDw7WQIOcGFVAg9+YlAACng
188.114.96.1204 No Content 0 B URL GET HTTP/2 thycantyoubelike.com/V2QzOEh4W1BLdQIyfkEcOl1DYT8BXWtVAjAla1wsDSN2ei0RDxVMITNZCg56Z10BHjg+AA4JcHEXR1k8IhcOCW4+ClVXdXESDglmZ0oBFntxEQ4JbiMUUl91ZkJDTDw7WQIOcGFVAg9+YlAACng
IP 188.114.96.1:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subjectthycantyoubelike.com
FingerprintEE:1F:4E:1B:ED:D1:D3:7C:D8:9A:87:62:4F:8A:C0:01:0C:0E:25:F4
ValidityThu, 01 Jun 2023 15:44:27 GMT - Wed, 30 Aug 2023 15:44:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /V2QzOEh4W1BLdQIyfkEcOl1DYT8BXWtVAjAla1wsDSN2ei0RDxVMITNZCg56Z10BHjg+AA4JcHEXR1k8IhcOCW4+ClVXdXESDglmZ0oBFntxEQ4JbiMUUl91ZkJDTDw7WQIOcGFVAg9+YlAACng HTTP/1.1
Host: thycantyoubelike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Wed, 07 Jun 2023 06:00:55 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Y%2BuTWPH2Lh9%2F7gu8puXSxnZBW%2B4TDIgJw8O%2FW5w4wJxYd6vaKrsP4IJaY%2BVNZXy4og%2BfzwbTayO2XD%2FJbQosEmTE2bTBt9Yge%2FbPWtNq7on2hPDyRfxYsDef7ON3nUO%2BeGjoBzRzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d36ad6f7cad069b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
thycantyoubelike.com/ZWs5eHpKVFoLRwEAdysoMD14G0gVUlpIMB8KCklCNzNJHxw9Kh8MEwFWAE1DVFoBXgoMDwRJXBYfWAwPFlYIXhMLDVZFXBNWCFZJUUUKSlRXTUxFS0MfSRkdWFofCA4RBwRJTF1dCElNU14NS0ld
188.114.96.1204 No Content 0 B URL GET HTTP/2 thycantyoubelike.com/ZWs5eHpKVFoLRwEAdysoMD14G0gVUlpIMB8KCklCNzNJHxw9Kh8MEwFWAE1DVFoBXgoMDwRJXBYfWAwPFlYIXhMLDVZFXBNWCFZJUUUKSlRXTUxFS0MfSRkdWFofCA4RBwRJTF1dCElNU14NS0ld
IP 188.114.96.1:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subjectthycantyoubelike.com
FingerprintEE:1F:4E:1B:ED:D1:D3:7C:D8:9A:87:62:4F:8A:C0:01:0C:0E:25:F4
ValidityThu, 01 Jun 2023 15:44:27 GMT - Wed, 30 Aug 2023 15:44:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ZWs5eHpKVFoLRwEAdysoMD14G0gVUlpIMB8KCklCNzNJHxw9Kh8MEwFWAE1DVFoBXgoMDwRJXBYfWAwPFlYIXhMLDVZFXBNWCFZJUUUKSlRXTUxFS0MfSRkdWFofCA4RBwRJTF1dCElNU14NS0ld HTTP/1.1
Host: thycantyoubelike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Wed, 07 Jun 2023 06:00:55 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eVCBoQX9BI%2FzYTrCe%2B%2BmSvKIcIyTke0biLVAtKYjktpsoG7OrN8hN1TU9NCYBvwMk%2Fa9LUc282MWJ05e%2F9zy7EjBmD5kjzSZae%2Fi%2FAKZdEqQ%2F8%2FgigYG82uq51OiTJAJgJKToFKwZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d36ad6f7caa069b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash fca7925d7c1a1c76360af29ed6eaba8a
942a1bce3f9f64d89586b5138952004ea9da86d9
dad98384ece0c3c5c70c34027bb5e8e558e65922713ef20af6c6560c2c762c4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Jun 2023 06:00:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
xngqoc.com/er?a=1
185.162.85.20200 OK 0 B IP 185.162.85.20:443
ASN #39572 DataWeb Global Group B.V.
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectxngqoc.com
Fingerprint4D:ED:76:7E:B2:4F:87:9C:A3:0B:79:50:6F:CF:19:D2:D9:16:F6:BF
ValidityTue, 02 May 2023 05:01:15 GMT - Mon, 31 Jul 2023 05:01:14 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /er?a=1 HTTP/1.1
Host: xngqoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Jun 2023 06:00:55 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-credentials: true
X-Firefox-Spdy: h2
xngqoc.com/cuload?a=1&e=aeyJwaWQiOjExNDQ2NDYsInNpZCI6MTE5MDM3NSwid2lkIjo0MzMzNDAsImQiOiIiLCJsaSI6MX0=&tz=0&if=0&u=aHR0cDovL2Rlc3R5eS5jb20vZWdJYXNG
185.162.85.20204 No Content 0 B URL GET HTTP/2 xngqoc.com/cuload?a=1&e=aeyJwaWQiOjExNDQ2NDYsInNpZCI6MTE5MDM3NSwid2lkIjo0MzMzNDAsImQiOiIiLCJsaSI6MX0=&tz=0&if=0&u=aHR0cDovL2Rlc3R5eS5jb20vZWdJYXNG
IP 185.162.85.20:443
ASN #39572 DataWeb Global Group B.V.
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectxngqoc.com
Fingerprint4D:ED:76:7E:B2:4F:87:9C:A3:0B:79:50:6F:CF:19:D2:D9:16:F6:BF
ValidityTue, 02 May 2023 05:01:15 GMT - Mon, 31 Jul 2023 05:01:14 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /cuload?a=1&e=aeyJwaWQiOjExNDQ2NDYsInNpZCI6MTE5MDM3NSwid2lkIjo0MzMzNDAsImQiOiIiLCJsaSI6MX0=&tz=0&if=0&u=aHR0cDovL2Rlc3R5eS5jb20vZWdJYXNG HTTP/1.1
Host: xngqoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx/1.18.0
date: Wed, 07 Jun 2023 06:00:55 GMT
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
X-Firefox-Spdy: h2
ptauxofi.net/zone?pub=0&zone_id=4157053&is_mobile=false&domain=destyy.com&var=&ymid=&var_3=
139.45.197.250200 OK 908 B URL GET HTTP/2 ptauxofi.net/zone?pub=0&zone_id=4157053&is_mobile=false&domain=destyy.com&var=&ymid=&var_3=
IP 139.45.197.250:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectptauxofi.net
FingerprintAF:B4:C4:7A:83:50:A4:53:5D:0F:35:13:C2:AB:4D:74:A3:C8:E3:1B
ValidityTue, 21 Mar 2023 05:09:12 GMT - Mon, 19 Jun 2023 05:09:11 GMT
File type JSON data\012- , ASCII text, with very long lines (907)
Hash aa10e80f23b05dd956f0e6d06a8349fc
94b31c78d69a09eb52a5a4a98fcb87f6e986732c
06569a30fc27c6f587f908ef3e90d0bd7ef489a4d2c24664937a491097857382
GET /zone?pub=0&zone_id=4157053&is_mobile=false&domain=destyy.com&var=&ymid=&var_3= HTTP/1.1
Host: ptauxofi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 06:00:55 GMT
content-type: application/json; charset=utf-8
content-length: 908
x-trace-id: 67fc6735ef513a288d18b987a0dacc8e
access-control-allow-origin: http://destyy.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-997869120&l=dataLayer&cx=c
142.250.74.168200 OK 54 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=AW-997869120&l=dataLayer&cx=c
IP 142.250.74.168:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type ASCII text, with very long lines (2271)
Hash 0a5646ba56bba3db9f2699ecb96a6679
b7b8bf833c03eb244af7c000aa8a67b5a9887508
20f7dabfa4289097f48d3064eeb9d43a4633e3654a3ca6a44896158486bbecd2
GET /gtag/js?id=AW-997869120&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Jun 2023 06:00:55 GMT
expires: Wed, 07 Jun 2023 06:00:55 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 54489
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
xngqoc.com/trt?a=1&t=228
185.162.85.20200 OK 0 B IP 185.162.85.20:443
ASN #39572 DataWeb Global Group B.V.
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectxngqoc.com
Fingerprint4D:ED:76:7E:B2:4F:87:9C:A3:0B:79:50:6F:CF:19:D2:D9:16:F6:BF
ValidityTue, 02 May 2023 05:01:15 GMT - Mon, 31 Jul 2023 05:01:14 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /trt?a=1&t=228 HTTP/1.1
Host: xngqoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Jun 2023 06:00:55 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ptauxofi.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectptauxofi.net
FingerprintAF:B4:C4:7A:83:50:A4:53:5D:0F:35:13:C2:AB:4D:74:A3:C8:E3:1B
ValidityTue, 21 Mar 2023 05:09:12 GMT - Mon, 19 Jun 2023 05:09:11 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: ptauxofi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 06:00:55 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: http://destyy.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
www.googletagmanager.com/td?id=AW-997869120&v=3&t=t&pid=311333527&cv=1&rv=3650&tc=1&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=destyy.com%2FegIasF&tdp=AW-997869120;;0;2;0&z=0
142.250.74.168204 No Content 0 B URL GET HTTP/3 www.googletagmanager.com/td?id=AW-997869120&v=3&t=t&pid=311333527&cv=1&rv=3650&tc=1&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=destyy.com%2FegIasF&tdp=AW-997869120;;0;2;0&z=0
IP 142.250.74.168:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /td?id=AW-997869120&v=3&t=t&pid=311333527&cv=1&rv=3650&tc=1&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=destyy.com%2FegIasF&tdp=AW-997869120;;0;2;0&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Wed, 07 Jun 2023 06:00:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.googletagmanager.com/a?id=AW-997869120&v=3&t=t&pid=311333527&cv=1&rv=3650&tc=1&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=destyy.com%2FegIasF&tdp=AW-997869120;;0;2;0&z=0
142.250.74.168200 OK 0 B URL GET HTTP/3 www.googletagmanager.com/a?id=AW-997869120&v=3&t=t&pid=311333527&cv=1&rv=3650&tc=1&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=destyy.com%2FegIasF&tdp=AW-997869120;;0;2;0&z=0
IP 142.250.74.168:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a?id=AW-997869120&v=3&t=t&pid=311333527&cv=1&rv=3650&tc=1&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=destyy.com%2FegIasF&tdp=AW-997869120;;0;2;0&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 06:00:55 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.googletagmanager.com/a?id=AW-997869120&v=3&t=t&pid=311333527&cv=1&rv=3650&tc=1&es=1&e=gtm.init&eid=0&h=Ag&z=0
142.250.74.168200 OK 0 B URL GET HTTP/3 www.googletagmanager.com/a?id=AW-997869120&v=3&t=t&pid=311333527&cv=1&rv=3650&tc=1&es=1&e=gtm.init&eid=0&h=Ag&z=0
IP 142.250.74.168:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a?id=AW-997869120&v=3&t=t&pid=311333527&cv=1&rv=3650&tc=1&es=1&e=gtm.init&eid=0&h=Ag&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 06:00:55 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.googletagmanager.com/a?id=AW-997869120&v=3&t=t&pid=311333527&cv=1&rv=3650&tc=1&es=1&e=gtm.js&eid=1&h=Ag&tr=1rep&ti=1rep&z=0
142.250.74.168200 OK 0 B URL GET HTTP/3 www.googletagmanager.com/a?id=AW-997869120&v=3&t=t&pid=311333527&cv=1&rv=3650&tc=1&es=1&e=gtm.js&eid=1&h=Ag&tr=1rep&ti=1rep&z=0
IP 142.250.74.168:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a?id=AW-997869120&v=3&t=t&pid=311333527&cv=1&rv=3650&tc=1&es=1&e=gtm.js&eid=1&h=Ag&tr=1rep&ti=1rep&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 06:00:55 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ptauxofi.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectptauxofi.net
FingerprintAF:B4:C4:7A:83:50:A4:53:5D:0F:35:13:C2:AB:4D:74:A3:C8:E3:1B
ValidityTue, 21 Mar 2023 05:09:12 GMT - Mon, 19 Jun 2023 05:09:11 GMT
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: ptauxofi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Content-Type: application/json
Content-Length: 395
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 06:00:55 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 5e7d622e52d99f11a3a063496b0a42d6
access-control-allow-origin: http://destyy.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
d3t3z4teexdk2r.cloudfront.net/uMkwyRHFRI1wiTkYlVnlIBH4CfEgUJkErH0JxfBwUeh9xCT8AAUFiBUgoD3RXXi1cI0wUKVwnTANqUyATD3gUMAFdJw8nCFMjRTwDSi9WYgRTcV8rC1sgXiVUAAoHakEXfgJsCQN9F3czF34CKBhcOUphQwI0CnIuBHgXdzMXfgI2Bxd/c3VBC2ICbVQAfF-UhElkjF3Y3AHwDdEEDfANhQwIqWzYUVCNKYUN0fQN1XwJqR3lA
54.230.245.161 495 B URL d3t3z4teexdk2r.cloudfront.net/uMkwyRHFRI1wiTkYlVnlIBH4CfEgUJkErH0JxfBwUeh9xCT8AAUFiBUgoD3RXXi1cI0wUKVwnTANqUyATD3gUMAFdJw8nCFMjRTwDSi9WYgRTcV8rC1sgXiVUAAoHakEXfgJsCQN9F3czF34CKBhcOUphQwI0CnIuBHgXdzMXfgI2Bxd/c3VBC2ICbVQAfF-UhElkjF3Y3AHwDdEEDfANhQwIqWzYUVCNKYUN0fQN1XwJqR3lA
IP 54.230.245.161:0
File type ASCII text, with very long lines (699), with no line terminators
Hash 94daa3ba284ec19c95deb2da079217ee
b865313cbab5dcfc1ca4d63a40dd045f0f381e05
b4b7dd63609a5b25e54d21890019eaee24e410a1f7e92bcd6bb27d627cb75e0a
GET /uMkwyRHFRI1wiTkYlVnlIBH4CfEgUJkErH0JxfBwUeh9xCT8AAUFiBUgoD3RXXi1cI0wUKVwnTANqUyATD3gUMAFdJw8nCFMjRTwDSi9WYgRTcV8rC1sgXiVUAAoHakEXfgJsCQN9F3czF34CKBhcOUphQwI0CnIuBHgXdzMXfgI2Bxd/c3VBC2ICbVQAfF-UhElkjF3Y3AHwDdEEDfANhQwIqWzYUVCNKYUN0fQN1XwJqR3lA HTTP/1.1
Host: d3t3z4teexdk2r.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://kultingecauyuksehinkitw.info/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 495
Connection: keep-alive
Date: Wed, 07 Jun 2023 06:00:55 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: SwqaJ6QfZAoyDzyQXnjJkzmhNTKwVRAeJLia5b042BVIAYAhwOkHNw==
www.googletagmanager.com/a?id=AW-997869120&v=3&t=t&pid=311333527&cv=1&rv=3650&tc=1&es=1&e=gtag.config&eid=3&u=AAAAAAAAAAAAAIA&h=Ag&epr=1AW&z=0
142.250.74.168200 OK 0 B URL GET HTTP/3 www.googletagmanager.com/a?id=AW-997869120&v=3&t=t&pid=311333527&cv=1&rv=3650&tc=1&es=1&e=gtag.config&eid=3&u=AAAAAAAAAAAAAIA&h=Ag&epr=1AW&z=0
IP 142.250.74.168:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a?id=AW-997869120&v=3&t=t&pid=311333527&cv=1&rv=3650&tc=1&es=1&e=gtag.config&eid=3&u=AAAAAAAAAAAAAIA&h=Ag&epr=1AW&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 06:00:55 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
d3t3z4teexdk2r.cloudfront.net/rUFc2RHYzOFgiSSQ+UnlPZW4HdU52PUUrGCBqQxM3IBN/PCUjLkYSBxtxQj4SbWcQKBc+MAtiEz40C3VQMTNUeUJ2I0YrHW00TyUZJy9EPBU0cUMlSz04TC0aPDYTdjBleQZhRGB/TnVHdWR0YURgO18qAyhyBHQOaGFpckJ1ZHRhRGAlQGFFEWYGfVhgfh-N2RjcyVS8ZdWVwdkZhZwZ1RmFyBHQQOSVTIhkocgQCR2FmGHRQJWoH
54.230.245.99 505 B URL d3t3z4teexdk2r.cloudfront.net/rUFc2RHYzOFgiSSQ+UnlPZW4HdU52PUUrGCBqQxM3IBN/PCUjLkYSBxtxQj4SbWcQKBc+MAtiEz40C3VQMTNUeUJ2I0YrHW00TyUZJy9EPBU0cUMlSz04TC0aPDYTdjBleQZhRGB/TnVHdWR0YURgO18qAyhyBHQOaGFpckJ1ZHRhRGAlQGFFEWYGfVhgfh-N2RjcyVS8ZdWVwdkZhZwZ1RmFyBHQQOSVTIhkocgQCR2FmGHRQJWoH
IP 54.230.245.99:0
File type ASCII text, with very long lines (698), with no line terminators
Hash 7a72109a7cf117f36fb0a349c4335716
e2320e00323eac4e2b8cbb54375db92d685d4368
b1d175c354d89527491a12feda63d8d01d23d0d94dabfe9f69677b7604fe75af
GET /rUFc2RHYzOFgiSSQ+UnlPZW4HdU52PUUrGCBqQxM3IBN/PCUjLkYSBxtxQj4SbWcQKBc+MAtiEz40C3VQMTNUeUJ2I0YrHW00TyUZJy9EPBU0cUMlSz04TC0aPDYTdjBleQZhRGB/TnVHdWR0YURgO18qAyhyBHQOaGFpckJ1ZHRhRGAlQGFFEWYGfVhgfh-N2RjcyVS8ZdWVwdkZhZwZ1RmFyBHQQOSVTIhkocgQCR2FmGHRQJWoH HTTP/1.1
Host: d3t3z4teexdk2r.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://kultingecauyuksehinkitw.info/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 505
Connection: keep-alive
Date: Wed, 07 Jun 2023 06:00:55 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: sv6WEn1a9l3QJTKG_xv6RgamlVS-ddGEapgy6JLovWeV7t_0iFCRGQ==
d3t3z4teexdk2r.cloudfront.net/XWWlaWHA6BjQ+Ty0APmVJb1tqYUJ/Ayk3HilUDBs0Cj9vPiAjLjJqKAwefCwKPVRqfhw4Bz1lVjwHOWVBfwg+Ok1tTy85TTQGIDEcNQh/ajZsR2p9QmlBImlBfFoYfUJpBTM2BSFMaGgIYV8FbkR8Whh9QmkbLH1DGFhqYV5pQH9qQD4MOTMffFscakBoWW-ppQGhMaGgWMBs/Ph8hTGgeQWhYdGhWLFRr
54.230.245.99 209 B URL d3t3z4teexdk2r.cloudfront.net/XWWlaWHA6BjQ+Ty0APmVJb1tqYUJ/Ayk3HilUDBs0Cj9vPiAjLjJqKAwefCwKPVRqfhw4Bz1lVjwHOWVBfwg+Ok1tTy85TTQGIDEcNQh/ajZsR2p9QmlBImlBfFoYfUJpBTM2BSFMaGgIYV8FbkR8Whh9QmkbLH1DGFhqYV5pQH9qQD4MOTMffFscakBoWW-ppQGhMaGgWMBs/Ph8hTGgeQWhYdGhWLFRr
IP 54.230.245.99:0
File type ASCII text, with no line terminators
Hash 6885e01e58085283224b1cbfc644ea44
00a94096a18eade8512b2b559eff5c5831fd2995
fc9a70c8f8164885e06fdf19560b26573e4c88111dd6e687615a8b060a3b638d
GET /XWWlaWHA6BjQ+Ty0APmVJb1tqYUJ/Ayk3HilUDBs0Cj9vPiAjLjJqKAwefCwKPVRqfhw4Bz1lVjwHOWVBfwg+Ok1tTy85TTQGIDEcNQh/ajZsR2p9QmlBImlBfFoYfUJpBTM2BSFMaGgIYV8FbkR8Whh9QmkbLH1DGFhqYV5pQH9qQD4MOTMffFscakBoWW-ppQGhMaGgWMBs/Ph8hTGgeQWhYdGhWLFRr HTTP/1.1
Host: d3t3z4teexdk2r.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://kultingecauyuksehinkitw.info/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 209
Connection: keep-alive
Date: Wed, 07 Jun 2023 06:00:55 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7dbPlQaO1Y2kxu6HzX6sgC-ze8f9oDy0tH0zDb7mByL1dHYI1C2NqQ==
www.googletagmanager.com/a?id=AW-997869120&v=3&t=t&pid=311333527&cv=1&rv=3650&tc=1&es=1&e=gtm.dom&eid=4&u=AAAAAAAAAAAAAIA&h=Ag&z=0
142.250.74.168200 OK 0 B URL GET HTTP/3 www.googletagmanager.com/a?id=AW-997869120&v=3&t=t&pid=311333527&cv=1&rv=3650&tc=1&es=1&e=gtm.dom&eid=4&u=AAAAAAAAAAAAAIA&h=Ag&z=0
IP 142.250.74.168:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a?id=AW-997869120&v=3&t=t&pid=311333527&cv=1&rv=3650&tc=1&es=1&e=gtm.dom&eid=4&u=AAAAAAAAAAAAAIA&h=Ag&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 06:00:55 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
amunfezanttor.com/event
139.45.197.250200 OK 0 B IP 139.45.197.250:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint06:75:EF:D1:99:AE:A5:FA:8B:93:D3:D4:ED:BD:88:51:DA:2A:62:B3
ValidityFri, 31 Mar 2023 10:01:30 GMT - Thu, 29 Jun 2023 10:01:29 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 06:00:55 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: http://destyy.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=f0a003d124d74be4b8e77512eeda0509&zoneId=4157053&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL GET HTTP/2 my.rtmark.net/gid.js?pub=0&userId=f0a003d124d74be4b8e77512eeda0509&zoneId=4157053&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint84:56:36:C3:24:DE:FB:F0:E7:EB:EB:9D:C8:B6:28:31:B5:3C:8B:80
ValiditySat, 06 May 2023 08:48:01 GMT - Fri, 04 Aug 2023 08:48:00 GMT
File type JSON data\012- , ASCII text
Hash ed6caa5aa35b9c127e5219d97089528b
5006838f2e2b9d96da0afe436a25d2d2e7e32190
975a0f436758c19f266c73ee4d90e9e5c5ad75f1d3c8dd4e0059b26cd698de45
GET /gid.js?pub=0&userId=f0a003d124d74be4b8e77512eeda0509&zoneId=4157053&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 06:00:55 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://destyy.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f0a003d124d74be4b8e77512eeda0509; expires=Thu, 06 Jun 2024 06:00:55 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ptauxofi.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectptauxofi.net
FingerprintAF:B4:C4:7A:83:50:A4:53:5D:0F:35:13:C2:AB:4D:74:A3:C8:E3:1B
ValidityTue, 21 Mar 2023 05:09:12 GMT - Mon, 19 Jun 2023 05:09:11 GMT
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: ptauxofi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Content-Type: application/json
Content-Length: 396
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 06:00:55 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 00c49108ffe256213c8c09785442d66c
access-control-allow-origin: http://destyy.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
amunfezanttor.com/event
139.45.197.250200 OK 94 B IP 139.45.197.250:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint06:75:EF:D1:99:AE:A5:FA:8B:93:D3:D4:ED:BD:88:51:DA:2A:62:B3
ValidityFri, 31 Mar 2023 10:01:30 GMT - Thu, 29 Jun 2023 10:01:29 GMT
File type JSON data\012- , ASCII text
Hash bc10ee4c858c4758c2bcbd88ba2c3e8d
1a4cf02f4f647402ccfb309c321e0263d95166a9
d50b87f61af7b956b9395b2b4ecd0ceb492ceceeffa293020b88270139343a1b
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Content-Type: application/json
Content-Length: 518
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 06:00:55 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: c376f0d7ca278cf8102d9239077da884
access-control-allow-origin: http://destyy.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
amunfezanttor.com/event
139.45.197.250200 OK 94 B IP 139.45.197.250:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint06:75:EF:D1:99:AE:A5:FA:8B:93:D3:D4:ED:BD:88:51:DA:2A:62:B3
ValidityFri, 31 Mar 2023 10:01:30 GMT - Thu, 29 Jun 2023 10:01:29 GMT
File type JSON data\012- , ASCII text
Hash a57b177688303c6486725132f3d902c8
fd1018253658bda29f8aac91f98fd60d3edb66e7
3248cc85aaff606be819df64262e4edd52bf24dcde69849b88be6573506f40cc
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Content-Type: application/json
Content-Length: 518
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 06:00:55 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 53ee081a69577da848d54571a1c6ef86
access-control-allow-origin: http://destyy.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
prhzxq.com/wnrw?aid=8707187291556299550&a=1
185.162.85.2200 OK 0 B URL GET HTTP/2 prhzxq.com/wnrw?aid=8707187291556299550&a=1
IP 185.162.85.2:443
ASN #39572 DataWeb Global Group B.V.
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectprhzxq.com
FingerprintE2:7B:B2:5A:29:BC:18:8B:54:42:18:94:DC:A8:70:6D:AC:91:62:83
ValidityTue, 21 Mar 2023 21:20:12 GMT - Mon, 19 Jun 2023 21:20:11 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wnrw?aid=8707187291556299550&a=1 HTTP/1.1
Host: prhzxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Jun 2023 06:00:55 GMT
content-length: 0
access-control-allow-origin: http://destyy.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 961c288aeb77b438f9bd71bcad4d1fff
5a749013d4b1dccdb050086fde77d3914f5381be
e8bbef16e16ed6ab794e949db9ccfb1b4c37c9645b3cd5d5138660d50ea6ad37
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Jun 2023 06:00:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js
142.250.74.35200 OK 166 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (749)
Size 166 kB (166186 bytes)
Hash ee07ba65373413be83ec0d45887c2a44
13646acedb5d781fed2599c46634b4e58b8217db
d946e8f3fb4fe90a5ae3027b91a76703106e2c5c1d762fc3fc230895db7b6048
GET /recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166186
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Jun 2023 17:46:58 GMT
expires: Wed, 05 Jun 2024 17:46:58 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 30 May 2023 00:01:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 44037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 961c288aeb77b438f9bd71bcad4d1fff
5a749013d4b1dccdb050086fde77d3914f5381be
e8bbef16e16ed6ab794e949db9ccfb1b4c37c9645b3cd5d5138660d50ea6ad37
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Jun 2023 06:00:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
thycantyoubelike.com/popunder.gif
188.114.96.1200 OK 0 B URL GET HTTP/3 thycantyoubelike.com/popunder.gif
IP 188.114.96.1:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subjectthycantyoubelike.com
FingerprintEE:1F:4E:1B:ED:D1:D3:7C:D8:9A:87:62:4F:8A:C0:01:0C:0E:25:F4
ValidityThu, 01 Jun 2023 15:44:27 GMT - Wed, 30 Aug 2023 15:44:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder.gif HTTP/1.1
Host: thycantyoubelike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Wed, 07 Jun 2023 06:00:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 07 Jun 2023 07:00:55 GMT
Location: https://thycantyoubelike.com/popunder.gif
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X8Vs4l2WwFuCEuFYg3GxSecnUmBmR6XS3gBFRY22sOW1aZXBYMJn17UnNpXril1Y4RqEohtEp0XROFDLIlRaT1p0qcqI6e%2BNKKt%2Bac4HiztURGgOAjiIpynhA8AAQMFs5a8lLR8D8w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d36ad75d90c0b39-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash b2ec6c1f0c77c6e9a2796d3ac3294d0e
9fd82891ead5aec13abee83cf6b7a59375b2c3c5
63cb3c8767a9e5925cf61dce28b4d578aad09e7ba9358039648f05c9d98b4484
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Jun 2023 06:00:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kultingecauyuksehinkitw.info/utx?cb=x50kNhVB1yKJ&top=destyy.com&tid=959118
52.85.242.41204 No Content 0 B URL GET HTTP/2 kultingecauyuksehinkitw.info/utx?cb=x50kNhVB1yKJ&top=destyy.com&tid=959118
IP 52.85.242.41:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerAmazon
Subjectkultingecauyuksehinkitw.info
Fingerprint92:71:EB:2A:19:25:DF:1C:2A:8F:E3:1A:92:7B:DD:8F:18:79:39:0F
ValidityThu, 27 Apr 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=x50kNhVB1yKJ&top=destyy.com&tid=959118 HTTP/1.1
Host: kultingecauyuksehinkitw.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Wed, 07 Jun 2023 06:00:56 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://destyy.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 07 Jun 2023 06:01:56 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 22696b6e831fc717b53b9273ad3341c2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: v7dPWXFucaPgnPVVGl-Hn5EdgjR-o-MH_hydzrJCO6znGKVMDDdh1Q==
X-Firefox-Spdy: h2
kultingecauyuksehinkitw.info/utx?cb=xhtApGLVF0JC&top=destyy.com&tid=962089
52.85.242.41204 No Content 0 B URL GET HTTP/2 kultingecauyuksehinkitw.info/utx?cb=xhtApGLVF0JC&top=destyy.com&tid=962089
IP 52.85.242.41:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerAmazon
Subjectkultingecauyuksehinkitw.info
Fingerprint92:71:EB:2A:19:25:DF:1C:2A:8F:E3:1A:92:7B:DD:8F:18:79:39:0F
ValidityThu, 27 Apr 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=xhtApGLVF0JC&top=destyy.com&tid=962089 HTTP/1.1
Host: kultingecauyuksehinkitw.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Wed, 07 Jun 2023 06:00:56 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://destyy.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 07 Jun 2023 06:01:56 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 22696b6e831fc717b53b9273ad3341c2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: 99s3YXdvkG4cNlH0KzvooYPRePUFmLNqn0OcANbkyhMh1BKP4szp-w==
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/anchor?ar=1&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8&co=aHR0cDovL2Rlc3R5eS5jb206ODA.&hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&size=invisible&badge=bottomright&cb=8xd6w66scfr5
142.250.74.132200 OK 28 kB URL GET HTTP/3 www.google.com/recaptcha/api2/anchor?ar=1&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8&co=aHR0cDovL2Rlc3R5eS5jb206ODA.&hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&size=invisible&badge=bottomright&cb=8xd6w66scfr5
IP 142.250.74.132:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (43153)
Hash 8b2865527dd7cfaef9f58c9494457bc7
a0a575531107ebb07e250719457011d52556e42a
a5e53dae4bc435de5f6712fee4efe1a13f9485b0d395da5e2ad42c491793fbe0
GET /recaptcha/api2/anchor?ar=1&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8&co=aHR0cDovL2Rlc3R5eS5jb206ODA.&hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&size=invisible&badge=bottomright&cb=8xd6w66scfr5 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 07 Jun 2023 06:00:56 GMT
content-security-policy: script-src 'nonce-XphbeYfEumQHbi77qamM7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 28058
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
thycantyoubelike.com/popunder.gif
188.114.96.1200 OK 441 B URL GET HTTP/3 thycantyoubelike.com/popunder.gif
IP 188.114.96.1:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subjectthycantyoubelike.com
FingerprintEE:1F:4E:1B:ED:D1:D3:7C:D8:9A:87:62:4F:8A:C0:01:0C:0E:25:F4
ValidityThu, 01 Jun 2023 15:44:27 GMT - Wed, 30 Aug 2023 15:44:26 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 277aa5d9607dc0ddd4541507cfe875c8
7c1cd7ff3ba82a5bbff56d7e70d219cb6782e445
04cf310079d00a18ea2be4d76978a2cc05b6c54449300a09a0a30be3464e4cd5
GET /popunder.gif HTTP/1.1
Host: thycantyoubelike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 06:00:56 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 407353
last-modified: Fri, 02 Jun 2023 12:51:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g27YBsy9XiCEAFUKlt%2FcNetlbp0dYIHCilmHPcaOziJ0%2BR0ADKx6tWxv%2FUA5yIDoeePxPg9C0LxvFVk5CHKGcjjmJF7vaKV5vcVicjcgJtsMrxey8sp4je%2B3MRUP%2Bhp129Xhon0m1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d36ad763b7e0b51-OSL
alt-svc: h3=":443"; ma=86400
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&ffgf=1&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneF4mT4oL3AHvLQp0Xnjxc4II0MXRXhDagJuGTGcmX09WZxNCV0MoYth5KtV1wOvvktYiRER
142.250.74.109302 Found 397 B URL GET HTTP/3 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&ffgf=1&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneF4mT4oL3AHvLQp0Xnjxc4II0MXRXhDagJuGTGcmX09WZxNCV0MoYth5KtV1wOvvktYiRER
IP 142.250.74.109:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (390)
Hash 5061efea8882ffb7bfd1ac15d0ac0775
3e0e586ce2b45ef70a3c3977bb8ed9d466bed19f
96d16ecbcc5dde5b2e3c9122038685a70cbe84cdba516a23a9e48cc9775bc2b7
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&ffgf=1&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneF4mT4oL3AHvLQp0Xnjxc4II0MXRXhDagJuGTGcmX09WZxNCV0MoYth5KtV1wOvvktYiRER HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:l8ja-rob8S4IaL1maGbC72ZT8T9VYA:REnRvCZJBBRsKqy5;Path=/;Expires=Fri, 06-Jun-2025 06:00:56 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 07 Jun 2023 06:00:56 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S218300087%3A1686117656362225&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneFjB16GuhIM2Ebo-j5sr073Wv_A-aAnZ3m0H1R78InrYtyUiGIgkn5vWxXN0D_j6MSAZ_XqtQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-mCUC8TiV8hH7PvOo_T8vNw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 397
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css
142.250.74.35200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (56403), with no line terminators
Hash 83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
GET /recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Jun 2023 02:47:23 GMT
expires: Thu, 06 Jun 2024 02:47:23 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 30 May 2023 00:01:16 GMT
content-type: text/css
vary: Accept-Encoding
age: 11613
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js
142.250.74.35200 OK 166 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (749)
Size 166 kB (166186 bytes)
Hash ee07ba65373413be83ec0d45887c2a44
13646acedb5d781fed2599c46634b4e58b8217db
d946e8f3fb4fe90a5ae3027b91a76703106e2c5c1d762fc3fc230895db7b6048
GET /recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166186
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Jun 2023 17:46:58 GMT
expires: Wed, 05 Jun 2024 17:46:58 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 30 May 2023 00:01:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 44038
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
thycantyoubelike.com/cEp0d2RfdRcEWRMNFw0GJS4zIRMEHBciNigJGCFBQgglRlAyHCw+QgQjEEpdRXNFRlxWOh0TWUFsBwMFBD8HSldAekVRDR4sG0pUQHpFURJNe1pEUF55RllWVj9JRlRAf0VDUEJ/REVUQ3pDQkIEOhUQWUFsBAMQHHdFQVxGe0VAUkV/TUFV
188.114.96.1204 No Content 0 B URL POST HTTP/3 thycantyoubelike.com/cEp0d2RfdRcEWRMNFw0GJS4zIRMEHBciNigJGCFBQgglRlAyHCw+QgQjEEpdRXNFRlxWOh0TWUFsBwMFBD8HSldAekVRDR4sG0pUQHpFURJNe1pEUF55RllWVj9JRlRAf0VDUEJ/REVUQ3pDQkIEOhUQWUFsBAMQHHdFQVxGe0VAUkV/TUFV
IP 188.114.96.1:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subjectthycantyoubelike.com
FingerprintEE:1F:4E:1B:ED:D1:D3:7C:D8:9A:87:62:4F:8A:C0:01:0C:0E:25:F4
ValidityThu, 01 Jun 2023 15:44:27 GMT - Wed, 30 Aug 2023 15:44:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cEp0d2RfdRcEWRMNFw0GJS4zIRMEHBciNigJGCFBQgglRlAyHCw+QgQjEEpdRXNFRlxWOh0TWUFsBwMFBD8HSldAekVRDR4sG0pUQHpFURJNe1pEUF55RllWVj9JRlRAf0VDUEJ/REVUQ3pDQkIEOhUQWUFsBAMQHHdFQVxGe0VAUkV/TUFV HTTP/1.1
Host: thycantyoubelike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
date: Wed, 07 Jun 2023 06:00:56 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x2X4SAFksz3wwN%2Fbhy1wF2HgrTpCgDa%2F55Tr9sAHAr%2Bghv5OWPNrSRwnI7gP9wHVb6vUywQr4mOGRJk%2BXPfL8VbmnV2GDuUSFtrBbx3CMSKWLQbVGrb62ztTlvaBMXKgak4cGOPGkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d36ad791e890b51-OSL
alt-svc: h3=":443"; ma=86400
accounts.google.com/v3/signin/identifier?dsh=S218300087%3A1686117656362225&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneFjB16GuhIM2Ebo-j5sr073Wv_A-aAnZ3m0H1R78InrYtyUiGIgkn5vWxXN0D_j6MSAZ_XqtQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
142.250.74.109403 Forbidden 16 kB URL GET HTTP/3 accounts.google.com/v3/signin/identifier?dsh=S218300087%3A1686117656362225&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneFjB16GuhIM2Ebo-j5sr073Wv_A-aAnZ3m0H1R78InrYtyUiGIgkn5vWxXN0D_j6MSAZ_XqtQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP 142.250.74.109:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type gzip compressed data, max compression\012- data
Hash 1bdd71d1046c6ff415d67308eeee00e4
35c28c24a9acdc592a8a79c42659dfbf403e951b
3961cace3bb904a64abe0b9ea1a6822ebe48188036a91345043aafccf0f5981a
GET /v3/signin/identifier?dsh=S218300087%3A1686117656362225&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneFjB16GuhIM2Ebo-j5sr073Wv_A-aAnZ3m0H1R78InrYtyUiGIgkn5vWxXN0D_j6MSAZ_XqtQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 07 Jun 2023 06:00:56 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-w9p5l7SnMGl1dXpQbBmY-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8&co=aHR0cDovL2Rlc3R5eS5jb206ODA.&hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&size=invisible&badge=bottomright&cb=8xd6w66scfr5
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Jun 2023 21:40:21 GMT
expires: Wed, 05 Jun 2024 21:40:21 GMT
cache-control: public, max-age=31536000
age: 30035
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/webworker.js?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-
142.250.74.132200 OK 112 B URL GET HTTP/3 www.google.com/recaptcha/api2/webworker.js?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-
IP 142.250.74.132:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8&co=aHR0cDovL2Rlc3R5eS5jb206ODA.&hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&size=invisible&badge=bottomright&cb=8xd6w66scfr5
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type ASCII text, with no line terminators
Hash 28c612c7ed1d28591eb7ed8d95816a94
bc402ec3d9eccbb9ce2b682bb43fa23ab92afb80
dc304d634887ea89a42e74d959fdc8dc4517e33e0df44764aad5bc63870ccb29
GET /recaptcha/api2/webworker.js?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL- HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8&co=aHR0cDovL2Rlc3R5eS5jb206ODA.&hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&size=invisible&badge=bottomright&cb=8xd6w66scfr5
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
expires: Wed, 07 Jun 2023 06:00:56 GMT
date: Wed, 07 Jun 2023 06:00:56 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/logo_48.png
142.250.74.35200 OK 2.2 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/logo_48.png
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8&co=aHR0cDovL2Rlc3R5eS5jb206ODA.&hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&size=invisible&badge=bottomright&cb=8xd6w66scfr5
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Jun 2023 21:48:58 GMT
expires: Mon, 12 Jun 2023 21:48:58 GMT
cache-control: public, max-age=604800
age: 115918
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js
142.250.74.35200 OK 166 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (749)
Size 166 kB (166186 bytes)
Hash ee07ba65373413be83ec0d45887c2a44
13646acedb5d781fed2599c46634b4e58b8217db
d946e8f3fb4fe90a5ae3027b91a76703106e2c5c1d762fc3fc230895db7b6048
GET /recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166186
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Jun 2023 17:46:58 GMT
expires: Wed, 05 Jun 2024 17:46:58 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 30 May 2023 00:01:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 44038
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ptauxofi.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectptauxofi.net
FingerprintAF:B4:C4:7A:83:50:A4:53:5D:0F:35:13:C2:AB:4D:74:A3:C8:E3:1B
ValidityTue, 21 Mar 2023 05:09:12 GMT - Mon, 19 Jun 2023 05:09:11 GMT
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: ptauxofi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Content-Type: application/json
Content-Length: 731
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 06:00:56 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 6d76faab373841164e2b2378c2a99532
access-control-allow-origin: http://destyy.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/bframe?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8
142.250.74.132200 OK 1.2 kB URL GET HTTP/3 www.google.com/recaptcha/api2/bframe?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8
IP 142.250.74.132:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d9c5e57a45b3e07b07eb37f348652b54
1acdc8ca0a723e67a355e23895a1346efdc84d8d
d66447fc81d608b8e57261a3feaf11a5bd6c780097ee4ab74050f1627b49e803
GET /recaptcha/api2/bframe?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 07 Jun 2023 06:00:56 GMT
content-security-policy: script-src 'nonce-wpKfmTxOkeGdR431GZNpzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1159
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
xdiwbc.com/template/social.html
172.64.106.34200 OK 26 kB URL GET HTTP/2 xdiwbc.com/template/social.html
IP 172.64.106.34:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subjectxdiwbc.com
Fingerprint61:FF:DC:7A:FB:AC:AA:50:F3:3E:E2:87:38:DC:6A:46:09:4F:B8:D9
ValidityMon, 05 Jun 2023 18:53:28 GMT - Sun, 03 Sep 2023 18:53:27 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4579), with no line terminators
Hash 56d978d63c451d50308e9730f97673e4
72bf07d65dc53fa6d4e27aced10ce40e9549a456
e4aaa8b864033f10089ecbbc1023817b1968fe72fb17398564429c7f07796c80
GET /template/social.html HTTP/1.1
Host: xdiwbc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 07 Jun 2023 06:00:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: http://destyy.com
cache-control: max-age=14400
cf-cache-status: HIT
age: 2372
last-modified: Wed, 07 Jun 2023 05:21:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6GeFQ9L6XZdlMxf50Mf%2FT3KiDkx6j34rCB2JTUN1r7RCaHokYbOxNriFNyBBQR3YdMYm%2BcMJ2xk7Yx%2FaFCko8KsUfbCYXRogGm6VmMd4AWa6K6EKhiELSaTb5D9r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d36ad745c25886d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.109302 Found 166 kB URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.109:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint7A:FE:A8:C4:0F:E7:3E:DE:00:43:83:43:39:F5:0A:1A:CC:D5:74:0E
ValidityFri, 19 May 2023 12:58:14 GMT - Fri, 11 Aug 2023 12:58:13 GMT
File type gzip compressed data, max compression\012- data
Size 166 kB (166186 bytes)
Hash 839a6afa03312253885699c84a96e70b
7d58a182c70501beac223c48636c059632163e65
90c81168c32945db973e0a1da67d6981293a0b3b996459c488ec409a188a7f1d
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
set-cookie: __Host-GAPS=1:616mna_8EmoiCmK2IFDuYIf1LojRPw:AsjRR8NGX_SiZeQU; Expires=Fri, 06-Jun-2025 06:00:56 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 07 Jun 2023 06:00:56 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&ffgf=1&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneHMejD03hwMELBiY_WdCVlS89KO5K_7Wf-Zoqs7FI7PxczVCFoO5MTiQQR-yOtOtxgtTWh4
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-nEdwZycFH8_UEDoERLimnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/reload?k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8
142.250.74.132200 OK 25 kB URL POST HTTP/3 www.google.com/recaptcha/api2/reload?k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8
IP 142.250.74.132:443
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type ASCII text, with very long lines (41337)
Hash 91b4d66e5227aff81bceb597d264ec64
f4e8bd1d5a0a4654261671f57dddc07e8a69bc54
2fa31989ea5423016aa01a6cf524d2cee3f010d0944b4177b782dda522761638
POST /recaptcha/api2/reload?k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 6797
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
date: Wed, 07 Jun 2023 06:00:57 GMT
expires: Wed, 07 Jun 2023 06:00:57 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 24881
server: GSE
set-cookie: _GRECAPTCHA=09ALyjir_sxnHl24tF48Cpltm13YcfGW5Wf772LNivkfKYUHJR178C7Pl-nVzDbTDg_h1aJgow5JLAS_CQNNGdTr0;Path=/recaptcha;Expires=Mon, 04-Dec-2023 06:00:57 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Jun 2023 17:31:32 GMT
expires: Wed, 05 Jun 2024 17:31:32 GMT
cache-control: public, max-age=31536000
age: 44965
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 15340, version 1.0\012- data
Hash 19b7a0adfdd4f808b53af7e2ce2ad4e5
81d5d4c7b5035ad10cce63cf7100295e0c51fdda
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Jun 2023 11:10:37 GMT
expires: Sat, 01 Jun 2024 11:10:37 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
age: 413420
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8&co=aHR0cDovL2Rlc3R5eS5jb206ODA.&hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&size=invisible&badge=bottomright&cb=8xd6w66scfr5
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Jun 2023 21:40:21 GMT
expires: Wed, 05 Jun 2024 21:40:21 GMT
cache-control: public, max-age=31536000
age: 30036
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/api2/refresh_2x.png
142.250.74.35200 OK 600 B URL GET HTTP/3 www.gstatic.com/recaptcha/api2/refresh_2x.png
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 20:49:22 GMT
expires: Wed, 07 Jun 2023 20:49:22 GMT
cache-control: public, max-age=604800
age: 551495
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/audio_2x.png
142.250.74.35200 OK 530 B URL GET HTTP/3 www.gstatic.com/recaptcha/api2/audio_2x.png
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Jun 2023 16:14:42 GMT
expires: Tue, 13 Jun 2023 16:14:42 GMT
cache-control: public, max-age=604800
age: 49575
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/info_2x.png
142.250.74.35200 OK 665 B URL GET HTTP/3 www.gstatic.com/recaptcha/api2/info_2x.png
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 00:56:35 GMT
expires: Thu, 08 Jun 2023 00:56:35 GMT
cache-control: public, max-age=604800
age: 536662
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/api2/payload?p=06AL8dmw-7vNQgMaviCtkQKeVyi5rzCi4puBT1qcCsiZo8efQ8MlfEUy1GPm47IcZfYQRN-sOpa_dGUsmQ6zER3XEUR7IwERE6hfjqEboJYc-Pj_9_njejA28o9XyUNqH_FKx15St9f3zF3PxZDxtmlQ5keXChnIfR5qHEWHsHX8NQOZn-OwFjAqxST_mkp7ef9aKF5IyRTFJH&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8
142.250.74.132200 OK 41 kB URL GET HTTP/3 www.google.com/recaptcha/api2/payload?p=06AL8dmw-7vNQgMaviCtkQKeVyi5rzCi4puBT1qcCsiZo8efQ8MlfEUy1GPm47IcZfYQRN-sOpa_dGUsmQ6zER3XEUR7IwERE6hfjqEboJYc-Pj_9_njejA28o9XyUNqH_FKx15St9f3zF3PxZDxtmlQ5keXChnIfR5qHEWHsHX8NQOZn-OwFjAqxST_mkp7ef9aKF5IyRTFJH&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8
IP 142.250.74.132:443
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x450, components 3\012- data
Hash 125d4e981a292027a2fa2b6bbd7a2a39
a8e726c34f9b06afe1fd4a934977c6aad5cb53c4
8a1c6a7053665222a113027fe8a269740e2ffe4c010622ccc8be920d9e80a40c
GET /recaptcha/api2/payload?p=06AL8dmw-7vNQgMaviCtkQKeVyi5rzCi4puBT1qcCsiZo8efQ8MlfEUy1GPm47IcZfYQRN-sOpa_dGUsmQ6zER3XEUR7IwERE6hfjqEboJYc-Pj_9_njejA28o9XyUNqH_FKx15St9f3zF3PxZDxtmlQ5keXChnIfR5qHEWHsHX8NQOZn-OwFjAqxST_mkp7ef9aKF5IyRTFJH&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8
Cookie: _GRECAPTCHA=09ALyjir_sxnHl24tF48Cpltm13YcfGW5Wf772LNivkfKYUHJR178C7Pl-nVzDbTDg_h1aJgow5JLAS_CQNNGdTr0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
expires: Wed, 07 Jun 2023 06:00:57 GMT
date: Wed, 07 Jun 2023 06:00:57 GMT
cache-control: private, max-age=30
content-type: image/jpeg
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 40679
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.googletagmanager.com/a?id=AW-997869120&v=3&t=t&pid=311333527&cv=1&rv=3650&tc=1&es=1&e=gtm.load&eid=5&u=AgAAAAAAAAAAAIA&h=Ag&z=0
142.250.74.168200 OK 0 B URL GET HTTP/3 www.googletagmanager.com/a?id=AW-997869120&v=3&t=t&pid=311333527&cv=1&rv=3650&tc=1&es=1&e=gtm.load&eid=5&u=AgAAAAAAAAAAAIA&h=Ag&z=0
IP 142.250.74.168:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a?id=AW-997869120&v=3&t=t&pid=311333527&cv=1&rv=3650&tc=1&es=1&e=gtm.load&eid=5&u=AgAAAAAAAAAAAIA&h=Ag&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 06:00:57 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pogothere.xyz/asd100.bin
172.64.106.19200 OK 102 kB IP 172.64.106.19:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 07 Jun 2023 06:00:56 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://destyy.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5430
last-modified: Wed, 07 Jun 2023 04:30:26 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mu5ATzvlzQh%2FVeMjlLU8cFn2T2dmEpPfESrigyLSizH1fkaQLsei6tfxIaQitUEUur%2F%2FczjtH123Gde0EExGt3Ufa9mY7N2lqOvEp%2BRCvfUlrABz5iI8DE83z7pEXRTT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d36ad764d584888-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-1844695949%3A1686117656353130&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneG0Ws-LSJOt0pgiLypwT3nkQAabsqQ1An3lRt5GJPtk0TYuqBEiG_W1JJkoiAzSPejk9jWzkg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
142.250.74.109403 Forbidden 0 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?dsh=S-1844695949%3A1686117656353130&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneG0Ws-LSJOt0pgiLypwT3nkQAabsqQ1An3lRt5GJPtk0TYuqBEiG_W1JJkoiAzSPejk9jWzkg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP 142.250.74.109:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?dsh=S-1844695949%3A1686117656353130&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneG0Ws-LSJOt0pgiLypwT3nkQAabsqQ1An3lRt5GJPtk0TYuqBEiG_W1JJkoiAzSPejk9jWzkg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 07 Jun 2023 06:00:56 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-ILg1p62oQwOR6skonXVN_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pogothere.xyz/
172.64.106.19200 OK 27 B IP 172.64.106.19:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash eafb04a680caa67ed6219345e1980b8a
4b667c803b2448b3bfa9427fbf9a1b08113b26e0
261b288f5a5de1b218107e94cf5c7c48f843814605cd2011a0a641d6cd0e1a7b
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 07 Jun 2023 06:00:56 GMT
content-type: text/plain
set-cookie: csu=1110261599491074@1@1686117656; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://destyy.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPvjA5YwVWNJA4p1BEUj7AFcF%2BiFBD%2F0VdypJ3xzzIsKzc92P%2B4f9fJCtjkjpgyhFDMCC86QoxpTEkf3QxnzlQFEmWRbweFNEoiJgcdBkzCaRxwx78kyVC1T%2BxvphbNt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d36ad764d2b4888-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
i.wmgtr.com/cim/7sHsJGxok1q29pLDUa6kchrvXXkQoroo.png
0.0.0.0 0 B URL GET i.wmgtr.com/cim/7sHsJGxok1q29pLDUa6kchrvXXkQoroo.png
IP 0.0.0.0:0
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjecti.wmgtr.com
Fingerprint7D:1B:65:9B:B8:35:3F:63:AA:D6:0E:B1:DB:13:80:AA:F0:55:75:FC
ValiditySun, 23 Apr 2023 23:02:02 GMT - Sat, 22 Jul 2023 23:02:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cim/7sHsJGxok1q29pLDUa6kchrvXXkQoroo.png HTTP/1.1
Host: i.wmgtr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 07 Jun 2023 06:00:56 GMT
content-type: image/png
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-option: nosniff
content-encoding: gzip
cache-control: max-age=82800
expires: Thu, 08 Jun 2023 05:00:56 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway:400,700
142.250.74.106200 OK 3.3 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Raleway:400,700
IP 142.250.74.106:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (3420), with no line terminators
Hash 72a2e829ec44370c62ec35ff9856e477
721218c8cef4bacbccb86cf872d10f0b8c9bf093
5f38247aaacdf3b2f9954c2290dd948e61d1d5a4b6abe1dc5fa4620ed607f744
GET /css?family=Raleway:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Jun 2023 06:00:54 GMT
date: Wed, 07 Jun 2023 06:00:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.109302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.109:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint7A:FE:A8:C4:0F:E7:3E:DE:00:43:83:43:39:F5:0A:1A:CC:D5:74:0E
ValidityFri, 19 May 2023 12:58:14 GMT - Fri, 11 Aug 2023 12:58:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
set-cookie: __Host-GAPS=1:69tSUzjRH_ou419poZ_hbaLxSFNn7A:XuudttBmI0vo95T5; Expires=Fri, 06-Jun-2025 06:00:56 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 07 Jun 2023 06:00:56 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&ffgf=1&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneF4mT4oL3AHvLQp0Xnjxc4II0MXRXhDagJuGTGcmX09WZxNCV0MoYth5KtV1wOvvktYiRER
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-yQVz76kXx6gv36Qxsj8oGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ptauxofi.net/pfe/current/universal.min.js?v=3.1.438
139.45.197.250200 OK 103 kB URL GET HTTP/2 ptauxofi.net/pfe/current/universal.min.js?v=3.1.438
IP 139.45.197.250:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectptauxofi.net
FingerprintAF:B4:C4:7A:83:50:A4:53:5D:0F:35:13:C2:AB:4D:74:A3:C8:E3:1B
ValidityTue, 21 Mar 2023 05:09:12 GMT - Mon, 19 Jun 2023 05:09:11 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 103 kB (103263 bytes)
Hash 88abe13cd309c4d0ebbf8a298e5bdffe
f40d8541f2f56659251117a14e336aecf7eecb4a
d3df0432dffd1232981b9d981cd6c4618f56ae992502729c36dd2e25be41b642
GET /pfe/current/universal.min.js?v=3.1.438 HTTP/1.1
Host: ptauxofi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 06:00:55 GMT
content-type: application/javascript
last-modified: Fri, 02 Jun 2023 13:08:32 GMT
etag: W/"6479e9d0-1935f"
access-control-allow-origin: http://destyy.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&ffgf=1&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneHMejD03hwMELBiY_WdCVlS89KO5K_7Wf-Zoqs7FI7PxczVCFoO5MTiQQR-yOtOtxgtTWh4
142.250.74.109302 Found 0 B URL GET HTTP/3 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&ffgf=1&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneHMejD03hwMELBiY_WdCVlS89KO5K_7Wf-Zoqs7FI7PxczVCFoO5MTiQQR-yOtOtxgtTWh4
IP 142.250.74.109:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&ffgf=1&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneHMejD03hwMELBiY_WdCVlS89KO5K_7Wf-Zoqs7FI7PxczVCFoO5MTiQQR-yOtOtxgtTWh4 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:2WfBwc6g8X_pIynChUGKFBmkBm3w6Q:xQSj3sKxHxxjyhBD;Path=/;Expires=Fri, 06-Jun-2025 06:00:56 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 07 Jun 2023 06:00:56 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1844695949%3A1686117656353130&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneG0Ws-LSJOt0pgiLypwT3nkQAabsqQ1An3lRt5GJPtk0TYuqBEiG_W1JJkoiAzSPejk9jWzkg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-l-L8qDXSCeZZSM3X_VHigA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 406
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pogothere.xyz/
172.64.106.19200 OK 27 B IP 172.64.106.19:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 5ab0ad868414f4bd6919245fe90410bd
a3cdb5a15fa7d88b3af6df38cf33d296dbe24f26
ed724bab08eefd6db5b0cbca772ddd1ce71203fd75a8c5666ccd7b657b8274a3
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 07 Jun 2023 06:00:56 GMT
content-type: text/plain
set-cookie: csu=1005144250203075@1@1686117656; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://destyy.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iazsWHTAiSdQgnnnvgkXe3CsJktd056tOISbIjSPcKaMNfXSmUQccgvW5jE7pElYGCQgXhDB4rMybCm8L86jH%2BEHqqApCY7NJZnEX2flLG9zqFEAgYoanJAokar2nozQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d36ad764d484888-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
104.26.7.218200 OK 96 kB URL User Request GET HTTP/1.1 destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
IP 104.26.7.218:80
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /egIasF?utm_source=&utm_medium=QL&utm_name=1 HTTP/1.1
Host: destyy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:00:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40-0+deb8u16
Set-Cookie: PHPSESSID=trs7ci2f7hnomd6kqsgrf2tjh1; expires=Wed, 07-Jun-2023 07:00:54 GMT; Max-Age=3600; path=/; domain=.shorte.st; HttpOnly
hl=en; expires=Thu, 06-Jun-2024 06:00:54 GMT; Max-Age=31536000; path=/
cookies-enable=1; path=/; httponly
Cache-Control: no-cache
X-Frame-Options: DENY
X-Server-ID: shn09
X-UA-Compatible: IE=Edge
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZmAOcLksvO0w8HV%2FEGNzOMnDt%2BAixC%2BhgNykSjMS9rUid4BTiYu5QdAOL0yK7lqwrNbMUkEJ6T2u3TULcVyN5pk0cV8Vb58J%2FkzLopvd%2Fpf7EYvATKEL9Vh60wzm"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7d36ad6a1f140afe-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400
prhzxq.com/wnload?a=1&e=aeyJwaWQiOjExMDIzNjAsInNpZCI6MTE5NDYyMywid2lkIjo0Mzk2MzQsImQiOiIiLCJsaSI6Mn0=&tz=0&if=0&u=aHR0cDovL2Rlc3R5eS5jb20vZWdJYXNG&inc=1
185.162.85.2200 OK 375 B URL GET HTTP/2 prhzxq.com/wnload?a=1&e=aeyJwaWQiOjExMDIzNjAsInNpZCI6MTE5NDYyMywid2lkIjo0Mzk2MzQsImQiOiIiLCJsaSI6Mn0=&tz=0&if=0&u=aHR0cDovL2Rlc3R5eS5jb20vZWdJYXNG&inc=1
IP 185.162.85.2:443
ASN #39572 DataWeb Global Group B.V.
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectprhzxq.com
FingerprintE2:7B:B2:5A:29:BC:18:8B:54:42:18:94:DC:A8:70:6D:AC:91:62:83
ValidityTue, 21 Mar 2023 21:20:12 GMT - Mon, 19 Jun 2023 21:20:11 GMT
File type Unicode text, UTF-8 text, with very long lines (410), with no line terminators
Hash d40c32b606eb7273407006f585c354b8
b1614f247aad9d542722fb3008417cbe5ea638c8
3c72d6d9d78d659dc64c906b37dfb432696152eedd56d2d47a6de9bd9face0ec
GET /wnload?a=1&e=aeyJwaWQiOjExMDIzNjAsInNpZCI6MTE5NDYyMywid2lkIjo0Mzk2MzQsImQiOiIiLCJsaSI6Mn0=&tz=0&if=0&u=aHR0cDovL2Rlc3R5eS5jb20vZWdJYXNG&inc=1 HTTP/1.1
Host: prhzxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Jun 2023 06:00:55 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
ptauxofi.net/pfe/current/defaultSkin.min.js
139.45.197.250200 OK 57 kB URL GET HTTP/2 ptauxofi.net/pfe/current/defaultSkin.min.js
IP 139.45.197.250:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjectptauxofi.net
FingerprintAF:B4:C4:7A:83:50:A4:53:5D:0F:35:13:C2:AB:4D:74:A3:C8:E3:1B
ValidityTue, 21 Mar 2023 05:09:12 GMT - Mon, 19 Jun 2023 05:09:11 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/defaultSkin.min.js HTTP/1.1
Host: ptauxofi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 06:00:55 GMT
content-type: application/javascript
last-modified: Fri, 02 Jun 2023 13:08:32 GMT
etag: W/"6479e9d0-df63"
access-control-allow-origin: http://destyy.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.106.19200 OK 102 kB IP 172.64.106.19:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://destyy.com/
Origin: http://destyy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 07 Jun 2023 06:00:56 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://destyy.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5430
last-modified: Wed, 07 Jun 2023 04:30:26 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zIIN7F185TSNkNdP4PyjR%2FPCjFWgQyr0H3NgS28Lt%2BfTI%2F7trA4J4aki6JhTkr9Ndk%2B6kGXgJGoRZPrS%2FmMBGteh%2BNFX90ES35%2FZh7JQ2Q09r18mrpwNw3IpncGwLLYE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d36ad763d1a4888-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
thycantyoubelike.com/Q2tDZ1hsVCAUZRoHES05OSEVPRAFPwEhGioOBQwbFSxyQmoBMzQyfjcCJ1phdVlzX2FlGyoDZXJNMBM5Nx4wWmllAi0BN35NNVppbVh3SWtxRXFBLX5aZRMoIgx+Vn4zHzcLZXJde1Fpclx1UmxwW3E
188.114.96.1204 No Content 0 B URL GET HTTP/2 thycantyoubelike.com/Q2tDZ1hsVCAUZRoHES05OSEVPRAFPwEhGioOBQwbFSxyQmoBMzQyfjcCJ1phdVlzX2FlGyoDZXJNMBM5Nx4wWmllAi0BN35NNVppbVh3SWtxRXFBLX5aZRMoIgx+Vn4zHzcLZXJde1Fpclx1UmxwW3E
IP 188.114.96.1:443
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerGoogle Trust Services LLC
Subjectthycantyoubelike.com
FingerprintEE:1F:4E:1B:ED:D1:D3:7C:D8:9A:87:62:4F:8A:C0:01:0C:0E:25:F4
ValidityThu, 01 Jun 2023 15:44:27 GMT - Wed, 30 Aug 2023 15:44:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Q2tDZ1hsVCAUZRoHES05OSEVPRAFPwEhGioOBQwbFSxyQmoBMzQyfjcCJ1phdVlzX2FlGyoDZXJNMBM5Nx4wWmllAi0BN35NNVppbVh3SWtxRXFBLX5aZRMoIgx+Vn4zHzcLZXJde1Fpclx1UmxwW3E HTTP/1.1
Host: thycantyoubelike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://destyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Wed, 07 Jun 2023 06:00:55 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yrLvn3g84yasX9uRwAljRUmHBKu4YszeXOt2nL%2BKNu3MrtCg%2B%2FN%2B3GtXhYYEJ12IXiXpRlN9yniqTyiG5Yc66%2FEM8uAQ8pErGwu5EVndQUq12g%2FdcyQ%2BkRWFnntpEYpuVNDsvolt3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d36ad6f7ca9069b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
i.wmgtr.com/cic/murhAmQh21f4T9ccQqO5-gsYmuICohiw.png
0.0.0.0 0 B URL GET i.wmgtr.com/cic/murhAmQh21f4T9ccQqO5-gsYmuICohiw.png
IP 0.0.0.0:0
Requested by http://destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
Certificate IssuerLet's Encrypt
Subjecti.wmgtr.com
Fingerprint7D:1B:65:9B:B8:35:3F:63:AA:D6:0E:B1:DB:13:80:AA:F0:55:75:FC
ValiditySun, 23 Apr 2023 23:02:02 GMT - Sat, 22 Jul 2023 23:02:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cic/murhAmQh21f4T9ccQqO5-gsYmuICohiw.png HTTP/1.1
Host: i.wmgtr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 07 Jun 2023 06:00:56 GMT
content-type: image/png
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-option: nosniff
content-encoding: gzip
cache-control: max-age=82800
expires: Thu, 08 Jun 2023 05:00:56 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2