pointedpleasure.com/b.3_Vi0jPk2ll-jnPoXpBqz_Jsmt9u0vP-UxNynzSAk_9CUDQEkFl-KHWIWJ5KK_dMlNlOXPU-mRlSZTVUz_VWrXSY2Zl-BbMcVdpeU_Yg3hdiOjV-Ellm5nTom_1qGrasltp-EvZwGxhyP_VAGBRCoDW-VFRGaHbIF_pKULaMzNF-ZPVQ0RlS4_TU0VRWnXM-kZ1a6bScm_teOfagkhR-rjNkDlRmx_eoEpJqqra-TtIu5vUwV_EytzJAnBJ-yDaEWFQG9_NIGJMKxLZ-mNVOmPYQj_JSjTZUjVU-3XZYGZFah_ZcGdYe3fY-WhZiijYk2_RmmnNoGpU-1rMsGtMuz_OwWxMymzd-nBQC9DMET_cGxHMIzJU-0LOMTNcO5_NQiR0S2TM-jVkW3XMYT_BalbMcTdc-zfOgDhJik_NkTlMm0nZ-WpEq0rYsm_FuivYwTxV-lzOADBcCw_ZEjFlGjHN-iJZK6LbM2_5OlPaQWRQ-9TNUDVgWx_OYDZQaybO-Sd0e0fOgD_Ei4jNkDlM-wn?ce=lnk&cel=https://manhwatop.com/manga/ranker-who-lives-a-second-time-series-manhwa/chapter-168/&dseq=1&rsrc=popscript_popunder&sseq=1
0 B URL pointedpleasure.com/b.3_Vi0jPk2ll-jnPoXpBqz_Jsmt9u0vP-UxNynzSAk_9CUDQEkFl-KHWIWJ5KK_dMlNlOXPU-mRlSZTVUz_VWrXSY2Zl-BbMcVdpeU_Yg3hdiOjV-Ellm5nTom_1qGrasltp-EvZwGxhyP_VAGBRCoDW-VFRGaHbIF_pKULaMzNF-ZPVQ0RlS4_TU0VRWnXM-kZ1a6bScm_teOfagkhR-rjNkDlRmx_eoEpJqqra-TtIu5vUwV_EytzJAnBJ-yDaEWFQG9_NIGJMKxLZ-mNVOmPYQj_JSjTZUjVU-3XZYGZFah_ZcGdYe3fY-WhZiijYk2_RmmnNoGpU-1rMsGtMuz_OwWxMymzd-nBQC9DMET_cGxHMIzJU-0LOMTNcO5_NQiR0S2TM-jVkW3XMYT_BalbMcTdc-zfOgDhJik_NkTlMm0nZ-WpEq0rYsm_FuivYwTxV-lzOADBcCw_ZEjFlGjHN-iJZK6LbM2_5OlPaQWRQ-9TNUDVgWx_OYDZQaybO-Sd0e0fOgD_Ei4jNkDlM-wn?ce=lnk&cel=https://manhwatop.com/manga/ranker-who-lives-a-second-time-series-manhwa/chapter-168/&dseq=1&rsrc=popscript_popunder&sseq=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /b.3_Vi0jPk2ll-jnPoXpBqz_Jsmt9u0vP-UxNynzSAk_9CUDQEkFl-KHWIWJ5KK_dMlNlOXPU-mRlSZTVUz_VWrXSY2Zl-BbMcVdpeU_Yg3hdiOjV-Ellm5nTom_1qGrasltp-EvZwGxhyP_VAGBRCoDW-VFRGaHbIF_pKULaMzNF-ZPVQ0RlS4_TU0VRWnXM-kZ1a6bScm_teOfagkhR-rjNkDlRmx_eoEpJqqra-TtIu5vUwV_EytzJAnBJ-yDaEWFQG9_NIGJMKxLZ-mNVOmPYQj_JSjTZUjVU-3XZYGZFah_ZcGdYe3fY-WhZiijYk2_RmmnNoGpU-1rMsGtMuz_OwWxMymzd-nBQC9DMET_cGxHMIzJU-0LOMTNcO5_NQiR0S2TM-jVkW3XMYT_BalbMcTdc-zfOgDhJik_NkTlMm0nZ-WpEq0rYsm_FuivYwTxV-lzOADBcCw_ZEjFlGjHN-iJZK6LbM2_5OlPaQWRQ-9TNUDVgWx_OYDZQaybO-Sd0e0fOgD_Ei4jNkDlM-wn?ce=lnk&cel=https://manhwatop.com/manga/ranker-who-lives-a-second-time-series-manhwa/chapter-168/&dseq=1&rsrc=popscript_popunder&sseq=1 HTTP/1.1
Host: pointedpleasure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Fri, 19 Apr 2024 19:06:06 GMT
content-type: text/html;charset=UTF-8
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
referrer-policy: no-referrer
x-frame-options: DENY
location: https://pointedpleasure.com/bM3NV.0OP_3QJRySaTW-QV9WNXGYM_xaZbmcVdm-YfjgJhjiZ_jkUl3mZnG-FphqZrGsY_3uYvWwZxi-Yz2ARBmCN_GEUF1GMHG-MJzKOLWMM_mOcPnQNRy-YTzU1VwWb_3YBZzaYb3-JdpecfHgR_ficjGk9lw-dnWo5pkqZ_XsItmucv2-lxkyPzTAQ_4CMDTEgF0-MHjIkJmKd_HMZNyOPPT-ARmSeTmU9_uWZXWYlZk-PbTcId1eM_TgUhxiOjD-cl
x-content-type-options: nosniff
X-Firefox-Spdy: h2
deywepri.com/l?v=dJ_qiFiM
200 OK 3.8 kB URL User Request POST HTTP/1.1 deywepri.com/l?v=dJ_qiFiM
IP
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
File type HTML document, ASCII text, with very long lines (918)
Hash 5878491664e04289ed69f0a8d43b6e91
050a96cb801f4bbe384e16df36c3da2199f4f6aa
f977d405b17f4e9d0920f7ea2a64e54cce026acc05b477ad4623a1bc88e9adc0
POST /l?v=dJ_qiFiM HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 858
Origin: null
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 19:06:06 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
pointedpleasure.com/favicon.ico
0 B URL pointedpleasure.com/favicon.ico
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: pointedpleasure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: uniqCookie=4d5a515a6a4064ec98556c5fcaf73db7; kadCCap=194136:1:1713036790; kadACap=527756:1:1706321074; kadASCap=346327:1:1713553566; kadRPixJ=bnVsbA==; kadUnP3=CAEQnoGLsQYaDQjzwZkBEAEYnoGLsQYaCwi1CBAQGICkhrEGIgoIAxABGJ6Bi7EGKgwIjL0SEAEYnoGLsQYqCwjpAhAQGICkhrEG
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 19 Apr 2024 19:06:06 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
deywepri.com/views/grecaptcha/css/style.css
200 OK 599 B URL GET HTTP/1.1 deywepri.com/views/grecaptcha/css/style.css
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
Hash 27eac474447efeacaa8d51b91912b26d
f630300c7d5c71d2d87472512f4ed4d5fbb5b89a
69790d23d3ec08dbfa6909de36996b4cd3b0154e57b78ccb0e8a281f5e6e72ce
GET /views/grecaptcha/css/style.css HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/l?v=dJ_qiFiM
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 19:06:06 GMT
Content-Type: text/css
Last-Modified: Fri, 22 Mar 2024 10:38:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65fd5f98-67e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
deywepri.com/views/grecaptcha/css/mainstream.css
200 OK 170 B URL GET HTTP/1.1 deywepri.com/views/grecaptcha/css/mainstream.css
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
Hash 52b8c08e14b61f9dec8aa0ca6243dea2
1afe3e1ec5ea900ddbbca25fa085f898fdca6856
c19a3b5e10e979b08b2bcb55f68849e96e390c9bfd0b323a64a451bfbb95bf1c
GET /views/grecaptcha/css/mainstream.css HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/l?v=dJ_qiFiM
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 19:06:06 GMT
Content-Type: text/css
Last-Modified: Fri, 22 Mar 2024 10:38:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65fd5f98-2d1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
deywepri.com/views/grecaptcha/js/recaptcha.min.js?v=1713281383068249900
200 OK 546 B URL GET HTTP/1.1 deywepri.com/views/grecaptcha/js/recaptcha.min.js?v=1713281383068249900
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
File type JavaScript source, ASCII text, with very long lines (1115)
Hash 26ba95d3318a71a043b60f28d2a4ef62
2a60fcd6c6ffd1a9b1268507db9c8e56a232b4df
e935e010bb697396b415fecbdc8e92dc4a3d7277649dfea0c70631fbe5c67505
GET /views/grecaptcha/js/recaptcha.min.js?v=1713281383068249900 HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/l?v=dJ_qiFiM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 19:06:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Mar 2024 10:38:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65fd5f98-4f6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
deywepri.com/views/grecaptcha/js/debugMode.js?v=1713281383068249900
200 OK 434 B URL GET HTTP/1.1 deywepri.com/views/grecaptcha/js/debugMode.js?v=1713281383068249900
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
Hash 9e39ff189e016a78bc35c603f434eae3
8082d791393f3f08aaec171491d57b76d6d6d5aa
22f93a906aa144d4a67e38e0ad3eb6d5b7338949a66390864dec7d3131e362ff
GET /views/grecaptcha/js/debugMode.js?v=1713281383068249900 HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/l?v=dJ_qiFiM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 19:06:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Mar 2024 10:38:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65fd5f98-553"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
deywepri.com/views/grecaptcha/js/botDetect.min.js?v=1713281383068249900
200 OK 9.0 kB URL GET HTTP/1.1 deywepri.com/views/grecaptcha/js/botDetect.min.js?v=1713281383068249900
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
File type JavaScript source, ASCII text, with very long lines (29124)
Hash f7687ff36d6654cde4e042385c02d11f
92b2adb164f45ac1dbc5538b9f3ffdccfed8e482
ba9b728987cd01302f5a311e28bf6513dc2b04d43c8b47743e206ccc7608522e
GET /views/grecaptcha/js/botDetect.min.js?v=1713281383068249900 HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/l?v=dJ_qiFiM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 19:06:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Mar 2024 10:38:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65fd5f98-7225"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
deywepri.com/views/grecaptcha/js/touchEvent.min.js?v=1713281383068249900
200 OK 5.3 kB URL GET HTTP/1.1 deywepri.com/views/grecaptcha/js/touchEvent.min.js?v=1713281383068249900
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
File type JavaScript source, ASCII text, with very long lines (20222)
Hash da7c38d2a4e1f5d413629b404cb01836
3be32f1e0c02ae5b2f4401e8a3ee1f67f14822e7
69b3260be19acba9e09cbcd30fc608e0f60fbe7cb097483dc906827e8429e3a0
GET /views/grecaptcha/js/touchEvent.min.js?v=1713281383068249900 HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/l?v=dJ_qiFiM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 19:06:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Mar 2024 10:38:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65fd5f98-4f92"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
deywepri.com/views/grecaptcha/js/hanalytics.min.js?v=1713281383068249900
200 OK 3.0 kB URL GET HTTP/1.1 deywepri.com/views/grecaptcha/js/hanalytics.min.js?v=1713281383068249900
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
File type JavaScript source, ASCII text, with very long lines (8053)
Hash 3c12e7c0ee844149c50f2c547c979c0a
0e257907505db9ce27e9386da79c8db883455ca3
f70d91cf7c7080ac7863b956f3caaf55546f1b1021b70ea3ae9d1627e2f46788
GET /views/grecaptcha/js/hanalytics.min.js?v=1713281383068249900 HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/l?v=dJ_qiFiM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 19:06:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Mar 2024 10:38:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65fd5f98-1fa8"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
deywepri.com/views/grecaptcha/js/events.min.js?v=1713281383068249900
200 OK 2.5 kB URL GET HTTP/1.1 deywepri.com/views/grecaptcha/js/events.min.js?v=1713281383068249900
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
File type JavaScript source, ASCII text, with very long lines (7126), with no line terminators
Hash 4fb85ea7794a57ee813b86db9ff670df
d9ea12cefc454ad893e25fe9282b73b7f493089b
d87e4f84ee00f66b89738f8f7b4566f3008c36ad27fe9cdaa173eac99f37bb61
GET /views/grecaptcha/js/events.min.js?v=1713281383068249900 HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/l?v=dJ_qiFiM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 19:06:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Mar 2024 10:38:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65fd5f98-1bd6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
deywepri.com/views/grecaptcha/js/cacheIcon.min.js?v=1713281383068249900
200 OK 900 B URL GET HTTP/1.1 deywepri.com/views/grecaptcha/js/cacheIcon.min.js?v=1713281383068249900
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
File type JavaScript source, ASCII text, with very long lines (1999), with no line terminators
Hash 6bc1f7fded5a7e3131bd940ed293ea49
bbd6df8fd579acecfb773d6074abe1d44f4ac46b
eda54e4682f917bf18bf48619ad08dcb5035c26b271a55e55feffcd9a75ec237
GET /views/grecaptcha/js/cacheIcon.min.js?v=1713281383068249900 HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/l?v=dJ_qiFiM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 19:06:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Mar 2024 10:38:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65fd5f98-7cf"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
deywepri.com/views/grecaptcha/js/checkLogin.min.js?v=1713281383068249900
200 OK 663 B URL GET HTTP/1.1 deywepri.com/views/grecaptcha/js/checkLogin.min.js?v=1713281383068249900
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
File type JavaScript source, ASCII text, with very long lines (1804), with no line terminators
Hash 1e3212d9af95966463cfe347669ac693
b14c94dc2c743ba816419275c349ad15f85e906c
f4c922a7f3513aa6574af7930e8884f972f9cfd2670b50a56d861a1328798e0a
GET /views/grecaptcha/js/checkLogin.min.js?v=1713281383068249900 HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/l?v=dJ_qiFiM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 19:06:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Mar 2024 10:38:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65fd5f98-70c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
deywepri.com/views/grecaptcha/js/extFpHash.js?v=1713281383068249900
200 OK 97 kB URL GET HTTP/1.1 deywepri.com/views/grecaptcha/js/extFpHash.js?v=1713281383068249900
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
File type JavaScript source, ASCII text, with very long lines (65465)
Hash d0ab0c5780d9c77ab54e202c769b1433
c298c6ed6cfb8d35efcbe967344d2684347fd791
970fc826d5ed2e9acdd93772526abb6941c0735c6a76621969f47a1e1e1d0ae1
GET /views/grecaptcha/js/extFpHash.js?v=1713281383068249900 HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/l?v=dJ_qiFiM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 19:06:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Mar 2024 10:38:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65fd5f98-41f2c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
www.hcaptcha.com/1/api.js?v=1713281383068249900
200 OK 110 kB URL GET HTTP/2 www.hcaptcha.com/1/api.js?v=1713281383068249900
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (41625)
Size 110 kB (109474 bytes)
Hash 052bf4abb4128ef78b68c418f7d94678
2b6c44a8cc009017a2909c7afd71e371e82b7d27
01908359050da30c842f89d13af0447be961b00b67b46eb61114d1fa48f1bdc9
GET /1/api.js?v=1713281383068249900 HTTP/1.1
Host: www.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 19:06:06 GMT
content-type: application/javascript
cf-ray: 876f2b800910569c-OSL
cf-cache-status: HIT
age: 0
cache-control: max-age=300
etag: W/"5a68efa2b964d5c167fde3b130af8e94"
expires: Fri, 03 May 2024 00:25:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Accept-Encoding
alt-svc: h3=":443"; ma=86400
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
deywepri.com/favicon.ico
200 OK 19 kB IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
File type ASCII text, with very long lines (19321), with no line terminators
Hash b8511bc84d69b72d0194c29a3ce52968
9d7935e6aef48e623fdf1432d8847a83c44bf0ae
fbc556740a68a3c5b4dc61c37baa5c74fbb1c9fd4420811b625e557dee86fd53
GET /favicon.ico HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/l?v=dJ_qiFiM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 19:06:07 GMT
Content-Type: image/x-icon
Content-Length: 19321
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
deywepri.com/views/grecaptcha/img/mainstream/laptop.png
200 OK 1.2 MB URL GET HTTP/1.1 deywepri.com/views/grecaptcha/img/mainstream/laptop.png
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
File type PNG image data, 1436 x 1025, 8-bit/color RGBA, non-interlaced
Size 1.2 MB (1192830 bytes)
Hash 64c05ce3df8cc7e9f2d6a828a5de9bb9
193d3891f2d1e8aa3ea0efdad64c0dadc8e2ce3e
940e231d1846ab2e4091fff0840fd4e68fc04742098006d81a6cfe463f236dd5
GET /views/grecaptcha/img/mainstream/laptop.png HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/views/grecaptcha/css/mainstream.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 19:06:08 GMT
Content-Type: image/png
Content-Length: 1192830
Last-Modified: Fri, 22 Mar 2024 10:38:16 GMT
Connection: keep-alive
ETag: "65fd5f98-12337e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
deywepri.com/bdt
200 OK 2 B IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /bdt HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2100
Origin: https://deywepri.com
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/l?v=dJ_qiFiM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 19:06:08 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
dull-egg.pro/YHmIR.0JP-3LpMvNbOm_VQJRZSDT0-yVNWTXEY1_MaTbgc3dJ-mfFgkhSiW_Qk9lMmznQ-2pMqzrIs3_JunvNwJxZ-Dz0A0BOCD_EE4FNGDHI-5JJKnLNMJ_ZODPIQ9RJ-nTNUJVZWD_MY9ZJanbJ-ydaeWfQg9_NiGjMkxlZ-mnVompYqj_JsjtZujvU-3xZyGzFAh_ZCGDYE3FY-WHZIiJYK2_RMmNNOGPU-1RMSGTMUz_OWWXMYmZd-Wb5cpdceU_Jg5hViHjl-wlZmTn0ow_JqnrVsuta-XvFwCxeyV_pAvBbCmDU-9FMGCHZI1_bKmLlMxNQ-nPlQGRZSW_VUkVPWTXA-mZdaWb5cp_ceUfJg5hR-mj9kylbmW_Fo0pPqTrA-mtcuHvQw9_MyCzZAyBd-jD0EwFJGm_hIzJPKXLF-hNJOmPxQw_aSTT0UzVM-jXUYyZJam_hcpddeEfl-khPiWjYkx_MmjnBojpM-TrksxtMuW_NwkxOyTzk-4BZCTDVEk_ZGjHUIyJM-zLFMiNMOm_RQiRMS2TF-iVNWzXMY1_JanbJcldZ-kfRgvhbiW_Fkplbmjn0-
200 OK 0 B URL POST HTTP/2 dull-egg.pro/YHmIR.0JP-3LpMvNbOm_VQJRZSDT0-yVNWTXEY1_MaTbgc3dJ-mfFgkhSiW_Qk9lMmznQ-2pMqzrIs3_JunvNwJxZ-Dz0A0BOCD_EE4FNGDHI-5JJKnLNMJ_ZODPIQ9RJ-nTNUJVZWD_MY9ZJanbJ-ydaeWfQg9_NiGjMkxlZ-mnVompYqj_JsjtZujvU-3xZyGzFAh_ZCGDYE3FY-WHZIiJYK2_RMmNNOGPU-1RMSGTMUz_OWWXMYmZd-Wb5cpdceU_Jg5hViHjl-wlZmTn0ow_JqnrVsuta-XvFwCxeyV_pAvBbCmDU-9FMGCHZI1_bKmLlMxNQ-nPlQGRZSW_VUkVPWTXA-mZdaWb5cp_ceUfJg5hR-mj9kylbmW_Fo0pPqTrA-mtcuHvQw9_MyCzZAyBd-jD0EwFJGm_hIzJPKXLF-hNJOmPxQw_aSTT0UzVM-jXUYyZJam_hcpddeEfl-khPiWjYkx_MmjnBojpM-TrksxtMuW_NwkxOyTzk-4BZCTDVEk_ZGjHUIyJM-zLFMiNMOm_RQiRMS2TF-iVNWzXMY1_JanbJcldZ-kfRgvhbiW_Fkplbmjn0-
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerLet's Encrypt
Subjectdull-egg.pro
Fingerprint2C:38:E2:A2:7C:32:0F:35:69:9E:5F:4E:16:78:F1:B6:84:34:5C:35
ValiditySun, 14 Apr 2024 03:22:01 GMT - Sat, 13 Jul 2024 03:22:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /YHmIR.0JP-3LpMvNbOm_VQJRZSDT0-yVNWTXEY1_MaTbgc3dJ-mfFgkhSiW_Qk9lMmznQ-2pMqzrIs3_JunvNwJxZ-Dz0A0BOCD_EE4FNGDHI-5JJKnLNMJ_ZODPIQ9RJ-nTNUJVZWD_MY9ZJanbJ-ydaeWfQg9_NiGjMkxlZ-mnVompYqj_JsjtZujvU-3xZyGzFAh_ZCGDYE3FY-WHZIiJYK2_RMmNNOGPU-1RMSGTMUz_OWWXMYmZd-Wb5cpdceU_Jg5hViHjl-wlZmTn0ow_JqnrVsuta-XvFwCxeyV_pAvBbCmDU-9FMGCHZI1_bKmLlMxNQ-nPlQGRZSW_VUkVPWTXA-mZdaWb5cp_ceUfJg5hR-mj9kylbmW_Fo0pPqTrA-mtcuHvQw9_MyCzZAyBd-jD0EwFJGm_hIzJPKXLF-hNJOmPxQw_aSTT0UzVM-jXUYyZJam_hcpddeEfl-khPiWjYkx_MmjnBojpM-TrksxtMuW_NwkxOyTzk-4BZCTDVEk_ZGjHUIyJM-zLFMiNMOm_RQiRMS2TF-iVNWzXMY1_JanbJcldZ-kfRgvhbiW_Fkplbmjn0- HTTP/1.1
Host: dull-egg.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1431
Origin: https://deywepri.com
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 19:06:08 GMT
content-length: 0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: Origin
last-modified: Fri, 19 Apr 2024 19:06:08 GMT
access-control-allow-origin: https://deywepri.com
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-credentials: true
x-content-type-options: nosniff
X-Firefox-Spdy: h2
dull-egg.pro/auGvE-/.exmy9zuAZ_UClDkEPFT-IH1IMJTKU_xMONDOcPm-YRWSRTJUZ_DW0XzYNZD-YbzcMdjec_mgch0iljk-PlTmQn4oM_Tqgr0sMtj-kvmwcx0yl_kAMBjC0Dm-cF0GlHkIM_zK0LmMcNn-JPpQZRDS0_0UYVzWFXm-ZZWaZbicM_meNfmgNhT-djkkYlWmF_koZpjqdrh-ZtmuJvjwZ_GyYz0AZBT-UDwEYFzGM_5IYJyKZL1-bNmOlPxQQ_nSlTUUeVX-BXlYPZTaA_mcddWe5fp-chUiJj5kW_mm9nuoZpT-0rwsJtnuV_uwaxXyFzC-eBUCZDlEZ_WGQH9IMJC-ZL1MbNmOl_xQQRnSlTG-bV3WJXtYY_XaQb9cMdC-ZfwgdhDi0_wkJlnmJn2-PpTqArmsa_HuMv9wcxW-EzmAbBHCB_pEPFTGMHy-NJTKILmMa_GOlP0QSRW-QT9UZVjWE_yYMZGaMbx-OdTeEfxgY_2iQj5kOlT-hnloNpWqR_msNtTuIvz-MxWyIzyAZ_GCIDzEYFW-IH3IMJzKU_mMcNmOVPm-RRGS9TtUY_WWlXuYPZQ-
200 OK 0 B URL POST HTTP/2 dull-egg.pro/auGvE-/.exmy9zuAZ_UClDkEPFT-IH1IMJTKU_xMONDOcPm-YRWSRTJUZ_DW0XzYNZD-YbzcMdjec_mgch0iljk-PlTmQn4oM_Tqgr0sMtj-kvmwcx0yl_kAMBjC0Dm-cF0GlHkIM_zK0LmMcNn-JPpQZRDS0_0UYVzWFXm-ZZWaZbicM_meNfmgNhT-djkkYlWmF_koZpjqdrh-ZtmuJvjwZ_GyYz0AZBT-UDwEYFzGM_5IYJyKZL1-bNmOlPxQQ_nSlTUUeVX-BXlYPZTaA_mcddWe5fp-chUiJj5kW_mm9nuoZpT-0rwsJtnuV_uwaxXyFzC-eBUCZDlEZ_WGQH9IMJC-ZL1MbNmOl_xQQRnSlTG-bV3WJXtYY_XaQb9cMdC-ZfwgdhDi0_wkJlnmJn2-PpTqArmsa_HuMv9wcxW-EzmAbBHCB_pEPFTGMHy-NJTKILmMa_GOlP0QSRW-QT9UZVjWE_yYMZGaMbx-OdTeEfxgY_2iQj5kOlT-hnloNpWqR_msNtTuIvz-MxWyIzyAZ_GCIDzEYFW-IH3IMJzKU_mMcNmOVPm-RRGS9TtUY_WWlXuYPZQ-
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerLet's Encrypt
Subjectdull-egg.pro
Fingerprint2C:38:E2:A2:7C:32:0F:35:69:9E:5F:4E:16:78:F1:B6:84:34:5C:35
ValiditySun, 14 Apr 2024 03:22:01 GMT - Sat, 13 Jul 2024 03:22:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /auGvE-/.exmy9zuAZ_UClDkEPFT-IH1IMJTKU_xMONDOcPm-YRWSRTJUZ_DW0XzYNZD-YbzcMdjec_mgch0iljk-PlTmQn4oM_Tqgr0sMtj-kvmwcx0yl_kAMBjC0Dm-cF0GlHkIM_zK0LmMcNn-JPpQZRDS0_0UYVzWFXm-ZZWaZbicM_meNfmgNhT-djkkYlWmF_koZpjqdrh-ZtmuJvjwZ_GyYz0AZBT-UDwEYFzGM_5IYJyKZL1-bNmOlPxQQ_nSlTUUeVX-BXlYPZTaA_mcddWe5fp-chUiJj5kW_mm9nuoZpT-0rwsJtnuV_uwaxXyFzC-eBUCZDlEZ_WGQH9IMJC-ZL1MbNmOl_xQQRnSlTG-bV3WJXtYY_XaQb9cMdC-ZfwgdhDi0_wkJlnmJn2-PpTqArmsa_HuMv9wcxW-EzmAbBHCB_pEPFTGMHy-NJTKILmMa_GOlP0QSRW-QT9UZVjWE_yYMZGaMbx-OdTeEfxgY_2iQj5kOlT-hnloNpWqR_msNtTuIvz-MxWyIzyAZ_GCIDzEYFW-IH3IMJzKU_mMcNmOVPm-RRGS9TtUY_WWlXuYPZQ- HTTP/1.1
Host: dull-egg.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 6516
Origin: https://deywepri.com
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 19:06:08 GMT
content-length: 0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-credentials: true
vary: Origin
last-modified: Fri, 19 Apr 2024 19:06:08 GMT
access-control-allow-origin: https://deywepri.com
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.amazon.com/favicon.ico
200 OK 18 kB URL GET HTTP/2 www.amazon.com/favicon.ico
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerDigiCert Inc
Subjectwww.amazon.com
Fingerprint62:55:EA:53:8D:A8:3F:87:B5:55:C5:54:EE:F6:18:25:C8:72:23:61
ValidityTue, 28 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File type MS Windows icon resource - 4 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
Hash ca6619b86c2f6e6068b69ba3aaddb7e4
c44a1bb9d14385334eb851fbb0afb19d961c1ee7
17d02e2db6dbedb95dd449d06868c147ac2c3b5371497bcb9407e75336a99e09
GET /favicon.ico HTTP/1.1
Host: www.amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/x-icon
content-length: 17542
server: Server
date: Fri, 19 Apr 2024 19:05:15 GMT
x-amz-rid: FQGF4N65GHA9A49G4VWR
accept-ranges: bytes
last-modified: Tue, 21 Sep 2010 17:37:41 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=47474747; includeSubDomains; preload
x-frame-options: SAMEORIGIN
etag: "4486-490c87c5a6340"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: gT4JOhyB6KDw4uHdUqudMPC49dA1puGCoOFpvH2KpNCPUkqahKVOXw==
age: 53
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/yD/r/d4ZIVX-5C-b.ico
404 Not Found 0 B URL GET HTTP/2 static.xx.fbcdn.net/rsrc.php/yD/r/d4ZIVX-5C-b.ico
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerDigiCert Inc
Subject*.facebook.com
FingerprintB4:96:54:F1:A8:DF:03:98:82:DD:22:B7:7B:B9:50:DD:02:8A:A4:C1
ValiditySun, 28 Jan 2024 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rsrc.php/yD/r/d4ZIVX-5C-b.ico HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
x-fatal-request: static.xx.fbcdn.net
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
timing-allow-origin: *
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-security-policy-report-only: default-src data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src data: blob: 'self' https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: oai4fcRNJz+p1xNB3cmJtOiLvTpxrqrb2SwF2gqNsDLdcanXSBz7+QQAWZL+MLDEkDfSdpwRc48FBRWWBoxunQ==
content-length: 0
proxy-status: http_request_error; e_fb_configversion="AcIpBJ2zrKXboiXL6DKyWah18QVSwI1xd7XW2dtAZ5wCbyvvwbajyrFbHi0_AQ"; e_clientaddr="AcIObydkxYAUGTaZY38br8t8ezcRUXOPBBGKxramtjs3yyMUommyE2T-OfKauoeZU6wa_hbd_davGT8hdvEzD1ZQ8KpyLhGPgbCe2CzLqn3VGHg3Pw"; e_fb_vipport="AcIQkghvvYzTaZb836PWLxIY4hAFifb5XOgDqc8qbyKyDoW8UNCmlYjENT_x"; e_upip="AcLVbO294C6sZtjp1gkrTBkqXJm1uZ3G9VvTGj4SAvXOpAyRxXlHCJ7oezwn5NT8R5vrNTKdiEAptdCZK-iIyPthT6HRLMaqqQ"; e_fb_requestsequencenumber="AcLbow7eqlNonhSVBxsEuMHZNJQMo97a25AoHJBk0HmM7Q4WWJWLzYx049yt"; e_fb_hostheader="AcIsyzArqvB0FW0W6lbKKxPVgE1cAVDpSwBW3tCR9GLJALHKIEbSv3VJqENW5Tb5hJ8jQ2IM0_1SPWisiA"; e_fb_vipaddr="AcJodQbSmOp2en0ytWt3Gojroo8aZQmBbCPN8VU0vgj5t17xBrdQqMti19A5xy05OFGBH_Zm16JHkMXaxTdd_MODRuGHnPp7YA"; e_fb_requesthandler="AcIvOui1cU1OE3eS3HYsNcjW38UH2ENjC31jeNYMnF0x27a5clQTrrEDmdzSR89zHsdCbbJ1v-Y"; e_fb_requesttime="AcKDHl3Qc2hqsW1uay0---YuxypqWB2hoHZEkxhdMTGbQN-TiOtvmba8hpDuBUgQD6-3UjelcQ"; e_fb_builduser="AcLc713uv-2z0_ahA8DzNJHDngtTnCZD2cZhheXG-AaaDkMr7624fwl4uucvOvZCASQ"; e_fb_httpversion="AcJ9exx6QVMKQMS0YZZUnAYq6P4oJiliN8bIyOgiSwKBg6JB6m_3ltPyV0zY"; e_fb_binaryversion="AcJmvUmPbNrJZAU9KZBHKB5HYO5PVseG8WGiS6RASp5Il6QrPlbh8IWhct1ev3szi8S2lF1YIvOv3DG4kcNwiUPjHq9RoAyeX_E"; e_proxy="AcKSYodXkCK-gWAZW2U8ZkC6oFAGxvzqHf3oCC6TRca2NiUFbP1-p80mH53-D9JzrsaLlCOW98iEz6YZ7Wns", http_request_error; e_fb_configversion="AcJsqOOb1TsQq9Cp68TM7vVUyQA2l7chlOo5LLHKYi4AZco_mMrhdZ_w7piDmg"; e_clientaddr="AcL72QPWH_iUsSdk9D4b3VPzwspWQGzDDXgk3vhbcvJSJqg1yYzbxFgYnfLWkZxFSZMDJ2A0tFfhYuTH"; e_fb_vipport="AcIaGGktC7AwmYbXOkOs8nFBnYhOMSr5wg-g-k4tjmq9ro5R7SEa1kMfH24l"; e_fb_requestsequencenumber="AcLGmkTQHgv2vpT01Aiy5pQvDzWH01SV6AdDsPBEiT8ZAGsRxyV6mUhd8Q"; e_fb_hostheader="AcKhgcmtwCNjOCF0ykFyjzSSlsdYq4xAVnHvLuGjRsTl-AiP6E3faG8_LAyOyTR2t7qSIXGforEL-hjC7w"; e_fb_vipaddr="AcJoQxRRuJzjcZZM2OpXUvXJ3LQhAadPxknLLitfNbSNfi9_Zhvj_yKWJ3weUFtKzLO-cZw"; e_fb_requesthandler="AcJpCudLrd-FMMBBotQ_GiSOqnC3bB0qMTxWSBa0XDMwkHM6zf7tSuy8ScFNVtnurSfkV5Q24jpfHA"; e_fb_requesttime="AcIqOhRFyK6VXx0tw_fMsnt-JixNRu09VF5TLYT_kGKzWHIiEmU9o1DF4WdFuLo-XYp3vIoGEg"; e_fb_builduser="AcItt2pqeGvCPDL8w-NbAaGLHCTY1ecpYJb8Z2GK6bgJNRRGmx9c6rhGjQb235kv-RM"; e_fb_httpversion="AcKrkkUP859kwNNHIyvvfwcSX54V30HCzU5ntgfsriDsD84tvAzKhQXbtGRI"; e_fb_binaryversion="AcKKMo9Igh2VDafh5NYWiz0sOhO3RoUkI7VRXB27-Ion6HtJ9_KtEvxJyIbj3ZKxgUNhI9ORUl9M0z3hUYahSoGFT7cB3gg0MGo"; e_proxy="AcKSGkJiT7pUb6Vns5UuUOGqYYDj_fvESeLLocMl1ohcNcUMZQGuMGETnjkesBN7TDfR9GIqmkJVg9o"
date: Fri, 19 Apr 2024 19:06:08 GMT
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=13, mss=1380, tbw=3385, tp=-1, tpl=-1, uplat=0, ullat=-1
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.com/favicon.ico
1.5 kB URL GET www.google.com/favicon.ico
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintCC:CC:99:46:65:6C:77:0B:C8:AA:AD:5E:58:B6:2D:19:B2:C7:0B:06
ValidityMon, 04 Mar 2024 07:19:07 GMT - Mon, 27 May 2024 07:19:06 GMT
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Hash f3418a443e7d841097c714d69ec4bcb8
49263695f6b0cdd72f45cf1b775e660fdc36c606
6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
GET /favicon.ico HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1494
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 19 Apr 2024 05:27:47 GMT
expires: Sat, 27 Apr 2024 05:27:47 GMT
cache-control: public, max-age=691200
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
content-type: image/x-icon
vary: Accept-Encoding
age: 49101
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dull-egg.pro/auGvE-/.exmy9zuAZ_UClDkEPFT-IH1IMJTKU_xMONDOcPm-YRWSRTJUZ_DW0XzYNZD-YbzcMdjec_mgch0iljk-PlTmQn4oM_Tqgr0sMtj-kvmwcx0yl_kAMBjC0Dm-cF0GlHkIM_zK0LmMcNn-JPpQZRDS0_0UYVzWFXm-ZZWaZbicM_meNfmgNhT-djkkYlWmF_koZpjqdrh-ZtmuJvjwZ_GyYz0AZBT-UDwEYFzGM_5IYJyKZL1-bNmOlPxQQ_nSlTUUeVX-BXlYPZTaA_mcddWe5fp-chUiJj5kW_mm9nuoZpT-0rwsJtnuV_uwaxXyFzC-eBUCZDlEZ_WGQH9IMJC-ZL1MbNmOl_xQQRnSlTG-bV3WJXtYY_XaQb9cMdC-ZfwgdhDi0_wkJlnmJn2-PpTqArmsa_HuMv9wcxW-EzmAbBHCB_pEPFTGMHy-NJTKILmMa_GOlP0QSRW-QT9UZVjWE_yYMZGaMbx-OdTeEfxgY_2iQj5kOlT-hnloNpWqR_msNtTuIvz-MxWyIzyAZ_GCIDzEYFW-IH3IMJzKU_mMcNmOVPm-RRGS9TtUY_WWlXuYPZQ-
200 OK 0 B URL POST HTTP/2 dull-egg.pro/auGvE-/.exmy9zuAZ_UClDkEPFT-IH1IMJTKU_xMONDOcPm-YRWSRTJUZ_DW0XzYNZD-YbzcMdjec_mgch0iljk-PlTmQn4oM_Tqgr0sMtj-kvmwcx0yl_kAMBjC0Dm-cF0GlHkIM_zK0LmMcNn-JPpQZRDS0_0UYVzWFXm-ZZWaZbicM_meNfmgNhT-djkkYlWmF_koZpjqdrh-ZtmuJvjwZ_GyYz0AZBT-UDwEYFzGM_5IYJyKZL1-bNmOlPxQQ_nSlTUUeVX-BXlYPZTaA_mcddWe5fp-chUiJj5kW_mm9nuoZpT-0rwsJtnuV_uwaxXyFzC-eBUCZDlEZ_WGQH9IMJC-ZL1MbNmOl_xQQRnSlTG-bV3WJXtYY_XaQb9cMdC-ZfwgdhDi0_wkJlnmJn2-PpTqArmsa_HuMv9wcxW-EzmAbBHCB_pEPFTGMHy-NJTKILmMa_GOlP0QSRW-QT9UZVjWE_yYMZGaMbx-OdTeEfxgY_2iQj5kOlT-hnloNpWqR_msNtTuIvz-MxWyIzyAZ_GCIDzEYFW-IH3IMJzKU_mMcNmOVPm-RRGS9TtUY_WWlXuYPZQ-
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerLet's Encrypt
Subjectdull-egg.pro
Fingerprint2C:38:E2:A2:7C:32:0F:35:69:9E:5F:4E:16:78:F1:B6:84:34:5C:35
ValiditySun, 14 Apr 2024 03:22:01 GMT - Sat, 13 Jul 2024 03:22:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /auGvE-/.exmy9zuAZ_UClDkEPFT-IH1IMJTKU_xMONDOcPm-YRWSRTJUZ_DW0XzYNZD-YbzcMdjec_mgch0iljk-PlTmQn4oM_Tqgr0sMtj-kvmwcx0yl_kAMBjC0Dm-cF0GlHkIM_zK0LmMcNn-JPpQZRDS0_0UYVzWFXm-ZZWaZbicM_meNfmgNhT-djkkYlWmF_koZpjqdrh-ZtmuJvjwZ_GyYz0AZBT-UDwEYFzGM_5IYJyKZL1-bNmOlPxQQ_nSlTUUeVX-BXlYPZTaA_mcddWe5fp-chUiJj5kW_mm9nuoZpT-0rwsJtnuV_uwaxXyFzC-eBUCZDlEZ_WGQH9IMJC-ZL1MbNmOl_xQQRnSlTG-bV3WJXtYY_XaQb9cMdC-ZfwgdhDi0_wkJlnmJn2-PpTqArmsa_HuMv9wcxW-EzmAbBHCB_pEPFTGMHy-NJTKILmMa_GOlP0QSRW-QT9UZVjWE_yYMZGaMbx-OdTeEfxgY_2iQj5kOlT-hnloNpWqR_msNtTuIvz-MxWyIzyAZ_GCIDzEYFW-IH3IMJzKU_mMcNmOVPm-RRGS9TtUY_WWlXuYPZQ- HTTP/1.1
Host: dull-egg.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 163
Origin: https://deywepri.com
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 19:06:09 GMT
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-credentials: true
vary: Origin
last-modified: Fri, 19 Apr 2024 19:06:09 GMT
access-control-allow-origin: https://deywepri.com
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.baidu.com/favicon.ico
2.0 kB URL GET www.baidu.com/favicon.ico
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel
Hash 717b138033a41361b32b60fc5062ab2a
af9841b6f0923f890f41feec52c94a0cd68f01d8
c70088079fe9441a726c66ce0e73ae38315ec80051d3dd542c41b82fa0a1993a
GET /favicon.ico HTTP/1.1
Host: www.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 1966
Content-Type: image/x-icon
Date: Fri, 19 Apr 2024 19:06:13 GMT
Etag: "423e-5bd257db4e500"
Last-Modified: Wed, 10 Mar 2021 02:33:24 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: Apache
Set-Cookie: BAIDUID=2064FAE54149B92197B5F404EB2325DC:FG=1; expires=Sat, 19-Apr-25 19:06:13 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Vary: Accept-Encoding,User-Agent
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
FingerprintCC:CB:DD:14:30:B0:75:6A:EE:1D:20:F1:9E:C5:DD:5F:DD:68:4F:7B
ValidityMon, 18 Mar 2024 20:38:53 GMT - Mon, 10 Jun 2024 20:38:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:T7Th_F_X0rWLw2sbuI768YCtFzCVVQ:9LtXHON8GiB4pzGg; Expires=Sun, 19-Apr-2026 19:06:13 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 19 Apr 2024 19:06:13 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARZ0qKKiJ56Oj1EN4V7fzbtPPJPymN5wiKJPF9h0qc55VrgGejImHcTatyV24AMYJL1Sj2Mj4PNa-Q
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-Rd_sfViZWZAcMUMj2TdYNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
FingerprintCC:CB:DD:14:30:B0:75:6A:EE:1D:20:F1:9E:C5:DD:5F:DD:68:4F:7B
ValidityMon, 18 Mar 2024 20:38:53 GMT - Mon, 10 Jun 2024 20:38:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:ncVhY6J__NnKv4tkbVCS8Ro6va6R6g:zk_Gh7rPN0IsBa6a; Expires=Sun, 19-Apr-2026 19:06:13 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 19 Apr 2024 19:06:13 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKLtNsM9oQUB7plHJGCgnqQgPo5F0iyJ5gS54dPAW5sUxx2CQMwxtoc2ojKY6vD4QmmPk9vPNA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-Ufq701rHIV4h52sbpbc3KA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?service=blogger&hl=de&passive=1209600&continue=https://www.blogger.com/favicon.ico
302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?service=blogger&hl=de&passive=1209600&continue=https://www.blogger.com/favicon.ico
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
FingerprintCC:CB:DD:14:30:B0:75:6A:EE:1D:20:F1:9E:C5:DD:5F:DD:68:4F:7B
ValidityMon, 18 Mar 2024 20:38:53 GMT - Mon, 10 Jun 2024 20:38:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?service=blogger&hl=de&passive=1209600&continue=https://www.blogger.com/favicon.ico HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:o3EEl94Klu6gUjn51IfF71O8NZaeJg:seScpdupjSDvTczR; Expires=Sun, 19-Apr-2026 19:06:13 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 19 Apr 2024 19:06:13 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.blogger.com/favicon.ico&hl=de&passive=1209600&service=blogger&ifkv=ARZ0qKLOtP6TCDCm9V8J1ionLKVedKRNEogMwougs7MnpF9AQyd0jAo5orp7wpVK5aG5cDSNLCHpjQ
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-U7C9EhjgUcTIard1nFXvHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mail.yandex.ru/?retpath=https://mail.yandex.ru/favicon.ico?666
60 B URL GET mail.yandex.ru/?retpath=https://mail.yandex.ru/favicon.ico?666
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerGlobalSign nv-sa
Subjectmail.yandex.ru
Fingerprint9F:BB:D2:D1:C8:B0:07:2D:1C:25:B9:DD:C2:EF:A8:AE:9F:A3:4E:9A
ValidityMon, 16 Oct 2023 07:59:00 GMT - Fri, 17 May 2024 07:59:00 GMT
File type ASCII text, with no line terminators
Hash 3ce3efffbe76c9e8938ee4068be0887e
c87dbc227147babc95d061c8acdefa75d275bed4
b287f90a45063299afd73544f5f78c33842fb8d230223a822df96c29300dbe8f
GET /?retpath=https://mail.yandex.ru/favicon.ico?666 HTTP/1.1
Host: mail.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 19 Apr 2024 19:06:13 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 60
Connection: keep-alive
Set-Cookie: yandexuid=6752417121713553573; Domain=.yandex.ru; Path=/; Expires=Wed, 19 Apr 2034 19:06:13 GMT
Location: https://360.yandex.ru/mail
Vary: Accept
NEL: {"report_to": "network-errors", "max_age": 604800, "success_fraction": 0.005, "failure_fraction": 0.5}
Report-To: {"group": "network-errors", "max_age": 604800, "endpoints": [{"url": "https://dr.yandex.net/ya360/nel", "priority": 1}, {"url": "https://dr2.yandex.net/ya360/nel", "priority": 2}]}
x-dns-prefetch-control: off
Cache-Control: private,no-cache,no-store,must-revalidate,max-age=0
X-Request-Id: f9c3d47c8848cc4a02caba6e715c045a
Strict-Transport-Security: max-age=315360000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARZ0qKKiJ56Oj1EN4V7fzbtPPJPymN5wiKJPF9h0qc55VrgGejImHcTatyV24AMYJL1Sj2Mj4PNa-Q
302 Found 424 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARZ0qKKiJ56Oj1EN4V7fzbtPPJPymN5wiKJPF9h0qc55VrgGejImHcTatyV24AMYJL1Sj2Mj4PNa-Q
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
FingerprintCC:CB:DD:14:30:B0:75:6A:EE:1D:20:F1:9E:C5:DD:5F:DD:68:4F:7B
ValidityMon, 18 Mar 2024 20:38:53 GMT - Mon, 10 Jun 2024 20:38:52 GMT
File type HTML document, ASCII text, with very long lines (403)
Hash 1753fb7b8560b67813e3b71d438f5698
4ccbccc513910bac35fbb6255f4d4d4cba92cee7
48709302fd9dc0b4c59a69a7269229e2f379489a28fc4ea79524e042eea2e2ab
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARZ0qKKiJ56Oj1EN4V7fzbtPPJPymN5wiKJPF9h0qc55VrgGejImHcTatyV24AMYJL1Sj2Mj4PNa-Q HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:4pdENLTrGXPdZBR5h0p3wY-x6JPjfg:dhFcojzRuVv7jXMC;Path=/;Expires=Sun, 19-Apr-2026 19:06:13 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 19 Apr 2024 19:06:13 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKJmpe5cDFfeKFNRqaSAy5TOEG-VcmwfCe1Ef1YRF8niEq8zXOAxoLzBbwOV7KFulsKikTZM8A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905151193%3A1713553573773195&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-HnigRMn6PBNSf8vB8uXQug' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 424
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.blogger.com/favicon.ico&hl=de&passive=1209600&service=blogger&ifkv=ARZ0qKLOtP6TCDCm9V8J1ionLKVedKRNEogMwougs7MnpF9AQyd0jAo5orp7wpVK5aG5cDSNLCHpjQ
302 Found 428 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.blogger.com/favicon.ico&hl=de&passive=1209600&service=blogger&ifkv=ARZ0qKLOtP6TCDCm9V8J1ionLKVedKRNEogMwougs7MnpF9AQyd0jAo5orp7wpVK5aG5cDSNLCHpjQ
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
FingerprintCC:CB:DD:14:30:B0:75:6A:EE:1D:20:F1:9E:C5:DD:5F:DD:68:4F:7B
ValidityMon, 18 Mar 2024 20:38:53 GMT - Mon, 10 Jun 2024 20:38:52 GMT
File type HTML document, ASCII text, with very long lines (399)
Hash 24bf9547c7b08ce73cd50fc8996e93e8
aedd0a81689d49d76bf2c5908c27fd78a8bc313c
1a0a42b0a4088ec1664928413e87f3ec0c0ab5dc9ddb72333baf3ecdb15604a3
GET /InteractiveLogin?continue=https://www.blogger.com/favicon.ico&hl=de&passive=1209600&service=blogger&ifkv=ARZ0qKLOtP6TCDCm9V8J1ionLKVedKRNEogMwougs7MnpF9AQyd0jAo5orp7wpVK5aG5cDSNLCHpjQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:rERUvtpltuTM4h1VcTX7PC3vkWnBZA:XuR-eC9t7QzJ8IH1;Path=/;Expires=Sun, 19-Apr-2026 19:06:13 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 19 Apr 2024 19:06:13 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.blogger.com%2Ffavicon.ico&hl=de&ifkv=ARZ0qKLgFpgmDY9K_twWGDiG9fY7REQwVHIMun-rrkxVJ12r8l_owjKM-XryCeNKgPWg7ZyZETUIUw&passive=1209600&service=blogger&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1274423365%3A1713553573783655&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-qJCGp_4VRBJYoD66C_JbTA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 428
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKLtNsM9oQUB7plHJGCgnqQgPo5F0iyJ5gS54dPAW5sUxx2CQMwxtoc2ojKY6vD4QmmPk9vPNA
302 Found 429 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKLtNsM9oQUB7plHJGCgnqQgPo5F0iyJ5gS54dPAW5sUxx2CQMwxtoc2ojKY6vD4QmmPk9vPNA
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
FingerprintCC:CB:DD:14:30:B0:75:6A:EE:1D:20:F1:9E:C5:DD:5F:DD:68:4F:7B
ValidityMon, 18 Mar 2024 20:38:53 GMT - Mon, 10 Jun 2024 20:38:52 GMT
File type HTML document, ASCII text, with very long lines (407)
Hash 10906c435830a8475f046808885d5af7
cdb407a598533b7c13e0dd09d0913a4613ec6eba
c7112a34a1e50b0c04541a7f5144ea374994f4e54c3e43fc07e2b6a78e5ac883
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKLtNsM9oQUB7plHJGCgnqQgPo5F0iyJ5gS54dPAW5sUxx2CQMwxtoc2ojKY6vD4QmmPk9vPNA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:SlIwrTe7iXxh9iEaKzWRH6v1RW5HQA:5ZeGhWFKHePctKgS;Path=/;Expires=Sun, 19-Apr-2026 19:06:13 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 19 Apr 2024 19:06:13 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKJXr6cAMxjrKlhUnvksJRVUSh4RGYqFxEOTWCy-7aIdFbWm7rKgR3uMTO5s22xcooVCeBO3Mw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-821757489%3A1713553573786103&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-cB-iTfMZeoB03pOvxk472Q' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 429
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
360.yandex.ru/mail
40 B IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerGlobalSign nv-sa
Subject360.yandex.ru
FingerprintD4:DC:19:D2:42:2B:BC:88:69:10:FA:94:1C:78:04:49:44:B5:AD:58
ValidityThu, 28 Mar 2024 09:45:22 GMT - Mon, 28 Oct 2024 09:45:22 GMT
File type ASCII text, with no line terminators
Hash e5c431fe834b596bb79ac5cac9ade0b3
530bb7036f70dcf9da12d12f3b33eef5597b4c91
a269514d773dc4dc17f124145fe88233f069ba836ca53da28bf2489b1a8c5d3a
GET /mail HTTP/1.1
Host: 360.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Content-Length: 40
Content-Type: text/plain; charset=utf-8
Date: Fri, 19 Apr 2024 19:06:14 GMT
Location: /mail/
Set-Cookie: _yasc=nCrAUEiNANHcEgYZwN+BHtMGpPIzafy2LfeBksdnRoIXOvUNBBjXEqDHYwbKWQwUqQ==; domain=.yandex.ru; path=/; expires=Mon, 17 Apr 2034 19:06:14 GMT; secure
i=+HKgIfb010KfT9wE/f9/TzktUoaeix24LYA/llj3YlLOB+Ls5T2ohlBDUGN1pAYWUeNJJ3MqK4dTRE1LV4Yz0lS7Ys0=; Expires=Sun, 19-Apr-2026 19:06:14 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=7765457201713553574; Expires=Sun, 19-Apr-2026 19:06:14 GMT; Domain=.yandex.ru; Path=/; Secure; SameSite=None
Vary: Accept
dull-egg.pro/auGvE-/.exmy9zuAZ_UClDkEPFT-IH1IMJTKU_xMONDOcPm-YRWSRTJUZ_DW0XzYNZD-YbzcMdjec_mgch0iljk-PlTmQn4oM_Tqgr0sMtj-kvmwcx0yl_kAMBjC0Dm-cF0GlHkIM_zK0LmMcNn-JPpQZRDS0_0UYVzWFXm-ZZWaZbicM_meNfmgNhT-djkkYlWmF_koZpjqdrh-ZtmuJvjwZ_GyYz0AZBT-UDwEYFzGM_5IYJyKZL1-bNmOlPxQQ_nSlTUUeVX-BXlYPZTaA_mcddWe5fp-chUiJj5kW_mm9nuoZpT-0rwsJtnuV_uwaxXyFzC-eBUCZDlEZ_WGQH9IMJC-ZL1MbNmOl_xQQRnSlTG-bV3WJXtYY_XaQb9cMdC-ZfwgdhDi0_wkJlnmJn2-PpTqArmsa_HuMv9wcxW-EzmAbBHCB_pEPFTGMHy-NJTKILmMa_GOlP0QSRW-QT9UZVjWE_yYMZGaMbx-OdTeEfxgY_2iQj5kOlT-hnloNpWqR_msNtTuIvz-MxWyIzyAZ_GCIDzEYFW-IH3IMJzKU_mMcNmOVPm-RRGS9TtUY_WWlXuYPZQ-
200 OK 0 B URL POST HTTP/2 dull-egg.pro/auGvE-/.exmy9zuAZ_UClDkEPFT-IH1IMJTKU_xMONDOcPm-YRWSRTJUZ_DW0XzYNZD-YbzcMdjec_mgch0iljk-PlTmQn4oM_Tqgr0sMtj-kvmwcx0yl_kAMBjC0Dm-cF0GlHkIM_zK0LmMcNn-JPpQZRDS0_0UYVzWFXm-ZZWaZbicM_meNfmgNhT-djkkYlWmF_koZpjqdrh-ZtmuJvjwZ_GyYz0AZBT-UDwEYFzGM_5IYJyKZL1-bNmOlPxQQ_nSlTUUeVX-BXlYPZTaA_mcddWe5fp-chUiJj5kW_mm9nuoZpT-0rwsJtnuV_uwaxXyFzC-eBUCZDlEZ_WGQH9IMJC-ZL1MbNmOl_xQQRnSlTG-bV3WJXtYY_XaQb9cMdC-ZfwgdhDi0_wkJlnmJn2-PpTqArmsa_HuMv9wcxW-EzmAbBHCB_pEPFTGMHy-NJTKILmMa_GOlP0QSRW-QT9UZVjWE_yYMZGaMbx-OdTeEfxgY_2iQj5kOlT-hnloNpWqR_msNtTuIvz-MxWyIzyAZ_GCIDzEYFW-IH3IMJzKU_mMcNmOVPm-RRGS9TtUY_WWlXuYPZQ-
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerLet's Encrypt
Subjectdull-egg.pro
Fingerprint2C:38:E2:A2:7C:32:0F:35:69:9E:5F:4E:16:78:F1:B6:84:34:5C:35
ValiditySun, 14 Apr 2024 03:22:01 GMT - Sat, 13 Jul 2024 03:22:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /auGvE-/.exmy9zuAZ_UClDkEPFT-IH1IMJTKU_xMONDOcPm-YRWSRTJUZ_DW0XzYNZD-YbzcMdjec_mgch0iljk-PlTmQn4oM_Tqgr0sMtj-kvmwcx0yl_kAMBjC0Dm-cF0GlHkIM_zK0LmMcNn-JPpQZRDS0_0UYVzWFXm-ZZWaZbicM_meNfmgNhT-djkkYlWmF_koZpjqdrh-ZtmuJvjwZ_GyYz0AZBT-UDwEYFzGM_5IYJyKZL1-bNmOlPxQQ_nSlTUUeVX-BXlYPZTaA_mcddWe5fp-chUiJj5kW_mm9nuoZpT-0rwsJtnuV_uwaxXyFzC-eBUCZDlEZ_WGQH9IMJC-ZL1MbNmOl_xQQRnSlTG-bV3WJXtYY_XaQb9cMdC-ZfwgdhDi0_wkJlnmJn2-PpTqArmsa_HuMv9wcxW-EzmAbBHCB_pEPFTGMHy-NJTKILmMa_GOlP0QSRW-QT9UZVjWE_yYMZGaMbx-OdTeEfxgY_2iQj5kOlT-hnloNpWqR_msNtTuIvz-MxWyIzyAZ_GCIDzEYFW-IH3IMJzKU_mMcNmOVPm-RRGS9TtUY_WWlXuYPZQ- HTTP/1.1
Host: dull-egg.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 108
Origin: https://deywepri.com
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 19:06:14 GMT
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
access-control-allow-origin: https://deywepri.com
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-credentials: true
vary: Origin
last-modified: Fri, 19 Apr 2024 19:06:14 GMT
x-content-type-options: nosniff
X-Firefox-Spdy: h2
360.yandex.ru/mail/
43 kB IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerGlobalSign nv-sa
Subject360.yandex.ru
FingerprintD4:DC:19:D2:42:2B:BC:88:69:10:FA:94:1C:78:04:49:44:B5:AD:58
ValidityThu, 28 Mar 2024 09:45:22 GMT - Mon, 28 Oct 2024 09:45:22 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (19823)
Hash 762835302d4123fb5c3f244389de1bb4
caa2a318865e7ffa3cb72b9d2b16a906a0e355ca
af620f75de41d5da9ab6c5ee66bbaa1f65c1dfdb4b23a394123468819f3c8149
GET /mail/ HTTP/1.1
Host: 360.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate, proxy-revalidate, no-cache, no-store, private
Content-Encoding: gzip
Content-Security-Policy: default-src 'none'; script-src yastatic.net https://*.static-dev.mail.yandex.net/s3/psf/ 'unsafe-eval' 'nonce-MyTaMeWxgIdf56Q299eFWg==' 'self' 'unsafe-inline' mc.yandex.ru mc.yandex.az mc.yandex.by mc.yandex.co.il mc.yandex.com mc.yandex.com.am mc.yandex.com.ge mc.yandex.com.tr mc.yandex.ee mc.yandex.fr mc.yandex.kg mc.yandex.kz mc.yandex.lt mc.yandex.lv mc.yandex.md mc.yandex.ru mc.yandex.tj mc.yandex.tm mc.yandex.ua mc.yandex.uz mc.webvisor.com mc.webvisor.org mc.admetrica.ru yastatic.net; style-src yastatic.net https://*.static-dev.mail.yandex.net/s3/psf/ 'unsafe-inline' 'self' fonts.googleapis.com; font-src yastatic.net https://*.static-dev.mail.yandex.net/s3/psf/ fonts.gstatic.com; media-src yastatic.net https://*.static-dev.mail.yandex.net/s3/psf/ 'unsafe-inline' 'self' storage.yandexcloud.net s3.mds.yandex.net; img-src yastatic.net https://*.static-dev.mail.yandex.net/s3/psf/ 'self' data: blob: mc.yandex.ru mc.yandex.az mc.yandex.by mc.yandex.co.il mc.yandex.com mc.yandex.com.am mc.yandex.com.ge mc.yandex.com.tr mc.yandex.ee mc.yandex.fr mc.yandex.kg mc.yandex.kz mc.yandex.lt mc.yandex.lv mc.yandex.md mc.yandex.ru mc.yandex.tj mc.yandex.tm mc.yandex.ua mc.yandex.uz mc.webvisor.com mc.webvisor.org mc.admetrica.ru yastatic.net downloader.disk.yandex.ru downloader.disk.yandex.net yandex.ru favicon.yandex.net storage.yandexcloud.net s3.mds.yandex.net avatars.mds.yandex.net *.storage.yandex.net *.disk.yandex.net; connect-src yandex.ru mc.yandex.ru mc.yandex.az mc.yandex.by mc.yandex.co.il mc.yandex.com mc.yandex.com.am mc.yandex.com.ge mc.yandex.com.tr mc.yandex.ee mc.yandex.fr mc.yandex.kg mc.yandex.kz mc.yandex.lt mc.yandex.lv mc.yandex.md mc.yandex.ru mc.yandex.tj mc.yandex.tm mc.yandex.ua mc.yandex.uz mc.webvisor.com mc.webvisor.org mc.admetrica.ru yandexmetrica.com:* 'self' api.passport.yandex.ru mail.yandex.ru https://pdd.yandex.ru:* https://pdd.yandex.com:* api-stable.dst.yandex.ru cloud-api.yandex.ru yastatic.net https://*.static-dev.mail.yandex.net/s3/psf/; frame-src yastatic.net https://*.static-dev.mail.yandex.net/s3/psf/ 'self' blob: mc.yandex.ru forms.yandex.ru www.youtube.com yandex.ru trust.yandex.ru; child-src 'self' blob: mc.yandex.ru; base-uri 'self'; frame-ancestors 'self' https://*.webvisor.com https://metrika.yandex.com https://metrika.yandex.ru; report-uri https://csp.yandex.net/csp?from=tuning&project=tuning&yandex_login=&yandexuid=3408488441713553574;
Content-Type: text/html; charset=utf-8
Date: Fri, 19 Apr 2024 19:06:14 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Pragma: no-cache
Set-Cookie: _yasc=1+zgh6grKRqXmvQznxKU9RnmG9orxU724r1y0C3CfR8IZnmuyrMN2axV9gU4gJzxfA==; domain=.yandex.ru; path=/; expires=Mon, 17 Apr 2034 19:06:14 GMT; secure
i=wDZigbAhld5i2TkZcamEnaxBSVL1j0B46qEOacDlpRVJHKA8p2BVEtgQ197qh7Uzx5sybsAUjgmpcoiCCLGRg0sZCOs=; Expires=Sun, 19-Apr-2026 19:06:14 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=3408488441713553574; Expires=Sun, 19-Apr-2026 19:06:14 GMT; Domain=.yandex.ru; Path=/; Secure; SameSite=None
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Response-With: YMail
passport.baidu.com//v2/?login&redirect_to=https://www.baidu.com/favicon.ico
184 B URL GET passport.baidu.com//v2/?login&redirect_to=https://www.baidu.com/favicon.ico
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://deywepri.com/l?v=dJ_qiFiM
File type HTML document, ASCII text, with CRLF line terminators
Hash 2b7e31ced8db56cadcc7127bfabe57c1
5b4be340df4fe663cafd5cada2945c743e711f36
66448fc8a8e49044e7619323442c4e74392249928f5f5ef0853e62b9ffe9fb82
GET //v2/?login&redirect_to=https://www.baidu.com/favicon.ico HTTP/1.1
Host: passport.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Content-Length: 184
Content-Type: text/html
Date: Fri, 19 Apr 2024 19:06:27 GMT
Location: https://passport.baidu.com/v2/?login&fr=old&login&redirect_to=https://www.baidu.com/favicon.ico
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: BWS
Set-Cookie: BAIDUID=159B4568136BDB5C3E154BBDF5E09364:FG=1; expires=Sat, 19-Apr-25 19:06:27 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Strict-Transport-Security: max-age=31536000
Tracecode: 35309719330629911818042003
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKJmpe5cDFfeKFNRqaSAy5TOEG-VcmwfCe1Ef1YRF8niEq8zXOAxoLzBbwOV7KFulsKikTZM8A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905151193%3A1713553573773195&theme=mn&ddm=0
403 Forbidden 7.2 kB URL GET HTTP/2 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKJmpe5cDFfeKFNRqaSAy5TOEG-VcmwfCe1Ef1YRF8niEq8zXOAxoLzBbwOV7KFulsKikTZM8A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905151193%3A1713553573773195&theme=mn&ddm=0
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
FingerprintCC:CB:DD:14:30:B0:75:6A:EE:1D:20:F1:9E:C5:DD:5F:DD:68:4F:7B
ValidityMon, 18 Mar 2024 20:38:53 GMT - Mon, 10 Jun 2024 20:38:52 GMT
File type gzip compressed data, max compression
Hash 9772e64dfcb6827163ef497223906681
a5ec709688d1ae18ee745c09f3a68b06dae2b217
2827adaccdba502994c127913ef35b26e33b541f980da9fe3d18df3ded9b7b40
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKJmpe5cDFfeKFNRqaSAy5TOEG-VcmwfCe1Ef1YRF8niEq8zXOAxoLzBbwOV7KFulsKikTZM8A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905151193%3A1713553573773195&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 19 Apr 2024 19:06:13 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-cfL8WyA9ydt9DnfmQ3bleg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dull-egg.pro/YHmIR.0JP-3LpMvNbOm_VQJRZSDT0-yVNWTXEY1_MaTbgc3dJ-mfFgkhSiW_Qk9lMmznQ-2pMqzrIs3_JunvNwJxZ-Dz0A0BOCD_EE4FNGDHI-5JJKnLNMJ_ZODPIQ9RJ-nTNUJVZWD_MY9ZJanbJ-ydaeWfQg9_NiGjMkxlZ-mnVompYqj_JsjtZujvU-3xZyGzFAh_ZCGDYE3FY-WHZIiJYK2_RMmNNOGPU-1RMSGTMUz_OWWXMYmZd-Wb5cpdceU_Jg5hViHjl-wlZmTn0ow_JqnrVsuta-XvFwCxeyV_pAvBbCmDU-9FMGCHZI1_bKmLlMxNQ-nPlQGRZSW_VUkVPWTXA-mZdaWb5cp_ceUfJg5hR-mj9kylbmW_Fo0pPqTrA-mtcuHvQw9_MyCzZAyBd-jD0EwFJGm_hIzJPKXLF-hNJOmPxQw_aSTT0UzVM-jXUYyZJam_hcpddeEfl-khPiWjYkx_MmjnBojpM-TrksxtMuW_NwkxOyTzk-4BZCTDVEk_ZGjHUIyJM-zLFMiNMOm_RQiRMS2TF-iVNWzXMY1_JanbJcldZ-kfRgvhbiW_Fkplbmjn0-
200 OK 0 B URL POST HTTP/2 dull-egg.pro/YHmIR.0JP-3LpMvNbOm_VQJRZSDT0-yVNWTXEY1_MaTbgc3dJ-mfFgkhSiW_Qk9lMmznQ-2pMqzrIs3_JunvNwJxZ-Dz0A0BOCD_EE4FNGDHI-5JJKnLNMJ_ZODPIQ9RJ-nTNUJVZWD_MY9ZJanbJ-ydaeWfQg9_NiGjMkxlZ-mnVompYqj_JsjtZujvU-3xZyGzFAh_ZCGDYE3FY-WHZIiJYK2_RMmNNOGPU-1RMSGTMUz_OWWXMYmZd-Wb5cpdceU_Jg5hViHjl-wlZmTn0ow_JqnrVsuta-XvFwCxeyV_pAvBbCmDU-9FMGCHZI1_bKmLlMxNQ-nPlQGRZSW_VUkVPWTXA-mZdaWb5cp_ceUfJg5hR-mj9kylbmW_Fo0pPqTrA-mtcuHvQw9_MyCzZAyBd-jD0EwFJGm_hIzJPKXLF-hNJOmPxQw_aSTT0UzVM-jXUYyZJam_hcpddeEfl-khPiWjYkx_MmjnBojpM-TrksxtMuW_NwkxOyTzk-4BZCTDVEk_ZGjHUIyJM-zLFMiNMOm_RQiRMS2TF-iVNWzXMY1_JanbJcldZ-kfRgvhbiW_Fkplbmjn0-
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerLet's Encrypt
Subjectdull-egg.pro
Fingerprint2C:38:E2:A2:7C:32:0F:35:69:9E:5F:4E:16:78:F1:B6:84:34:5C:35
ValiditySun, 14 Apr 2024 03:22:01 GMT - Sat, 13 Jul 2024 03:22:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /YHmIR.0JP-3LpMvNbOm_VQJRZSDT0-yVNWTXEY1_MaTbgc3dJ-mfFgkhSiW_Qk9lMmznQ-2pMqzrIs3_JunvNwJxZ-Dz0A0BOCD_EE4FNGDHI-5JJKnLNMJ_ZODPIQ9RJ-nTNUJVZWD_MY9ZJanbJ-ydaeWfQg9_NiGjMkxlZ-mnVompYqj_JsjtZujvU-3xZyGzFAh_ZCGDYE3FY-WHZIiJYK2_RMmNNOGPU-1RMSGTMUz_OWWXMYmZd-Wb5cpdceU_Jg5hViHjl-wlZmTn0ow_JqnrVsuta-XvFwCxeyV_pAvBbCmDU-9FMGCHZI1_bKmLlMxNQ-nPlQGRZSW_VUkVPWTXA-mZdaWb5cp_ceUfJg5hR-mj9kylbmW_Fo0pPqTrA-mtcuHvQw9_MyCzZAyBd-jD0EwFJGm_hIzJPKXLF-hNJOmPxQw_aSTT0UzVM-jXUYyZJam_hcpddeEfl-khPiWjYkx_MmjnBojpM-TrksxtMuW_NwkxOyTzk-4BZCTDVEk_ZGjHUIyJM-zLFMiNMOm_RQiRMS2TF-iVNWzXMY1_JanbJcldZ-kfRgvhbiW_Fkplbmjn0- HTTP/1.1
Host: dull-egg.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 86
Origin: https://deywepri.com
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 19:06:30 GMT
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
vary: Origin
last-modified: Fri, 19 Apr 2024 19:06:30 GMT
access-control-allow-origin: https://deywepri.com
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-credentials: true
x-content-type-options: nosniff
X-Firefox-Spdy: h2
wavylandscape.pro/buW.NvlwPx3-Nz0AYBXCR_1EcFzG1Hm-YJWKlLsM
200 OK 168 B URL GET HTTP/2 wavylandscape.pro/buW.NvlwPx3-Nz0AYBXCR_1EcFzG1Hm-YJWKlLsM
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerLet's Encrypt
Subjectwavylandscape.pro
Fingerprint78:9F:25:4A:A8:04:C7:7F:D6:2E:E5:67:9F:55:21:65:94:8C:1D:C6
ValiditySun, 25 Feb 2024 00:50:41 GMT - Sat, 25 May 2024 00:50:40 GMT
File type HTML document, ASCII text, with no line terminators
Hash 9e0c04f6a728b6a6b4cf6033ef73800b
eb16f7f814f9960764a7fcf7d1d8e9a86afc728f
b7d9c4839c6c376dee60d4c451e6ba68b4d1883e60d7187ccdd1575befca836d
GET /buW.NvlwPx3-Nz0AYBXCR_1EcFzG1Hm-YJWKlLsM HTTP/1.1
Host: wavylandscape.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deywepri.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 19:06:07 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
newassets.hcaptcha.com/captcha/v1/b1c589a/hcaptcha.js
200 OK 387 kB URL GET HTTP/3 newassets.hcaptcha.com/captcha/v1/b1c589a/hcaptcha.js
IP
Requested by https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=09hcm2xlmabk&host=deywepri.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=35afe8c0-9ebe-460b-b981-2dd69519f5c8&theme=light&origin=https%3A%2F%2Fdeywepri.com
Certificate IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
Size 387 kB (387091 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /captcha/v1/b1c589a/hcaptcha.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 19:06:08 GMT
content-type: application/javascript
etag: W/"5a68efa2b964d5c167fde3b130af8e94"
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Fri, 03 May 2024 19:06:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 876f2b8d7ede5697-OSL
content-encoding: br
newassets.hcaptcha.com/c/e78a38c/hsw.js
200 OK 528 kB URL GET HTTP/3 newassets.hcaptcha.com/c/e78a38c/hsw.js
IP
Requested by https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=09hcm2xlmabk&host=deywepri.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=35afe8c0-9ebe-460b-b981-2dd69519f5c8&theme=light&origin=https%3A%2F%2Fdeywepri.com
Certificate IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
Size 528 kB (528392 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/e78a38c/hsw.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 19:06:09 GMT
content-type: application/javascript
etag: W/"4342b00f906eea1d05b94293d52aa8b3"
cache-control: public, max-age=3024000
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Fri, 24 May 2024 19:06:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 876f2b8fd9475697-OSL
content-encoding: br
www.amazon.com/ap/signin/178-4417027-1316064?_encoding=UTF8&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=10000000&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Ffavicon.ico
0 B URL GET www.amazon.com/ap/signin/178-4417027-1316064?_encoding=UTF8&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=10000000&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Ffavicon.ico
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerDigiCert Inc
Subjectwww.amazon.com
Fingerprint62:55:EA:53:8D:A8:3F:87:B5:55:C5:54:EE:F6:18:25:C8:72:23:61
ValidityTue, 28 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ap/signin/178-4417027-1316064?_encoding=UTF8&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=10000000&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Ffavicon.ico HTTP/1.1
Host: www.amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-C1
server: Server
date: Fri, 19 Apr 2024 19:06:13 GMT
x-amz-rid: MKKXAH6DYV67KA50C9GV
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Content-Type,Accept-Encoding,User-Agent
content-encoding: gzip
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-id: g3P6YJP6Twrp1B60TAl38IlAneCMPEGzw6AKC_WsmdEevdbmY511bA==
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.blogger.com%2Ffavicon.ico&hl=de&ifkv=ARZ0qKLgFpgmDY9K_twWGDiG9fY7REQwVHIMun-rrkxVJ12r8l_owjKM-XryCeNKgPWg7ZyZETUIUw&passive=1209600&service=blogger&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1274423365%3A1713553573783655&theme=mn&ddm=0
403 Forbidden 0 B URL GET HTTP/2 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.blogger.com%2Ffavicon.ico&hl=de&ifkv=ARZ0qKLgFpgmDY9K_twWGDiG9fY7REQwVHIMun-rrkxVJ12r8l_owjKM-XryCeNKgPWg7ZyZETUIUw&passive=1209600&service=blogger&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1274423365%3A1713553573783655&theme=mn&ddm=0
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
FingerprintCC:CB:DD:14:30:B0:75:6A:EE:1D:20:F1:9E:C5:DD:5F:DD:68:4F:7B
ValidityMon, 18 Mar 2024 20:38:53 GMT - Mon, 10 Jun 2024 20:38:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.blogger.com%2Ffavicon.ico&hl=de&ifkv=ARZ0qKLgFpgmDY9K_twWGDiG9fY7REQwVHIMun-rrkxVJ12r8l_owjKM-XryCeNKgPWg7ZyZETUIUw&passive=1209600&service=blogger&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1274423365%3A1713553573783655&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 19 Apr 2024 19:06:13 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-0VwpW0WSHt02pI5M4VBdTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
newassets.hcaptcha.com/captcha/v1/b1c589a/hcaptcha.js
200 OK 387 kB URL GET HTTP/3 newassets.hcaptcha.com/captcha/v1/b1c589a/hcaptcha.js
IP
Requested by https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=checkbox&id=09hcm2xlmabk&host=deywepri.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=35afe8c0-9ebe-460b-b981-2dd69519f5c8&theme=light&origin=https%3A%2F%2Fdeywepri.com
Certificate IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
Size 387 kB (387091 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /captcha/v1/b1c589a/hcaptcha.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 19:06:08 GMT
content-type: application/javascript
etag: W/"5a68efa2b964d5c167fde3b130af8e94"
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Fri, 03 May 2024 19:06:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 876f2b8d7edc5697-OSL
content-encoding: br
deliverytraffico.com/0b085559bbdffdb520aa77a4607ee9f9/
302 Found 168 B URL GET HTTP/2 deliverytraffico.com/0b085559bbdffdb520aa77a4607ee9f9/
IP
ASN #14061 DIGITALOCEAN-ASN
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerLet's Encrypt
Subjectdeliverytraffico.com
Fingerprint18:75:66:3D:C9:14:8C:B8:55:F8:F0:77:8B:61:60:A0:3E:B2:48:8F
ValiditySun, 25 Feb 2024 12:47:33 GMT - Sat, 25 May 2024 12:47:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0b085559bbdffdb520aa77a4607ee9f9/ HTTP/1.1
Host: deliverytraffico.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Fri, 19 Apr 2024 19:06:06 GMT
content-type: text/html; charset=UTF-8
location: https://wavylandscape.pro/buW.NvlwPx3-Nz0AYBXCR_1EcFzG1Hm-YJWKlLsM
access-control-allow-origin: https://deywepri.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
200 OK 1.7 kB URL GET HTTP/3 newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File type HTML document, ASCII text, with very long lines (1768), with no line terminators
Hash 825c2f21a9a22bd9911e6686ced37ded
74f703bdafeabb1aad6a04b073d1745298c111dc
0624e04628b8b0d5f77b594b9ef1408296a1774109a47d7c1ac402e1d2636350
GET /captcha/v1/b1c589a/static/hcaptcha.html HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 19:06:08 GMT
content-type: text/html
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Fri, 03 May 2024 19:06:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 876f2b8c3d8d5697-OSL
content-encoding: br
newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
200 OK 1.7 kB URL GET HTTP/3 newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File type HTML document, ASCII text, with very long lines (1768), with no line terminators
Hash 825c2f21a9a22bd9911e6686ced37ded
74f703bdafeabb1aad6a04b073d1745298c111dc
0624e04628b8b0d5f77b594b9ef1408296a1774109a47d7c1ac402e1d2636350
GET /captcha/v1/b1c589a/static/hcaptcha.html HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 19:06:08 GMT
content-type: text/html
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Fri, 03 May 2024 19:06:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 876f2b8c3d905697-OSL
content-encoding: br
passport.baidu.com/v2/?login&fr=old&login&redirect_to=https://www.baidu.com/favicon.ico
0 B URL GET passport.baidu.com/v2/?login&fr=old&login&redirect_to=https://www.baidu.com/favicon.ico
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2/?login&fr=old&login&redirect_to=https://www.baidu.com/favicon.ico HTTP/1.1
Host: passport.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
deliverytraffico.com/37a21b48e24ed1184aa8b073cbd7f7f6/?rid=8Br382bJZEemjVlY3tJo277m3nQychUP&host=landings-eu01.sdkl.info
200 OK 14 B URL GET HTTP/2 deliverytraffico.com/37a21b48e24ed1184aa8b073cbd7f7f6/?rid=8Br382bJZEemjVlY3tJo277m3nQychUP&host=landings-eu01.sdkl.info
IP
ASN #14061 DIGITALOCEAN-ASN
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerLet's Encrypt
Subjectdeliverytraffico.com
Fingerprint18:75:66:3D:C9:14:8C:B8:55:F8:F0:77:8B:61:60:A0:3E:B2:48:8F
ValiditySun, 25 Feb 2024 12:47:33 GMT - Sat, 25 May 2024 12:47:32 GMT
File type ASCII text, with no line terminators
Hash c7a2377feeb4a2ea7470a8f3361cadd4
90978eb556bfdc5b8d5c827d77d3f7893349d606
5a6a29ee17ce768dda0fb65615d1d2ae4490f9ce1c33b30c2341a856bd3dc8c0
GET /37a21b48e24ed1184aa8b073cbd7f7f6/?rid=8Br382bJZEemjVlY3tJo277m3nQychUP&host=landings-eu01.sdkl.info HTTP/1.1
Host: deliverytraffico.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 19:06:07 GMT
content-type: text/html; charset=UTF-8
content-encoding: br
X-Firefox-Spdy: h2
api2.hcaptcha.com/checksiteconfig?v=b1c589a&host=deywepri.com&sitekey=35afe8c0-9ebe-460b-b981-2dd69519f5c8&sc=1&swa=1&spst=0
200 OK 718 B URL POST HTTP/3 api2.hcaptcha.com/checksiteconfig?v=b1c589a&host=deywepri.com&sitekey=35afe8c0-9ebe-460b-b981-2dd69519f5c8&sc=1&swa=1&spst=0
IP
Requested by https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=09hcm2xlmabk&host=deywepri.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=35afe8c0-9ebe-460b-b981-2dd69519f5c8&theme=light&origin=https%3A%2F%2Fdeywepri.com
Certificate IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File type troff or preprocessor input, ASCII text, with very long lines (734), with no line terminators
Hash c20f504e44d312d11aa7a36c95666bbc
65cc368554b5f2615471a24bd73611745062a48f
c5e2ff427956723428e4e4fa988a189a13a4f58c3c86f9cd824fc485c0925bec
POST /checksiteconfig?v=b1c589a&host=deywepri.com&sitekey=35afe8c0-9ebe-460b-b981-2dd69519f5c8&sc=1&swa=1&spst=0 HTTP/1.1
Host: api2.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://newassets.hcaptcha.com
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/3 200 OK
date: Fri, 19 Apr 2024 19:06:09 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28vk2VKwPbLoawFj9mU2fhedYxxWRCrHZYLKxn8YM; SameSite=None; Secure; path=/; expires=Fri, 19-Apr-24 19:36:09 GMT; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 876f2b8f68c95697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKJXr6cAMxjrKlhUnvksJRVUSh4RGYqFxEOTWCy-7aIdFbWm7rKgR3uMTO5s22xcooVCeBO3Mw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-821757489%3A1713553573786103&theme=mn&ddm=0
403 Forbidden 0 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKJXr6cAMxjrKlhUnvksJRVUSh4RGYqFxEOTWCy-7aIdFbWm7rKgR3uMTO5s22xcooVCeBO3Mw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-821757489%3A1713553573786103&theme=mn&ddm=0
IP
Requested by https://deywepri.com/l?v=dJ_qiFiM
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKJXr6cAMxjrKlhUnvksJRVUSh4RGYqFxEOTWCy-7aIdFbWm7rKgR3uMTO5s22xcooVCeBO3Mw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-821757489%3A1713553573786103&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 19 Apr 2024 19:06:13 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-4o406jIxzgbzgNMeE4K4Gw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
88.85.94.249
104.18.125.91
173.194.222.84
87.250.250.16
103.235.46.9
31.13.72.12