haijezoa.top/sftouch?userId=3dd7775403bb40e7951211460bf087b7&z=4254940&p_rid=e33dc0b3-1568-44b2-a0c2-03427c183e2c&p_src=sf
2 B URL haijezoa.top/sftouch?userId=3dd7775403bb40e7951211460bf087b7&z=4254940&p_rid=e33dc0b3-1568-44b2-a0c2-03427c183e2c&p_src=sf
IP
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /sftouch?userId=3dd7775403bb40e7951211460bf087b7&z=4254940&p_rid=e33dc0b3-1568-44b2-a0c2-03427c183e2c&p_src=sf HTTP/1.1
Host: haijezoa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://haijezoa.top
DNT: 1
Connection: keep-alive
Referer: https://haijezoa.top/cndi4858vmefovl/4254940/
Cookie: OAID=3dd7775403bb40e7951211460bf087b7; oaidts=1701038099
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/3 200 OK
date: Sun, 26 Nov 2023 22:35:00 GMT
content-type: text/plain
content-length: 2
x-trace-id: 3489f42e9c06dba753b4a3bab30d5990
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://haijezoa.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FRnTT%2B5coyw4h%2BqkDl%2FBAb8O%2FpQRSNKz5xNq75GM%2Fp1UkIxj%2F4trLF7turLUABoBHQwLRyqktwM96COKTIXAS8XqBfcjaurWN%2F0e7DKs0OY9cuNnNhIGdfhPmxaCKu4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c59a1d18675689-OSL
alt-svc: h3=":443"; ma=86400
my.rtmark.net/img.gif?f=merge&userId=3dd7775403bb40e7951211460bf087b7&z=4254940&p_rid=e33dc0b3-1568-44b2-a0c2-03427c183e2c&p_src=sf
43 B URL my.rtmark.net/img.gif?f=merge&userId=3dd7775403bb40e7951211460bf087b7&z=4254940&p_rid=e33dc0b3-1568-44b2-a0c2-03427c183e2c&p_src=sf
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=3dd7775403bb40e7951211460bf087b7&z=4254940&p_rid=e33dc0b3-1568-44b2-a0c2-03427c183e2c&p_src=sf HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://haijezoa.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 26 Nov 2023 22:35:00 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=3dd7775403bb40e7951211460bf087b7; expires=Mon, 25 Nov 2024 22:35:00 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
haijezoa.top/?z=4254940&syncedCookie=true&rhd=false
302 Found 0 B URL User Request POST HTTP/3 haijezoa.top/?z=4254940&syncedCookie=true&rhd=false
IP
Certificate IssuerGoogle Trust Services LLC
Subjecthaijezoa.top
Fingerprint1E:DA:6F:82:F6:9D:C0:50:42:1E:3A:72:86:59:08:70:F2:C9:D1:F7
ValidityMon, 23 Oct 2023 10:37:51 GMT - Sun, 21 Jan 2024 10:37:50 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?z=4254940&syncedCookie=true&rhd=false HTTP/1.1
Host: haijezoa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 457
Origin: https://haijezoa.top
DNT: 1
Connection: keep-alive
Referer: https://haijezoa.top/afu.php?zoneid=4254940&var=4254940&rid=yIhh1RmI4JpcKBEXkCKbqA%3D%3D&rhd=false
Cookie: OAID=3dd7775403bb40e7951211460bf087b7; oaidts=1701038099
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sun, 26 Nov 2023 22:35:00 GMT
content-length: 0
location: https://gl0a7loeki02do.com/news.php?key=kzpgib0wc95k23usqnoz&SUBID=752770955205677855&cost=0.000600&zoneid=4254940&browser=firefox&browserversion=105&device=desktop&isp=blix group as&country=NO&os=windows&osversion=win10&carrier=?&language=en
x-trace-id: 44b0a9b6265b115f0bb58a369f3c8014
link: <https://gl0a7loeki02do.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://haijezoa.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
set-cookie: OAID=3dd7775403bb40e7951211460bf087b7; expires=Mon, 25 Nov 2024 22:35:00 GMT; path=/; secure; SameSite=None
oaidts=1701038099; expires=Mon, 25 Nov 2024 22:35:00 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 03 Dec 2023 22:35:00 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2B0s9tEZt5wSMbe7qVDtUGVCVBj31Ff3CcD2jybrUVy%2FnXU0S19iGWctJF4euJ04pAOhMJwItPXtcIPt9fzxHcNMmdBNPJKvKLbS5E73GeCR2Wk8LpwikceP7jyeEQg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c59a1eaa005689-OSL
alt-svc: h3=":443"; ma=86400
gl0a7loeki02do.com/news.php?key=kzpgib0wc95k23usqnoz&SUBID=752770955205677855&cost=0.000600&zoneid=4254940&browser=firefox&browserversion=105&device=desktop&isp=blix%20group%20as&country=NO&os=windows&osversion=win10&carrier=?&language=en
302 Found 0 B URL User Request GET HTTP/1.1 gl0a7loeki02do.com/news.php?key=kzpgib0wc95k23usqnoz&SUBID=752770955205677855&cost=0.000600&zoneid=4254940&browser=firefox&browserversion=105&device=desktop&isp=blix%20group%20as&country=NO&os=windows&osversion=win10&carrier=?&language=en
IP
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subjectgl0a7loeki02do.com
FingerprintAE:E6:A9:A7:55:E8:BA:49:49:B8:44:23:52:97:03:11:0E:97:64:9E
ValidityMon, 02 Oct 2023 14:28:06 GMT - Sun, 31 Dec 2023 14:28:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /news.php?key=kzpgib0wc95k23usqnoz&SUBID=752770955205677855&cost=0.000600&zoneid=4254940&browser=firefox&browserversion=105&device=desktop&isp=blix%20group%20as&country=NO&os=windows&osversion=win10&carrier=?&language=en HTTP/1.1
Host: gl0a7loeki02do.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Sun, 26 Nov 2023 22:35:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=y9tlocd5i4; expires=Mon, 27-Nov-2023 22:35:00 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=y9tlocd5i4-y9tlocd5i4-p2-h9wj-8rwj-2tx9-4p9r-e159ec; expires=Mon, 27-Nov-2023 22:35:00 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://3tght76h.com/1/?lpkey=176c019403d9843000&uclick=y9tlocd5i4&uclickhash=y9tlocd5i4-y9tlocd5i4-p2-h9wj-8rwj-2tx9-4p9r-e159ec
Strict-Transport-Security: max-age=31536000
3tght76h.com/1/?lpkey=176c019403d9843000&uclick=y9tlocd5i4&uclickhash=y9tlocd5i4-y9tlocd5i4-p2-h9wj-8rwj-2tx9-4p9r-e159ec
200 OK 1.4 kB URL User Request GET HTTP/1.1 3tght76h.com/1/?lpkey=176c019403d9843000&uclick=y9tlocd5i4&uclickhash=y9tlocd5i4-y9tlocd5i4-p2-h9wj-8rwj-2tx9-4p9r-e159ec
IP
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject3tght76h.com
Fingerprint69:86:04:06:BA:1E:8D:32:8D:DC:3C:8A:58:4B:75:CE:E7:C1:2B:45
ValidityWed, 15 Nov 2023 12:22:03 GMT - Tue, 13 Feb 2024 12:22:02 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 26bc2b889534aead062fab4a41c790fe
c17fc01dc4cb6a7cb7fc24a73bad25b8e8115242
16e5a8b96ca3feecf8acdc49f84fba4486ff5a1bc7cd77bb1c88f3caf8d4fd82
GET /1/?lpkey=176c019403d9843000&uclick=y9tlocd5i4&uclickhash=y9tlocd5i4-y9tlocd5i4-p2-h9wj-8rwj-2tx9-4p9r-e159ec HTTP/1.1
Host: 3tght76h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 26 Nov 2023 22:35:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
www.googletagmanager.com/gtm.js?id=GTM-547JG5H
200 OK 45 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-547JG5H
IP
Requested by https://3tght76h.com/1/?lpkey=176c019403d9843000&uclick=y9tlocd5i4&uclickhash=y9tlocd5i4-y9tlocd5i4-p2-h9wj-8rwj-2tx9-4p9r-e159ec
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (2213)
Hash 643ac9022d995ec959badaaa1065d838
e7647efdc099ecd48c1fdc631bcfba94f8b00b96
23bff0d281734491b46c7cdc549fd61ca3403c79ac22bc85c045717b40ce4c83
GET /gtm.js?id=GTM-547JG5H HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3tght76h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 26 Nov 2023 22:35:01 GMT
expires: Sun, 26 Nov 2023 22:35:01 GMT
cache-control: private, max-age=900
last-modified: Sun, 26 Nov 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45096
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3tght76h.com/1/bg.png
200 OK 61 kB IP
ASN #24940 Hetzner Online GmbH
Requested by https://3tght76h.com/1/?lpkey=176c019403d9843000&uclick=y9tlocd5i4&uclickhash=y9tlocd5i4-y9tlocd5i4-p2-h9wj-8rwj-2tx9-4p9r-e159ec
Certificate IssuerLet's Encrypt
Subject3tght76h.com
Fingerprint69:86:04:06:BA:1E:8D:32:8D:DC:3C:8A:58:4B:75:CE:E7:C1:2B:45
ValidityWed, 15 Nov 2023 12:22:03 GMT - Tue, 13 Feb 2024 12:22:02 GMT
File type PNG image data, 400 x 299, 8-bit grayscale, non-interlaced\012- data
Hash d7096ad35844972e015e865729d13235
42c79d98b50275dcc447bd61d845ee2ed52ae45e
8bccdb408e67a3b44e0f5d417486c8d251f2e4acbae8542465aad3c7052341dd
GET /1/bg.png HTTP/1.1
Host: 3tght76h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3tght76h.com/1/?lpkey=176c019403d9843000&uclick=y9tlocd5i4&uclickhash=y9tlocd5i4-y9tlocd5i4-p2-h9wj-8rwj-2tx9-4p9r-e159ec
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 26 Nov 2023 22:35:01 GMT
Content-Type: image/png
Content-Length: 61362
Last-Modified: Wed, 15 Nov 2023 13:23:49 GMT
Connection: keep-alive
ETag: "6554c665-efb2"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
3tght76h.com/favicon.png
404 Not Found 114 B IP
ASN #24940 Hetzner Online GmbH
Requested by https://3tght76h.com/1/?lpkey=176c019403d9843000&uclick=y9tlocd5i4&uclickhash=y9tlocd5i4-y9tlocd5i4-p2-h9wj-8rwj-2tx9-4p9r-e159ec
Certificate IssuerLet's Encrypt
Subject3tght76h.com
Fingerprint69:86:04:06:BA:1E:8D:32:8D:DC:3C:8A:58:4B:75:CE:E7:C1:2B:45
ValidityWed, 15 Nov 2023 12:22:03 GMT - Tue, 13 Feb 2024 12:22:02 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ac5ea41aae137cead073d37a7bb732bc
85bde4b57e1f38bd7ff0e6cf4b6ac5f626a5fbae
fcdc802dabd14bed15efb9235ee0decac4adb6908dca03eeba74e2bf8f4eb5a7
GET /favicon.png HTTP/1.1
Host: 3tght76h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3tght76h.com/1/?lpkey=176c019403d9843000&uclick=y9tlocd5i4&uclickhash=y9tlocd5i4-y9tlocd5i4-p2-h9wj-8rwj-2tx9-4p9r-e159ec
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.22.0
Date: Sun, 26 Nov 2023 22:35:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
200 OK 191 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui&co=aHR0cHM6Ly8zdGdodDc2aC5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=ok8gy1j88e5z
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (563)
Size 191 kB (190682 bytes)
Hash 23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://3tght76h.com
DNT: 1
Connection: keep-alive
Referer: https://3tght76h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 Nov 2023 17:15:26 GMT
expires: Sun, 24 Nov 2024 17:15:26 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 105575
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
IP
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (56398), with no line terminators
Hash eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 Nov 2023 23:14:50 GMT
expires: Sun, 24 Nov 2024 23:14:50 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/css
vary: Accept-Encoding
age: 84011
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/api.js
200 OK 191 kB URL GET HTTP/2 www.google.com/recaptcha/api.js
IP
Requested by https://3tght76h.com/1/?lpkey=176c019403d9843000&uclick=y9tlocd5i4&uclickhash=y9tlocd5i4-y9tlocd5i4-p2-h9wj-8rwj-2tx9-4p9r-e159ec
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type ASCII text, with very long lines (864)
Size 191 kB (191237 bytes)
Hash 7c83c7330e3b956f44358371381af770
9ec6960c80ef10c6794a967d028ff7fa9901008e
f68c5524798aefaccb44c764ab34ea3169da86758aa960327b3e3a94bd55a28b
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3tght76h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Sun, 26 Nov 2023 22:35:01 GMT
date: Sun, 26 Nov 2023 22:35:01 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui&co=aHR0cHM6Ly8zdGdodDc2aC5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=ok8gy1j88e5z
200 OK 51 kB URL GET HTTP/3 www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui&co=aHR0cHM6Ly8zdGdodDc2aC5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=ok8gy1j88e5z
IP
Requested by https://3tght76h.com/1/?lpkey=176c019403d9843000&uclick=y9tlocd5i4&uclickhash=y9tlocd5i4-y9tlocd5i4-p2-h9wj-8rwj-2tx9-4p9r-e159ec
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type gzip compressed data\012- data
Hash dd04b5092255623b94e45cdc8921992e
efd2bff7a187d53d184f0fd1390082e57f2bc2a5
1e56a75a55aa8d1e67a0639acbcc1e4ebfb443a8b08f4d7d42f8bc248e14a17b
GET /recaptcha/api2/anchor?ar=1&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui&co=aHR0cHM6Ly8zdGdodDc2aC5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=ok8gy1j88e5z HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3tght76h.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 26 Nov 2023 22:35:01 GMT
content-security-policy: script-src 'nonce-lFKLuT29zmp3uLNNPas2Xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/logo_48.png
200 OK 2.2 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/logo_48.png
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui&co=aHR0cHM6Ly8zdGdodDc2aC5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=ok8gy1j88e5z
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Nov 2023 21:37:43 GMT
expires: Wed, 29 Nov 2023 21:37:43 GMT
cache-control: public, max-age=604800
age: 349039
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
200 OK 191 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui&co=aHR0cHM6Ly8zdGdodDc2aC5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=ok8gy1j88e5z
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (563)
Size 191 kB (190682 bytes)
Hash 23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 Nov 2023 17:15:26 GMT
expires: Sun, 24 Nov 2024 17:15:26 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 105576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
IP
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (56398), with no line terminators
Hash eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 Nov 2023 23:14:50 GMT
expires: Sun, 24 Nov 2024 23:14:50 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/css
vary: Accept-Encoding
age: 84012
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
200 OK 191 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui&co=aHR0cHM6Ly8zdGdodDc2aC5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=ok8gy1j88e5z
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (563)
Size 191 kB (190682 bytes)
Hash 23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 Nov 2023 17:15:26 GMT
expires: Sun, 24 Nov 2024 17:15:26 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 105576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
unpkg.com/axios@1.6.2/dist/axios.min.js
200 OK 34 kB URL GET HTTP/2 unpkg.com/axios@1.6.2/dist/axios.min.js
IP
Requested by https://3tght76h.com/1/?lpkey=176c019403d9843000&uclick=y9tlocd5i4&uclickhash=y9tlocd5i4-y9tlocd5i4-p2-h9wj-8rwj-2tx9-4p9r-e159ec
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (33582)
Hash a68c57e04fd79331988c16fc3585405d
413c97b8c8ba0be18c36a65a5be940239c5956c2
550f26d03776c62d33e90b8028c6b4e2e7d1301c6ff769cff94592a93df71c68
GET /axios@1.6.2/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3tght76h.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 26 Nov 2023 22:35:01 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"8355-QTyXuMi6C+GMNqZaW+lAI5xZVsI"
via: 1.1 fly.io
fly-request-id: 01HF7RVXXG61JE74MTPHYQMGA9-arn
cf-cache-status: HIT
age: 1043832
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82c59a24587f7127-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui&co=aHR0cHM6Ly8zdGdodDc2aC5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=ok8gy1j88e5z
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 23:26:09 GMT
expires: Fri, 22 Nov 2024 23:26:09 GMT
cache-control: public, max-age=31536000
age: 256133
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
200 OK 102 B URL GET HTTP/3 www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui&co=aHR0cHM6Ly8zdGdodDc2aC5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=ok8gy1j88e5z
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type ASCII text, with no line terminators
Hash b581f6e6ac7eb4d572233bdd384918f8
12a90cd14cfea2286982801538560f638670eaff
b62f36160407c81030404ab242125afd42fa0da6626ef11e5f406dda12acf144
GET /recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui&co=aHR0cHM6Ly8zdGdodDc2aC5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=ok8gy1j88e5z
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 26 Nov 2023 22:35:02 GMT
date: Sun, 26 Nov 2023 22:35:02 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
unpkg.com/axios/dist/axios.min.js
302 Found 34 kB URL GET HTTP/2 unpkg.com/axios/dist/axios.min.js
IP
Requested by https://3tght76h.com/1/?lpkey=176c019403d9843000&uclick=y9tlocd5i4&uclickhash=y9tlocd5i4-y9tlocd5i4-p2-h9wj-8rwj-2tx9-4p9r-e159ec
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3tght76h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sun, 26 Nov 2023 22:35:01 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.6.2/dist/axios.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01HG6VRTM5HNVFRJA39J1E435N-arn
cf-cache-status: HIT
age: 600
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82c59a2438687127-OSL
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui
200 OK 7.2 kB URL GET HTTP/3 www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui
IP
Requested by https://3tght76h.com/1/?lpkey=176c019403d9843000&uclick=y9tlocd5i4&uclickhash=y9tlocd5i4-y9tlocd5i4-p2-h9wj-8rwj-2tx9-4p9r-e159ec
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7480), with no line terminators
Hash 410a047308056df584a70f6206a6b5f1
6182579219b6b1a3b42c1ed0c080cfd9ee226d2a
2d5031a05f612fd8840684bf416e755099ef914446e84cf741532fd7cda48492
GET /recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3tght76h.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 26 Nov 2023 22:35:02 GMT
content-security-policy: script-src 'nonce-_u2fkXeM1PfQqEnwKStPQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
104.21.54.140
172.67.138.253
139.45.195.8
78.46.92.254