deywepri.com/l?v=Wk7KPqlX
88.85.69.213200 OK 4.1 kB URL User Request POST HTTP/1.1 deywepri.com/l?v=Wk7KPqlX
IP 88.85.69.213:443
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
File type HTML document, ASCII text, with very long lines (920)
Hash 511b3c9a3febe6140b12c8456546964d
27e7425974b99737c5619a1b37c8b4da9122d17b
72ac9ca3fc466324242a6bc4de4588caef9e94909a1c389f7e4d7e42bb284680
POST /l?v=Wk7KPqlX HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 898
Origin: null
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:55:06 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
envious-long.com/favicon.ico
188.72.219.35 0 B URL envious-long.com/favicon.ico
IP 188.72.219.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: envious-long.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: uniqCookie=1509c9447929248dfa70b7186ebeccde; kadCCap=177035:1:1706501169; kadACap=549263:1:1708567453; kadCSCap=304575:1:1714548680; kadASCap=534545:1:1714548238; kadRPixJ=bnVsbA==; kadUnP3=CAsQ6I3JsQYaDQi47b0CEAEYxe3JsQYaDQi++aEBEAIY1/HHsQYaDQi26oQCEAQY4NjFsQYaDQjH4sQCEAEYjtzHsQYaDQip+uwBEAEYuIbIsQYaDQiRqsQCEAEYyN/HsQYaDQi63rsCEAEY6uXJsQYaDQjphMUCEAEYkNzHsQYaDQi56oQCEAEY0+PJsQYaDQjIuf4BEAEYuvTKsQYaDQjIp8ECEAEY6I3JsQYaDQi66oQCEAIYlfbGsQYaDQiO278CEAEYm+THsQYaDQjTicUCEAEYjtzHsQYiCggOEAEYkNzHsQYiCggDEAoY6I3JsQYiCggBEAMYjtzHsQYqDAj2lSwQARjF7cmxBioMCJrqLBACGI7cx7EGKgwIitslEAIYlfbGsQYqDAjV7SwQARiO3MexBioMCPSWJRABGLr0yrEGKgwI4awsEAEYm+THsQYqDAiQ0R4QARi4hsixBioMCIbbJRAEGODYxbEGKgwI874sEAEY6I3JsQYqDAiG/isQARjq5cmxBioMCM7kLBABGMjfx7EGKgwIidslEAEY0+PJsQYqDAjK1hMQAhjX8cexBg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 01 May 2024 21:55:06 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
deywepri.com/views/grecaptcha/css/style.css
88.85.69.213200 OK 599 B URL GET HTTP/1.1 deywepri.com/views/grecaptcha/css/style.css
IP 88.85.69.213:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
Hash 27eac474447efeacaa8d51b91912b26d
f630300c7d5c71d2d87472512f4ed4d5fbb5b89a
69790d23d3ec08dbfa6909de36996b4cd3b0154e57b78ccb0e8a281f5e6e72ce
GET /views/grecaptcha/css/style.css HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/l?v=Wk7KPqlX
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:55:07 GMT
Content-Type: text/css
Last-Modified: Fri, 22 Mar 2024 10:38:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65fd5f98-67e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
deywepri.com/views/grecaptcha/css/mainstream.css
88.85.69.213200 OK 170 B URL GET HTTP/1.1 deywepri.com/views/grecaptcha/css/mainstream.css
IP 88.85.69.213:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
Hash 52b8c08e14b61f9dec8aa0ca6243dea2
1afe3e1ec5ea900ddbbca25fa085f898fdca6856
c19a3b5e10e979b08b2bcb55f68849e96e390c9bfd0b323a64a451bfbb95bf1c
GET /views/grecaptcha/css/mainstream.css HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/l?v=Wk7KPqlX
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:55:07 GMT
Content-Type: text/css
Last-Modified: Fri, 22 Mar 2024 10:38:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65fd5f98-2d1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
deywepri.com/views/grecaptcha/js/recaptcha.min.js?v=1714226627207557672
88.85.69.213200 OK 546 B URL GET HTTP/1.1 deywepri.com/views/grecaptcha/js/recaptcha.min.js?v=1714226627207557672
IP 88.85.69.213:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
File type JavaScript source, ASCII text, with very long lines (1115)
Hash 26ba95d3318a71a043b60f28d2a4ef62
2a60fcd6c6ffd1a9b1268507db9c8e56a232b4df
e935e010bb697396b415fecbdc8e92dc4a3d7277649dfea0c70631fbe5c67505
GET /views/grecaptcha/js/recaptcha.min.js?v=1714226627207557672 HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/l?v=Wk7KPqlX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:55:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Mar 2024 10:38:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65fd5f98-4f6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
deywepri.com/views/grecaptcha/js/touchEvent.min.js?v=1714226627207557672
88.85.69.213200 OK 5.3 kB URL GET HTTP/1.1 deywepri.com/views/grecaptcha/js/touchEvent.min.js?v=1714226627207557672
IP 88.85.69.213:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
File type JavaScript source, ASCII text, with very long lines (20222)
Hash da7c38d2a4e1f5d413629b404cb01836
3be32f1e0c02ae5b2f4401e8a3ee1f67f14822e7
69b3260be19acba9e09cbcd30fc608e0f60fbe7cb097483dc906827e8429e3a0
GET /views/grecaptcha/js/touchEvent.min.js?v=1714226627207557672 HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/l?v=Wk7KPqlX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:55:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Mar 2024 10:38:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65fd5f98-4f92"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
deywepri.com/views/grecaptcha/js/botDetect.min.js?v=1714226627207557672
88.85.69.213200 OK 9.0 kB URL GET HTTP/1.1 deywepri.com/views/grecaptcha/js/botDetect.min.js?v=1714226627207557672
IP 88.85.69.213:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
File type JavaScript source, ASCII text, with very long lines (29124)
Hash f7687ff36d6654cde4e042385c02d11f
92b2adb164f45ac1dbc5538b9f3ffdccfed8e482
ba9b728987cd01302f5a311e28bf6513dc2b04d43c8b47743e206ccc7608522e
GET /views/grecaptcha/js/botDetect.min.js?v=1714226627207557672 HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/l?v=Wk7KPqlX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:55:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Mar 2024 10:38:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65fd5f98-7225"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
deywepri.com/views/grecaptcha/js/hanalytics.min.js?v=1714226627207557672
88.85.69.213200 OK 3.0 kB URL GET HTTP/1.1 deywepri.com/views/grecaptcha/js/hanalytics.min.js?v=1714226627207557672
IP 88.85.69.213:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
File type JavaScript source, ASCII text, with very long lines (8053)
Hash 3c12e7c0ee844149c50f2c547c979c0a
0e257907505db9ce27e9386da79c8db883455ca3
f70d91cf7c7080ac7863b956f3caaf55546f1b1021b70ea3ae9d1627e2f46788
GET /views/grecaptcha/js/hanalytics.min.js?v=1714226627207557672 HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/l?v=Wk7KPqlX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:55:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Mar 2024 10:38:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65fd5f98-1fa8"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
deywepri.com/views/grecaptcha/js/events.min.js?v=1714226627207557672
88.85.69.213200 OK 2.5 kB URL GET HTTP/1.1 deywepri.com/views/grecaptcha/js/events.min.js?v=1714226627207557672
IP 88.85.69.213:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
File type JavaScript source, ASCII text, with very long lines (7126), with no line terminators
Hash 4fb85ea7794a57ee813b86db9ff670df
d9ea12cefc454ad893e25fe9282b73b7f493089b
d87e4f84ee00f66b89738f8f7b4566f3008c36ad27fe9cdaa173eac99f37bb61
GET /views/grecaptcha/js/events.min.js?v=1714226627207557672 HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/l?v=Wk7KPqlX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:55:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Mar 2024 10:38:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65fd5f98-1bd6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
deywepri.com/views/grecaptcha/js/debugMode.js?v=1714226627207557672
88.85.69.213200 OK 434 B URL GET HTTP/1.1 deywepri.com/views/grecaptcha/js/debugMode.js?v=1714226627207557672
IP 88.85.69.213:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
Hash 9e39ff189e016a78bc35c603f434eae3
8082d791393f3f08aaec171491d57b76d6d6d5aa
22f93a906aa144d4a67e38e0ad3eb6d5b7338949a66390864dec7d3131e362ff
GET /views/grecaptcha/js/debugMode.js?v=1714226627207557672 HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/l?v=Wk7KPqlX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:55:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Mar 2024 10:38:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65fd5f98-553"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
deywepri.com/views/grecaptcha/js/cacheIcon.min.js?v=1714226627207557672
88.85.69.213200 OK 900 B URL GET HTTP/1.1 deywepri.com/views/grecaptcha/js/cacheIcon.min.js?v=1714226627207557672
IP 88.85.69.213:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
File type JavaScript source, ASCII text, with very long lines (1999), with no line terminators
Hash 6bc1f7fded5a7e3131bd940ed293ea49
bbd6df8fd579acecfb773d6074abe1d44f4ac46b
eda54e4682f917bf18bf48619ad08dcb5035c26b271a55e55feffcd9a75ec237
GET /views/grecaptcha/js/cacheIcon.min.js?v=1714226627207557672 HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/l?v=Wk7KPqlX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:55:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Mar 2024 10:38:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65fd5f98-7cf"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
deywepri.com/views/grecaptcha/js/checkLogin.min.js?v=1714226627207557672
88.85.69.213200 OK 663 B URL GET HTTP/1.1 deywepri.com/views/grecaptcha/js/checkLogin.min.js?v=1714226627207557672
IP 88.85.69.213:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
File type JavaScript source, ASCII text, with very long lines (1804), with no line terminators
Hash 1e3212d9af95966463cfe347669ac693
b14c94dc2c743ba816419275c349ad15f85e906c
f4c922a7f3513aa6574af7930e8884f972f9cfd2670b50a56d861a1328798e0a
GET /views/grecaptcha/js/checkLogin.min.js?v=1714226627207557672 HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/l?v=Wk7KPqlX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:55:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Mar 2024 10:38:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65fd5f98-70c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
deywepri.com/views/grecaptcha/js/extFpHash.js?v=1714226627207557672
88.85.69.213200 OK 97 kB URL GET HTTP/1.1 deywepri.com/views/grecaptcha/js/extFpHash.js?v=1714226627207557672
IP 88.85.69.213:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
File type JavaScript source, ASCII text, with very long lines (65465)
Hash d0ab0c5780d9c77ab54e202c769b1433
c298c6ed6cfb8d35efcbe967344d2684347fd791
970fc826d5ed2e9acdd93772526abb6941c0735c6a76621969f47a1e1e1d0ae1
GET /views/grecaptcha/js/extFpHash.js?v=1714226627207557672 HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/l?v=Wk7KPqlX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:55:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Mar 2024 10:38:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65fd5f98-41f2c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
dull-egg.pro/acGdE-/.efmg9huiZ_UkllkmPnT-QpxqNrjsg_5uMvDwQxm-YzWARBJCZ_DE0FzGNHD-YJzKMLjMc_mOcP0QlRk-PTTUQV2WN_DYkZ5aObT-cdmecf0gl_kiMjjk0lm-cn0olpkqM_zs1t6ubv2-5xlybzmA9_0CcDGEFFz-cHyIZJyKc_mMlNkOPPT-kR0SYTmUQ_wWZXmYYZ4-YbTcJdmeZ_WgVhmiMjz-IlzmOnToV_hqZrmsMtz-YvjwdxhyM_DAVBhCYDm-IF4GJHnIV_uKaLXMFNC-ePVQRR5Sc_GUUV9WMXC-ZZ1abbmcl_xeQfnglha-bj2k5llmP_ToApmqdrW-5tpucvUwJ_5yRzmAVBl-ZDDE0FwGJ_nIVJuKaLX-FNCOePUQZ_vScTmU1Vh-dXDY0ZwaJ_ncBd0ePfT-AhmicjnkY_9mMnCoZpo-crzs1txuY_SwZxsyczG-kB9CMDzEI_1GMHiIZJo-aLXMRNJOZ_DQ0RySMTz-EVxWZXjYE_1aNbTcMd2-MfjgEh3iZ_DkIl2mZnT-IpwqMrWsU_yuYvzwExw-MzzAdBkCM_TEhFkGZHi-ZJyKZLWMZ_EObP2Q1Rh-aTWU4V9W
188.72.219.36200 OK 0 B URL POST HTTP/2 dull-egg.pro/acGdE-/.efmg9huiZ_UkllkmPnT-QpxqNrjsg_5uMvDwQxm-YzWARBJCZ_DE0FzGNHD-YJzKMLjMc_mOcP0QlRk-PTTUQV2WN_DYkZ5aObT-cdmecf0gl_kiMjjk0lm-cn0olpkqM_zs1t6ubv2-5xlybzmA9_0CcDGEFFz-cHyIZJyKc_mMlNkOPPT-kR0SYTmUQ_wWZXmYYZ4-YbTcJdmeZ_WgVhmiMjz-IlzmOnToV_hqZrmsMtz-YvjwdxhyM_DAVBhCYDm-IF4GJHnIV_uKaLXMFNC-ePVQRR5Sc_GUUV9WMXC-ZZ1abbmcl_xeQfnglha-bj2k5llmP_ToApmqdrW-5tpucvUwJ_5yRzmAVBl-ZDDE0FwGJ_nIVJuKaLX-FNCOePUQZ_vScTmU1Vh-dXDY0ZwaJ_ncBd0ePfT-AhmicjnkY_9mMnCoZpo-crzs1txuY_SwZxsyczG-kB9CMDzEI_1GMHiIZJo-aLXMRNJOZ_DQ0RySMTz-EVxWZXjYE_1aNbTcMd2-MfjgEh3iZ_DkIl2mZnT-IpwqMrWsU_yuYvzwExw-MzzAdBkCM_TEhFkGZHi-ZJyKZLWMZ_EObP2Q1Rh-aTWU4V9W
IP 188.72.219.36:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subjectdull-egg.pro
Fingerprint2C:38:E2:A2:7C:32:0F:35:69:9E:5F:4E:16:78:F1:B6:84:34:5C:35
ValiditySun, 14 Apr 2024 03:22:01 GMT - Sat, 13 Jul 2024 03:22:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /acGdE-/.efmg9huiZ_UkllkmPnT-QpxqNrjsg_5uMvDwQxm-YzWARBJCZ_DE0FzGNHD-YJzKMLjMc_mOcP0QlRk-PTTUQV2WN_DYkZ5aObT-cdmecf0gl_kiMjjk0lm-cn0olpkqM_zs1t6ubv2-5xlybzmA9_0CcDGEFFz-cHyIZJyKc_mMlNkOPPT-kR0SYTmUQ_wWZXmYYZ4-YbTcJdmeZ_WgVhmiMjz-IlzmOnToV_hqZrmsMtz-YvjwdxhyM_DAVBhCYDm-IF4GJHnIV_uKaLXMFNC-ePVQRR5Sc_GUUV9WMXC-ZZ1abbmcl_xeQfnglha-bj2k5llmP_ToApmqdrW-5tpucvUwJ_5yRzmAVBl-ZDDE0FwGJ_nIVJuKaLX-FNCOePUQZ_vScTmU1Vh-dXDY0ZwaJ_ncBd0ePfT-AhmicjnkY_9mMnCoZpo-crzs1txuY_SwZxsyczG-kB9CMDzEI_1GMHiIZJo-aLXMRNJOZ_DQ0RySMTz-EVxWZXjYE_1aNbTcMd2-MfjgEh3iZ_DkIl2mZnT-IpwqMrWsU_yuYvzwExw-MzzAdBkCM_TEhFkGZHi-ZJyKZLWMZ_EObP2Q1Rh-aTWU4V9W HTTP/1.1
Host: dull-egg.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 61
Origin: https://deywepri.com
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:55:07 GMT
content-length: 0
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
access-control-allow-credentials: true
vary: Origin
last-modified: Wed, 01 May 2024 21:55:07 GMT
access-control-allow-origin: https://deywepri.com
p3p: CP="CUR ADM OUR NOR STA NID"
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6Lfth30UAAAAAHTycX4fXIbPcziaA36c2zWU-eZ2&onload=getRecaptcha
216.58.211.4200 OK 1.1 kB URL GET HTTP/2 www.google.com/recaptcha/api.js?render=6Lfth30UAAAAAHTycX4fXIbPcziaA36c2zWU-eZ2&onload=getRecaptcha
IP 216.58.211.4:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintF3:75:C9:48:E6:A5:11:C7:87:C8:8D:9A:C4:16:F8:09:4E:88:7C:5A
ValidityMon, 08 Apr 2024 07:33:48 GMT - Mon, 01 Jul 2024 07:33:47 GMT
Hash 42f844ffa70d49f80c7d0e37b2bb0862
f82f7b1b60cb4044884a6e5f5866425692c80817
50690b13cb3924bd6fc2efd1f8753e7c6d72d93146992af9f4c6213c10e6919d
GET /recaptcha/api.js?render=6Lfth30UAAAAAHTycX4fXIbPcziaA36c2zWU-eZ2&onload=getRecaptcha HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Wed, 01 May 2024 21:55:07 GMT
date: Wed, 01 May 2024 21:55:07 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
deywepri.com/favicon.ico
88.85.69.213200 OK 19 kB IP 88.85.69.213:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
File type ASCII text, with very long lines (19321), with no line terminators
Hash b8511bc84d69b72d0194c29a3ce52968
9d7935e6aef48e623fdf1432d8847a83c44bf0ae
fbc556740a68a3c5b4dc61c37baa5c74fbb1c9fd4420811b625e557dee86fd53
GET /favicon.ico HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/l?v=Wk7KPqlX
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:55:08 GMT
Content-Type: image/x-icon
Content-Length: 19321
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
deywepri.com/views/grecaptcha/img/mainstream/laptop.png
88.85.69.213200 OK 1.2 MB URL GET HTTP/1.1 deywepri.com/views/grecaptcha/img/mainstream/laptop.png
IP 88.85.69.213:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
File type PNG image data, 1436 x 1025, 8-bit/color RGBA, non-interlaced
Size 1.2 MB (1192830 bytes)
Hash 64c05ce3df8cc7e9f2d6a828a5de9bb9
193d3891f2d1e8aa3ea0efdad64c0dadc8e2ce3e
940e231d1846ab2e4091fff0840fd4e68fc04742098006d81a6cfe463f236dd5
GET /views/grecaptcha/img/mainstream/laptop.png HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/views/grecaptcha/css/mainstream.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:55:09 GMT
Content-Type: image/png
Content-Length: 1192830
Last-Modified: Fri, 22 Mar 2024 10:38:16 GMT
Connection: keep-alive
ETag: "65fd5f98-12337e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
deywepri.com/bdt
88.85.69.213200 OK 2 B IP 88.85.69.213:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /bdt HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2128
Origin: https://deywepri.com
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/l?v=Wk7KPqlX
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:55:10 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
dull-egg.pro/YWm_RY0ZP.3apbv-bdmeVfJgZ_Di0j0kMlT-Yn4oOpTqA_0sJtmuFvk-SxWyQz9AM_zCQD2EMFz-IH3IJJnKN_JMZNDO0P0-NRjSQT5UO_TWkX3YJZn-NbJcZdDeI_9gJhniNjJ-ZlDmMn9oe_mq9rusZtW-5vvwdxHyB_hAcB3CMDm-cFnGJHpIZ_DK0L5MNNG-JPkQMRGSZ_mUOVGWEXy-ZZmaVblcZ_jeMfygMhz-kj1kYlWmZ_joMp2qIr3-YtTuAv1wY_WyJziAOBC-ZD1EbFmGl_xIQJnKlLU-eNXOBPlQP_TSATmUdVW-5XpYcZUaJ_5cWdme9fu-ZhTi0jwkJ_nmVnuoapX-FrCsetUuZ_lwZxWyQz9-MBCCZD1Eb_mGlHxIQJn-lLGMbN3OJ_tQYRXSQT9-MVCWZXwYd_Da0bwcJdn-Jf2gPhTiA_mkalHmMn9-cpWqErmsb_HuBvpwPxT-MzyANBTCI_mEaFGGlH0-SJWKQL9MM_jOMPxQMRW-YTxUNVTWU_zYNZjaIbx-Nd2eQfygN_miUjykMlD-FnloMpmqM_xsMtDuMv3-ZxDyEz4AZ_GCYDmEcFm-VHmIRJGK9_tMYNWOlPu-PRQS
188.72.219.36200 OK 0 B URL POST HTTP/2 dull-egg.pro/YWm_RY0ZP.3apbv-bdmeVfJgZ_Di0j0kMlT-Yn4oOpTqA_0sJtmuFvk-SxWyQz9AM_zCQD2EMFz-IH3IJJnKN_JMZNDO0P0-NRjSQT5UO_TWkX3YJZn-NbJcZdDeI_9gJhniNjJ-ZlDmMn9oe_mq9rusZtW-5vvwdxHyB_hAcB3CMDm-cFnGJHpIZ_DK0L5MNNG-JPkQMRGSZ_mUOVGWEXy-ZZmaVblcZ_jeMfygMhz-kj1kYlWmZ_joMp2qIr3-YtTuAv1wY_WyJziAOBC-ZD1EbFmGl_xIQJnKlLU-eNXOBPlQP_TSATmUdVW-5XpYcZUaJ_5cWdme9fu-ZhTi0jwkJ_nmVnuoapX-FrCsetUuZ_lwZxWyQz9-MBCCZD1Eb_mGlHxIQJn-lLGMbN3OJ_tQYRXSQT9-MVCWZXwYd_Da0bwcJdn-Jf2gPhTiA_mkalHmMn9-cpWqErmsb_HuBvpwPxT-MzyANBTCI_mEaFGGlH0-SJWKQL9MM_jOMPxQMRW-YTxUNVTWU_zYNZjaIbx-Nd2eQfygN_miUjykMlD-FnloMpmqM_xsMtDuMv3-ZxDyEz4AZ_GCYDmEcFm-VHmIRJGK9_tMYNWOlPu-PRQS
IP 188.72.219.36:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subjectdull-egg.pro
Fingerprint2C:38:E2:A2:7C:32:0F:35:69:9E:5F:4E:16:78:F1:B6:84:34:5C:35
ValiditySun, 14 Apr 2024 03:22:01 GMT - Sat, 13 Jul 2024 03:22:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /YWm_RY0ZP.3apbv-bdmeVfJgZ_Di0j0kMlT-Yn4oOpTqA_0sJtmuFvk-SxWyQz9AM_zCQD2EMFz-IH3IJJnKN_JMZNDO0P0-NRjSQT5UO_TWkX3YJZn-NbJcZdDeI_9gJhniNjJ-ZlDmMn9oe_mq9rusZtW-5vvwdxHyB_hAcB3CMDm-cFnGJHpIZ_DK0L5MNNG-JPkQMRGSZ_mUOVGWEXy-ZZmaVblcZ_jeMfygMhz-kj1kYlWmZ_joMp2qIr3-YtTuAv1wY_WyJziAOBC-ZD1EbFmGl_xIQJnKlLU-eNXOBPlQP_TSATmUdVW-5XpYcZUaJ_5cWdme9fu-ZhTi0jwkJ_nmVnuoapX-FrCsetUuZ_lwZxWyQz9-MBCCZD1Eb_mGlHxIQJn-lLGMbN3OJ_tQYRXSQT9-MVCWZXwYd_Da0bwcJdn-Jf2gPhTiA_mkalHmMn9-cpWqErmsb_HuBvpwPxT-MzyANBTCI_mEaFGGlH0-SJWKQL9MM_jOMPxQMRW-YTxUNVTWU_zYNZjaIbx-Nd2eQfygN_miUjykMlD-FnloMpmqM_xsMtDuMv3-ZxDyEz4AZ_GCYDmEcFm-VHmIRJGK9_tMYNWOlPu-PRQS HTTP/1.1
Host: dull-egg.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1431
Origin: https://deywepri.com
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:55:10 GMT
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
access-control-allow-origin: https://deywepri.com
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-credentials: true
vary: Origin
last-modified: Wed, 01 May 2024 21:55:10 GMT
x-content-type-options: nosniff
X-Firefox-Spdy: h2
dull-egg.pro/acGdE-/.efmg9huiZ_UkllkmPnT-QpxqNrjsg_5uMvDwQxm-YzWARBJCZ_DE0FzGNHD-YJzKMLjMc_mOcP0QlRk-PTTUQV2WN_DYkZ5aObT-cdmecf0gl_kiMjjk0lm-cn0olpkqM_zs1t6ubv2-5xlybzmA9_0CcDGEFFz-cHyIZJyKc_mMlNkOPPT-kR0SYTmUQ_wWZXmYYZ4-YbTcJdmeZ_WgVhmiMjz-IlzmOnToV_hqZrmsMtz-YvjwdxhyM_DAVBhCYDm-IF4GJHnIV_uKaLXMFNC-ePVQRR5Sc_GUUV9WMXC-ZZ1abbmcl_xeQfnglha-bj2k5llmP_ToApmqdrW-5tpucvUwJ_5yRzmAVBl-ZDDE0FwGJ_nIVJuKaLX-FNCOePUQZ_vScTmU1Vh-dXDY0ZwaJ_ncBd0ePfT-AhmicjnkY_9mMnCoZpo-crzs1txuY_SwZxsyczG-kB9CMDzEI_1GMHiIZJo-aLXMRNJOZ_DQ0RySMTz-EVxWZXjYE_1aNbTcMd2-MfjgEh3iZ_DkIl2mZnT-IpwqMrWsU_yuYvzwExw-MzzAdBkCM_TEhFkGZHi-ZJyKZLWMZ_EObP2Q1Rh-aTWU4V9W
188.72.219.36200 OK 0 B URL POST HTTP/2 dull-egg.pro/acGdE-/.efmg9huiZ_UkllkmPnT-QpxqNrjsg_5uMvDwQxm-YzWARBJCZ_DE0FzGNHD-YJzKMLjMc_mOcP0QlRk-PTTUQV2WN_DYkZ5aObT-cdmecf0gl_kiMjjk0lm-cn0olpkqM_zs1t6ubv2-5xlybzmA9_0CcDGEFFz-cHyIZJyKc_mMlNkOPPT-kR0SYTmUQ_wWZXmYYZ4-YbTcJdmeZ_WgVhmiMjz-IlzmOnToV_hqZrmsMtz-YvjwdxhyM_DAVBhCYDm-IF4GJHnIV_uKaLXMFNC-ePVQRR5Sc_GUUV9WMXC-ZZ1abbmcl_xeQfnglha-bj2k5llmP_ToApmqdrW-5tpucvUwJ_5yRzmAVBl-ZDDE0FwGJ_nIVJuKaLX-FNCOePUQZ_vScTmU1Vh-dXDY0ZwaJ_ncBd0ePfT-AhmicjnkY_9mMnCoZpo-crzs1txuY_SwZxsyczG-kB9CMDzEI_1GMHiIZJo-aLXMRNJOZ_DQ0RySMTz-EVxWZXjYE_1aNbTcMd2-MfjgEh3iZ_DkIl2mZnT-IpwqMrWsU_yuYvzwExw-MzzAdBkCM_TEhFkGZHi-ZJyKZLWMZ_EObP2Q1Rh-aTWU4V9W
IP 188.72.219.36:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subjectdull-egg.pro
Fingerprint2C:38:E2:A2:7C:32:0F:35:69:9E:5F:4E:16:78:F1:B6:84:34:5C:35
ValiditySun, 14 Apr 2024 03:22:01 GMT - Sat, 13 Jul 2024 03:22:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /acGdE-/.efmg9huiZ_UkllkmPnT-QpxqNrjsg_5uMvDwQxm-YzWARBJCZ_DE0FzGNHD-YJzKMLjMc_mOcP0QlRk-PTTUQV2WN_DYkZ5aObT-cdmecf0gl_kiMjjk0lm-cn0olpkqM_zs1t6ubv2-5xlybzmA9_0CcDGEFFz-cHyIZJyKc_mMlNkOPPT-kR0SYTmUQ_wWZXmYYZ4-YbTcJdmeZ_WgVhmiMjz-IlzmOnToV_hqZrmsMtz-YvjwdxhyM_DAVBhCYDm-IF4GJHnIV_uKaLXMFNC-ePVQRR5Sc_GUUV9WMXC-ZZ1abbmcl_xeQfnglha-bj2k5llmP_ToApmqdrW-5tpucvUwJ_5yRzmAVBl-ZDDE0FwGJ_nIVJuKaLX-FNCOePUQZ_vScTmU1Vh-dXDY0ZwaJ_ncBd0ePfT-AhmicjnkY_9mMnCoZpo-crzs1txuY_SwZxsyczG-kB9CMDzEI_1GMHiIZJo-aLXMRNJOZ_DQ0RySMTz-EVxWZXjYE_1aNbTcMd2-MfjgEh3iZ_DkIl2mZnT-IpwqMrWsU_yuYvzwExw-MzzAdBkCM_TEhFkGZHi-ZJyKZLWMZ_EObP2Q1Rh-aTWU4V9W HTTP/1.1
Host: dull-egg.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 6518
Origin: https://deywepri.com
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:55:10 GMT
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
access-control-allow-origin: https://deywepri.com
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-credentials: true
vary: Origin
last-modified: Wed, 01 May 2024 21:55:10 GMT
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.google.com/favicon.ico
216.58.211.4 1.5 kB URL GET www.google.com/favicon.ico
IP 216.58.211.4:0
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1
ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Hash f3418a443e7d841097c714d69ec4bcb8
49263695f6b0cdd72f45cf1b775e660fdc36c606
6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
GET /favicon.ico HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1494
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 May 2024 21:46:26 GMT
expires: Thu, 09 May 2024 21:46:26 GMT
cache-control: public, max-age=691200
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
content-type: image/x-icon
vary: Accept-Encoding
age: 524
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.amazon.com/favicon.ico
143.204.50.178200 OK 18 kB URL GET HTTP/2 www.amazon.com/favicon.ico
IP 143.204.50.178:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerDigiCert Inc
Subjectwww.amazon.com
Fingerprint62:55:EA:53:8D:A8:3F:87:B5:55:C5:54:EE:F6:18:25:C8:72:23:61
ValidityTue, 28 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File type MS Windows icon resource - 4 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
Hash ca6619b86c2f6e6068b69ba3aaddb7e4
c44a1bb9d14385334eb851fbb0afb19d961c1ee7
17d02e2db6dbedb95dd449d06868c147ac2c3b5371497bcb9407e75336a99e09
GET /favicon.ico HTTP/1.1
Host: www.amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/x-icon
content-length: 17542
server: Server
date: Wed, 01 May 2024 21:53:53 GMT
x-amz-rid: 3GWEWYV8CDWRXPV0SNG9
accept-ranges: bytes
last-modified: Tue, 21 Sep 2010 17:37:41 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=47474747; includeSubDomains; preload
x-frame-options: SAMEORIGIN
etag: "4486-490c87c5a6340"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: btP46bLHBGi_fy9rKKjeLxFzDpygcrCCLDPmVRQR1uLD2_7uiK4lXQ==
age: 77
X-Firefox-Spdy: h2
newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html
104.18.125.91 110 kB URL newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html
IP 104.18.125.91:0
File type HTML document, ASCII text, with very long lines (1165)
Size 110 kB (110329 bytes)
Hash 59836782f9d8b5cebefc67dfe2b0698d
ff4453e7c1bba8633aa11c9c86061b0fbdacb19d
04e0e037618a972453ea1fa2e3fe9e36794968ae9725d2ae853cb06e3761c1af
GET /captcha/v1/50fb34a/static/hcaptcha.html HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 21:55:10 GMT
content-type: text/html
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Wed, 15 May 2024 21:55:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d303a3da9e56b9-OSL
content-encoding: br
static.xx.fbcdn.net/rsrc.php/yD/r/d4ZIVX-5C-b.ico
31.13.72.12404 Not Found 0 B URL GET HTTP/2 static.xx.fbcdn.net/rsrc.php/yD/r/d4ZIVX-5C-b.ico
IP 31.13.72.12:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerDigiCert Inc
Subject*.facebook.com
FingerprintB1:7A:4C:7F:BD:E3:D7:B5:08:AF:15:CB:35:AC:56:D7:02:12:58:AA
ValidityFri, 09 Feb 2024 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rsrc.php/yD/r/d4ZIVX-5C-b.ico HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
x-fatal-request: static.xx.fbcdn.net
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
timing-allow-origin: *
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-security-policy-report-only: default-src data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src 'unsafe-inline';connect-src *.fbcdn.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src data: blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-xss-protection: 0
origin-agent-cluster: ?0
content-type: text/html; charset="utf-8"
x-fb-debug: Ie2OPW9KDLsUcLMYqGkTYfdjdhTGBI5Kbo83kFx4ug22c6Ni4vdP4DYqakKMoX+MaCtCInq040rprjD1mThCHA==
content-length: 0
proxy-status: http_request_error; e_fb_configversion="AcJc5bVT-81FPoZx2z5G8cYljvLQ4VDhimtdeVvGgHNAqKrQSFO95NL8s3kTMw"; e_clientaddr="AcI7Wr85G_yDeTq2B4HCTUCeD8tbaOdVcQX3TfB5-3cQJ4wSNgYWLpXZHA_10mk4RNXU6SyV4sP3Y8w6oigjCCXWQwRruuJ5yLoUiEIv2HfT0wO5"; e_fb_vipport="AcKRbeHL-1zaADyrDFaLy2ngoYRAQxCkf3JvGCzSE6KLxbpvlvFYQ2w1ZKBk"; e_upip="AcLK95eRNkuGNaP3ECWMjoa1YMKOpNSShNM07dLMYso7Grd9x3PzYtd3eOBV7KskfD8yIKJs58L6eFxmgAGwNn_TtR2hqtY8tw"; e_fb_requestsequencenumber="AcINbghDCvS24cDK5EnPA5CFaQfOypfc0hc-a1xFQs7F53OfAHzdBY5tZQ"; e_fb_hostheader="AcIgFI9wxj6NpxwaxOgSZxaa9mYk0PYWtWYdQdK6XMU5koBP7Y3xioTWc32hb4tBZhwhGbi0k_Jhh5Z3Ng"; e_fb_vipaddr="AcKSgUky9F2P1rklCa5D4U2cjCsYXDXrwHnAiF54hZSUbDrj9mGKd7vEV6bJUNZJjTBsJ6cgHKVKPZsGefzrL17gRyyPltLTAg"; e_fb_requesthandler="AcIYdJmp6svtF1T2eSTR97F32kSCN9tb_7kpzpHJNtX06PKI8-MP6fqPCQd6QLFj1_ZQDx8MNNM"; e_fb_requesttime="AcKm2Q88BE_7IvcJlTiufCZBYvvQgaw9Cqj42dEb9M07uKsS9wb8mkR6yxCACRPPtkm6KDUtPA"; e_fb_builduser="AcIAIa1yvPuAV_omkwpYdSzQkoM5FDwsAOcl_tm5Upl-aSG_yr7IcuhyFGwanlKthDw"; e_fb_httpversion="AcKFCO7F2QGiifWW5nND8fXFnPuUFAva3RQzYrw6oNuPe0yEWmDWGSzyw0Xs"; e_fb_binaryversion="AcL1Y6zH3o2o08MNHGLG4p1LGwH6sm1F9OQUlSaymuiIsXGkdeJkib3rrds7RXgpz8SxXG710I0Nw7yNYB_g1p5UNWA6-BQx4ik"; e_proxy="AcIaM7iZWW2uu6c2YiksyhGq0L_8wdhru4mMNQRc8g3d9A8316M56DD0w_5v4K4rrBiXNAEr7fw7TK2W0xca", http_request_error; e_fb_configversion="AcJgMi32GYgQglR8Z6B5kBUVL56x1fIt2VWgz66VXTxlwEGN3bsltZh9boYnVA"; e_clientaddr="AcIvqdh6Mon0eEGS9iSW7rTfPWQCUcLDTMAUWfw2lLVTuDPK2HvP4x7ODSqwmZafZBf5mz6S7SxKwQeC"; e_fb_vipport="AcJa54uOmYtSY5gsvb3bcY8R_WaOMJGFVCE_Ty_N420xqeiluwxI9Nd0NuvJ"; e_fb_requestsequencenumber="AcLm_KikihtXMaLSj8gzySSH8iAa1LSUuvlSUtlSmgXgZ2BLmUxdSH_KgQ"; e_fb_hostheader="AcIkgflxJz7bofToBe63dZmg8WHaigQ5ocdDRe67_vdiTo9u580HG0TKKoIQu-ixiLfcZAk_02T5eFIKYQ"; e_fb_vipaddr="AcLBzIxxekzhaZx2Qcpxn4YosxM700HlkU_8iSwnMQR95GxcZC4iRPxeQrRqw7kJd806aRE"; e_fb_requesthandler="AcLzAjTuGuvFekJO2ehKPHYF8aw10ykOLiuVJhrdjyeg2xrndeoOQ5mNsgunbes85OOKfT7rr0_mDQ"; e_fb_requesttime="AcKHQtiUxAQondFpBdX07lVWdgTBgH0fWq8Mkyth1Lmn7vuODGWk_Aqc-HqP_w8CFAfi39ehJw"; e_fb_builduser="AcL-aH5eMr0h8TsWm9IfRJRzkD3wAfSYbEFAADg3lbY4EwdzyMzaU9U7BnCWQTr3u7c"; e_fb_httpversion="AcKP9x0xMHnt0m3fNUWAxAJ-S9HJD4bIPE5zBKKhVihD8HDcWmsNhW-y0IxA"; e_fb_binaryversion="AcKpitcS-5dQdvAxP6lH62_V7Qr8O2qLUjiTKUlAsVOVnB8ZcGYe33nzteQH0bN6yYhzhJVgde3Q89cuOyyxHnAHQbrIFE0khxI"; e_proxy="AcIEhSVSJ82eATVeXQboMdOW65Z2wL5hXxdGqM0DXI7MnHU8EHeauiaP4QuDUbMlKbuRfa1For7vf6Y2"
date: Wed, 01 May 2024 21:55:10 GMT
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=13, mss=1380, tbw=3385, tp=-1, tpl=-1, uplat=0, ullat=-1
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js
142.250.74.131200 OK 206 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js
IP 142.250.74.131:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfth30UAAAAAHTycX4fXIbPcziaA36c2zWU-eZ2&co=aHR0cHM6Ly9kZXl3ZXByaS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=aofdst10pr78
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File type JavaScript source, ASCII text, with very long lines (631)
Size 206 kB (205803 bytes)
Hash e2e79d6b927169d9e0e57e3baecc0993
1299473950b2999ba0b7f39bd5e4a60eafd1819d
231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://deywepri.com
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:07:40 GMT
expires: Sat, 26 Apr 2025 06:07:40 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 488850
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
6.adsco.re:2087/
104.17.167.186200 OK 0 B IP 104.17.167.186:2087
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re:2087
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://deywepri.com
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 21:55:10 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://deywepri.com
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d303a8bcfb56a5-OSL
alt-svc: h3=":2087"; ma=86400
X-Firefox-Spdy: h2
6.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://deywepri.com
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 21:55:10 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://deywepri.com
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d303a8cd8c568a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 5b41cb22f84f645a103acc7bfbf084ff
bac3967b26d5ec4a0d09a580714e8219796816bd
709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://deywepri.com
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 May 2024 21:55:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://deywepri.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
4.adsco.re:2087/
162.252.214.5200 OK 62 B IP 162.252.214.5:2087
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 5b41cb22f84f645a103acc7bfbf084ff
bac3967b26d5ec4a0d09a580714e8219796816bd
709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc
GET / HTTP/1.1
Host: 4.adsco.re:2087
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://deywepri.com
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 May 2024 21:55:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://deywepri.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css
142.250.74.131200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css
IP 142.250.74.131:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfth30UAAAAAHTycX4fXIbPcziaA36c2zWU-eZ2&co=aHR0cHM6Ly9kZXl3ZXByaS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=aofdst10pr78
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File type ASCII text, with very long lines (56412), with no line terminators
Hash 2c00b9f417b688224937053cd0c284a5
17b4c18ebc129055dd25f214c3f11e03e9df2d82
1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:04:29 GMT
expires: Sat, 26 Apr 2025 06:04:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/css
vary: Accept-Encoding
age: 489042
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js
142.250.74.131200 OK 206 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js
IP 142.250.74.131:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfth30UAAAAAHTycX4fXIbPcziaA36c2zWU-eZ2&co=aHR0cHM6Ly9kZXl3ZXByaS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=aofdst10pr78
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File type JavaScript source, ASCII text, with very long lines (631)
Size 206 kB (205803 bytes)
Hash e2e79d6b927169d9e0e57e3baecc0993
1299473950b2999ba0b7f39bd5e4a60eafd1819d
231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:07:40 GMT
expires: Sat, 26 Apr 2025 06:07:40 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 488851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.baidu.com/favicon.ico
103.235.46.40 2.0 kB URL GET www.baidu.com/favicon.ico
IP 103.235.46.40:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel
Hash 717b138033a41361b32b60fc5062ab2a
af9841b6f0923f890f41feec52c94a0cd68f01d8
c70088079fe9441a726c66ce0e73ae38315ec80051d3dd542c41b82fa0a1993a
GET /favicon.ico HTTP/1.1
Host: www.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 1966
Content-Type: image/x-icon
Date: Wed, 01 May 2024 21:55:11 GMT
Etag: "423e-5bd257db4e500"
Last-Modified: Wed, 10 Mar 2021 02:33:24 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: Apache
Set-Cookie: BAIDUID=06BB72A9DB92F8CDC56F7FFCAAC27B84:FG=1; expires=Thu, 01-May-25 21:55:11 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Vary: Accept-Encoding,User-Agent
dull-egg.pro/acGdE-/.efmg9huiZ_UkllkmPnT-QpxqNrjsg_5uMvDwQxm-YzWARBJCZ_DE0FzGNHD-YJzKMLjMc_mOcP0QlRk-PTTUQV2WN_DYkZ5aObT-cdmecf0gl_kiMjjk0lm-cn0olpkqM_zs1t6ubv2-5xlybzmA9_0CcDGEFFz-cHyIZJyKc_mMlNkOPPT-kR0SYTmUQ_wWZXmYYZ4-YbTcJdmeZ_WgVhmiMjz-IlzmOnToV_hqZrmsMtz-YvjwdxhyM_DAVBhCYDm-IF4GJHnIV_uKaLXMFNC-ePVQRR5Sc_GUUV9WMXC-ZZ1abbmcl_xeQfnglha-bj2k5llmP_ToApmqdrW-5tpucvUwJ_5yRzmAVBl-ZDDE0FwGJ_nIVJuKaLX-FNCOePUQZ_vScTmU1Vh-dXDY0ZwaJ_ncBd0ePfT-AhmicjnkY_9mMnCoZpo-crzs1txuY_SwZxsyczG-kB9CMDzEI_1GMHiIZJo-aLXMRNJOZ_DQ0RySMTz-EVxWZXjYE_1aNbTcMd2-MfjgEh3iZ_DkIl2mZnT-IpwqMrWsU_yuYvzwExw-MzzAdBkCM_TEhFkGZHi-ZJyKZLWMZ_EObP2Q1Rh-aTWU4V9W
188.72.219.36200 OK 0 B URL POST HTTP/2 dull-egg.pro/acGdE-/.efmg9huiZ_UkllkmPnT-QpxqNrjsg_5uMvDwQxm-YzWARBJCZ_DE0FzGNHD-YJzKMLjMc_mOcP0QlRk-PTTUQV2WN_DYkZ5aObT-cdmecf0gl_kiMjjk0lm-cn0olpkqM_zs1t6ubv2-5xlybzmA9_0CcDGEFFz-cHyIZJyKc_mMlNkOPPT-kR0SYTmUQ_wWZXmYYZ4-YbTcJdmeZ_WgVhmiMjz-IlzmOnToV_hqZrmsMtz-YvjwdxhyM_DAVBhCYDm-IF4GJHnIV_uKaLXMFNC-ePVQRR5Sc_GUUV9WMXC-ZZ1abbmcl_xeQfnglha-bj2k5llmP_ToApmqdrW-5tpucvUwJ_5yRzmAVBl-ZDDE0FwGJ_nIVJuKaLX-FNCOePUQZ_vScTmU1Vh-dXDY0ZwaJ_ncBd0ePfT-AhmicjnkY_9mMnCoZpo-crzs1txuY_SwZxsyczG-kB9CMDzEI_1GMHiIZJo-aLXMRNJOZ_DQ0RySMTz-EVxWZXjYE_1aNbTcMd2-MfjgEh3iZ_DkIl2mZnT-IpwqMrWsU_yuYvzwExw-MzzAdBkCM_TEhFkGZHi-ZJyKZLWMZ_EObP2Q1Rh-aTWU4V9W
IP 188.72.219.36:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subjectdull-egg.pro
Fingerprint2C:38:E2:A2:7C:32:0F:35:69:9E:5F:4E:16:78:F1:B6:84:34:5C:35
ValiditySun, 14 Apr 2024 03:22:01 GMT - Sat, 13 Jul 2024 03:22:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /acGdE-/.efmg9huiZ_UkllkmPnT-QpxqNrjsg_5uMvDwQxm-YzWARBJCZ_DE0FzGNHD-YJzKMLjMc_mOcP0QlRk-PTTUQV2WN_DYkZ5aObT-cdmecf0gl_kiMjjk0lm-cn0olpkqM_zs1t6ubv2-5xlybzmA9_0CcDGEFFz-cHyIZJyKc_mMlNkOPPT-kR0SYTmUQ_wWZXmYYZ4-YbTcJdmeZ_WgVhmiMjz-IlzmOnToV_hqZrmsMtz-YvjwdxhyM_DAVBhCYDm-IF4GJHnIV_uKaLXMFNC-ePVQRR5Sc_GUUV9WMXC-ZZ1abbmcl_xeQfnglha-bj2k5llmP_ToApmqdrW-5tpucvUwJ_5yRzmAVBl-ZDDE0FwGJ_nIVJuKaLX-FNCOePUQZ_vScTmU1Vh-dXDY0ZwaJ_ncBd0ePfT-AhmicjnkY_9mMnCoZpo-crzs1txuY_SwZxsyczG-kB9CMDzEI_1GMHiIZJo-aLXMRNJOZ_DQ0RySMTz-EVxWZXjYE_1aNbTcMd2-MfjgEh3iZ_DkIl2mZnT-IpwqMrWsU_yuYvzwExw-MzzAdBkCM_TEhFkGZHi-ZJyKZLWMZ_EObP2Q1Rh-aTWU4V9W HTTP/1.1
Host: dull-egg.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 110
Origin: https://deywepri.com
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:55:11 GMT
content-length: 0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
vary: Origin
last-modified: Wed, 01 May 2024 21:55:11 GMT
access-control-allow-origin: https://deywepri.com
p3p: CP="CUR ADM OUR NOR STA NID"
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfth30UAAAAAHTycX4fXIbPcziaA36c2zWU-eZ2&co=aHR0cHM6Ly9kZXl3ZXByaS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=aofdst10pr78
216.58.211.4200 OK 43 kB URL GET HTTP/3 www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfth30UAAAAAHTycX4fXIbPcziaA36c2zWU-eZ2&co=aHR0cHM6Ly9kZXl3ZXByaS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=aofdst10pr78
IP 216.58.211.4:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1
ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
Hash 4e6ea33893a66f2aa40ff677cadfb965
630269a559815305843b1bd520c84315dd152301
eb07c10c58775c06fba7a3bc4621352d1dc85d11a584b9124c92b7cbc491658e
GET /recaptcha/api2/anchor?ar=1&k=6Lfth30UAAAAAHTycX4fXIbPcziaA36c2zWU-eZ2&co=aHR0cHM6Ly9kZXl3ZXByaS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=aofdst10pr78 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 May 2024 21:55:10 GMT
content-security-policy: script-src 'nonce-ROb6BlOaYe34sSaTB3zCqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
jngkevzr4pvg.n4.adsco.re/
38.132.109.115200 OK 0 B URL POST HTTP/2 jngkevzr4pvg.n4.adsco.re/
IP 38.132.109.115:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subject*.n4.adsco.re
Fingerprint45:6E:69:F7:75:1D:65:9E:20:3D:CF:CE:8B:F5:36:72:85:BD:76:EC
ValidityFri, 19 Apr 2024 09:12:46 GMT - Thu, 18 Jul 2024 09:12:45 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: jngkevzr4pvg.n4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://deywepri.com
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 May 2024 21:55:11 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 16 Jun 2023 08:37:42 GMT
etag: "648c1f56-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfth30UAAAAAHTycX4fXIbPcziaA36c2zWU-eZ2&co=aHR0cHM6Ly9kZXl3ZXByaS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=aofdst10pr78
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:25:07 GMT
expires: Fri, 25 Apr 2025 17:25:07 GMT
cache-control: public, max-age=31536000
age: 534604
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
6.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 21:55:11 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: *
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d303ac9cfb56b7-OSL
alt-svc: h3=":443"; ma=86400
c.adsco.re/
104.17.166.186 28 kB IP 104.17.166.186:0
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (689)
Hash a0b475c65fed312aba8d7c43a0cbc928
3fdd052b41c37318e44084be4f92d42fba4ded61
2dfb2101b24f80be00b1baecce7eec815e61a13381f6983051b6261b8035468a
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 21:55:11 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Sat, 01 Jun 2024 21:55:11 GMT
etag: W/"oLR1xl/tMSq6jXxDoMvJKA=="
cf-cache-status: HIT
age: 106652
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d303aaab8156b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js
142.250.74.131200 OK 206 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js
IP 142.250.74.131:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfth30UAAAAAHTycX4fXIbPcziaA36c2zWU-eZ2&co=aHR0cHM6Ly9kZXl3ZXByaS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=aofdst10pr78
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File type JavaScript source, ASCII text, with very long lines (631)
Size 206 kB (205803 bytes)
Hash e2e79d6b927169d9e0e57e3baecc0993
1299473950b2999ba0b7f39bd5e4a60eafd1819d
231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:07:40 GMT
expires: Sat, 26 Apr 2025 06:07:40 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 488851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/js/bg/Dahk90Fxhr1MEtfyZ-6_j6N-qVuiwfy-NjSFsUln5nQ.js
216.58.211.4200 OK 7.5 kB URL GET HTTP/3 www.google.com/js/bg/Dahk90Fxhr1MEtfyZ-6_j6N-qVuiwfy-NjSFsUln5nQ.js
IP 216.58.211.4:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfth30UAAAAAHTycX4fXIbPcziaA36c2zWU-eZ2&co=aHR0cHM6Ly9kZXl3ZXByaS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=aofdst10pr78
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1
ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
File type JavaScript source, ASCII text, with very long lines (17658)
Hash 5bc0a82a24abe097e6f6c1098bef9591
2da9f4ad273be56e0bfbefc24209cdeba5f9f270
0da864f7417186bd4c12d7f267eebf8fa37ea95ba2c1fcbe363485b14967e674
GET /js/bg/Dahk90Fxhr1MEtfyZ-6_j6N-qVuiwfy-NjSFsUln5nQ.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfth30UAAAAAHTycX4fXIbPcziaA36c2zWU-eZ2&co=aHR0cHM6Ly9kZXl3ZXByaS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=aofdst10pr78
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7465
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 May 2024 14:30:22 GMT
expires: Thu, 01 May 2025 14:30:22 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 23 Apr 2024 17:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 26689
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/logo_48.png
142.250.74.131200 OK 2.2 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/logo_48.png
IP 142.250.74.131:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfth30UAAAAAHTycX4fXIbPcziaA36c2zWU-eZ2&co=aHR0cHM6Ly9kZXl3ZXByaS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=aofdst10pr78
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:35:26 GMT
expires: Thu, 02 May 2024 17:35:26 GMT
cache-control: public, max-age=604800
age: 533985
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 5b41cb22f84f645a103acc7bfbf084ff
bac3967b26d5ec4a0d09a580714e8219796816bd
709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 May 2024 21:55:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
deywepri.com/eNrtWFtz6jgSfs+vcE5eTqYCSJZ8i3ZqlgTIIVcSSODMpSjZlo2DsRxbhpCp/e/bNiEhUyGbedial2MLQas/dUvd7VabXV3HDFvIsk2LUsKuI4c3n68RWka1y1px4vGLZji6eJBx2DPNZU6bjJrUcRyLEcaazdNvuG8PZw+Pk7Eu06j3eGHni2X8lN59X/zaHDyJeB72T0k6aU+CzKmJbjGOw1mvhY6CezXse6OZdJ0FdR/vT4zUfbgW6WCpn4ximt2ReWsuv9f6edw+8qNm1nYXrUt608ZP2Ds66Z7ktaFNF8fi8TZbei0SdYRFOu3hML4ML2QxH46+t5c33+5ag3Z0FQ7Pizb99fjo6qSTh5OHkEbXib6YT6/UJCXdsBilwQgHuD9+zMVl7CqDdsbOsTi6sfzabDHjZws3OroeOs3W0V1tMYu9U7IkPb7EHX887t2H90kT4VauTotRVpyGvmuLzrQ5ur6YJhdB53KY3Q5CxlB1nybhmbh7uqHpPGS7YEbGahg6zLpJECWRWgKo6eeezEQXyEbfbbT+9e+JUml+2Gh4dV7y6ploHOrOIaZ0p+9u5drmztH7XAcdEtPe2VD0Lgyb9BATsuOLNJbL0/57oPtfPhk8B8/Bc0AODn4Ez98JnkOsgxt22nORqG888WORXcrksojjn3545J/xCDxexs4P4/8zxif6IdmBPAlHmCBcEGoLLgxuBh61dR7oZmAIrgsSuGzXZtSwAEh1Bw48TBnWbZNh27BY+anGDRBVN9hEzoS24InSZnwqtLzIhKYmXGlLWWgciEQqLZOuVAw34HYsdKDBo4kQNK15wXYxZraJ8QEGif+/HyYnpucbtskDhwfUcQ1Eg0CYlkd5YHOD7cIBTZhul3vVGUa6wXS4CdvVy8bTNI48riKZNFI/YHsVQ4lHtSYxbMVk6+j2xXIh0iyqe3LWiH+Z/zycWme9h3hUIRq4DrvWDZ1RZCGW8HkUciUYpQgONgwmIVbZMFpRcJ5UH9Niu0Z5BPZaHe0uEguRsT1MqtUQdjzJSm9s50XF7H3uReRlMpeB0tp+uEXCULhnkdLcIopVLUpK0Jq72jrYYxElvlzU+8IrMjiWexJstryLZFwZrsrFLCgSr6S0j1Bf97U/dzS4fktgcC40T/rij53/bCjpRLHoL3MlZkOQwt1YVCMqE3z2quQj1CeU3Ajul5OOlup50rFMVCZjOE5elXyE+oSSnsgCmc144okrNxfZXGRtmL48j/INc32E+oSS/t1Jp91PweYxz86jcKKiJGzHYvbWJx+gPqFkPJ4oftTqst+key88pV1VX39sQnLwtvAHspllfMl+3403mYlMukpkpTFvBOz+L+wiyYs0lZkS/hq2RRAvB8+j6TZ+9Hb6eTSL1LsyhpGafJOxyF+N9BfGV7X/ZxR8reTUo7z6hrH9TKgiSzT11kDjMBMeT5U34WMvCD+y1PgVydPoJbUsFot6KGUYiyq5vIAaANIbbwSsYBtyvDgq/a2yQpRAX3pF6do6QLinylASCXh89lA86pMkmdv3KyxiReILKLaFv/FrtfSNgU+kP8TmUR6B5Vdn0cv9LKtKuags8ctEjMpETKuXgFdqc/zFJxOed2Az+dYghSuGMjAHS4garGzGs+Xz+8X7wletfMu4kE9RHPOGUUfa1xHGvzPtPEqKR+3RNscmBTKbHzpmHe1rJ8KbyoaOMIKGIftkIpCPjZLJ1tP31wIZq+BsDQdl8NOuiOpim2rYW4rapZlEUrvtr/oDkVRWW7fVxtj6Ks9xEyEDRBvGs4WrC72wkGk79gbloDcUMbZRFix4k2du5VmIvKXwu4GVFDO3PHwIZXt21aj+6msx5/FWP7+geAI+VmIrcA9e4V/AMhXJ9tB5gXmxzMUHIfYCjGX4geLnVjpoj+KNJcN5sT3NYparDB7OV7ySLa747c35dl1g7nWZzUCZ+Tp5Jp9uBsc9ITI4rBJRDW7f2u3g+DnYViHVvRy0b9r9QffyROtc3Wjfr27L0gTVLWqYhulQy3BMEznlkA61lq4jE+uWQxFF8IDXsQEwShyMiEkcw4JorhsWMXWCHdMmBkQihiETYYgWy8K67liWUaYGKEXg7X/VWj1vMMdPhXk5OA9tu5Wf59P2df+0QCqcnp0t2a755vk2KqoUEVgEG8QhzLZdB/ke9gJhU8f0bMOxXKEbHFkGQlAPBtwKLCSEgRzbgPLYREZgisB3qOMjg1TVISu7pu/3Bc+8SS+T88iH+O3mbwe6Sa44FAU+q8EmqpmwFJmF9QWpezFgp2LJSqhszNIysZT29/Kfv/C5h+tUbyPc/sL+5iQPIf9L9ZcJqHScugPZjaw749mexDKhGNXNDZp8ktZLgpZdVQMScBR0duUrg/kU+7bnO3aAkKsjKhwbIcexhRfYVLfE/was/u55bfobEuKjWgNi8GbIdhH7L8QNH7c=
88.85.69.213404 Not Found 9 B URL GET HTTP/1.1 deywepri.com/eNrtWFtz6jgSfs+vcE5eTqYCSJZ8i3ZqlgTIIVcSSODMpSjZlo2DsRxbhpCp/e/bNiEhUyGbedial2MLQas/dUvd7VabXV3HDFvIsk2LUsKuI4c3n68RWka1y1px4vGLZji6eJBx2DPNZU6bjJrUcRyLEcaazdNvuG8PZw+Pk7Eu06j3eGHni2X8lN59X/zaHDyJeB72T0k6aU+CzKmJbjGOw1mvhY6CezXse6OZdJ0FdR/vT4zUfbgW6WCpn4ximt2ReWsuv9f6edw+8qNm1nYXrUt608ZP2Ds66Z7ktaFNF8fi8TZbei0SdYRFOu3hML4ML2QxH46+t5c33+5ag3Z0FQ7Pizb99fjo6qSTh5OHkEbXib6YT6/UJCXdsBilwQgHuD9+zMVl7CqDdsbOsTi6sfzabDHjZws3OroeOs3W0V1tMYu9U7IkPb7EHX887t2H90kT4VauTotRVpyGvmuLzrQ5ur6YJhdB53KY3Q5CxlB1nybhmbh7uqHpPGS7YEbGahg6zLpJECWRWgKo6eeezEQXyEbfbbT+9e+JUml+2Gh4dV7y6ploHOrOIaZ0p+9u5drmztH7XAcdEtPe2VD0Lgyb9BATsuOLNJbL0/57oPtfPhk8B8/Bc0AODn4Ez98JnkOsgxt22nORqG888WORXcrksojjn3545J/xCDxexs4P4/8zxif6IdmBPAlHmCBcEGoLLgxuBh61dR7oZmAIrgsSuGzXZtSwAEh1Bw48TBnWbZNh27BY+anGDRBVN9hEzoS24InSZnwqtLzIhKYmXGlLWWgciEQqLZOuVAw34HYsdKDBo4kQNK15wXYxZraJ8QEGif+/HyYnpucbtskDhwfUcQ1Eg0CYlkd5YHOD7cIBTZhul3vVGUa6wXS4CdvVy8bTNI48riKZNFI/YHsVQ4lHtSYxbMVk6+j2xXIh0iyqe3LWiH+Z/zycWme9h3hUIRq4DrvWDZ1RZCGW8HkUciUYpQgONgwmIVbZMFpRcJ5UH9Niu0Z5BPZaHe0uEguRsT1MqtUQdjzJSm9s50XF7H3uReRlMpeB0tp+uEXCULhnkdLcIopVLUpK0Jq72jrYYxElvlzU+8IrMjiWexJstryLZFwZrsrFLCgSr6S0j1Bf97U/dzS4fktgcC40T/rij53/bCjpRLHoL3MlZkOQwt1YVCMqE3z2quQj1CeU3Ajul5OOlup50rFMVCZjOE5elXyE+oSSnsgCmc144okrNxfZXGRtmL48j/INc32E+oSS/t1Jp91PweYxz86jcKKiJGzHYvbWJx+gPqFkPJ4oftTqst+key88pV1VX39sQnLwtvAHspllfMl+3403mYlMukpkpTFvBOz+L+wiyYs0lZkS/hq2RRAvB8+j6TZ+9Hb6eTSL1LsyhpGafJOxyF+N9BfGV7X/ZxR8reTUo7z6hrH9TKgiSzT11kDjMBMeT5U34WMvCD+y1PgVydPoJbUsFot6KGUYiyq5vIAaANIbbwSsYBtyvDgq/a2yQpRAX3pF6do6QLinylASCXh89lA86pMkmdv3KyxiReILKLaFv/FrtfSNgU+kP8TmUR6B5Vdn0cv9LKtKuags8ctEjMpETKuXgFdqc/zFJxOed2Az+dYghSuGMjAHS4garGzGs+Xz+8X7wletfMu4kE9RHPOGUUfa1xHGvzPtPEqKR+3RNscmBTKbHzpmHe1rJ8KbyoaOMIKGIftkIpCPjZLJ1tP31wIZq+BsDQdl8NOuiOpim2rYW4rapZlEUrvtr/oDkVRWW7fVxtj6Ks9xEyEDRBvGs4WrC72wkGk79gbloDcUMbZRFix4k2du5VmIvKXwu4GVFDO3PHwIZXt21aj+6msx5/FWP7+geAI+VmIrcA9e4V/AMhXJ9tB5gXmxzMUHIfYCjGX4geLnVjpoj+KNJcN5sT3NYparDB7OV7ySLa747c35dl1g7nWZzUCZ+Tp5Jp9uBsc9ITI4rBJRDW7f2u3g+DnYViHVvRy0b9r9QffyROtc3Wjfr27L0gTVLWqYhulQy3BMEznlkA61lq4jE+uWQxFF8IDXsQEwShyMiEkcw4JorhsWMXWCHdMmBkQihiETYYgWy8K67liWUaYGKEXg7X/VWj1vMMdPhXk5OA9tu5Wf59P2df+0QCqcnp0t2a755vk2KqoUEVgEG8QhzLZdB/ke9gJhU8f0bMOxXKEbHFkGQlAPBtwKLCSEgRzbgPLYREZgisB3qOMjg1TVISu7pu/3Bc+8SS+T88iH+O3mbwe6Sa44FAU+q8EmqpmwFJmF9QWpezFgp2LJSqhszNIysZT29/Kfv/C5h+tUbyPc/sL+5iQPIf9L9ZcJqHScugPZjaw749mexDKhGNXNDZp8ktZLgpZdVQMScBR0duUrg/kU+7bnO3aAkKsjKhwbIcexhRfYVLfE/was/u55bfobEuKjWgNi8GbIdhH7L8QNH7c=
IP 88.85.69.213:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
File type ASCII text, with no line terminators
Hash 9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
GET /eNrtWFtz6jgSfs+vcE5eTqYCSJZ8i3ZqlgTIIVcSSODMpSjZlo2DsRxbhpCp/e/bNiEhUyGbedial2MLQas/dUvd7VabXV3HDFvIsk2LUsKuI4c3n68RWka1y1px4vGLZji6eJBx2DPNZU6bjJrUcRyLEcaazdNvuG8PZw+Pk7Eu06j3eGHni2X8lN59X/zaHDyJeB72T0k6aU+CzKmJbjGOw1mvhY6CezXse6OZdJ0FdR/vT4zUfbgW6WCpn4ximt2ReWsuv9f6edw+8qNm1nYXrUt608ZP2Ds66Z7ktaFNF8fi8TZbei0SdYRFOu3hML4ML2QxH46+t5c33+5ag3Z0FQ7Pizb99fjo6qSTh5OHkEbXib6YT6/UJCXdsBilwQgHuD9+zMVl7CqDdsbOsTi6sfzabDHjZws3OroeOs3W0V1tMYu9U7IkPb7EHX887t2H90kT4VauTotRVpyGvmuLzrQ5ur6YJhdB53KY3Q5CxlB1nybhmbh7uqHpPGS7YEbGahg6zLpJECWRWgKo6eeezEQXyEbfbbT+9e+JUml+2Gh4dV7y6ploHOrOIaZ0p+9u5drmztH7XAcdEtPe2VD0Lgyb9BATsuOLNJbL0/57oPtfPhk8B8/Bc0AODn4Ez98JnkOsgxt22nORqG888WORXcrksojjn3545J/xCDxexs4P4/8zxif6IdmBPAlHmCBcEGoLLgxuBh61dR7oZmAIrgsSuGzXZtSwAEh1Bw48TBnWbZNh27BY+anGDRBVN9hEzoS24InSZnwqtLzIhKYmXGlLWWgciEQqLZOuVAw34HYsdKDBo4kQNK15wXYxZraJ8QEGif+/HyYnpucbtskDhwfUcQ1Eg0CYlkd5YHOD7cIBTZhul3vVGUa6wXS4CdvVy8bTNI48riKZNFI/YHsVQ4lHtSYxbMVk6+j2xXIh0iyqe3LWiH+Z/zycWme9h3hUIRq4DrvWDZ1RZCGW8HkUciUYpQgONgwmIVbZMFpRcJ5UH9Niu0Z5BPZaHe0uEguRsT1MqtUQdjzJSm9s50XF7H3uReRlMpeB0tp+uEXCULhnkdLcIopVLUpK0Jq72jrYYxElvlzU+8IrMjiWexJstryLZFwZrsrFLCgSr6S0j1Bf97U/dzS4fktgcC40T/rij53/bCjpRLHoL3MlZkOQwt1YVCMqE3z2quQj1CeU3Ajul5OOlup50rFMVCZjOE5elXyE+oSSnsgCmc144okrNxfZXGRtmL48j/INc32E+oSS/t1Jp91PweYxz86jcKKiJGzHYvbWJx+gPqFkPJ4oftTqst+key88pV1VX39sQnLwtvAHspllfMl+3403mYlMukpkpTFvBOz+L+wiyYs0lZkS/hq2RRAvB8+j6TZ+9Hb6eTSL1LsyhpGafJOxyF+N9BfGV7X/ZxR8reTUo7z6hrH9TKgiSzT11kDjMBMeT5U34WMvCD+y1PgVydPoJbUsFot6KGUYiyq5vIAaANIbbwSsYBtyvDgq/a2yQpRAX3pF6do6QLinylASCXh89lA86pMkmdv3KyxiReILKLaFv/FrtfSNgU+kP8TmUR6B5Vdn0cv9LKtKuags8ctEjMpETKuXgFdqc/zFJxOed2Az+dYghSuGMjAHS4garGzGs+Xz+8X7wletfMu4kE9RHPOGUUfa1xHGvzPtPEqKR+3RNscmBTKbHzpmHe1rJ8KbyoaOMIKGIftkIpCPjZLJ1tP31wIZq+BsDQdl8NOuiOpim2rYW4rapZlEUrvtr/oDkVRWW7fVxtj6Ks9xEyEDRBvGs4WrC72wkGk79gbloDcUMbZRFix4k2du5VmIvKXwu4GVFDO3PHwIZXt21aj+6msx5/FWP7+geAI+VmIrcA9e4V/AMhXJ9tB5gXmxzMUHIfYCjGX4geLnVjpoj+KNJcN5sT3NYparDB7OV7ySLa747c35dl1g7nWZzUCZ+Tp5Jp9uBsc9ITI4rBJRDW7f2u3g+DnYViHVvRy0b9r9QffyROtc3Wjfr27L0gTVLWqYhulQy3BMEznlkA61lq4jE+uWQxFF8IDXsQEwShyMiEkcw4JorhsWMXWCHdMmBkQihiETYYgWy8K67liWUaYGKEXg7X/VWj1vMMdPhXk5OA9tu5Wf59P2df+0QCqcnp0t2a755vk2KqoUEVgEG8QhzLZdB/ke9gJhU8f0bMOxXKEbHFkGQlAPBtwKLCSEgRzbgPLYREZgisB3qOMjg1TVISu7pu/3Bc+8SS+T88iH+O3mbwe6Sa44FAU+q8EmqpmwFJmF9QWpezFgp2LJSqhszNIysZT29/Kfv/C5h+tUbyPc/sL+5iQPIf9L9ZcJqHScugPZjaw749mexDKhGNXNDZp8ktZLgpZdVQMScBR0duUrg/kU+7bnO3aAkKsjKhwbIcexhRfYVLfE/was/u55bfobEuKjWgNi8GbIdhH7L8QNH7c= HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/l?v=Wk7KPqlX
Cookie: a=DPcTv1zu6NTLg88DsLskEQSJu0tgkKKy
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 01 May 2024 21:55:11 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 9
Connection: keep-alive
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
64.233.161.84302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 64.233.161.84:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint9A:72:A8:C3:56:5C:93:B4:72:C7:5B:1B:60:BB:0F:3E:1E:C4:1B:67
ValidityTue, 16 Apr 2024 04:20:36 GMT - Tue, 09 Jul 2024 04:20:35 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:k7L9LRHRMrHtWWzkwn1vN0AKbEcDjw:Lbl_rd-IjoYLEBzg; Expires=Fri, 01-May-2026 21:55:11 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 May 2024 21:55:11 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQz87RMixT1EdU3-DDGwTditgQPTy0s1IxQISapcEkGVB4PEHEdXea7VJjZYiQzP2dyQ5ovjrA
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-WILuHquHcxptH2fiH8uk_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
64.233.161.84302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 64.233.161.84:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint9A:72:A8:C3:56:5C:93:B4:72:C7:5B:1B:60:BB:0F:3E:1E:C4:1B:67
ValidityTue, 16 Apr 2024 04:20:36 GMT - Tue, 09 Jul 2024 04:20:35 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:_PVqEfD05pWzdGJKVPPvBs1tNmHcdQ:4y3Vqxg6ENAtV99S; Expires=Fri, 01-May-2026 21:55:11 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 May 2024 21:55:11 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQx3qLtprx5tI5KC5TaOwqVcP-8ellX_2nQ2xLEc8UOyJsNYcAFHIuMYx9CAhOR5bTmWwo9zTg
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-bsq_KpQUnJ6u8igt8_SFfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?service=blogger&hl=de&passive=1209600&continue=https://www.blogger.com/favicon.ico
64.233.161.84302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?service=blogger&hl=de&passive=1209600&continue=https://www.blogger.com/favicon.ico
IP 64.233.161.84:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint9A:72:A8:C3:56:5C:93:B4:72:C7:5B:1B:60:BB:0F:3E:1E:C4:1B:67
ValidityTue, 16 Apr 2024 04:20:36 GMT - Tue, 09 Jul 2024 04:20:35 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?service=blogger&hl=de&passive=1209600&continue=https://www.blogger.com/favicon.ico HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:30LuwwOL6080QQJSaQVliRaIGjCiEw:LSVWmZoHOLU0SoCX; Expires=Fri, 01-May-2026 21:55:11 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 May 2024 21:55:11 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.blogger.com/favicon.ico&hl=de&passive=1209600&service=blogger&ifkv=AaSxoQz3HXYkZmXAZ-WsEH25dgUTH2LfBp7D3wZ-xkeGJ0Dt9ZUG6sAnmWk3k-9Cty2qr5gvMyK2mQ
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-iWOWAVjb1p_lxAWrIHZekg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mail.yandex.ru/?retpath=https://mail.yandex.ru/favicon.ico?666
77.88.21.37 60 B URL GET mail.yandex.ru/?retpath=https://mail.yandex.ru/favicon.ico?666
IP 77.88.21.37:0
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerGlobalSign nv-sa
Subjectmail.yandex.ru
Fingerprint9F:BB:D2:D1:C8:B0:07:2D:1C:25:B9:DD:C2:EF:A8:AE:9F:A3:4E:9A
ValidityMon, 16 Oct 2023 07:59:00 GMT - Fri, 17 May 2024 07:59:00 GMT
File type ASCII text, with no line terminators
Hash 3ce3efffbe76c9e8938ee4068be0887e
c87dbc227147babc95d061c8acdefa75d275bed4
b287f90a45063299afd73544f5f78c33842fb8d230223a822df96c29300dbe8f
GET /?retpath=https://mail.yandex.ru/favicon.ico?666 HTTP/1.1
Host: mail.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 01 May 2024 21:55:12 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 60
Connection: keep-alive
Set-Cookie: yandexuid=3077061601714600512; Domain=.yandex.ru; Path=/; Expires=Mon, 01 May 2034 21:55:12 GMT
Location: https://360.yandex.ru/mail
Vary: Accept
NEL: {"report_to": "network-errors", "max_age": 604800, "success_fraction": 0.005, "failure_fraction": 0.5}
Report-To: {"group": "network-errors", "max_age": 604800, "endpoints": [{"url": "https://dr.yandex.net/ya360/nel", "priority": 1}, {"url": "https://dr2.yandex.net/ya360/nel", "priority": 2}]}
x-dns-prefetch-control: off
Cache-Control: private,no-cache,no-store,must-revalidate,max-age=0
X-Request-Id: 34cacf6b0083ba3ee957195bce0ce563
Strict-Transport-Security: max-age=315360000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
jngkevzr4pvg.l4.adsco.re/
185.200.118.51200 OK 0 B URL POST HTTP/2 jngkevzr4pvg.l4.adsco.re/
IP 185.200.118.51:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subject*.l4.adsco.re
FingerprintB2:51:02:63:F4:E6:E7:3A:98:79:B7:C5:F8:81:EC:E8:79:B9:BC:22
ValidityFri, 19 Apr 2024 09:12:52 GMT - Thu, 18 Jul 2024 09:12:51 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: jngkevzr4pvg.l4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://deywepri.com
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 May 2024 21:55:12 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 02 Jun 2023 14:03:32 GMT
etag: "6479f6b4-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQz87RMixT1EdU3-DDGwTditgQPTy0s1IxQISapcEkGVB4PEHEdXea7VJjZYiQzP2dyQ5ovjrA
64.233.161.84302 Found 425 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQz87RMixT1EdU3-DDGwTditgQPTy0s1IxQISapcEkGVB4PEHEdXea7VJjZYiQzP2dyQ5ovjrA
IP 64.233.161.84:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint9A:72:A8:C3:56:5C:93:B4:72:C7:5B:1B:60:BB:0F:3E:1E:C4:1B:67
ValidityTue, 16 Apr 2024 04:20:36 GMT - Tue, 09 Jul 2024 04:20:35 GMT
File type HTML document, ASCII text, with very long lines (402)
Hash 3b1721d639e0fece3f80040577527491
30f68eda385a9cf9e179d8e4304fcceab45f56f0
69add554ee1881ed303b11998b4fca619c456fa4711ee2090a92d7135e87dca5
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQz87RMixT1EdU3-DDGwTditgQPTy0s1IxQISapcEkGVB4PEHEdXea7VJjZYiQzP2dyQ5ovjrA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:hgrRA8SVPb4pCyTIT7JmZOQprJTAbQ:Hbo9f7hnAW4IsE8D;Path=/;Expires=Fri, 01-May-2026 21:55:12 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 May 2024 21:55:12 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQymydLOAqKaakD3Wr4-KsrJlGLViPKffFEwNle_QKU_eb3347CKuKmACS6fDV-5ywltvIUC&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1291164376%3A1714600512078887&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-9rUMjzQdNZRtk7vnTO7o5g' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 425
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQx3qLtprx5tI5KC5TaOwqVcP-8ellX_2nQ2xLEc8UOyJsNYcAFHIuMYx9CAhOR5bTmWwo9zTg
64.233.161.84302 Found 426 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQx3qLtprx5tI5KC5TaOwqVcP-8ellX_2nQ2xLEc8UOyJsNYcAFHIuMYx9CAhOR5bTmWwo9zTg
IP 64.233.161.84:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint9A:72:A8:C3:56:5C:93:B4:72:C7:5B:1B:60:BB:0F:3E:1E:C4:1B:67
ValidityTue, 16 Apr 2024 04:20:36 GMT - Tue, 09 Jul 2024 04:20:35 GMT
File type HTML document, ASCII text, with very long lines (404)
Hash e026920f5bf3474b13e454a0e493b15c
11a8a752568fa311b0093160f5e2f5637e470122
4191998712124400edce9a64fceb97927bf3c66407d24bdbd62dd4183838244f
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQx3qLtprx5tI5KC5TaOwqVcP-8ellX_2nQ2xLEc8UOyJsNYcAFHIuMYx9CAhOR5bTmWwo9zTg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:_bAUt1Wt9FQ3oc3oAFJ-wBPK6i070Q:QcBz-AAOCgRPiZXG;Path=/;Expires=Fri, 01-May-2026 21:55:12 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 May 2024 21:55:12 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQxd5SYXVlVpdBQJLbAkdrFn-aPR-YFbetS03xQsnQfXAw4-dmJ7WFvVrOI1vWbyRczpswvP&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S470555744%3A1714600512087196&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-Ne97IzV22EWx0wh2N-Kj2Q' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 426
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.blogger.com/favicon.ico&hl=de&passive=1209600&service=blogger&ifkv=AaSxoQz3HXYkZmXAZ-WsEH25dgUTH2LfBp7D3wZ-xkeGJ0Dt9ZUG6sAnmWk3k-9Cty2qr5gvMyK2mQ
64.233.161.84302 Found 423 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.blogger.com/favicon.ico&hl=de&passive=1209600&service=blogger&ifkv=AaSxoQz3HXYkZmXAZ-WsEH25dgUTH2LfBp7D3wZ-xkeGJ0Dt9ZUG6sAnmWk3k-9Cty2qr5gvMyK2mQ
IP 64.233.161.84:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint9A:72:A8:C3:56:5C:93:B4:72:C7:5B:1B:60:BB:0F:3E:1E:C4:1B:67
ValidityTue, 16 Apr 2024 04:20:36 GMT - Tue, 09 Jul 2024 04:20:35 GMT
File type HTML document, ASCII text, with very long lines (395)
Hash 83369454b48491becf6743e16c2e2cbe
fd35700d6a1f1b94931e35cde06a87b25355a950
3c93d9364805d9fc4b53460cc15b6a6dd82fe2052605c3f226dfb80c8785d0bf
GET /InteractiveLogin?continue=https://www.blogger.com/favicon.ico&hl=de&passive=1209600&service=blogger&ifkv=AaSxoQz3HXYkZmXAZ-WsEH25dgUTH2LfBp7D3wZ-xkeGJ0Dt9ZUG6sAnmWk3k-9Cty2qr5gvMyK2mQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:7MI6v7rODPvYM6X4m1iy8RFlVfk77w:NNBt2iTTCFUFfE7V;Path=/;Expires=Fri, 01-May-2026 21:55:12 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 May 2024 21:55:12 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.blogger.com%2Ffavicon.ico&hl=de&ifkv=AaSxoQzabXi1Vzf2_owpeWr3R2WG6s_gv2FhIJUPpqXcGueN8lYk3-my7VGMv53zBygBZDEOjDHb&passive=1209600&service=blogger&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S151239907%3A1714600512086233&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-FJp9kJakp2hgQwK5LtFWPA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 423
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
360.yandex.ru/mail
87.250.250.16 40 B IP 87.250.250.16:0
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerGlobalSign nv-sa
Subject360.yandex.ru
Fingerprint5C:38:91:03:85:A4:6A:16:22:07:A0:87:6E:9F:0E:69:B6:41:DF:C0
ValidityFri, 26 Apr 2024 13:55:42 GMT - Tue, 26 Nov 2024 13:55:42 GMT
File type ASCII text, with no line terminators
Hash e5c431fe834b596bb79ac5cac9ade0b3
530bb7036f70dcf9da12d12f3b33eef5597b4c91
a269514d773dc4dc17f124145fe88233f069ba836ca53da28bf2489b1a8c5d3a
GET /mail HTTP/1.1
Host: 360.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Content-Length: 40
Content-Type: text/plain; charset=utf-8
Date: Wed, 01 May 2024 21:55:12 GMT
Location: /mail/
Set-Cookie: _yasc=qU1GHf2HTEe2EIkdRQiJGDHB3qQZ4IJo+CNPf3XlNpnsSZgrmXhdLTKJ1JGgQNO6; domain=.yandex.ru; path=/; expires=Sat, 29 Apr 2034 21:55:12 GMT; secure
i=G/ushNHwDoVsv5nusHvp5l9c9C0dW+VySyImz51Aw7KGGtd6W6gTjqOvTDK6HxyucOGn3mU30rU1Uqg75SCeXPmTLek=; Expires=Fri, 01-May-2026 21:55:12 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=7663055791714600512; Expires=Fri, 01-May-2026 21:55:12 GMT; Domain=.yandex.ru; Path=/; Secure; SameSite=None
Vary: Accept
www.google.com/recaptcha/api2/clr?k=6Lfth30UAAAAAHTycX4fXIbPcziaA36c2zWU-eZ2
216.58.211.4200 OK 0 B URL POST HTTP/3 www.google.com/recaptcha/api2/clr?k=6Lfth30UAAAAAHTycX4fXIbPcziaA36c2zWU-eZ2
IP 216.58.211.4:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfth30UAAAAAHTycX4fXIbPcziaA36c2zWU-eZ2&co=aHR0cHM6Ly9kZXl3ZXByaS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=aofdst10pr78
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1
ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /recaptcha/api2/clr?k=6Lfth30UAAAAAHTycX4fXIbPcziaA36c2zWU-eZ2 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuf
Content-Length: 1479
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfth30UAAAAAHTycX4fXIbPcziaA36c2zWU-eZ2&co=aHR0cHM6Ly9kZXl3ZXByaS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=aofdst10pr78
Cookie: _GRECAPTCHA=09AMrkgaCgEJEkX-c0J2EAve1A67qLqoXfeeagLmR7xC1Js_tN8NxAq1CsctLtLYZUScdBc6m_k0iWbQ_4Ds1CGYs
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/binary
date: Wed, 01 May 2024 21:55:12 GMT
expires: Wed, 01 May 2024 21:55:12 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 0
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
deywepri.com/verify
88.85.69.213200 OK 9 B IP 88.85.69.213:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subjectdeywepri.com
FingerprintDE:4C:75:DA:2A:BF:21:15:4C:FA:CE:71:C3:FA:18:F8:F1:50:D4:3A
ValiditySat, 06 Apr 2024 23:02:46 GMT - Fri, 05 Jul 2024 23:02:45 GMT
Hash 7f1af613820a27b23113ea3f074b60ff
518205ea624d35f45e1b18b4a83b6e4bc98ce05c
ec6b22aa80c72fd9902119cf4912cb88891e8442485fc4e05aa5c34accdbbc4c
POST /verify HTTP/1.1
Host: deywepri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1329
Origin: https://deywepri.com
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/l?v=Wk7KPqlX
Cookie: a=DPcTv1zu6NTLg88DsLskEQSJu0tgkKKy
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:55:12 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 9
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
dull-egg.pro/acGdE-/.efmg9huiZ_UkllkmPnT-QpxqNrjsg_5uMvDwQxm-YzWARBJCZ_DE0FzGNHD-YJzKMLjMc_mOcP0QlRk-PTTUQV2WN_DYkZ5aObT-cdmecf0gl_kiMjjk0lm-cn0olpkqM_zs1t6ubv2-5xlybzmA9_0CcDGEFFz-cHyIZJyKc_mMlNkOPPT-kR0SYTmUQ_wWZXmYYZ4-YbTcJdmeZ_WgVhmiMjz-IlzmOnToV_hqZrmsMtz-YvjwdxhyM_DAVBhCYDm-IF4GJHnIV_uKaLXMFNC-ePVQRR5Sc_GUUV9WMXC-ZZ1abbmcl_xeQfnglha-bj2k5llmP_ToApmqdrW-5tpucvUwJ_5yRzmAVBl-ZDDE0FwGJ_nIVJuKaLX-FNCOePUQZ_vScTmU1Vh-dXDY0ZwaJ_ncBd0ePfT-AhmicjnkY_9mMnCoZpo-crzs1txuY_SwZxsyczG-kB9CMDzEI_1GMHiIZJo-aLXMRNJOZ_DQ0RySMTz-EVxWZXjYE_1aNbTcMd2-MfjgEh3iZ_DkIl2mZnT-IpwqMrWsU_yuYvzwExw-MzzAdBkCM_TEhFkGZHi-ZJyKZLWMZ_EObP2Q1Rh-aTWU4V9W
188.72.219.36200 OK 0 B URL POST HTTP/2 dull-egg.pro/acGdE-/.efmg9huiZ_UkllkmPnT-QpxqNrjsg_5uMvDwQxm-YzWARBJCZ_DE0FzGNHD-YJzKMLjMc_mOcP0QlRk-PTTUQV2WN_DYkZ5aObT-cdmecf0gl_kiMjjk0lm-cn0olpkqM_zs1t6ubv2-5xlybzmA9_0CcDGEFFz-cHyIZJyKc_mMlNkOPPT-kR0SYTmUQ_wWZXmYYZ4-YbTcJdmeZ_WgVhmiMjz-IlzmOnToV_hqZrmsMtz-YvjwdxhyM_DAVBhCYDm-IF4GJHnIV_uKaLXMFNC-ePVQRR5Sc_GUUV9WMXC-ZZ1abbmcl_xeQfnglha-bj2k5llmP_ToApmqdrW-5tpucvUwJ_5yRzmAVBl-ZDDE0FwGJ_nIVJuKaLX-FNCOePUQZ_vScTmU1Vh-dXDY0ZwaJ_ncBd0ePfT-AhmicjnkY_9mMnCoZpo-crzs1txuY_SwZxsyczG-kB9CMDzEI_1GMHiIZJo-aLXMRNJOZ_DQ0RySMTz-EVxWZXjYE_1aNbTcMd2-MfjgEh3iZ_DkIl2mZnT-IpwqMrWsU_yuYvzwExw-MzzAdBkCM_TEhFkGZHi-ZJyKZLWMZ_EObP2Q1Rh-aTWU4V9W
IP 188.72.219.36:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subjectdull-egg.pro
Fingerprint2C:38:E2:A2:7C:32:0F:35:69:9E:5F:4E:16:78:F1:B6:84:34:5C:35
ValiditySun, 14 Apr 2024 03:22:01 GMT - Sat, 13 Jul 2024 03:22:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /acGdE-/.efmg9huiZ_UkllkmPnT-QpxqNrjsg_5uMvDwQxm-YzWARBJCZ_DE0FzGNHD-YJzKMLjMc_mOcP0QlRk-PTTUQV2WN_DYkZ5aObT-cdmecf0gl_kiMjjk0lm-cn0olpkqM_zs1t6ubv2-5xlybzmA9_0CcDGEFFz-cHyIZJyKc_mMlNkOPPT-kR0SYTmUQ_wWZXmYYZ4-YbTcJdmeZ_WgVhmiMjz-IlzmOnToV_hqZrmsMtz-YvjwdxhyM_DAVBhCYDm-IF4GJHnIV_uKaLXMFNC-ePVQRR5Sc_GUUV9WMXC-ZZ1abbmcl_xeQfnglha-bj2k5llmP_ToApmqdrW-5tpucvUwJ_5yRzmAVBl-ZDDE0FwGJ_nIVJuKaLX-FNCOePUQZ_vScTmU1Vh-dXDY0ZwaJ_ncBd0ePfT-AhmicjnkY_9mMnCoZpo-crzs1txuY_SwZxsyczG-kB9CMDzEI_1GMHiIZJo-aLXMRNJOZ_DQ0RySMTz-EVxWZXjYE_1aNbTcMd2-MfjgEh3iZ_DkIl2mZnT-IpwqMrWsU_yuYvzwExw-MzzAdBkCM_TEhFkGZHi-ZJyKZLWMZ_EObP2Q1Rh-aTWU4V9W HTTP/1.1
Host: dull-egg.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 161
Origin: https://deywepri.com
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:55:12 GMT
content-length: 0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: https://deywepri.com
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-credentials: true
vary: Origin
last-modified: Wed, 01 May 2024 21:55:12 GMT
x-content-type-options: nosniff
X-Firefox-Spdy: h2
jngkevzr4pvg.s4.adsco.re/
185.200.116.51200 OK 0 B URL POST HTTP/2 jngkevzr4pvg.s4.adsco.re/
IP 185.200.116.51:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subject*.s4.adsco.re
Fingerprint6C:EA:F6:8F:57:34:25:F9:39:76:98:E0:61:B8:C8:86:AD:CC:68:0A
ValidityFri, 19 Apr 2024 09:12:40 GMT - Thu, 18 Jul 2024 09:12:39 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: jngkevzr4pvg.s4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://deywepri.com
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 May 2024 21:55:12 GMT
content-type: text/html
content-length: 0
last-modified: Tue, 03 Oct 2023 13:29:59 GMT
etag: "651c1757-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
360.yandex.ru/mail/
87.250.250.16 40 kB IP 87.250.250.16:0
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerGlobalSign nv-sa
Subject360.yandex.ru
Fingerprint5C:38:91:03:85:A4:6A:16:22:07:A0:87:6E:9F:0E:69:B6:41:DF:C0
ValidityFri, 26 Apr 2024 13:55:42 GMT - Tue, 26 Nov 2024 13:55:42 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (18348)
Hash a4d7b664e68649c42c7bba94be189345
a75cede80abc01ec6e0476b1d95fa845e6fccd36
549f2196c11b8ce7ad81cfb2404a5ef98741704d5271afd7818fd9a837ee038d
GET /mail/ HTTP/1.1
Host: 360.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate, proxy-revalidate, no-cache, no-store, private
Content-Encoding: gzip
Content-Security-Policy: default-src 'none'; script-src yastatic.net https://*.static-dev.mail.yandex.net/s3/psf/ 'unsafe-eval' 'nonce-rw1Ri95+vhSRxsZuG5Ng0A==' 'self' 'unsafe-inline' mc.yandex.ru mc.yandex.az mc.yandex.by mc.yandex.co.il mc.yandex.com mc.yandex.com.am mc.yandex.com.ge mc.yandex.com.tr mc.yandex.ee mc.yandex.fr mc.yandex.kg mc.yandex.kz mc.yandex.lt mc.yandex.lv mc.yandex.md mc.yandex.ru mc.yandex.tj mc.yandex.tm mc.yandex.ua mc.yandex.uz mc.webvisor.com mc.webvisor.org mc.admetrica.ru yastatic.net; style-src yastatic.net https://*.static-dev.mail.yandex.net/s3/psf/ 'unsafe-inline' 'self' fonts.googleapis.com; font-src yastatic.net https://*.static-dev.mail.yandex.net/s3/psf/ fonts.gstatic.com; media-src yastatic.net https://*.static-dev.mail.yandex.net/s3/psf/ 'unsafe-inline' 'self' storage.yandexcloud.net s3.mds.yandex.net; img-src yastatic.net https://*.static-dev.mail.yandex.net/s3/psf/ 'self' data: blob: mc.yandex.ru mc.yandex.az mc.yandex.by mc.yandex.co.il mc.yandex.com mc.yandex.com.am mc.yandex.com.ge mc.yandex.com.tr mc.yandex.ee mc.yandex.fr mc.yandex.kg mc.yandex.kz mc.yandex.lt mc.yandex.lv mc.yandex.md mc.yandex.ru mc.yandex.tj mc.yandex.tm mc.yandex.ua mc.yandex.uz mc.webvisor.com mc.webvisor.org mc.admetrica.ru yastatic.net downloader.disk.yandex.ru downloader.disk.yandex.net yandex.ru favicon.yandex.net storage.yandexcloud.net s3.mds.yandex.net avatars.mds.yandex.net *.storage.yandex.net *.disk.yandex.net; connect-src yandex.ru mc.yandex.ru mc.yandex.az mc.yandex.by mc.yandex.co.il mc.yandex.com mc.yandex.com.am mc.yandex.com.ge mc.yandex.com.tr mc.yandex.ee mc.yandex.fr mc.yandex.kg mc.yandex.kz mc.yandex.lt mc.yandex.lv mc.yandex.md mc.yandex.ru mc.yandex.tj mc.yandex.tm mc.yandex.ua mc.yandex.uz mc.webvisor.com mc.webvisor.org mc.admetrica.ru yandexmetrica.com:* 'self' api.passport.yandex.ru mail.yandex.ru https://pdd.yandex.ru:* https://pdd.yandex.com:* api-stable.dst.yandex.ru cloud-api.yandex.ru yastatic.net https://*.static-dev.mail.yandex.net/s3/psf/; frame-src yastatic.net https://*.static-dev.mail.yandex.net/s3/psf/ 'self' blob: mc.yandex.ru forms.yandex.ru www.youtube.com yandex.ru trust.yandex.ru; child-src 'self' blob: mc.yandex.ru; base-uri 'self'; frame-ancestors 'self' https://*.webvisor.com https://metrika.yandex.com https://metrika.yandex.ru; report-uri https://csp.yandex.net/csp?from=tuning&project=tuning&yandex_login=&yandexuid=7962219371714600512;
Content-Type: text/html; charset=utf-8
Date: Wed, 01 May 2024 21:55:12 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Pragma: no-cache
Set-Cookie: _yasc=05HldFKLmIaIDXJli0W7OKE0k0o5SzT4jdRPGkfgbpUY2n/6LQhyCtNPuKx7TwyQKA==; domain=.yandex.ru; path=/; expires=Sat, 29 Apr 2034 21:55:12 GMT; secure
i=IwdBu373nncAof8AQA8b5h0eP0rnS1czcwyCEgX3vRvvRNye7fYk2C5f/XqIodO7+2jnRZzXGLjRzPR80x3L4u0SSzs=; Expires=Fri, 01-May-2026 21:55:12 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=7962219371714600512; Expires=Fri, 01-May-2026 21:55:12 GMT; Domain=.yandex.ru; Path=/; Secure; SameSite=None
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Response-With: YMail
passport.baidu.com//v2/?login&redirect_to=https://www.baidu.com/favicon.ico
103.235.46.9301 Moved Permanently 184 B URL GET HTTP/1.1 passport.baidu.com//v2/?login&redirect_to=https://www.baidu.com/favicon.ico
IP 103.235.46.9:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash 2b7e31ced8db56cadcc7127bfabe57c1
5b4be340df4fe663cafd5cada2945c743e711f36
66448fc8a8e49044e7619323442c4e74392249928f5f5ef0853e62b9ffe9fb82
GET //v2/?login&redirect_to=https://www.baidu.com/favicon.ico HTTP/1.1
Host: passport.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Content-Length: 184
Content-Type: text/html
Date: Wed, 01 May 2024 21:55:13 GMT
Location: https://passport.baidu.com/v2/?login&fr=old&login&redirect_to=https://www.baidu.com/favicon.ico
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: BWS
Set-Cookie: BAIDUID=1BC431A92203C47708C12C1E68C3E23F:FG=1; expires=Thu, 01-May-25 21:55:13 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Strict-Transport-Security: max-age=31536000
Tracecode: 37768816672703731978050205
passport.baidu.com/v2/?login&fr=old&login&redirect_to=https://www.baidu.com/favicon.ico
103.235.46.9200 OK 6.3 kB URL GET HTTP/1.1 passport.baidu.com/v2/?login&fr=old&login&redirect_to=https://www.baidu.com/favicon.ico
IP 103.235.46.9:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (1336)
Hash 66653e835897f2b8f73eb986543f2f19
62f411b123cf9fed3767394370a07404b3d04ea3
42cc3b3e16fa226e3279625e5d0a57c910b28bea9016e9d38049c532da64e49e
GET /v2/?login&fr=old&login&redirect_to=https://www.baidu.com/favicon.ico HTTP/1.1
Host: passport.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Trace-ID
Connection: keep-alive
Content-Security-Policy-Report-Only: object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' wappass.baidu.com:* passport.baidu.com:* wappass.bdimg.com:* passport.bdimg.com:* ppui-static-wap.cdn.bcebos.com:* ppui-static-pc.cdn.bcebos.com:* hm.baidu.com:* fe.bdimg.com:* msg.baidu.com:* pdc.baidu.com:* img.baidu.com:* openapi.baidu.com:* res.wx.qq.com:* qqq.gtimg.cn:* s.bdstatic.com:* ufosdk.baidu.com:* qapm.baidu.com:* libs.baidu.com:* ext.baidu.com:* apps.baidu.com:* s3.pstatp.com:* tb2.bdstatic.com:* b.bdstatic.com:* msg.baidu.com:* www.baidu.com:* po.srf.baidu.com:* pan.baidu.com:* play.baidu.com:* tb1.bdstatic.com:* dup.baidustatic.com:* static.tieba.baidu.com:* gss2.bdstatic.com:* blob: baiduboxapp: bootupbaiduhd: sofire.bdstatic.com:* id6.me:* opencloud.wostore.cn:* nisbj2.10010.com:* nisbj3.10010.com:* verify.cmpassport.com:* www.cmpassport.com:* nisbj1.10010.com:* mbd.baidu.com:* dlswbr.baidu.com:* dmpstatic.cdn.bcebos.com:* cdn.bootcss.com:* safe.cdn.bcebos.com:*; report-uri https://report-uri.baidu.com/report?app=passport;
Content-Type: text/html
Date: Wed, 01 May 2024 21:55:13 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Referrer-Policy: no-referrer-when-downgrade, strict-origin-when-cross-origin
Server: BWS
Set-Cookie: BAIDUID=1BC431A92203C477FE8038C222F5A86A:FG=1; expires=Thu, 01-May-25 21:55:13 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Strict-Transport-Security: max-age=31536000
Trace-Id: 27916D01
Tracecode: 42571729003759562506050205
Vary: Accept-Encoding
Transfer-Encoding: chunked
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQymydLOAqKaakD3Wr4-KsrJlGLViPKffFEwNle_QKU_eb3347CKuKmACS6fDV-5ywltvIUC&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1291164376%3A1714600512078887&theme=mn&ddm=0
64.233.161.84403 Forbidden 10 kB URL GET HTTP/3 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQymydLOAqKaakD3Wr4-KsrJlGLViPKffFEwNle_QKU_eb3347CKuKmACS6fDV-5ywltvIUC&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1291164376%3A1714600512078887&theme=mn&ddm=0
IP 64.233.161.84:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File type gzip compressed data, max compression
Hash 67817d53c419f19df6eb3904ee3ca6b5
41fecd8d91e001078888fca3c021ca8ea71c5118
292a5b0ae914fdc96bea7a65972341f89fa46e07f8489fa75eccebb32bb48742
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQymydLOAqKaakD3Wr4-KsrJlGLViPKffFEwNle_QKU_eb3347CKuKmACS6fDV-5ywltvIUC&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1291164376%3A1714600512078887&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 May 2024 21:55:12 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-6BAXwIrGYIuun0MypmslCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQxd5SYXVlVpdBQJLbAkdrFn-aPR-YFbetS03xQsnQfXAw4-dmJ7WFvVrOI1vWbyRczpswvP&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S470555744%3A1714600512087196&theme=mn&ddm=0
64.233.161.84403 Forbidden 9.2 kB URL GET HTTP/3 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQxd5SYXVlVpdBQJLbAkdrFn-aPR-YFbetS03xQsnQfXAw4-dmJ7WFvVrOI1vWbyRczpswvP&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S470555744%3A1714600512087196&theme=mn&ddm=0
IP 64.233.161.84:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File type gzip compressed data, max compression
Hash c6f486115a39dcdfd7e4a3ee3781abb6
6b3e20c7e15e72cf80f2657567278e15eff65dcb
dd5b55748aee050301ef0c0c0933e1c109b7d1ea6746d77d68e12af9960a4741
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQxd5SYXVlVpdBQJLbAkdrFn-aPR-YFbetS03xQsnQfXAw4-dmJ7WFvVrOI1vWbyRczpswvP&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S470555744%3A1714600512087196&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 May 2024 21:55:12 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-6SF1_-VtNCS2DftMNNJ1nA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
dull-egg.pro/YWm_RY0ZP.3apbv-bdmeVfJgZ_Di0j0kMlT-Yn4oOpTqA_0sJtmuFvk-SxWyQz9AM_zCQD2EMFz-IH3IJJnKN_JMZNDO0P0-NRjSQT5UO_TWkX3YJZn-NbJcZdDeI_9gJhniNjJ-ZlDmMn9oe_mq9rusZtW-5vvwdxHyB_hAcB3CMDm-cFnGJHpIZ_DK0L5MNNG-JPkQMRGSZ_mUOVGWEXy-ZZmaVblcZ_jeMfygMhz-kj1kYlWmZ_joMp2qIr3-YtTuAv1wY_WyJziAOBC-ZD1EbFmGl_xIQJnKlLU-eNXOBPlQP_TSATmUdVW-5XpYcZUaJ_5cWdme9fu-ZhTi0jwkJ_nmVnuoapX-FrCsetUuZ_lwZxWyQz9-MBCCZD1Eb_mGlHxIQJn-lLGMbN3OJ_tQYRXSQT9-MVCWZXwYd_Da0bwcJdn-Jf2gPhTiA_mkalHmMn9-cpWqErmsb_HuBvpwPxT-MzyANBTCI_mEaFGGlH0-SJWKQL9MM_jOMPxQMRW-YTxUNVTWU_zYNZjaIbx-Nd2eQfygN_miUjykMlD-FnloMpmqM_xsMtDuMv3-ZxDyEz4AZ_GCYDmEcFm-VHmIRJGK9_tMYNWOlPu-PRQS
188.72.219.36200 OK 0 B URL POST HTTP/2 dull-egg.pro/YWm_RY0ZP.3apbv-bdmeVfJgZ_Di0j0kMlT-Yn4oOpTqA_0sJtmuFvk-SxWyQz9AM_zCQD2EMFz-IH3IJJnKN_JMZNDO0P0-NRjSQT5UO_TWkX3YJZn-NbJcZdDeI_9gJhniNjJ-ZlDmMn9oe_mq9rusZtW-5vvwdxHyB_hAcB3CMDm-cFnGJHpIZ_DK0L5MNNG-JPkQMRGSZ_mUOVGWEXy-ZZmaVblcZ_jeMfygMhz-kj1kYlWmZ_joMp2qIr3-YtTuAv1wY_WyJziAOBC-ZD1EbFmGl_xIQJnKlLU-eNXOBPlQP_TSATmUdVW-5XpYcZUaJ_5cWdme9fu-ZhTi0jwkJ_nmVnuoapX-FrCsetUuZ_lwZxWyQz9-MBCCZD1Eb_mGlHxIQJn-lLGMbN3OJ_tQYRXSQT9-MVCWZXwYd_Da0bwcJdn-Jf2gPhTiA_mkalHmMn9-cpWqErmsb_HuBvpwPxT-MzyANBTCI_mEaFGGlH0-SJWKQL9MM_jOMPxQMRW-YTxUNVTWU_zYNZjaIbx-Nd2eQfygN_miUjykMlD-FnloMpmqM_xsMtDuMv3-ZxDyEz4AZ_GCYDmEcFm-VHmIRJGK9_tMYNWOlPu-PRQS
IP 188.72.219.36:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subjectdull-egg.pro
Fingerprint2C:38:E2:A2:7C:32:0F:35:69:9E:5F:4E:16:78:F1:B6:84:34:5C:35
ValiditySun, 14 Apr 2024 03:22:01 GMT - Sat, 13 Jul 2024 03:22:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /YWm_RY0ZP.3apbv-bdmeVfJgZ_Di0j0kMlT-Yn4oOpTqA_0sJtmuFvk-SxWyQz9AM_zCQD2EMFz-IH3IJJnKN_JMZNDO0P0-NRjSQT5UO_TWkX3YJZn-NbJcZdDeI_9gJhniNjJ-ZlDmMn9oe_mq9rusZtW-5vvwdxHyB_hAcB3CMDm-cFnGJHpIZ_DK0L5MNNG-JPkQMRGSZ_mUOVGWEXy-ZZmaVblcZ_jeMfygMhz-kj1kYlWmZ_joMp2qIr3-YtTuAv1wY_WyJziAOBC-ZD1EbFmGl_xIQJnKlLU-eNXOBPlQP_TSATmUdVW-5XpYcZUaJ_5cWdme9fu-ZhTi0jwkJ_nmVnuoapX-FrCsetUuZ_lwZxWyQz9-MBCCZD1Eb_mGlHxIQJn-lLGMbN3OJ_tQYRXSQT9-MVCWZXwYd_Da0bwcJdn-Jf2gPhTiA_mkalHmMn9-cpWqErmsb_HuBvpwPxT-MzyANBTCI_mEaFGGlH0-SJWKQL9MM_jOMPxQMRW-YTxUNVTWU_zYNZjaIbx-Nd2eQfygN_miUjykMlD-FnloMpmqM_xsMtDuMv3-ZxDyEz4AZ_GCYDmEcFm-VHmIRJGK9_tMYNWOlPu-PRQS HTTP/1.1
Host: dull-egg.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 86
Origin: https://deywepri.com
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:55:31 GMT
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-credentials: true
vary: Origin
last-modified: Wed, 01 May 2024 21:55:32 GMT
access-control-allow-origin: https://deywepri.com
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/reload?k=6Lfth30UAAAAAHTycX4fXIbPcziaA36c2zWU-eZ2
216.58.211.4200 OK 12 kB URL POST HTTP/3 www.google.com/recaptcha/api2/reload?k=6Lfth30UAAAAAHTycX4fXIbPcziaA36c2zWU-eZ2
IP 216.58.211.4:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfth30UAAAAAHTycX4fXIbPcziaA36c2zWU-eZ2&co=aHR0cHM6Ly9kZXl3ZXByaS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=aofdst10pr78
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1
ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
File type ASCII text, with very long lines (11691)
Hash 2379a6df63db2f8851d9539114088fc4
5a30188bfdf530a60133f17e6b454af4f65ff72e
88847406a968ef3e295879ae496da85f8bda497e53fce47a571fcdb2359471ab
POST /recaptcha/api2/reload?k=6Lfth30UAAAAAHTycX4fXIbPcziaA36c2zWU-eZ2 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 8652
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfth30UAAAAAHTycX4fXIbPcziaA36c2zWU-eZ2&co=aHR0cHM6Ly9kZXl3ZXByaS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=aofdst10pr78
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
date: Wed, 01 May 2024 21:55:12 GMT
expires: Wed, 01 May 2024 21:55:12 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
set-cookie: _GRECAPTCHA=09AMrkgaCgEJEkX-c0J2EAve1A67qLqoXfeeagLmR7xC1Js_tN8NxAq1CsctLtLYZUScdBc6m_k0iWbQ_4Ds1CGYs;Path=/recaptcha;Expires=Mon, 28-Oct-2024 21:55:12 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
adsco.re/p
162.252.214.5402 Payment Required 65 B IP 162.252.214.5:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 9e656b4211456222bf16612e4fc051be
a7aeae2965670edd1f441c7242d816b90417d1b5
a0f1f276d4a9e587b339a2438010692b67a7529877b83e59f7628ffe09d0e31a
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1844
Origin: https://deywepri.com
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 402 Payment Required
Date: Wed, 01 May 2024 21:55:11 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Access-Control-Allow-Origin: https://deywepri.com
Access-Control-Allow-Credentials: true
wavylandscape.pro/buW.NvlwPx3-Nz0AYBXCR_1EcFzG1Hm-YJWKlLsM
88.85.94.240200 OK 168 B URL GET HTTP/2 wavylandscape.pro/buW.NvlwPx3-Nz0AYBXCR_1EcFzG1Hm-YJWKlLsM
IP 88.85.94.240:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subjectwavylandscape.pro
Fingerprint06:F3:E5:2D:DD:24:FD:A0:F5:6C:74:C8:48:9D:F3:E3:AA:BB:56:A9
ValiditySun, 28 Apr 2024 01:03:10 GMT - Sat, 27 Jul 2024 01:03:09 GMT
File type HTML document, ASCII text, with no line terminators
Hash 9e0c04f6a728b6a6b4cf6033ef73800b
eb16f7f814f9960764a7fcf7d1d8e9a86afc728f
b7d9c4839c6c376dee60d4c451e6ba68b4d1883e60d7187ccdd1575befca836d
GET /buW.NvlwPx3-Nz0AYBXCR_1EcFzG1Hm-YJWKlLsM HTTP/1.1
Host: wavylandscape.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deywepri.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:55:07 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
expires: Mon, 26 Jul 2011 05:00:00 GMT
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
c.adsco.re/
104.17.166.186200 OK 82 kB IP 104.17.166.186:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (689)
Hash a0b475c65fed312aba8d7c43a0cbc928
3fdd052b41c37318e44084be4f92d42fba4ded61
2dfb2101b24f80be00b1baecce7eec815e61a13381f6983051b6261b8035468a
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 May 2024 21:55:11 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Sat, 01 Jun 2024 21:55:11 GMT
etag: W/"oLR1xl/tMSq6jXxDoMvJKA=="
cf-cache-status: HIT
age: 106652
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d303aaab8156b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfth30UAAAAAHTycX4fXIbPcziaA36c2zWU-eZ2&co=aHR0cHM6Ly9kZXl3ZXByaS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=aofdst10pr78
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:01:56 GMT
expires: Sat, 26 Apr 2025 06:01:56 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 489195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
deliverytraffico.com/0b085559bbdffdb520aa77a4607ee9f9/
146.190.238.229302 Found 168 B URL GET HTTP/2 deliverytraffico.com/0b085559bbdffdb520aa77a4607ee9f9/
IP 146.190.238.229:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subjectdeliverytraffico.com
Fingerprint82:63:01:CA:CA:6E:00:21:A3:32:CF:1A:C1:5A:AD:DC:B3:96:1B:67
ValiditySat, 27 Apr 2024 23:03:56 GMT - Fri, 26 Jul 2024 23:03:55 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0b085559bbdffdb520aa77a4607ee9f9/ HTTP/1.1
Host: deliverytraffico.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Wed, 01 May 2024 21:55:07 GMT
content-type: text/html; charset=UTF-8
location: https://wavylandscape.pro/buW.NvlwPx3-Nz0AYBXCR_1EcFzG1Hm-YJWKlLsM
access-control-allow-origin: https://deywepri.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
www.amazon.com/ap/signin/178-4417027-1316064?_encoding=UTF8&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=10000000&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Ffavicon.ico
0.0.0.0 0 B URL GET www.amazon.com/ap/signin/178-4417027-1316064?_encoding=UTF8&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=10000000&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Ffavicon.ico
IP 0.0.0.0:0
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerDigiCert Inc
Subjectwww.amazon.com
Fingerprint62:55:EA:53:8D:A8:3F:87:B5:55:C5:54:EE:F6:18:25:C8:72:23:61
ValidityTue, 28 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ap/signin/178-4417027-1316064?_encoding=UTF8&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=10000000&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Ffavicon.ico HTTP/1.1
Host: www.amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-C1
server: Server
date: Wed, 01 May 2024 21:55:11 GMT
x-amz-rid: V2PAGCKV95SRPWAAATRB
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Content-Type,Accept-Encoding,User-Agent
content-encoding: gzip
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-id: lrNd4d3vFx4j-OCsQ2OLvGuavFOAHKIEINak5aLO8zSxu2tfplsUSA==
newassets.hcaptcha.com/captcha/v1/50fb34a/hcaptcha.js
104.18.125.91200 OK 387 kB URL GET HTTP/3 newassets.hcaptcha.com/captcha/v1/50fb34a/hcaptcha.js
IP 104.18.125.91:443
Requested by https://newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html#frame=checkbox&id=0z51gyr94etn&host=deywepri.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=35afe8c0-9ebe-460b-b981-2dd69519f5c8&theme=light&origin=https%3A%2F%2Fdeywepri.com
Certificate IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
Size 387 kB (387118 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /captcha/v1/50fb34a/hcaptcha.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 May 2024 21:55:10 GMT
content-type: application/javascript
etag: W/"43a836cde2f57b4747b92444069ecfc9"
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Wed, 15 May 2024 21:55:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d303a52bdc56b9-OSL
content-encoding: br
newassets.hcaptcha.com/c/e78a38c/hsw.js
104.18.125.91200 OK 528 kB URL GET HTTP/3 newassets.hcaptcha.com/c/e78a38c/hsw.js
IP 104.18.125.91:443
Requested by https://newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html#frame=challenge&id=0z51gyr94etn&host=deywepri.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=35afe8c0-9ebe-460b-b981-2dd69519f5c8&theme=light&origin=https%3A%2F%2Fdeywepri.com
Certificate IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
Size 528 kB (528392 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/e78a38c/hsw.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 May 2024 21:55:10 GMT
content-type: application/javascript
etag: W/"4342b00f906eea1d05b94293d52aa8b3"
cache-control: public, max-age=3024000
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Wed, 05 Jun 2024 21:55:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d303a9580956b9-OSL
content-encoding: br
newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html
104.18.125.91200 OK 1.8 kB URL GET HTTP/3 newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html
IP 104.18.125.91:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File type HTML document, ASCII text, with very long lines (1803), with no line terminators
Hash 1061da5ccf4d00902874135c386f3cec
3fbf23dcb9452a187c9ec136a7f5538776f8b9ad
f472028d948ffa52e1eb7cd913034240f740dab373e73ab17c07891dca16cd72
GET /captcha/v1/50fb34a/static/hcaptcha.html HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 May 2024 21:55:10 GMT
content-type: text/html
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Wed, 15 May 2024 21:55:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d303a3da9e56b9-OSL
content-encoding: br
c.adsco.re/j?Qi9aAAAAAAAAX0yi-N-uGcaMAgXMqolgP66ys4A,4649997,3,,AAJH1S8Wmqxh_2opiPxM8swylzpVYwZATzelvgSJ3phEhfr9-eIu_lgmPD0BfjtWScXmob9w4bxjG5pbqQepTy2GXl4rV3vDvoY-SslEBdiArEbwDN4RE1z1cBGIGs-W84wCexUrycD3iFe73FEWWlNgMouvWXYEyRHVDTEiOgWLuE4ZCBOGFsghqg4iQn2wvkOthp3IguXpfX1f1S_xseNlbt54F_9CeBR7d-mwmaKwbiBQW9ADBV-wmlcJ3y3Pay1Fd__PjgjnA01DstJuXruJgdb8eFkAXQMknMfFNWrUTg
104.17.166.186200 OK 1.3 kB URL GET HTTP/2 c.adsco.re/j?Qi9aAAAAAAAAX0yi-N-uGcaMAgXMqolgP66ys4A,4649997,3,,AAJH1S8Wmqxh_2opiPxM8swylzpVYwZATzelvgSJ3phEhfr9-eIu_lgmPD0BfjtWScXmob9w4bxjG5pbqQepTy2GXl4rV3vDvoY-SslEBdiArEbwDN4RE1z1cBGIGs-W84wCexUrycD3iFe73FEWWlNgMouvWXYEyRHVDTEiOgWLuE4ZCBOGFsghqg4iQn2wvkOthp3IguXpfX1f1S_xseNlbt54F_9CeBR7d-mwmaKwbiBQW9ADBV-wmlcJ3y3Pay1Fd__PjgjnA01DstJuXruJgdb8eFkAXQMknMfFNWrUTg
IP 104.17.166.186:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (1349), with no line terminators
Hash 043b03cc2b8987579cc2dfe740880782
1cb792d0a6f7ee6715073b37482ec35a4ad599d5
c49832d42353231219ebb235a2a3e002cd5e25ada655be7545b658c8c4b15fe2
GET /j?Qi9aAAAAAAAAX0yi-N-uGcaMAgXMqolgP66ys4A,4649997,3,,AAJH1S8Wmqxh_2opiPxM8swylzpVYwZATzelvgSJ3phEhfr9-eIu_lgmPD0BfjtWScXmob9w4bxjG5pbqQepTy2GXl4rV3vDvoY-SslEBdiArEbwDN4RE1z1cBGIGs-W84wCexUrycD3iFe73FEWWlNgMouvWXYEyRHVDTEiOgWLuE4ZCBOGFsghqg4iQn2wvkOthp3IguXpfX1f1S_xseNlbt54F_9CeBR7d-mwmaKwbiBQW9ADBV-wmlcJ3y3Pay1Fd__PjgjnA01DstJuXruJgdb8eFkAXQMknMfFNWrUTg HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 21:55:07 GMT
content-type: application/javascript
cache-control: public, max-age=2678400
expires: Sat, 01 Jun 2024 21:55:07 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
etag: W/"bVfhtgjubmIl/4qpXrPS+w=="
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d30393283bb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m
216.58.211.4200 OK 102 B URL GET HTTP/3 www.google.com/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m
IP 216.58.211.4:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfth30UAAAAAHTycX4fXIbPcziaA36c2zWU-eZ2&co=aHR0cHM6Ly9kZXl3ZXByaS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=aofdst10pr78
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1
ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
File type ASCII text, with no line terminators
Hash 284b36421a1cf446f32cb8f7987b1091
eb14d6298c9da3fb26d75b54c087ea2df9f3f05f
94ab2be973685680d0be9c08d4e1a7465f3c09053cf631126bd33f49cc2f939b
GET /recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfth30UAAAAAHTycX4fXIbPcziaA36c2zWU-eZ2&co=aHR0cHM6Ly9kZXl3ZXByaS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=aofdst10pr78
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 01 May 2024 21:55:11 GMT
date: Wed, 01 May 2024 21:55:11 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.blogger.com%2Ffavicon.ico&hl=de&ifkv=AaSxoQzabXi1Vzf2_owpeWr3R2WG6s_gv2FhIJUPpqXcGueN8lYk3-my7VGMv53zBygBZDEOjDHb&passive=1209600&service=blogger&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S151239907%3A1714600512086233&theme=mn&ddm=0
64.233.161.84403 Forbidden 0 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.blogger.com%2Ffavicon.ico&hl=de&ifkv=AaSxoQzabXi1Vzf2_owpeWr3R2WG6s_gv2FhIJUPpqXcGueN8lYk3-my7VGMv53zBygBZDEOjDHb&passive=1209600&service=blogger&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S151239907%3A1714600512086233&theme=mn&ddm=0
IP 64.233.161.84:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.blogger.com%2Ffavicon.ico&hl=de&ifkv=AaSxoQzabXi1Vzf2_owpeWr3R2WG6s_gv2FhIJUPpqXcGueN8lYk3-my7VGMv53zBygBZDEOjDHb&passive=1209600&service=blogger&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S151239907%3A1714600512086233&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 May 2024 21:55:12 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: script-src 'nonce-aHgPPHSRQE6NKhJaoFHqlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
newassets.hcaptcha.com/captcha/v1/50fb34a/hcaptcha.js
104.18.125.91200 OK 387 kB URL GET HTTP/3 newassets.hcaptcha.com/captcha/v1/50fb34a/hcaptcha.js
IP 104.18.125.91:443
Requested by https://newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html#frame=challenge&id=0z51gyr94etn&host=deywepri.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=35afe8c0-9ebe-460b-b981-2dd69519f5c8&theme=light&origin=https%3A%2F%2Fdeywepri.com
Certificate IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
Size 387 kB (387118 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /captcha/v1/50fb34a/hcaptcha.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 May 2024 21:55:10 GMT
content-type: application/javascript
etag: W/"43a836cde2f57b4747b92444069ecfc9"
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Wed, 15 May 2024 21:55:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d303a52bdd56b9-OSL
content-encoding: br
newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html
104.18.125.91200 OK 1.8 kB URL GET HTTP/3 newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html
IP 104.18.125.91:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File type HTML document, ASCII text, with very long lines (1803), with no line terminators
Hash 1061da5ccf4d00902874135c386f3cec
3fbf23dcb9452a187c9ec136a7f5538776f8b9ad
f472028d948ffa52e1eb7cd913034240f740dab373e73ab17c07891dca16cd72
GET /captcha/v1/50fb34a/static/hcaptcha.html HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 May 2024 21:55:10 GMT
content-type: text/html
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Wed, 15 May 2024 21:55:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d303a3daa256b9-OSL
content-encoding: br
api2.hcaptcha.com/checksiteconfig?v=50fb34a&host=deywepri.com&sitekey=35afe8c0-9ebe-460b-b981-2dd69519f5c8&sc=1&swa=1&spst=0
104.18.125.91200 OK 718 B URL POST HTTP/3 api2.hcaptcha.com/checksiteconfig?v=50fb34a&host=deywepri.com&sitekey=35afe8c0-9ebe-460b-b981-2dd69519f5c8&sc=1&swa=1&spst=0
IP 104.18.125.91:443
Requested by https://newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html#frame=challenge&id=0z51gyr94etn&host=deywepri.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=35afe8c0-9ebe-460b-b981-2dd69519f5c8&theme=light&origin=https%3A%2F%2Fdeywepri.com
Certificate IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File type troff or preprocessor input, ASCII text, with very long lines (734), with no line terminators
Hash 28414d763936a9a4cf17fee7bc6186d6
33b83399f6eb495f7f114e42bc875b61009f25bd
23dd3c4d05a412867f830c742f31f72e9118159cf219756590e37c14e5eaedc2
POST /checksiteconfig?v=50fb34a&host=deywepri.com&sitekey=35afe8c0-9ebe-460b-b981-2dd69519f5c8&sc=1&swa=1&spst=0 HTTP/1.1
Host: api2.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://newassets.hcaptcha.com
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/3 200 OK
date: Wed, 01 May 2024 21:55:10 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28vk2VKwPbLoawFj9mU2fhedYxxWRCw8R2MtbJL6R; SameSite=None; Secure; path=/; expires=Wed, 01-May-24 22:25:10 GMT; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d303a8af6656b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
deliverytraffico.com/37a21b48e24ed1184aa8b073cbd7f7f6/?rid=Sv6HrVfaVanOXJcr8oRW0Kk5shtDnbeC&host=landings-eu01.sdkl.info
146.190.238.229200 OK 14 B URL GET HTTP/2 deliverytraffico.com/37a21b48e24ed1184aa8b073cbd7f7f6/?rid=Sv6HrVfaVanOXJcr8oRW0Kk5shtDnbeC&host=landings-eu01.sdkl.info
IP 146.190.238.229:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subjectdeliverytraffico.com
Fingerprint82:63:01:CA:CA:6E:00:21:A3:32:CF:1A:C1:5A:AD:DC:B3:96:1B:67
ValiditySat, 27 Apr 2024 23:03:56 GMT - Fri, 26 Jul 2024 23:03:55 GMT
File type ASCII text, with no line terminators
Hash c7a2377feeb4a2ea7470a8f3361cadd4
90978eb556bfdc5b8d5c827d77d3f7893349d606
5a6a29ee17ce768dda0fb65615d1d2ae4490f9ce1c33b30c2341a856bd3dc8c0
GET /37a21b48e24ed1184aa8b073cbd7f7f6/?rid=Sv6HrVfaVanOXJcr8oRW0Kk5shtDnbeC&host=landings-eu01.sdkl.info HTTP/1.1
Host: deliverytraffico.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:55:07 GMT
content-type: text/html; charset=UTF-8
content-encoding: br
X-Firefox-Spdy: h2
www.hcaptcha.com/1/api.js?v=1714226627207557672
104.18.125.91200 OK 387 kB URL GET HTTP/2 www.hcaptcha.com/1/api.js?v=1714226627207557672
IP 104.18.125.91:443
Requested by https://deywepri.com/l?v=Wk7KPqlX
Certificate IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
Size 387 kB (387118 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/api.js?v=1714226627207557672 HTTP/1.1
Host: www.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deywepri.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 21:55:07 GMT
content-type: application/javascript
cf-ray: 87d3039258a0712e-OSL
cf-cache-status: HIT
age: 0
cache-control: max-age=300
etag: W/"43a836cde2f57b4747b92444069ecfc9"
expires: Wed, 15 May 2024 20:40:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Accept-Encoding
alt-svc: h3=":443"; ma=86400
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2