gebehee.top/sftouch?userId=dc14b58105a54b84a57ccdc836a5f769&z=5047078&p_rid=c97f5eff-7bdb-4492-ae2b-c5daec74d94f&p_src=sf
2 B URL gebehee.top/sftouch?userId=dc14b58105a54b84a57ccdc836a5f769&z=5047078&p_rid=c97f5eff-7bdb-4492-ae2b-c5daec74d94f&p_src=sf
IP
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /sftouch?userId=dc14b58105a54b84a57ccdc836a5f769&z=5047078&p_rid=c97f5eff-7bdb-4492-ae2b-c5daec74d94f&p_src=sf HTTP/1.1
Host: gebehee.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gebehee.top
DNT: 1
Connection: keep-alive
Referer: https://gebehee.top/cndi4858vmefovl/5047078/
Cookie: OAID=dc14b58105a54b84a57ccdc836a5f769; oaidts=1701003710
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/3 200 OK
date: Sun, 26 Nov 2023 13:01:50 GMT
content-type: text/plain
content-length: 2
x-trace-id: 94bbf54f532179b19802d44f6945a806
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://gebehee.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kXsRwDg9gr7pBdc0Jv8TLl%2BPeJSSvYvHhrqVBQLaf647mquQvN5j8CDREYBmsvSvlpOREvtLSq5rjlg5QUWUJQcubFnksG00oGbz4uUe6lX7O2ymIZ35qIMDP0ZJeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c2528699350b45-OSL
alt-svc: h3=":443"; ma=86400
my.rtmark.net/img.gif?f=merge&userId=dc14b58105a54b84a57ccdc836a5f769&z=5047078&p_rid=c97f5eff-7bdb-4492-ae2b-c5daec74d94f&p_src=sf
43 B URL my.rtmark.net/img.gif?f=merge&userId=dc14b58105a54b84a57ccdc836a5f769&z=5047078&p_rid=c97f5eff-7bdb-4492-ae2b-c5daec74d94f&p_src=sf
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=dc14b58105a54b84a57ccdc836a5f769&z=5047078&p_rid=c97f5eff-7bdb-4492-ae2b-c5daec74d94f&p_src=sf HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gebehee.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 26 Nov 2023 13:01:50 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=dc14b58105a54b84a57ccdc836a5f769; expires=Mon, 25 Nov 2024 13:01:50 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
gebehee.top/?z=5047078&syncedCookie=true&rhd=false
302 Found 0 B URL User Request POST HTTP/3 gebehee.top/?z=5047078&syncedCookie=true&rhd=false
IP
Certificate IssuerLet's Encrypt
Subjectgebehee.top
Fingerprint22:27:C1:41:36:7A:1B:9A:88:27:1B:5A:5F:98:14:48:2F:57:82:E3
ValidityTue, 31 Oct 2023 09:45:02 GMT - Mon, 29 Jan 2024 09:45:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?z=5047078&syncedCookie=true&rhd=false HTTP/1.1
Host: gebehee.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 456
Origin: https://gebehee.top
DNT: 1
Connection: keep-alive
Referer: https://gebehee.top/afu.php?zoneid=5047078&var=5047078&rid=HOT75NEYqukVl6lP96YjTA%3D%3D&rhd=false
Cookie: OAID=dc14b58105a54b84a57ccdc836a5f769; oaidts=1701003710
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sun, 26 Nov 2023 13:01:50 GMT
content-length: 0
location: https://gl0a7loeki02do.com/news.php?key=fz85sv8weugl8pkww9gu&SUBID=752626715582533891&cost=0.000000&zoneid=5047078&browser=firefox&browserversion=105&device=desktop&isp=blix group as&country=NO&os=windows&osversion=win10&carrier=?&language=en
x-trace-id: 2e7d958a6d1bc99a0abea5e1988886ce
link: <https://gl0a7loeki02do.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://gebehee.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
set-cookie: OAID=dc14b58105a54b84a57ccdc836a5f769; expires=Mon, 25 Nov 2024 13:01:50 GMT; path=/; secure; SameSite=None
oaidts=1701003710; expires=Mon, 25 Nov 2024 13:01:50 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 03 Dec 2023 13:01:50 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPqbE4cNUF2e4KxfIcUjdnNxbK0Y67GY7%2FG%2BccGXlEVWKO1VEkdN5OnLTSOkLK6WVSabJcXHnrQO2pD7EwJ3l6ABDIDs5r61M%2FnEWyeBW7fURjaQBz2pdSm30ilG%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c252887ae60b45-OSL
alt-svc: h3=":443"; ma=86400
gl0a7loeki02do.com/news.php?key=fz85sv8weugl8pkww9gu&SUBID=752626715582533891&cost=0.000000&zoneid=5047078&browser=firefox&browserversion=105&device=desktop&isp=blix%20group%20as&country=NO&os=windows&osversion=win10&carrier=?&language=en
302 Found 0 B URL User Request GET HTTP/1.1 gl0a7loeki02do.com/news.php?key=fz85sv8weugl8pkww9gu&SUBID=752626715582533891&cost=0.000000&zoneid=5047078&browser=firefox&browserversion=105&device=desktop&isp=blix%20group%20as&country=NO&os=windows&osversion=win10&carrier=?&language=en
IP
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subjectgl0a7loeki02do.com
FingerprintAE:E6:A9:A7:55:E8:BA:49:49:B8:44:23:52:97:03:11:0E:97:64:9E
ValidityMon, 02 Oct 2023 14:28:06 GMT - Sun, 31 Dec 2023 14:28:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /news.php?key=fz85sv8weugl8pkww9gu&SUBID=752626715582533891&cost=0.000000&zoneid=5047078&browser=firefox&browserversion=105&device=desktop&isp=blix%20group%20as&country=NO&os=windows&osversion=win10&carrier=?&language=en HTTP/1.1
Host: gl0a7loeki02do.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Sun, 26 Nov 2023 13:01:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=y9465mxsbl; expires=Mon, 27-Nov-2023 13:01:51 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=y9465mxsbl-y9465mxsbl-46-h9i4-8rfe-2thq-4p1n-f7fc9c; expires=Mon, 27-Nov-2023 13:01:51 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://3tght76h.com/1/?lpkey=17dc010400de40ce11&uclick=y9465mxsbl&uclickhash=y9465mxsbl-y9465mxsbl-46-h9i4-8rfe-2thq-4p1n-f7fc9c
Strict-Transport-Security: max-age=31536000
3tght76h.com/1/?lpkey=17dc010400de40ce11&uclick=y9465mxsbl&uclickhash=y9465mxsbl-y9465mxsbl-46-h9i4-8rfe-2thq-4p1n-f7fc9c
200 OK 1.4 kB URL User Request GET HTTP/1.1 3tght76h.com/1/?lpkey=17dc010400de40ce11&uclick=y9465mxsbl&uclickhash=y9465mxsbl-y9465mxsbl-46-h9i4-8rfe-2thq-4p1n-f7fc9c
IP
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject3tght76h.com
Fingerprint69:86:04:06:BA:1E:8D:32:8D:DC:3C:8A:58:4B:75:CE:E7:C1:2B:45
ValidityWed, 15 Nov 2023 12:22:03 GMT - Tue, 13 Feb 2024 12:22:02 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 26bc2b889534aead062fab4a41c790fe
c17fc01dc4cb6a7cb7fc24a73bad25b8e8115242
16e5a8b96ca3feecf8acdc49f84fba4486ff5a1bc7cd77bb1c88f3caf8d4fd82
GET /1/?lpkey=17dc010400de40ce11&uclick=y9465mxsbl&uclickhash=y9465mxsbl-y9465mxsbl-46-h9i4-8rfe-2thq-4p1n-f7fc9c HTTP/1.1
Host: 3tght76h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 26 Nov 2023 13:01:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
www.googletagmanager.com/gtm.js?id=GTM-547JG5H
200 OK 45 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-547JG5H
IP
Requested by https://3tght76h.com/1/?lpkey=17dc010400de40ce11&uclick=y9465mxsbl&uclickhash=y9465mxsbl-y9465mxsbl-46-h9i4-8rfe-2thq-4p1n-f7fc9c
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (2213)
Hash 0a41fd0f9ab9da845fd4439521ccff0c
4a3dfeaf4a1f8d496a4fba3d83db78f861cfa72f
1cf356e3f2c449843668ea1d3e0385cf0590b8c5fae1597c17396fd75556cac0
GET /gtm.js?id=GTM-547JG5H HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3tght76h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 26 Nov 2023 13:01:51 GMT
expires: Sun, 26 Nov 2023 13:01:51 GMT
cache-control: private, max-age=900
last-modified: Sun, 26 Nov 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45096
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3tght76h.com/1/bg.png
200 OK 61 kB IP
ASN #24940 Hetzner Online GmbH
Requested by https://3tght76h.com/1/?lpkey=17dc010400de40ce11&uclick=y9465mxsbl&uclickhash=y9465mxsbl-y9465mxsbl-46-h9i4-8rfe-2thq-4p1n-f7fc9c
Certificate IssuerLet's Encrypt
Subject3tght76h.com
Fingerprint69:86:04:06:BA:1E:8D:32:8D:DC:3C:8A:58:4B:75:CE:E7:C1:2B:45
ValidityWed, 15 Nov 2023 12:22:03 GMT - Tue, 13 Feb 2024 12:22:02 GMT
File type PNG image data, 400 x 299, 8-bit grayscale, non-interlaced\012- data
Hash d7096ad35844972e015e865729d13235
42c79d98b50275dcc447bd61d845ee2ed52ae45e
8bccdb408e67a3b44e0f5d417486c8d251f2e4acbae8542465aad3c7052341dd
GET /1/bg.png HTTP/1.1
Host: 3tght76h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3tght76h.com/1/?lpkey=17dc010400de40ce11&uclick=y9465mxsbl&uclickhash=y9465mxsbl-y9465mxsbl-46-h9i4-8rfe-2thq-4p1n-f7fc9c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 26 Nov 2023 13:01:51 GMT
Content-Type: image/png
Content-Length: 61362
Last-Modified: Wed, 15 Nov 2023 13:23:49 GMT
Connection: keep-alive
ETag: "6554c665-efb2"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
3tght76h.com/favicon.png
404 Not Found 114 B IP
ASN #24940 Hetzner Online GmbH
Requested by https://3tght76h.com/1/?lpkey=17dc010400de40ce11&uclick=y9465mxsbl&uclickhash=y9465mxsbl-y9465mxsbl-46-h9i4-8rfe-2thq-4p1n-f7fc9c
Certificate IssuerLet's Encrypt
Subject3tght76h.com
Fingerprint69:86:04:06:BA:1E:8D:32:8D:DC:3C:8A:58:4B:75:CE:E7:C1:2B:45
ValidityWed, 15 Nov 2023 12:22:03 GMT - Tue, 13 Feb 2024 12:22:02 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ac5ea41aae137cead073d37a7bb732bc
85bde4b57e1f38bd7ff0e6cf4b6ac5f626a5fbae
fcdc802dabd14bed15efb9235ee0decac4adb6908dca03eeba74e2bf8f4eb5a7
GET /favicon.png HTTP/1.1
Host: 3tght76h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3tght76h.com/1/?lpkey=17dc010400de40ce11&uclick=y9465mxsbl&uclickhash=y9465mxsbl-y9465mxsbl-46-h9i4-8rfe-2thq-4p1n-f7fc9c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.22.0
Date: Sun, 26 Nov 2023 13:01:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
200 OK 191 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (563)
Size 191 kB (190682 bytes)
Hash 23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://3tght76h.com
DNT: 1
Connection: keep-alive
Referer: https://3tght76h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 Nov 2023 17:15:26 GMT
expires: Sun, 24 Nov 2024 17:15:26 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 71186
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
IP
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (56398), with no line terminators
Hash eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 Nov 2023 23:14:50 GMT
expires: Sun, 24 Nov 2024 23:14:50 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/css
vary: Accept-Encoding
age: 49622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui&co=aHR0cHM6Ly8zdGdodDc2aC5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=8h5ryzlyuqdt
200 OK 226 kB URL GET HTTP/3 www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui&co=aHR0cHM6Ly8zdGdodDc2aC5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=8h5ryzlyuqdt
IP
Requested by https://3tght76h.com/1/?lpkey=17dc010400de40ce11&uclick=y9465mxsbl&uclickhash=y9465mxsbl-y9465mxsbl-46-h9i4-8rfe-2thq-4p1n-f7fc9c
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (53823)
Size 226 kB (225888 bytes)
Hash 40e99ad01221dae2fe490695b86593cb
9aa35fc0e4fb4d0dfdf4d5d5d91e7ff703ce4234
a7d07f95d0efbd117af4787b9461d057cff57816e5c6e2a3a7bdc200020f4dcd
GET /recaptcha/api2/anchor?ar=1&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui&co=aHR0cHM6Ly8zdGdodDc2aC5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=8h5ryzlyuqdt HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3tght76h.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 26 Nov 2023 13:01:52 GMT
content-security-policy: script-src 'nonce-tvclb3TVC9__e4TplSP-9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui&co=aHR0cHM6Ly8zdGdodDc2aC5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=8h5ryzlyuqdt
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 23:26:09 GMT
expires: Fri, 22 Nov 2024 23:26:09 GMT
cache-control: public, max-age=31536000
age: 221743
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/api2/logo_48.png
200 OK 2.2 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/logo_48.png
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui&co=aHR0cHM6Ly8zdGdodDc2aC5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=8h5ryzlyuqdt
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Nov 2023 21:37:43 GMT
expires: Wed, 29 Nov 2023 21:37:43 GMT
cache-control: public, max-age=604800
age: 314649
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
200 OK 191 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (563)
Size 191 kB (190682 bytes)
Hash 23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 Nov 2023 17:15:26 GMT
expires: Sun, 24 Nov 2024 17:15:26 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 71186
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
IP
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (56398), with no line terminators
Hash eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 Nov 2023 23:14:50 GMT
expires: Sun, 24 Nov 2024 23:14:50 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/css
vary: Accept-Encoding
age: 49623
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui
200 OK 192 kB URL GET HTTP/3 www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui
IP
Requested by https://3tght76h.com/1/?lpkey=17dc010400de40ce11&uclick=y9465mxsbl&uclickhash=y9465mxsbl-y9465mxsbl-46-h9i4-8rfe-2thq-4p1n-f7fc9c
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (563)
Size 192 kB (191854 bytes)
Hash 9bc26abfc6354549a2f4023c90861435
11bf1c7a455bbe83a617993e6e06bbfae10112ea
e10031acca86f65983f7d5913ef8a24d217b0a696b765f2fc492bc6be6881d88
GET /recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3tght76h.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 26 Nov 2023 13:01:53 GMT
content-security-policy: script-src 'nonce-govBtxXLf44ycYzpzyukqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/api.js
200 OK 850 B URL GET HTTP/2 www.google.com/recaptcha/api.js
IP
Requested by https://3tght76h.com/1/?lpkey=17dc010400de40ce11&uclick=y9465mxsbl&uclickhash=y9465mxsbl-y9465mxsbl-46-h9i4-8rfe-2thq-4p1n-f7fc9c
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type ASCII text, with very long lines (850), with no line terminators
Hash 57e10dcd72dd2953878092014eae522b
95ba7e48825c26c5d9395ef2edb73e790bce6fa7
c7b54326365940d062bce26ed41579eebcb4946a86ba280790b603926692bd59
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3tght76h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Sun, 26 Nov 2023 13:01:51 GMT
date: Sun, 26 Nov 2023 13:01:51 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
200 OK 102 B URL GET HTTP/3 www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui&co=aHR0cHM6Ly8zdGdodDc2aC5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=8h5ryzlyuqdt
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type ASCII text, with no line terminators
Hash b581f6e6ac7eb4d572233bdd384918f8
12a90cd14cfea2286982801538560f638670eaff
b62f36160407c81030404ab242125afd42fa0da6626ef11e5f406dda12acf144
GET /recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui&co=aHR0cHM6Ly8zdGdodDc2aC5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=8h5ryzlyuqdt
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 26 Nov 2023 13:01:52 GMT
date: Sun, 26 Nov 2023 13:01:52 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
unpkg.com/axios@1.6.2/dist/axios.min.js
200 OK 34 kB URL GET HTTP/2 unpkg.com/axios@1.6.2/dist/axios.min.js
IP
Requested by https://3tght76h.com/1/?lpkey=17dc010400de40ce11&uclick=y9465mxsbl&uclickhash=y9465mxsbl-y9465mxsbl-46-h9i4-8rfe-2thq-4p1n-f7fc9c
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (33582)
Hash a68c57e04fd79331988c16fc3585405d
413c97b8c8ba0be18c36a65a5be940239c5956c2
550f26d03776c62d33e90b8028c6b4e2e7d1301c6ff769cff94592a93df71c68
GET /axios@1.6.2/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3tght76h.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 26 Nov 2023 13:01:51 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"8355-QTyXuMi6C+GMNqZaW+lAI5xZVsI"
via: 1.1 fly.io
fly-request-id: 01HF7RVXXG61JE74MTPHYQMGA9-arn
cf-cache-status: HIT
age: 1009442
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82c2528e3c065695-OSL
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/axios/dist/axios.min.js
302 Found 34 kB URL GET HTTP/2 unpkg.com/axios/dist/axios.min.js
IP
Requested by https://3tght76h.com/1/?lpkey=17dc010400de40ce11&uclick=y9465mxsbl&uclickhash=y9465mxsbl-y9465mxsbl-46-h9i4-8rfe-2thq-4p1n-f7fc9c
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3tght76h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sun, 26 Nov 2023 13:01:51 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.6.2/dist/axios.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01HG5V34WG7W1066FGDKJJW0HM-arn
cf-cache-status: HIT
age: 475
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82c2528e0bc55695-OSL
X-Firefox-Spdy: h2
172.67.156.27
78.46.92.254
104.16.125.175
139.45.195.8