cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
200 OK 10 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (59119)
Hash ecd507b3125edc4d2a03aa6ae5d07da9
a57ee68d11601b0fd8e5037fc241ff65a754473c
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
GET /ajax/libs/font-awesome/5.15.4/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:06:30 GMT
content-type: text/css; charset=utf-8
content-length: 10462
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "613fa20b-28de"
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 136513
expires: Wed, 30 Apr 2025 20:06:30 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QO6Ab2kDCgPBt%2BNoz79AvOF7JUoN0lVE2qXiE0kCi937e1tOMBaBkbD6KgKWFRnZ5yBU%2FobRNE5DFB92KTfmCS96OXKpGVB0oh7AC1Vex%2B1cRAmf8b9oo9kCRfmCMnOgog%2FK6j8X"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881c8cd7b8790b41-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/popper.js/2.9.2/umd/popper.min.js
200 OK 6.0 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/2.9.2/umd/popper.min.js
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (18506)
Hash 83e6ef063fa41ff8d8c00956a7cd3fd9
8eeb7bf71e8a978b82a1a198015f14d73d2ea592
5a07c69f9061eb12e39a031358a4f567f30a002ad6182639ac84fd1bda2f6e65
GET /ajax/libs/popper.js/2.9.2/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:06:30 GMT
content-type: application/javascript; charset=utf-8
content-length: 6002
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6065f4e2-48a2"
last-modified: Thu, 01 Apr 2021 16:29:22 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 771049
expires: Wed, 30 Apr 2025 20:06:30 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1rvCylLiRvyZdlH6ctw8hOGJHjRoB1RaQBaVRSIMZ5JXK0pp6IsgLKYqLsVqTvpp%2Fr0CgfXg6TQI%2FcHGUNAVDjQ6At9qBZBTklrk%2Bj5Uu%2FuCWYOph14rIwoi4YO43xly9Y19cOgo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881c8cd848de0b41-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
i.imgur.com/81EoTp9.jpg
200 OK 76 kB IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerSectigo Limited
Subject*.imgur.com
Fingerprint39:5B:E1:0D:4A:FC:A4:C7:F3:71:DE:C4:5C:12:69:F9:5F:58:9F:42
ValidityThu, 15 Feb 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 1196x308, components 3
Hash 6b677f68bf97fc262e352f11f39bd9d1
117601306bf06491976f79e001054801e660bcc9
684d0d76f203894a30285fe49038740e8169347bf13ea286b08b2a68613828b7
GET /81EoTp9.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Mon, 23 Oct 2023 03:21:50 GMT
etag: "6b677f68bf97fc262e352f11f39bd9d1"
x-amz-server-side-encryption: AES256
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: qjezMGmWEI9IuGYYA3D_sSM_kAAPKj_mUQhsMdfyaYzEUr2r15LCpQ==
cache-control: public, max-age=31536000
accept-ranges: bytes
age: 2897183
date: Fri, 10 May 2024 20:06:30 GMT
x-served-by: cache-iad-kiad7000153-IAD, cache-hel1410030-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 3089, 0
x-timer: S1715371590.465858,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 75518
X-Firefox-Spdy: h2
web1s.asia/assets/web1s-4.js
200 OK 3.0 kB URL GET HTTP/3 web1s.asia/assets/web1s-4.js
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
File type gzip compressed data, from Unix
Hash fbae7135a175b0742faa6b406ab7211f
652535daf2dc7989887f100c8223ded2c3ecb156
44914367166ab3e2b3fa25d63da8eb7ce2e02a0c82552f07babe691f235d3135
GET /assets/web1s-4.js HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkJscVZyeEhjNUc4VERMNGhZeDRJdGc9PSIsInZhbHVlIjoic1JwTUxyWjVyMGNQU2tGaUkxZlVuQmw3TExqNUt2MEtVNUtPM3kvLzZFSEE4UndSMU5NK3pvUXo2cldQUmI0MkhzNnA2cmV0OTdndHFyeWJWTGg4V3BpaDZ2WEN5VWQzVmwzN0ZhV2JERWFuZmE5OTEySUhwNXlhUWlNbnZNMGMiLCJtYWMiOiI2MDc0MTdhNWZlMmU5OWQ0MjllYjFiM2VkM2FjNDY2MTEzYjNkNjc2YmY0NTE1MGRmYWIzYzE1OTQ0MjMyYzY0In0%3D; lang=eyJpdiI6ImJYUlJKRHBOeXdBQkFYQmUvTEpqWkE9PSIsInZhbHVlIjoiZFJRdGM1WHZPdFNiV1ZDSkRrTG1BNWszNE1XbnltQS9mb2FqbFl6RHVwUy9sYjMvUE9PNUdFZk1qWC85VWZNRyIsIm1hYyI6ImE5NmFiMWUyNmE1ZGVlMzNmNWVjZTIwMDkyZmMzYzMyZmQ5NTllZjVjNWRhNWE3ZGRiZjA1YzBlNWUzNWM0YmYifQ%3D%3D; web1s_session=mmIocG4EK9HjA97fqxALQGCyrW5wiqRt9hwQ903P
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 20:06:30 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 30 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66309709-1feb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 6547
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lUsdMERD5UkzP0mj6fC3Bz3eab1czm0eQ0WypQKeBUd7FYdrua3tLfLozBAQ0EXPWBWUO1OitsaGjz7uKaTRNOu2gqJK%2BUr4hg8hBdHCNTdmVRaQxxgPiCWxK%2B7G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881c8cd77ed3712f-OSL
alt-svc: h3=":443"; ma=86400
web1s.com/icon-x64.png
200 OK 2.3 kB IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerLet's Encrypt
Subjectweb1s.com
Fingerprint3C:D1:E8:63:7F:07:90:D6:C5:2A:E7:6F:74:02:F0:CE:D9:53:CB:21
ValidityWed, 17 Apr 2024 10:06:19 GMT - Tue, 16 Jul 2024 10:06:18 GMT
File type PNG image data, 130 x 64, 8-bit colormap, non-interlaced
Hash 7f7be73c1046d1441a94f90911bcbc28
f77481624d4645935f84a07d47ed1ac7eb2f7b70
332438758fba3596e0984e46fe72ba7837b731530a477d78344e2bbf258ace71
GET /icon-x64.png HTTP/1.1
Host: web1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:06:30 GMT
content-type: image/png
content-length: 2279
last-modified: Tue, 30 Apr 2024 07:00:25 GMT
etag: "66309709-8e7"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 377
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pPTWfjDVnoppU6yRfNdAhDObZM%2FGsAWv919qiEMiuIJG%2B%2B7DWoT5B%2FUTsLsNrr5eMMS2eoNJATTIW4%2FwAbj5IbeuNzg8InHyXeGrTJz6GDJANRW%2F09wlgQEY8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881c8cd94e401bfe-OSL
X-Firefox-Spdy: h2
200 OK 99 kB URL User Request GET HTTP/2 IP
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (455)
Hash f70a1734128e57529f6a1744edb8954e
f72e595ad0495d1267e1ceca7982b811ddbacf32
ca8d29817b0c94afa9a0b52dcdd7d706e4d3502789f55cb257db50dccc1690c4
GET /usb3b6lbUQ/ HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:06:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
x-ratelimit-limit: 600
x-ratelimit-remaining: 599
set-cookie: XSRF-TOKEN=eyJpdiI6IkJscVZyeEhjNUc4VERMNGhZeDRJdGc9PSIsInZhbHVlIjoic1JwTUxyWjVyMGNQU2tGaUkxZlVuQmw3TExqNUt2MEtVNUtPM3kvLzZFSEE4UndSMU5NK3pvUXo2cldQUmI0MkhzNnA2cmV0OTdndHFyeWJWTGg4V3BpaDZ2WEN5VWQzVmwzN0ZhV2JERWFuZmE5OTEySUhwNXlhUWlNbnZNMGMiLCJtYWMiOiI2MDc0MTdhNWZlMmU5OWQ0MjllYjFiM2VkM2FjNDY2MTEzYjNkNjc2YmY0NTE1MGRmYWIzYzE1OTQ0MjMyYzY0In0%3D; expires=Sat, 11-May-2024 16:06:29 GMT; Max-Age=72000; path=/; samesite=lax
lang=eyJpdiI6ImJYUlJKRHBOeXdBQkFYQmUvTEpqWkE9PSIsInZhbHVlIjoiZFJRdGM1WHZPdFNiV1ZDSkRrTG1BNWszNE1XbnltQS9mb2FqbFl6RHVwUy9sYjMvUE9PNUdFZk1qWC85VWZNRyIsIm1hYyI6ImE5NmFiMWUyNmE1ZGVlMzNmNWVjZTIwMDkyZmMzYzMyZmQ5NTllZjVjNWRhNWE3ZGRiZjA1YzBlNWUzNWM0YmYifQ%3D%3D; expires=Sat, 10-May-2025 20:06:29 GMT; Max-Age=31536000; path=/; httponly; samesite=lax
web1s_session=mmIocG4EK9HjA97fqxALQGCyrW5wiqRt9hwQ903P; expires=Sat, 11-May-2024 16:06:29 GMT; Max-Age=72000; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bdI2gKfqri0z2wgUJgS3MNBdsgax5GBjECQ6gkzm9FpHD07yatNNmFEfzpgOccSzbcikGBzn1JteGs5EoXIIVTfG%2Bc3buLXigzrWw27Ey44RrqyW5W2vPS1%2BNQDL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881c8cd47fd95690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
a.magsrv.com/ad-provider.js
200 OK 43 kB URL GET HTTP/2 a.magsrv.com/ad-provider.js
IP
ASN #60068 Datacamp Limited
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT
File type gzip compressed data, from Unix
Hash 052a84c65074b205e540e38591642282
fda6e1fcfafabdd1215d9c4a0752a1addf0ca946
5aa4bf56b8ed8b7c0948671e632eaba6e6bbf2fff9f2bf313a30c8ae120b71b7
GET /ad-provider.js HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:06:30 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"057432c37ba5cf65231392a9e07"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Fri, 10 May 2024 15:23:05 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3JxYAAAwBuUwKEwH3CQAAAAwBJRPCLgH35wEAAA
x-77-nzt-ray: c0a4cc289007fc3e467e3e6667c5ac1b
x-accel-expires: @1715376719
x-accel-date: 1715365919
x-77-cache: HIT
x-77-age: 5671
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 5671
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
web1s.asia/assets/style.css
200 OK 18 kB URL GET HTTP/3 web1s.asia/assets/style.css
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
File type gzip compressed data, from Unix
Hash 51d2e1a3e2e38e084d52d60d8e5bff14
ce713b97b241098c777e33a909d116a6aa8c6c7a
ebe03c1f61529bb9892bfad15264714aba6e7742d6b7a55c7e9b181ab42ec798
GET /assets/style.css HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkJscVZyeEhjNUc4VERMNGhZeDRJdGc9PSIsInZhbHVlIjoic1JwTUxyWjVyMGNQU2tGaUkxZlVuQmw3TExqNUt2MEtVNUtPM3kvLzZFSEE4UndSMU5NK3pvUXo2cldQUmI0MkhzNnA2cmV0OTdndHFyeWJWTGg4V3BpaDZ2WEN5VWQzVmwzN0ZhV2JERWFuZmE5OTEySUhwNXlhUWlNbnZNMGMiLCJtYWMiOiI2MDc0MTdhNWZlMmU5OWQ0MjllYjFiM2VkM2FjNDY2MTEzYjNkNjc2YmY0NTE1MGRmYWIzYzE1OTQ0MjMyYzY0In0%3D; lang=eyJpdiI6ImJYUlJKRHBOeXdBQkFYQmUvTEpqWkE9PSIsInZhbHVlIjoiZFJRdGM1WHZPdFNiV1ZDSkRrTG1BNWszNE1XbnltQS9mb2FqbFl6RHVwUy9sYjMvUE9PNUdFZk1qWC85VWZNRyIsIm1hYyI6ImE5NmFiMWUyNmE1ZGVlMzNmNWVjZTIwMDkyZmMzYzMyZmQ5NTllZjVjNWRhNWE3ZGRiZjA1YzBlNWUzNWM0YmYifQ%3D%3D; web1s_session=mmIocG4EK9HjA97fqxALQGCyrW5wiqRt9hwQ903P
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 20:06:30 GMT
content-type: text/css
last-modified: Tue, 30 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66309709-1e1c1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 6548
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AmlpDtxdePn6gRdsLkq%2FP0%2F7FFptWuGreelKCfHPWWxA50k5or%2FtJFDcdRACBGSJW1ruz6mLw5Rgl1cK0m9L9WulH2HMBEVf26O3bO1Ui4RMx9Taiuqg9fzJTQhi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881c8cd76ea5712f-OSL
alt-svc: h3=":443"; ma=86400
web1s.asia/assets/web1s-2.css
200 OK 6.7 kB URL GET HTTP/3 web1s.asia/assets/web1s-2.css
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
File type gzip compressed data, from Unix
Hash d28d49d73dfc0efa4bbb0b3fff27ef09
781352a6cf2d7868227675f9ba74b607580a75d1
8286f1388526fd8058d7be8fdeeddc1ab385b39bd20b12ea97af5e234f63d5d0
GET /assets/web1s-2.css HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkJscVZyeEhjNUc4VERMNGhZeDRJdGc9PSIsInZhbHVlIjoic1JwTUxyWjVyMGNQU2tGaUkxZlVuQmw3TExqNUt2MEtVNUtPM3kvLzZFSEE4UndSMU5NK3pvUXo2cldQUmI0MkhzNnA2cmV0OTdndHFyeWJWTGg4V3BpaDZ2WEN5VWQzVmwzN0ZhV2JERWFuZmE5OTEySUhwNXlhUWlNbnZNMGMiLCJtYWMiOiI2MDc0MTdhNWZlMmU5OWQ0MjllYjFiM2VkM2FjNDY2MTEzYjNkNjc2YmY0NTE1MGRmYWIzYzE1OTQ0MjMyYzY0In0%3D; lang=eyJpdiI6ImJYUlJKRHBOeXdBQkFYQmUvTEpqWkE9PSIsInZhbHVlIjoiZFJRdGM1WHZPdFNiV1ZDSkRrTG1BNWszNE1XbnltQS9mb2FqbFl6RHVwUy9sYjMvUE9PNUdFZk1qWC85VWZNRyIsIm1hYyI6ImE5NmFiMWUyNmE1ZGVlMzNmNWVjZTIwMDkyZmMzYzMyZmQ5NTllZjVjNWRhNWE3ZGRiZjA1YzBlNWUzNWM0YmYifQ%3D%3D; web1s_session=mmIocG4EK9HjA97fqxALQGCyrW5wiqRt9hwQ903P
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 20:06:30 GMT
content-type: text/css
last-modified: Tue, 30 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66309709-7c57"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 6548
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NL42Z6Kib7MOa7ErDjlYNlcKdIJPTlgOoeigxmFY5d%2BHyxHYNgwVHX3%2FtFrvSibdNzHLiEItKINOSgFTBz9%2B5Cz65%2FCo1bp8F0yn5YyifTjFCmTPJ%2FymQ5gjGW%2F2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881c8cd76ea3712f-OSL
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2
200 OK 39 kB URL GET HTTP/2 fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 39124, version 1.0
Hash 86b73ab5f530be7984b704414f2a711d
8e297794ed7b6f5ea476d14b5270df12e8f3e42a
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
GET /s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 39124
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:49:00 GMT
expires: Fri, 09 May 2025 01:49:00 GMT
cache-control: public, max-age=31536000
age: 152250
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2
200 OK 39 kB URL GET HTTP/2 fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 39124, version 1.0
Hash 86b73ab5f530be7984b704414f2a711d
8e297794ed7b6f5ea476d14b5270df12e8f3e42a
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
GET /s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 39124
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:49:00 GMT
expires: Fri, 09 May 2025 01:49:00 GMT
cache-control: public, max-age=31536000
age: 152250
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
web1s.asia/assets/web1s-1.css
200 OK 67 kB URL GET HTTP/3 web1s.asia/assets/web1s-1.css
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
File type gzip compressed data, from Unix
Hash 7cc3ba3a2c61a3cd653b69194015a5d3
021f5661b6dd582cc75e685470aa21052b6cc3c3
b5d03636afc8a20280d9eaaddce7ee744311b5753adf5cca81c69e305283fcfe
GET /assets/web1s-1.css HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkJscVZyeEhjNUc4VERMNGhZeDRJdGc9PSIsInZhbHVlIjoic1JwTUxyWjVyMGNQU2tGaUkxZlVuQmw3TExqNUt2MEtVNUtPM3kvLzZFSEE4UndSMU5NK3pvUXo2cldQUmI0MkhzNnA2cmV0OTdndHFyeWJWTGg4V3BpaDZ2WEN5VWQzVmwzN0ZhV2JERWFuZmE5OTEySUhwNXlhUWlNbnZNMGMiLCJtYWMiOiI2MDc0MTdhNWZlMmU5OWQ0MjllYjFiM2VkM2FjNDY2MTEzYjNkNjc2YmY0NTE1MGRmYWIzYzE1OTQ0MjMyYzY0In0%3D; lang=eyJpdiI6ImJYUlJKRHBOeXdBQkFYQmUvTEpqWkE9PSIsInZhbHVlIjoiZFJRdGM1WHZPdFNiV1ZDSkRrTG1BNWszNE1XbnltQS9mb2FqbFl6RHVwUy9sYjMvUE9PNUdFZk1qWC85VWZNRyIsIm1hYyI6ImE5NmFiMWUyNmE1ZGVlMzNmNWVjZTIwMDkyZmMzYzMyZmQ5NTllZjVjNWRhNWE3ZGRiZjA1YzBlNWUzNWM0YmYifQ%3D%3D; web1s_session=mmIocG4EK9HjA97fqxALQGCyrW5wiqRt9hwQ903P
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 20:06:30 GMT
content-type: text/css
last-modified: Tue, 30 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66309709-575bd"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 6548
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6C02HCMhPiNacbF2kO4im3cSpFzvk2zd4sksTOQZr7zyOr0vtIBB3KxZBAlxe8NTs8qrMdYjyIP5oTPcD%2FBCjvHrsxhsYMtCSfppZoN2c%2FG96IA2ChmMVe0uhCT0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881c8cd76e9e712f-OSL
alt-svc: h3=":443"; ma=86400
web1s.asia/icon.png
200 OK 3.8 kB IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Hash 0d66d063be8815bc0a53be87a2d1443a
e0a156f73b99645a4f24db32405d99c3c876c8a7
38a66259f21010e9392b777d39d7b08cfc936538c9c20536672c91f33594e943
GET /icon.png HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkJscVZyeEhjNUc4VERMNGhZeDRJdGc9PSIsInZhbHVlIjoic1JwTUxyWjVyMGNQU2tGaUkxZlVuQmw3TExqNUt2MEtVNUtPM3kvLzZFSEE4UndSMU5NK3pvUXo2cldQUmI0MkhzNnA2cmV0OTdndHFyeWJWTGg4V3BpaDZ2WEN5VWQzVmwzN0ZhV2JERWFuZmE5OTEySUhwNXlhUWlNbnZNMGMiLCJtYWMiOiI2MDc0MTdhNWZlMmU5OWQ0MjllYjFiM2VkM2FjNDY2MTEzYjNkNjc2YmY0NTE1MGRmYWIzYzE1OTQ0MjMyYzY0In0%3D; lang=eyJpdiI6ImJYUlJKRHBOeXdBQkFYQmUvTEpqWkE9PSIsInZhbHVlIjoiZFJRdGM1WHZPdFNiV1ZDSkRrTG1BNWszNE1XbnltQS9mb2FqbFl6RHVwUy9sYjMvUE9PNUdFZk1qWC85VWZNRyIsIm1hYyI6ImE5NmFiMWUyNmE1ZGVlMzNmNWVjZTIwMDkyZmMzYzMyZmQ5NTllZjVjNWRhNWE3ZGRiZjA1YzBlNWUzNWM0YmYifQ%3D%3D; web1s_session=mmIocG4EK9HjA97fqxALQGCyrW5wiqRt9hwQ903P; _ga_FFP7FJ85WV=GS1.1.1715371590.1.0.1715371590.0.0.0; _ga=GA1.1.671483523.1715371591
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 20:06:32 GMT
content-type: image/png
content-length: 3798
last-modified: Tue, 30 Apr 2024 07:00:25 GMT
etag: "66309709-ed6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 1883
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a2tB6dAmuHrI4xJoduDb%2FfW04TDq%2FRjGSrPIZQG41tiEK0hD3bkrIcqbg1XYgEKbQWdzcavwsWqOAyywQRIhJhCcciQSRDW8vhrJXZENEtjvxDYNaFIDfvljKUtR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881c8ce26c53712f-OSL
alt-svc: h3=":443"; ma=86400
www.vipads.live/vn/8840D886-F08E-46-33-9C642005CB7F.blpha
59 kB URL GET www.vipads.live/vn/8840D886-F08E-46-33-9C642005CB7F.blpha
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerUnizeto Technologies S.A.
Subjectwww.vipads.live
Fingerprint3E:B1:B6:F1:38:D5:C9:15:6F:E5:83:2C:13:7C:3A:97:0C:5C:AF:83
ValiditySun, 05 May 2024 07:09:59 GMT - Wed, 04 Jun 2025 07:09:58 GMT
File type gzip compressed data, from Unix
Hash 7c1d181f34809437a4684475420cb277
dc1ca21efa910cce51e0e78248dbaa24f10f8daf
50244355d23d3678519fac37bfc6f59df70e8f6fc255625f73e045585983f349
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /vn/8840D886-F08E-46-33-9C642005CB7F.blpha HTTP/1.1
Host: www.vipads.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 20:06:31 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Fri, 10 May 2024 20:06:31 GMT
expires: Fri, 10 May 2024 20:21:31 GMT
cache-control: max-age=900
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2
200 OK 39 kB URL GET HTTP/2 fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 39124, version 1.0
Hash 86b73ab5f530be7984b704414f2a711d
8e297794ed7b6f5ea476d14b5270df12e8f3e42a
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
GET /s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 39124
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:49:00 GMT
expires: Fri, 09 May 2025 01:49:00 GMT
cache-control: public, max-age=31536000
age: 152252
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2
200 OK 78 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 78268, version 331.-31196
Hash d824df7eb2e268626a2dd9a6a741ac4e
0ccb2c814a7e4ca12c4778821633809cb0361eaa
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
GET /ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 20:06:32 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 78268
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "613fa20b-131bc"
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 185272
expires: Wed, 30 Apr 2025 20:06:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G3Py4czG43Exqbq%2FYpc2YifmJIL1ARp9CJ%2F1PkI%2BTiiSwiRBGChaStkcijToS%2FUvIpcYvkE1qx8kMrGkr8eHOmA9qx1N6jPnjq04bvBymz9M9%2Bo8ygIZtNQJdY0bSVc7lbm8R4gj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881c8ce43d7ab51d-OSL
alt-svc: h3=":443"; ma=86400
s.magsrv.com/v1/api.php
200 OK 2.1 kB IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT
Hash 65d6d254b5bd07d9ca6b2a6a065333bb
a9f80064876db8862a3a35ab7c31892fb2a05023
b6257b5bc52233d1a901a9ef0a736153d4216b350ea0e2aab8acd54a3e0c4052
POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 307
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 20:06:32 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://web1s.asia
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A31%3A%22663e7e4871a729.5847219918548958%22%3B%7D; expires=Sun, 10-May-2026 20:06:32 GMT; Max-Age=63072000; path=/; domain=magsrv.com; secure; SameSite=None
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
qph.cf2.quoracdn.net/main-qimg-845336ca80754d6c0cc00307d88520d1
200 OK 96 B URL GET HTTP/2 qph.cf2.quoracdn.net/main-qimg-845336ca80754d6c0cc00307d88520d1
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerLet's Encrypt
Subjectquora.com
FingerprintB0:EF:CB:8C:1F:11:42:62:F1:35:F2:63:13:E9:7A:70:16:ED:B0:1B
ValiditySun, 31 Mar 2024 16:22:00 GMT - Sat, 29 Jun 2024 16:21:59 GMT
File type PNG image data, 4 x 4, 1-bit colormap, non-interlaced
Hash 98b7417fe79f2cd8beefa55ff259f51f
7322ea094fae476afb7cd0f5a2c6c17c3d33fe52
f23d2f5f76c5d39dd10168d73ce1af2b1adc33ee9d0205a655e8d8248d464dd1
GET /main-qimg-845336ca80754d6c0cc00307d88520d1 HTTP/1.1
Host: qph.cf2.quoracdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:06:32 GMT
content-type: image/webp
content-length: 96
cache-control: public, max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=1103
etag: "845336ca80754d6c0cc00307d88520d1"
expires: Mon, 08 May 2034 20:06:32 GMT
last-modified: Sat, 29 Jul 2023 12:27:49 GMT
vary: Accept
x-amz-id-2: m8DPHWOEYwum8srg2xlduaBNr+60x0WOugmnKTShyhGSAtYpc9dXTd3eXDjShmhNTmudixWDyrCvzdKDss+HSg==
x-amz-replication-status: COMPLETED
x-amz-request-id: Q4JBNC6AJ8XJCJHA
x-amz-server-side-encryption: AES256
x-amz-version-id: TaNcoumswQYrP9DUAwdTbPqA4q3zGU1v
cf-cache-status: HIT
age: 877544
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
server: cloudflare
cf-ray: 881c8ce5dd0a7128-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.youtube.com/embed/c4UwjUIHcbk
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 May 2024 18:37:19 GMT
expires: Mon, 05 May 2025 18:37:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 437353
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fstatic.netpub.media/r/c98c98911166f1f070e872da610a9398/service.js
302 Found 16 kB URL GET HTTP/2 fstatic.netpub.media/r/c98c98911166f1f070e872da610a9398/service.js
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subjectnetpub.media
Fingerprint45:A8:49:BA:FB:8E:4E:C2:5E:9C:6C:58:AE:95:A1:82:A3:62:8A:59
ValidityWed, 08 May 2024 01:58:12 GMT - Tue, 06 Aug 2024 01:58:11 GMT
Hash c41133e622a6a022de0c70ae60f17d60
584f40c97baae13a1fe09e8feb297950cea1133c
84d422a6f9b5bc1580cf7559cb0527f49b6ec921c6f7911b0772ad5dc4e32c39
GET /r/c98c98911166f1f070e872da610a9398/service.js HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Fri, 10 May 2024 20:06:32 GMT
content-type: text/html; charset=iso-8859-1
location: https://fstatic.netpub.media/r/c98c98911166f1f070e872da610a9398/47f905a4.js?npr=58581e32712a59e197a62305ec76a1da
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QvbUzByDEB4BqX3mCyQF%2BEd9xqj%2FTssmzM%2FasZANWbZNB9%2BmE%2BT3SBJdsBu0ZTtPTqQ8vO7dGNhOkdgnooIX1bnPzQNYotYvGpmtlihPTWthZC843wpNMAayVpSEERR91p%2BngJBZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881c8ce49de6b51d-OSL
X-Firefox-Spdy: h2
www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/embed.js
200 OK 20 kB URL GET HTTP/3 www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/embed.js
IP
Requested by https://www.youtube.com/embed/c4UwjUIHcbk
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File type JavaScript source, ASCII text, with very long lines (3391)
Hash a10bbcb280cd85678f7fa91f5987a1b4
d03518f518678e57318f383add3c26eb4c891d96
dcd6057e903309b4cd9d73dbeb9ebb179dd625facd8d04c5578bec9e44f54e0e
GET /s/player/17fd9675/player_ias.vflset/en_US/embed.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/c4UwjUIHcbk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 19819
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 May 2024 07:44:00 GMT
expires: Thu, 08 May 2025 07:44:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 May 2024 04:20:16 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 217352
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/17fd9675/www-player.css
200 OK 48 kB URL GET HTTP/3 www.youtube.com/s/player/17fd9675/www-player.css
IP
Requested by https://www.youtube.com/embed/c4UwjUIHcbk
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 69c6c2a25cfac2a8ab7182b8a91325da
76d6c2b5a85fd1cedf7ab5022084cc982ef6f11c
e4ea3085c10ebdcee3f4b16dd370f467847e40aba7fcae77d60eed0024155864
GET /s/player/17fd9675/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/c4UwjUIHcbk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 47612
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 14:45:19 GMT
expires: Sat, 10 May 2025 14:45:19 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 May 2024 04:20:16 GMT
content-type: text/css
vary: Accept-Encoding, Origin
age: 19273
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/17fd9675/www-embed-player.vflset/www-embed-player.js
200 OK 97 kB URL GET HTTP/3 www.youtube.com/s/player/17fd9675/www-embed-player.vflset/www-embed-player.js
IP
Requested by https://www.youtube.com/embed/c4UwjUIHcbk
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File type JavaScript source, ASCII text, with very long lines (829)
Hash aafc3991a4c65c32f11e3e55af0c0acb
c77a8d5a8933d5f4189581f6b9671ff6ec91a2b4
cf3a4809b702abf801ac1d61beea76a0307884338c26c1f970e3cb6bfc0870c6
GET /s/player/17fd9675/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/c4UwjUIHcbk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97304
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 May 2024 07:36:21 GMT
expires: Thu, 08 May 2025 07:36:21 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 May 2024 04:20:16 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 217811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/base.js
200 OK 814 kB URL GET HTTP/3 www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/base.js
IP
Requested by https://www.youtube.com/embed/c4UwjUIHcbk
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File type JavaScript source, ASCII text, with very long lines (555)
Size 814 kB (813878 bytes)
Hash ed2c629dc5e405799ef93b97876abc45
0a2588c1368fe48fb433cad8acc58b1214a77495
1a552e8ddfd36edc537188b01daf4f0388bb040af577451a8d0f3fe11d538e47
GET /s/player/17fd9675/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/c4UwjUIHcbk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-encoding: gzip
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 813878
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 May 2024 07:42:23 GMT
expires: Thu, 08 May 2025 07:42:23 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 May 2024 04:20:16 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 217449
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cmp.netpub.media/17153715928320.8437554332148991/run.js?v=17153715928320.8437554332148991
200 OK 976 B URL GET HTTP/2 cmp.netpub.media/17153715928320.8437554332148991/run.js?v=17153715928320.8437554332148991
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subjectnetpub.media
Fingerprint45:A8:49:BA:FB:8E:4E:C2:5E:9C:6C:58:AE:95:A1:82:A3:62:8A:59
ValidityWed, 08 May 2024 01:58:12 GMT - Tue, 06 Aug 2024 01:58:11 GMT
File type JavaScript source, ASCII text, with CRLF line terminators
Hash 54f643b0fa8a7d71cb117679a6fbb2ce
573d440c0f9fa4cf53e85cf86a86eba173933a1c
851d2ece063bcac9a5addec55308a32557f978d2daf3950395fc3dc41e9e9336
GET /17153715928320.8437554332148991/run.js?v=17153715928320.8437554332148991 HTTP/1.1
Host: cmp.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 20:06:32 GMT
content-type: application/javascript
last-modified: Wed, 21 Feb 2024 16:05:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DxgrRB0FaNbCNnOiHFpFXRLCgNSjkDIfcOfPofwxBkYDvNFhveReRxTZEA0zoe%2FKRk5DXVWmFyeeuX1VIaJsmlA%2BH3BaK33QEAd5UFEQbsJABbF2hnXQLt%2BTkkMJ0AZB1PU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881c8ce7795cb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
mp.4dex.io/prebid
204 No Content 0 B IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint02:E1:92:C5:72:6D:E0:64:4A:46:05:69:81:98:7C:43:13:E7:15:7A
ValidityTue, 01 Aug 2023 00:00:00 GMT - Wed, 31 Jul 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1302
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Fri, 10 May 2024 20:06:33 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://web1s.asia
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. parseadrequest website disabled
x-version: 3.0.0-gcp-ams
x-warn: Parsing the Prebid Request. website_disabled, Parsing the Prebid Request. domain_invalid, Parsing the Prebid Request. int_scc_sid
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 881c8ce96caa712f-OSL
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
204 No Content 0 B IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerLet's Encrypt
Subject*.a-mo.net
FingerprintC4:70:11:35:C8:44:C9:33:89:20:3A:0D:10:63:D9:93:3F:F1:AC:9D
ValiditySun, 05 May 2024 10:53:54 GMT - Sat, 03 Aug 2024 10:53:53 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1252
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://web1s.asia
cache-control: max-age=0, private, must-revalidate
date: Fri, 10 May 2024 20:06:32 GMT
server: envoy
vary: origin, accept-encoding, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2
www.youtube.com/embed/c4UwjUIHcbk
200 OK 38 kB URL GET HTTP/2 www.youtube.com/embed/c4UwjUIHcbk
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (58006)
Hash 3e106d9d932dd134774e893f0cf854ee
5d5591cc0f3bac1dea8869bcbf35ab611da99bcc
c08bf2df1050127d753a02851d8903c4a99eee60746f63be535f0c79eb4d65d3
GET /embed/c4UwjUIHcbk HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 10 May 2024 20:06:32 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=ZA6SoCZ7-OQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=_-lFSR8djXE; Domain=.youtube.com; Expires=Wed, 06-Nov-2024 20:06:32 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_PRIVACY_METADATA=CgJOTxIIEgQSAgsMIEU%3D; Domain=.youtube.com; Expires=Wed, 06-Nov-2024 20:06:32 GMT; Path=/; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 0 B URL OPTIONS HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Requested by https://www.youtube.com/embed/c4UwjUIHcbk
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 10 May 2024 20:06:33 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
200 OK 5.2 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
IP
Requested by https://www.youtube.com/embed/c4UwjUIHcbk
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 5224, version 1.0
Hash a835084624425dacc5e188c6973c1594
1bef196929bffcabdc834c0deefda104eb7a3318
0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5224
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:15:35 GMT
expires: Fri, 09 May 2025 02:15:35 GMT
cache-control: public, max-age=31536000
age: 150658
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
200 OK 12 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP
Requested by https://www.youtube.com/embed/c4UwjUIHcbk
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 11936, version 1.0
Hash 15d8ede0a816bc7a9838207747c6620c
f6e2e75f1277c66e282553ae6a22661e51f472b8
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11936
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 10:25:52 GMT
expires: Sat, 10 May 2025 10:25:52 GMT
cache-control: public, max-age=31536000
age: 34841
last-modified: Mon, 16 Oct 2017 17:33:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 42 kB URL OPTIONS HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Requested by https://www.youtube.com/embed/c4UwjUIHcbk
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hash 92b4366cddffeffb00588a7d49cf7388
03a24b84dfc0307a3294ae3415ac3a72ed69628d
8d880ad2310a90efba92157419fcb2e5b3fe3ee68929f8118addb9af135823d0
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 10 May 2024 20:06:33 GMT
server: ESF
cache-control: private
content-length: 42177
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
316 B URL zerossl.ocsp.sectigo.com/
IP
Hash feee53dca5c68471b326dc13b3cff294
eaea4fc65e807f9f28074403877a2a016f291b3c
97bd496008faf83dfe8dcaa9a92c0e0b0ab8adb2c34c7027c3c20dcaf58458c7
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 20:06:33 GMT
Content-Type: application/ocsp-response
Content-Length: 316
Connection: keep-alive
Last-Modified: Fri, 10 May 2024 12:48:27 GMT
Expires: Fri, 17 May 2024 12:48:26 GMT
Etag: "eaea4fc65e807f9f28074403877a2a016f291b3c"
Cache-Control: max-age=577947,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 881c8cecbd3ab4ff-OSL
zerossl.ocsp.sectigo.com/
316 B URL zerossl.ocsp.sectigo.com/
IP
Hash feee53dca5c68471b326dc13b3cff294
eaea4fc65e807f9f28074403877a2a016f291b3c
97bd496008faf83dfe8dcaa9a92c0e0b0ab8adb2c34c7027c3c20dcaf58458c7
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 20:06:33 GMT
Content-Type: application/ocsp-response
Content-Length: 316
Connection: keep-alive
Last-Modified: Fri, 10 May 2024 12:48:27 GMT
Expires: Fri, 17 May 2024 12:48:26 GMT
Etag: "eaea4fc65e807f9f28074403877a2a016f291b3c"
Cache-Control: max-age=577947,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 881c8cecb97456b4-OSL
i.ytimg.com/vi_webp/c4UwjUIHcbk/maxresdefault.webp
200 OK 21 kB URL GET HTTP/2 i.ytimg.com/vi_webp/c4UwjUIHcbk/maxresdefault.webp
IP
Requested by https://www.youtube.com/embed/c4UwjUIHcbk
Certificate IssuerGoogle Trust Services LLC
Subjectedgestatic.com
FingerprintD2:2C:3D:05:38:12:27:20:C9:64:22:58:3A:99:D5:43:6E:BD:3B:D2
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 0def14c0743740560aeb74bdd0a4c0c9
bab5130106f1a256feea1c4f23f08a476341ec88
add9ebc25c629cd8b02b00435c7afcb0a2cc9bbf2360f3796901f6e2df71f302
GET /vi_webp/c4UwjUIHcbk/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 21206
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 20:06:33 GMT
expires: Fri, 10 May 2024 22:06:33 GMT
cache-control: public, max-age=7200
etag: "1704683889"
content-type: image/webp
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/js/th/4FCBsbVWt5jZVKm36Bs_QtpgBkunTUSSklJnPgMburg.js
200 OK 21 kB URL GET HTTP/3 www.google.com/js/th/4FCBsbVWt5jZVKm36Bs_QtpgBkunTUSSklJnPgMburg.js
IP
Requested by https://www.youtube.com/embed/c4UwjUIHcbk
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File type JavaScript source, ASCII text, with very long lines (52315)
Hash a9cea36ea530078693c45ab72afdefc4
4905b6c427473195367a2e7663453b93e6543e18
e05081b1b556b798d954a9b7e81b3f42da60064ba74d44929252673e031bbab8
GET /js/th/4FCBsbVWt5jZVKm36Bs_QtpgBkunTUSSklJnPgMburg.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 20579
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 15:09:20 GMT
expires: Fri, 09 May 2025 15:09:20 GMT
cache-control: public, max-age=31536000
age: 104233
last-modified: Mon, 29 Apr 2024 11:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.chaty.app/pixel.js?id=PjlHFsfb
200 OK 21 kB URL GET HTTP/2 cdn.chaty.app/pixel.js?id=PjlHFsfb
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerLet's Encrypt
Subjectchaty.app
FingerprintAB:74:24:B7:7B:A1:09:10:A8:2E:40:D1:8B:DD:3F:5D:2A:61:1B:A1
ValidityWed, 24 Apr 2024 19:20:59 GMT - Tue, 23 Jul 2024 19:20:58 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash fabe65ec46d38e090ec90016f1bc9a1f
e5ad156dd91976d6219d903e007adb6c07019d2d
fcee6d5712022714996cba94f4fa5cef591b07c97438553371983430802c9fa5
GET /pixel.js?id=PjlHFsfb HTTP/1.1
Host: cdn.chaty.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:06:30 GMT
content-type: application/javascript
last-modified: Tue, 07 May 2024 10:40:10 GMT
etag: W/"fabe65ec46d38e090ec90016f1bc9a1f"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e9eeb72bccacc26d81e7bd02c27d126a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: aFTiR6cW5DYSBW3rj3Qe2f8vTavn6J2JE2xWZF5wyDkyJBU3x2Gp_w==
age: 1884
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6wbCJU2NQabDNU4zFtbqv4Hy3xqlWXc15V9mHRT9UzBuntQnbRADpSrz6OzmckxvTm2N9JGuRJkhdUyoTOht%2B3FsCwR80XcXA17onF27PND7aOClzatWmGIG%2F%2FpZENfZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881c8cd84d3856cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AIdro_krBliqSG_IeAtuZhU034U2s0Qnm0otj7obSnF2vRETCKW0NOuypcFuFcsVwxjwrJ8eHg=s68-c-k-c0x00ffffff-no-rj
200 OK 1.2 kB URL GET HTTP/2 yt3.ggpht.com/ytc/AIdro_krBliqSG_IeAtuZhU034U2s0Qnm0otj7obSnF2vRETCKW0NOuypcFuFcsVwxjwrJ8eHg=s68-c-k-c0x00ffffff-no-rj
IP
Requested by https://www.youtube.com/embed/c4UwjUIHcbk
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint7B:64:D0:4F:29:87:0A:A8:90:15:F1:9F:B6:8F:FB:D6:AC:D2:76:56
ValidityTue, 16 Apr 2024 04:13:47 GMT - Tue, 09 Jul 2024 04:13:46 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3
Hash a7fa043f3c6e520cba9a9e5e25fac22b
67b6c463bf71c8bfcbe58966ec9dfedeb4420f6c
7b7b789816e7e85d991ac925a800ce52ba848b1d6a430addc88ec5621cf7851b
GET /ytc/AIdro_krBliqSG_IeAtuZhU034U2s0Qnm0otj7obSnF2vRETCKW0NOuypcFuFcsVwxjwrJ8eHg=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
server: fife
content-length: 1189
x-xss-protection: 0
date: Fri, 10 May 2024 16:10:34 GMT
expires: Sat, 11 May 2024 16:10:34 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
vary: Origin
age: 14159
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/remote.js
200 OK 0 B URL GET HTTP/3 www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/remote.js
IP
Requested by https://www.youtube.com/embed/c4UwjUIHcbk
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/player/17fd9675/player_ias.vflset/en_US/remote.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/c4UwjUIHcbk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 33695
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 May 2024 07:44:00 GMT
expires: Thu, 08 May 2025 07:44:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 May 2024 04:20:16 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 217353
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 110 B URL OPTIONS HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Requested by https://www.youtube.com/embed/c4UwjUIHcbk
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hash 5f069517556e4187aca56981b4f010d7
d721bc0732308795ac68b19c43554f5fa219bf27
2df4e94e56d62b53ab0d9629230c5e66eac2ba13f24486f5e8373a7aa69337fb
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 842
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 10 May 2024 20:06:34 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.vipads.cc/ad.png
200 OK 8.3 kB IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerLet's Encrypt
Subjectcdn.vipads.cc
FingerprintC3:8B:84:FA:07:43:6F:09:EC:98:76:C0:11:F3:0B:CA:24:1F:6E:9E
ValidityMon, 15 Apr 2024 02:35:32 GMT - Sun, 14 Jul 2024 02:35:31 GMT
File type PNG image data, 684 x 90, 8-bit/color RGB, non-interlaced
Hash f38c793c9e8d38db287e7a27bd8bc033
fc1dfe25c6c83580fb18e4840ad4a86a4aba5e74
d2b4ec238e35ede0f85be7a9ddb686b8a51d4a7e301ee7e41f89178648bcc57c
GET /ad.png HTTP/1.1
Host: cdn.vipads.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 20:06:34 GMT
Content-Type: image/png
Content-Length: 8267
Connection: keep-alive
Last-Modified: Thu, 09 May 2024 09:54:12 GMT
ETag: "663c9d44-204b"
Expires: Sun, 09 Jun 2024 09:59:34 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
www.youtube.com/generate_204?gJtKwg
204 No Content 0 B URL GET HTTP/3 www.youtube.com/generate_204?gJtKwg
IP
Requested by https://www.youtube.com/embed/c4UwjUIHcbk
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?gJtKwg HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/c4UwjUIHcbk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Fri, 10 May 2024 20:06:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js
200 OK 204 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeLfAslAAAAAF-EeUZGqaG2BeDCnSiMX14mUlaI&co=aHR0cHM6Ly93ZWIxcy5hc2lhOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=5080h4kaldqg
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type JavaScript source, ASCII text, with very long lines (632)
Size 204 kB (204445 bytes)
Hash add520996e437bff5d081315da187fbf
2e489fe16f3712bf36df00b03a8a5af8fa8d4b42
922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4
GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 16:12:34 GMT
expires: Tue, 06 May 2025 16:12:34 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 359640
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12OS2oEMQxEr5ILtCnJkj+zzjqBhBzAnXZDNtn0IhOow8fugWGIH0bGqipJobbAF8GTpAvSJSqrhIpgGsSNL69vNOFPX+UI7fhqdNWcwSylJlAgIgq6qEmaVejZo6XCItFqHSHijMRAR8PmKwAQVvDj/fm8MlBG4Ko+Us+5I1w53MR1mqFJayltT7apWbMe+77ltGtckS1O4eOiuBEg5QzHnWUqo1gcMRwHPL/b8fv9ST4IJ363Ttf/7g2dw8VsaqibI+7Jx569eOlu625bqw701pP+AdKN8Jx0AQAA
200 OK 20 B URL GET HTTP/1.1 s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12OS2oEMQxEr5ILtCnJkj+zzjqBhBzAnXZDNtn0IhOow8fugWGIH0bGqipJobbAF8GTpAvSJSqrhIpgGsSNL69vNOFPX+UI7fhqdNWcwSylJlAgIgq6qEmaVejZo6XCItFqHSHijMRAR8PmKwAQVvDj/fm8MlBG4Ko+Us+5I1w53MR1mqFJayltT7apWbMe+77ltGtckS1O4eOiuBEg5QzHnWUqo1gcMRwHPL/b8fv9ST4IJ363Ttf/7g2dw8VsaqibI+7Jx569eOlu625bqw701pP+AdKN8Jx0AQAA
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT
File type gzip compressed data, max speed, from Unix
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA12OS2oEMQxEr5ILtCnJkj+zzjqBhBzAnXZDNtn0IhOow8fugWGIH0bGqipJobbAF8GTpAvSJSqrhIpgGsSNL69vNOFPX+UI7fhqdNWcwSylJlAgIgq6qEmaVejZo6XCItFqHSHijMRAR8PmKwAQVvDj/fm8MlBG4Ko+Us+5I1w53MR1mqFJayltT7apWbMe+77ltGtckS1O4eOiuBEg5QzHnWUqo1gcMRwHPL/b8fv9ST4IJ363Ttf/7g2dw8VsaqibI+7Jx569eOlu625bqw701pP+AdKN8Jx0AQAA HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A31%3A%22663e7e4871a729.5847219918548958%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 20:06:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://web1s.asia
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css
200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css
IP
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6LeLfAslAAAAAF-EeUZGqaG2BeDCnSiMX14mUlaI
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type ASCII text, with very long lines (56412), with no line terminators
Hash 2c00b9f417b688224937053cd0c284a5
17b4c18ebc129055dd25f214c3f11e03e9df2d82
1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed
GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 19:34:32 GMT
expires: Tue, 06 May 2025 19:34:32 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/css
vary: Accept-Encoding
age: 347522
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/api2/anchor?ar=1&k=6LeLfAslAAAAAF-EeUZGqaG2BeDCnSiMX14mUlaI&co=aHR0cHM6Ly93ZWIxcy5hc2lhOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=5080h4kaldqg
200 OK 39 kB URL GET HTTP/3 www.google.com/recaptcha/api2/anchor?ar=1&k=6LeLfAslAAAAAF-EeUZGqaG2BeDCnSiMX14mUlaI&co=aHR0cHM6Ly93ZWIxcy5hc2lhOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=5080h4kaldqg
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hash b5f39e7edf8a3ba531c4bce8f9f9f3c3
2c49566c7af33df49c5d6ac183d4155f6d3875e1
9914432cf0c135325f554521340056047754ba72ea10daac97b3c0c97dd9b067
GET /recaptcha/api2/anchor?ar=1&k=6LeLfAslAAAAAF-EeUZGqaG2BeDCnSiMX14mUlaI&co=aHR0cHM6Ly93ZWIxcy5hc2lhOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=5080h4kaldqg HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 10 May 2024 20:06:34 GMT
content-security-policy: script-src 'nonce-2UCGq1Gl39a034ODaeFjAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12QS2oDMRBEr5ILjKj+6eN11gnE5AAazwxkk80sYkMfPq0xGGM9BI26qloSg3WCTYQ3yifkk7A3Sg1JOZGpf3x+uZL/rTPtqe8/3Y25FHih2jKcQEQMN2LLoq4t6mKiuXol0daKOpmLI+Bo6KgSAPLQfp/fj00BuwBXtkg95kY4e7gd12EGZ2619i3rwqpdV1m3peSNZUZRGcLni+JOgnA70vFgGlIhlcjxWPDjuO+334v7k3BgD+twvXbvcB4vUB0az7TqhlYpvqia0lxtNlp6Xja+zGT/0EXwm3UBAAA=
200 OK 20 B URL GET HTTP/1.1 s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12QS2oDMRBEr5ILjKj+6eN11gnE5AAazwxkk80sYkMfPq0xGGM9BI26qloSg3WCTYQ3yifkk7A3Sg1JOZGpf3x+uZL/rTPtqe8/3Y25FHih2jKcQEQMN2LLoq4t6mKiuXol0daKOpmLI+Bo6KgSAPLQfp/fj00BuwBXtkg95kY4e7gd12EGZ2619i3rwqpdV1m3peSNZUZRGcLni+JOgnA70vFgGlIhlcjxWPDjuO+334v7k3BgD+twvXbvcB4vUB0az7TqhlYpvqia0lxtNlp6Xja+zGT/0EXwm3UBAAA=
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT
File type gzip compressed data, max speed, from Unix
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA12QS2oDMRBEr5ILjKj+6eN11gnE5AAazwxkk80sYkMfPq0xGGM9BI26qloSg3WCTYQ3yifkk7A3Sg1JOZGpf3x+uZL/rTPtqe8/3Y25FHih2jKcQEQMN2LLoq4t6mKiuXol0daKOpmLI+Bo6KgSAPLQfp/fj00BuwBXtkg95kY4e7gd12EGZ2619i3rwqpdV1m3peSNZUZRGcLni+JOgnA70vFgGlIhlcjxWPDjuO+334v7k3BgD+twvXbvcB4vUB0az7TqhlYpvqia0lxtNlp6Xja+zGT/0EXwm3UBAAA= HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A31%3A%22663e7e4871a729.5847219918548958%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 20:06:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://web1s.asia
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s3t3d2y8.afcdn.net/library/522770/7665900e3a6688f00d13484a825eba5119e81924.gif
200 OK 27 kB URL GET HTTP/2 s3t3d2y8.afcdn.net/library/522770/7665900e3a6688f00d13484a825eba5119e81924.gif
IP
ASN #60068 Datacamp Limited
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint22:9F:54:A2:AF:3E:A2:6B:FB:1A:C6:F4:B8:E8:E1:C3:A8:02:B3:29
ValidityTue, 30 Apr 2024 07:42:02 GMT - Mon, 29 Jul 2024 07:42:01 GMT
File type GIF image data, version 87a, 300 x 250
Hash f1e022a28c4270f6ebc6925afbd49468
7665900e3a6688f00d13484a825eba5119e81924
20f202ddf4ddb31cb3d50175c66c7cee3be744d3765362fae046646ee4a9a68d
GET /library/522770/7665900e3a6688f00d13484a825eba5119e81924.gif HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:06:34 GMT
content-type: image/gif
content-length: 27072
last-modified: Tue, 22 Jun 2021 15:10:18 GMT
etag: "60d1fd5a-69c0"
expires: Tue, 24 Oct 2023 20:49:53 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBuUwJFAH33DnIAA
x-77-nzt-ray: af585630291c15a64a7e3e66d5e48e36
x-accel-expires: @1732088261
x-accel-date: 1702249582
x-cache: HIT
x-age: 13122012
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 13122012
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js
200 OK 204 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeLfAslAAAAAF-EeUZGqaG2BeDCnSiMX14mUlaI&co=aHR0cHM6Ly93ZWIxcy5hc2lhOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=5080h4kaldqg
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type JavaScript source, ASCII text, with very long lines (632)
Size 204 kB (204445 bytes)
Hash add520996e437bff5d081315da187fbf
2e489fe16f3712bf36df00b03a8a5af8fa8d4b42
922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4
GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 16:12:34 GMT
expires: Tue, 06 May 2025 16:12:34 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 359640
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
imgsrc.baidu.com/forum/pic/item/21a4462309f79052bb28a6084af3d7ca7bcbd5d5.gif
200 OK 138 kB URL GET HTTP/2 imgsrc.baidu.com/forum/pic/item/21a4462309f79052bb28a6084af3d7ca7bcbd5d5.gif
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 640 x 200
Size 138 kB (137837 bytes)
Hash ece90211f879a6d0f9756c8419abf44e
21152f4d316bac78a8db532f6a5dca735620911e
2e6d16d942613d8d25b6b8184ec2e5f44d1c1e05cdfe771d9887ffb33722c317
GET /forum/pic/item/21a4462309f79052bb28a6084af3d7ca7bcbd5d5.gif HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 10 May 2024 20:06:34 GMT
content-type: image/gif
content-length: 137837
expires: Thu, 30 May 2024 09:33:25 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: ece90211f879a6d0f9756c8419abf44e
age: 901989
accept-ranges: bytes
access-control-allow-origin: *
ohc-global-saved-time: Tue, 30 Apr 2024 09:33:25 GMT
ohc-cache-hit: sfo01-sys-jorcol03.sfo01.baidu.com [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
ocsp.trust-provider.cn/
600 B IP
Hash 03f03519097fbf1d368ef11b7c0245ca
1fd9a66fae01d4b636d26d7094e29334851f5962
4fb64c47fb42ba8e0d2a60c5e50c1c4b9c289e3e054790e82da558b002ba09cf
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: volc-dcdn
Content-Type: application/ocsp-response
Content-Length: 600
Connection: keep-alive
cf-ray: 8805027bda6784ca-HKG
request-id: 663e7e4aca7c21a0c6c69a34963ff1bb
date: Fri, 10 May 2024 20:06:34 GMT
x-ccacdn-proxy-id: scdpinlb5
ctl-cache-status: HIT from hk-xianggang4-ca01, HIT from fj-quanzhou7-ca33, HIT from js-nanjing1-ca35
accept-ranges: bytes
cache-control: max-age=3600
expires: Tue, 14 May 2024 22:51:52 GMT
cf-cache-status: EXPIRED
x-frame-options: SAMEORIGIN
age: 3253
last-modified: Tue, 07 May 2024 22:51:53 GMT
etag: "1fd9a66fae01d4b636d26d7094e29334851f5962"
via: n172-013-214.fzmp.ToB
x-request-ip: 91.90.42.154
x-tt-trace-tag: id=5
x-dsa-trace-id: 17153715944d5a25051c58cdda5b2e28542ab7d51a
X-Dsa-Origin-Status: 200
server-timing: cdn-cache;desc=MISS, origin;dur=35, edge;dur=0
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.youtube.com/embed/c4UwjUIHcbk
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 May 2024 18:37:19 GMT
expires: Mon, 05 May 2025 18:37:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 437356
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/js/bg/EghGp72f3L_y9HVk4Nn8Vk_BAMWB9fGIEzP3DzvQDW8.js
200 OK 7.4 kB URL GET HTTP/3 www.google.com/js/bg/EghGp72f3L_y9HVk4Nn8Vk_BAMWB9fGIEzP3DzvQDW8.js
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeLfAslAAAAAF-EeUZGqaG2BeDCnSiMX14mUlaI&co=aHR0cHM6Ly93ZWIxcy5hc2lhOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=5080h4kaldqg
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File type JavaScript source, ASCII text, with very long lines (17542)
Hash 7c111ad0cbb18935696bc8bb0846ec26
a9c77f0678ff71a4032e787999ada733e7da10cf
120846a7bd9fdcbff2f47564e0d9fc564fc100c581f5f1881333f70f3bd00d6f
GET /js/bg/EghGp72f3L_y9HVk4Nn8Vk_BAMWB9fGIEzP3DzvQDW8.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeLfAslAAAAAF-EeUZGqaG2BeDCnSiMX14mUlaI&co=aHR0cHM6Ly93ZWIxcy5hc2lhOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=5080h4kaldqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7438
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 01:06:37 GMT
expires: Sat, 10 May 2025 01:06:37 GMT
cache-control: public, max-age=31536000
age: 68398
last-modified: Mon, 29 Apr 2024 11:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/api2/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q
200 OK 2.3 kB URL GET HTTP/3 www.google.com/recaptcha/api2/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeLfAslAAAAAF-EeUZGqaG2BeDCnSiMX14mUlaI&co=aHR0cHM6Ly93ZWIxcy5hc2lhOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=5080h4kaldqg
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hash c6706c47fb76abfef475b22947d327c1
fb80906ec3634f828b62d6545ad9bd62fb937ac4
bb43b0c7e62a11decbc66d012ab27a3dbb95aac8266fd51637d84d7355197ea8
GET /recaptcha/api2/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeLfAslAAAAAF-EeUZGqaG2BeDCnSiMX14mUlaI&co=aHR0cHM6Ly93ZWIxcy5hc2lhOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=5080h4kaldqg
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 10 May 2024 20:06:35 GMT
date: Fri, 10 May 2024 20:06:35 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js
200 OK 204 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeLfAslAAAAAF-EeUZGqaG2BeDCnSiMX14mUlaI&co=aHR0cHM6Ly93ZWIxcy5hc2lhOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=5080h4kaldqg
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type JavaScript source, ASCII text, with very long lines (632)
Size 204 kB (204445 bytes)
Hash add520996e437bff5d081315da187fbf
2e489fe16f3712bf36df00b03a8a5af8fa8d4b42
922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4
GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 16:12:34 GMT
expires: Tue, 06 May 2025 16:12:34 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 359641
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css
200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css
IP
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6LeLfAslAAAAAF-EeUZGqaG2BeDCnSiMX14mUlaI
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type ASCII text, with very long lines (56412), with no line terminators
Hash 2c00b9f417b688224937053cd0c284a5
17b4c18ebc129055dd25f214c3f11e03e9df2d82
1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed
GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 19:34:32 GMT
expires: Tue, 06 May 2025 19:34:32 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/css
vary: Accept-Encoding
age: 347523
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js
200 OK 204 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeLfAslAAAAAF-EeUZGqaG2BeDCnSiMX14mUlaI&co=aHR0cHM6Ly93ZWIxcy5hc2lhOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=5080h4kaldqg
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type JavaScript source, ASCII text, with very long lines (632)
Size 204 kB (204445 bytes)
Hash add520996e437bff5d081315da187fbf
2e489fe16f3712bf36df00b03a8a5af8fa8d4b42
922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4
GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 16:12:34 GMT
expires: Tue, 06 May 2025 16:12:34 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 359641
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.trust-provider.cn/
600 B IP
Hash 03f03519097fbf1d368ef11b7c0245ca
1fd9a66fae01d4b636d26d7094e29334851f5962
4fb64c47fb42ba8e0d2a60c5e50c1c4b9c289e3e054790e82da558b002ba09cf
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: volc-dcdn
Content-Type: application/ocsp-response
Content-Length: 600
Connection: keep-alive
accept-ranges: bytes
cache-control: max-age=3600
date: Fri, 10 May 2024 20:06:35 GMT
etag: "1fd9a66fae01d4b636d26d7094e29334851f5962"
request-id: 663e7e4b481ff74ea52a7ba085728176
x-frame-options: SAMEORIGIN
x-ccacdn-proxy-id: scdpinlb5
cf-ray: 8805027bda6784ca-HKG
expires: Tue, 14 May 2024 22:51:52 GMT
last-modified: Tue, 07 May 2024 22:51:53 GMT
ctl-cache-status: HIT from hk-xianggang4-ca01, HIT from fj-quanzhou7-ca33, HIT from fj-fuzhou4-ca22
age: 2848
cf-cache-status: EXPIRED
via: n172-013-213.fzmp.ToB
x-request-ip: 91.90.42.154
x-tt-trace-tag: id=5
x-dsa-trace-id: 17153715953588938fea4dcb419155ed057795141e
X-Dsa-Origin-Status: 200
server-timing: cdn-cache;desc=MISS, origin;dur=7, edge;dur=0
www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
200 OK 31 B URL POST HTTP/3 www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP
Requested by https://www.youtube.com/embed/c4UwjUIHcbk
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hash 5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1715371596297
Content-Type: application/json
X-Goog-Visitor-Id: CgtfLWxGU1I4ZGpYRSjI_PmxBjIOCgJOTxIIEgQSAgsMIEU%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240507.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1715371592937&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1200%2C300&vis=1&wgl=true&ca_type=image
Content-Length: 12077
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/c4UwjUIHcbk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Fri, 10 May 2024 20:06:36 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
204 No Content 0 B URL GET HTTP/2 prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerLet's Encrypt
Subject*.a-mo.net
FingerprintC4:70:11:35:C8:44:C9:33:89:20:3A:0D:10:63:D9:93:3F:F1:AC:9D
ValiditySun, 05 May 2024 10:53:54 GMT - Sat, 03 Aug 2024 10:53:53 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid= HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: max-age=0, private, must-revalidate
date: Fri, 10 May 2024 20:06:36 GMT
server: envoy
vary: accept-encoding, Accept-Encoding
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
onetag-sys.com/usync/?cb=1715371594881
204 No Content 0 B URL GET HTTP/2 onetag-sys.com/usync/?cb=1715371594881
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90
ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?cb=1715371594881 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2
onetag-sys.com/usync/?pubId=59a18369e249bfb
204 No Content 0 B URL GET HTTP/2 onetag-sys.com/usync/?pubId=59a18369e249bfb
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90
ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=59a18369e249bfb HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2
id.a-mx.com/sync/?tagId=bmV0cHViLmNvbQ&ref=null&u=https://web1s.asia/usb3b6lbUQ/&tl=https://web1s.asia/usb3b6lbUQ/&nf=0&rt=true&v=8.40.0&av=2.0&vg=pbjs_netpub240502&us_privacy=null&am=null&gdpr=0&gdpr_consent=
200 OK 66 B URL GET HTTP/1.1 id.a-mx.com/sync/?tagId=bmV0cHViLmNvbQ&ref=null&u=https://web1s.asia/usb3b6lbUQ/&tl=https://web1s.asia/usb3b6lbUQ/&nf=0&rt=true&v=8.40.0&av=2.0&vg=pbjs_netpub240502&us_privacy=null&am=null&gdpr=0&gdpr_consent=
IP
ASN #60068 Datacamp Limited
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerSectigo Limited
Subjectid.a-mx.com
FingerprintE1:1E:89:FE:28:E7:84:69:37:FD:D0:2F:18:B1:BB:F3:45:1E:1C:E9
ValidityThu, 12 Oct 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hash bf015d04b7f8cc6f28534fd80a4acf13
9b592228226adc6ad408230ab6e99b14b488a9f5
1ac5dcdeb3d886902b96706f4c6b8ee75cff6ebaaa7be061e32728eb3514a90c
GET /sync/?tagId=bmV0cHViLmNvbQ&ref=null&u=https://web1s.asia/usb3b6lbUQ/&tl=https://web1s.asia/usb3b6lbUQ/&nf=0&rt=true&v=8.40.0&av=2.0&vg=pbjs_netpub240502&us_privacy=null&am=null&gdpr=0&gdpr_consent= HTTP/1.1
Host: id.a-mx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Fri, 10 May 2024 22:06:37 +0200
access-control-allow-credentials: true
access-control-allow-origin: https://web1s.asia
content-type: application/json
content-length: 66
zerossl.ocsp.sectigo.com/
315 B URL zerossl.ocsp.sectigo.com/
IP
Hash 2d47e3de33f2d7890c8a17081df21790
c5a68676de71046481ce54be700275bc3b82cd18
5d3d64957961e945a610bd0420b77e9086049ca8a9f567375b4998daf6785441
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 20:06:38 GMT
Content-Type: application/ocsp-response
Content-Length: 315
Connection: keep-alive
Last-Modified: Thu, 09 May 2024 23:59:26 GMT
Expires: Thu, 16 May 2024 23:59:25 GMT
Etag: "c5a68676de71046481ce54be700275bc3b82cd18"
Cache-Control: max-age=532610,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 881c8d085ebfb4ff-OSL
zerossl.ocsp.sectigo.com/
315 B URL zerossl.ocsp.sectigo.com/
IP
Hash 815550ffdce0f0e40de9d2a07d2fd1c5
f6a192190e6579bff9e58894bbfdd40db0fd0a39
731cab321e62cb0d5005075d1548ba5fb49f6a0b1c348a9d819ff8e1d8f3a7a8
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 20:06:38 GMT
Content-Type: application/ocsp-response
Content-Length: 315
Connection: keep-alive
Last-Modified: Wed, 08 May 2024 17:45:10 GMT
Expires: Wed, 15 May 2024 17:45:09 GMT
Etag: "f6a192190e6579bff9e58894bbfdd40db0fd0a39"
Cache-Control: max-age=424302,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 881c8d086ab356b4-OSL
s.adtelligent.com/sync.html?aid=651796
200 OK 712 B URL GET HTTP/1.1 s.adtelligent.com/sync.html?aid=651796
IP
ASN #24940 Hetzner Online GmbH
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerZeroSSL
Subjects.adtelligent.com
Fingerprint76:DE:03:04:D6:32:51:7E:E7:A9:8B:0B:04:C4:86:10:D8:A2:4D:72
ValidityFri, 22 Mar 2024 00:00:00 GMT - Thu, 20 Jun 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (1416), with no line terminators
Hash bcd753523db0d9b12c4e74aed5c96fda
8f389ef74f18a1d0dceea053f9ba3bac163eadd2
d947842ba119f0c059dbc381f483316e250bf5434b75e96a6e08af7b5532250d
GET /sync.html?aid=651796 HTTP/1.1
Host: s.adtelligent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Adtelligent
Date: Fri, 10 May 2024 20:06:37 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 712
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Encoding: gzip
Set-Cookie: vmuid=9bd7dfd0f91bc881; expires=Sun, 11 Aug 2024 20:06:38 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
s.console.adtarget.com.tr/sync.html?aid=748067
204 No Content 0 B URL GET HTTP/1.1 s.console.adtarget.com.tr/sync.html?aid=748067
IP
ASN #24940 Hetzner Online GmbH
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerZeroSSL
Subjects.console.adtarget.com.tr
FingerprintBC:91:3A:C5:4F:E2:45:62:D9:A6:3C:F6:EB:BA:23:C8:B2:D7:B9:4D
ValidityMon, 18 Mar 2024 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync.html?aid=748067 HTTP/1.1
Host: s.console.adtarget.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: Adtarget
Date: Fri, 10 May 2024 20:06:38 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
onetag-sys.com/usync/?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D241%26traffic_source%3Dsnippet%26session%3D87CE29D7E863D8D1%26sp%3D651796%26pb%3D449137%26c%3D622134%26a%3D558187%26domain%3D%26extuid%3D%24%7BUSER_TOKEN%7D
302 Found 0 B URL GET HTTP/2 onetag-sys.com/usync/?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D241%26traffic_source%3Dsnippet%26session%3D87CE29D7E863D8D1%26sp%3D651796%26pb%3D449137%26c%3D622134%26a%3D558187%26domain%3D%26extuid%3D%24%7BUSER_TOKEN%7D
IP
Requested by https://s.adtelligent.com/sync.html?aid=651796
Certificate IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90
ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D241%26traffic_source%3Dsnippet%26session%3D87CE29D7E863D8D1%26sp%3D651796%26pb%3D449137%26c%3D622134%26a%3D558187%26domain%3D%26extuid%3D%24%7BUSER_TOKEN%7D HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
cache-control: no-store
location: https://sync.adtelligent.com/csync?t=g&ep=241&traffic_source=snippet&session=87CE29D7E863D8D1&sp=651796&pb=449137&c=622134&a=558187&domain=&extuid=
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
317 B URL zerossl.ocsp.sectigo.com/
IP
Hash e01f0decf46279c1ebfe518af89670d5
713d29da01e8a51f62c37c264c41d9af7d30c555
a5be27551c1f432dbe556cb7f15b3f0103531a741cf3e6c107256bd283e54c80
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 20:06:38 GMT
Content-Type: application/ocsp-response
Content-Length: 317
Connection: keep-alive
Last-Modified: Wed, 08 May 2024 15:48:45 GMT
Expires: Wed, 15 May 2024 15:48:44 GMT
Etag: "713d29da01e8a51f62c37c264c41d9af7d30c555"
Cache-Control: max-age=415971,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 881c8d0ada65b4ff-OSL
ads207.adtelligent.com/tracking/csmatch/?aid=651796cmpId=570607err=fail
200 OK 43 B URL GET HTTP/1.1 ads207.adtelligent.com/tracking/csmatch/?aid=651796cmpId=570607err=fail
IP
ASN #24940 Hetzner Online GmbH
Requested by https://s.adtelligent.com/sync.html?aid=651796
Certificate IssuerZeroSSL
Subjectads207.adtelligent.com
FingerprintB5:44:9A:17:55:EF:C9:E5:10:AB:A1:03:09:5E:39:B1:4C:08:1C:74
ValiditySun, 07 Apr 2024 00:00:00 GMT - Sat, 06 Jul 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /tracking/csmatch/?aid=651796cmpId=570607err=fail HTTP/1.1
Host: ads207.adtelligent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.adtelligent.com/
Cookie: vmuid=9bd7dfd0f91bc881
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Adtelligent
Date: Fri, 10 May 2024 20:06:37 GMT
Content-Type: image/gif
Content-Length: 43
Access-Control-Allow-Origin: https://s.adtelligent.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
sync.adtelligent.com/csync?t=g&ep=241&traffic_source=snippet&session=87CE29D7E863D8D1&sp=651796&pb=449137&c=622134&a=558187&domain=&extuid=
200 OK 43 B URL GET HTTP/1.1 sync.adtelligent.com/csync?t=g&ep=241&traffic_source=snippet&session=87CE29D7E863D8D1&sp=651796&pb=449137&c=622134&a=558187&domain=&extuid=
IP
Requested by https://s.adtelligent.com/sync.html?aid=651796
Certificate IssuerLet's Encrypt
Subjectsync.adtelligent.com
Fingerprint2C:5E:FE:77:91:E0:9E:98:A2:D1:1A:0C:31:06:E4:A9:4C:23:EB:E7
ValidityTue, 19 Mar 2024 22:06:15 GMT - Mon, 17 Jun 2024 22:06:14 GMT
File type GIF image data, version 89a, 1 x 1
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /csync?t=g&ep=241&traffic_source=snippet&session=87CE29D7E863D8D1&sp=651796&pb=449137&c=622134&a=558187&domain=&extuid= HTTP/1.1
Host: sync.adtelligent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.adtelligent.com/
DNT: 1
Connection: keep-alive
Cookie: vmuid=9bd7dfd0f91bc881
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Adtelligent
Date: Fri, 10 May 2024 20:06:38 GMT
Content-Type: image/gif
Content-Length: 43
Etag: 9bd7dfd0f91bc881
Set-Cookie: vmuid=9bd7dfd0f91bc881; expires=Sun, 11 Aug 2024 20:06:38 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
ads207.adtelligent.com/tracking/csmatch/?aid=651796cmpId=622134
200 OK 43 B URL GET HTTP/1.1 ads207.adtelligent.com/tracking/csmatch/?aid=651796cmpId=622134
IP
ASN #24940 Hetzner Online GmbH
Requested by https://s.adtelligent.com/sync.html?aid=651796
Certificate IssuerZeroSSL
Subjectads207.adtelligent.com
FingerprintB5:44:9A:17:55:EF:C9:E5:10:AB:A1:03:09:5E:39:B1:4C:08:1C:74
ValiditySun, 07 Apr 2024 00:00:00 GMT - Sat, 06 Jul 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /tracking/csmatch/?aid=651796cmpId=622134 HTTP/1.1
Host: ads207.adtelligent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.adtelligent.com/
Cookie: vmuid=9bd7dfd0f91bc881
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Adtelligent
Date: Fri, 10 May 2024 20:06:37 GMT
Content-Type: image/gif
Content-Length: 43
Access-Control-Allow-Origin: https://s.adtelligent.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
prebid.a-mo.net/a/c
204 No Content 0 B IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerLet's Encrypt
Subject*.a-mo.net
FingerprintC4:70:11:35:C8:44:C9:33:89:20:3A:0D:10:63:D9:93:3F:F1:AC:9D
ValiditySun, 05 May 2024 10:53:54 GMT - Sat, 03 Aug 2024 10:53:53 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1349
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://web1s.asia
cache-control: max-age=0, private, must-revalidate
date: Fri, 10 May 2024 20:06:54 GMT
server: envoy
vary: origin, accept-encoding, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
mp.4dex.io/prebid
204 No Content 0 B IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint02:E1:92:C5:72:6D:E0:64:4A:46:05:69:81:98:7C:43:13:E7:15:7A
ValidityTue, 01 Aug 2023 00:00:00 GMT - Wed, 31 Jul 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1456
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Fri, 10 May 2024 20:06:55 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://web1s.asia
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. parseadrequest website disabled
x-version: 3.0.0-gcp-ams
x-warn: Parsing the Prebid Request. website_disabled, Parsing the Prebid Request. domain_invalid, Parsing the Prebid Request. int_scc_sid
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 881c8d71ded6712f-OSL
X-Firefox-Spdy: h2
onetag-sys.com/prebid-request
200 OK 41 B URL POST HTTP/2 onetag-sys.com/prebid-request
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90
ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
Hash c6a1847e6d7bb4295ecdae2664affb5d
b332217021c4a707f950ebc9294cda83cb2eb77f
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1730
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://web1s.asia
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
315 B URL zerossl.ocsp.sectigo.com/
IP
Hash a156996578b5a78aa7c8040970b4f6bd
2a704f088fc7d41cc2b79218e580caf1f33ec277
4251d2774d7e0aa9aff404cb8b8ce3325949644581f62fa428e63fd3c8d50c2c
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 20:06:55 GMT
Content-Type: application/ocsp-response
Content-Length: 315
Connection: keep-alive
Last-Modified: Thu, 09 May 2024 15:14:47 GMT
Expires: Thu, 16 May 2024 15:14:46 GMT
Etag: "2a704f088fc7d41cc2b79218e580caf1f33ec277"
Cache-Control: max-age=500320,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 881c8d734d62b4ff-OSL
ghb1.adtelligent.com/v2/auction/
905 B URL ghb1.adtelligent.com/v2/auction/
IP
Hash c391b635202cf4852236a1567462e251
b96c3b691ed3367627ed8683c542d61d5d22c8ae
e6e7e207fd49c9aafefa8642c47a4586116d05a5d4287b7aa5c465974280993c
POST /v2/auction/ HTTP/1.1
Host: ghb1.adtelligent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 504
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Cookie: vmuid=9bd7dfd0f91bc881
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Adtelligent
Date: Fri, 10 May 2024 20:06:54 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 905
Access-Control-Allow-Origin: https://web1s.asia
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Encoding: gzip
location.services.mozilla.com/v1/country?key=no-mozilla-api-key
48 B URL location.services.mozilla.com/v1/country?key=no-mozilla-api-key
IP
Hash 94bc553225a6cddab963f4053273b388
57ffc8bd333dfe0bf3a05a5945ee15f9c15b0672
977bc9f6239939e6e0a2682325098f1bf0109e1450f040536670acf0f8798cb6
GET /v1/country?key=no-mozilla-api-key HTTP/1.1
Host: location.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 2592000
Cache-Control: private, no-cache, no-store, must-revalidate
Content-Security-Policy: default-src 'none'; report-uri /__cspreport__
Content-Type: application/json
Date: Fri, 10 May 2024 20:06:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Content-Length: 48
Connection: keep-alive
www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
200 OK 31 B URL POST HTTP/3 www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP
Requested by https://www.youtube.com/embed/c4UwjUIHcbk
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hash 5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1715371619304
Content-Type: application/json
X-Goog-Visitor-Id: CgtfLWxGU1I4ZGpYRSjI_PmxBjIOCgJOTxIIEgQSAgsMIEU%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240507.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1715371592937&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1200%2C300&vis=1&wgl=true&ca_type=image
Content-Length: 983
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/c4UwjUIHcbk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Fri, 10 May 2024 20:06:59 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
web1s.asia/assets/web1s-6.js
200 OK 18 kB URL GET HTTP/3 web1s.asia/assets/web1s-6.js
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/web1s-6.js HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkJscVZyeEhjNUc4VERMNGhZeDRJdGc9PSIsInZhbHVlIjoic1JwTUxyWjVyMGNQU2tGaUkxZlVuQmw3TExqNUt2MEtVNUtPM3kvLzZFSEE4UndSMU5NK3pvUXo2cldQUmI0MkhzNnA2cmV0OTdndHFyeWJWTGg4V3BpaDZ2WEN5VWQzVmwzN0ZhV2JERWFuZmE5OTEySUhwNXlhUWlNbnZNMGMiLCJtYWMiOiI2MDc0MTdhNWZlMmU5OWQ0MjllYjFiM2VkM2FjNDY2MTEzYjNkNjc2YmY0NTE1MGRmYWIzYzE1OTQ0MjMyYzY0In0%3D; lang=eyJpdiI6ImJYUlJKRHBOeXdBQkFYQmUvTEpqWkE9PSIsInZhbHVlIjoiZFJRdGM1WHZPdFNiV1ZDSkRrTG1BNWszNE1XbnltQS9mb2FqbFl6RHVwUy9sYjMvUE9PNUdFZk1qWC85VWZNRyIsIm1hYyI6ImE5NmFiMWUyNmE1ZGVlMzNmNWVjZTIwMDkyZmMzYzMyZmQ5NTllZjVjNWRhNWE3ZGRiZjA1YzBlNWUzNWM0YmYifQ%3D%3D; web1s_session=mmIocG4EK9HjA97fqxALQGCyrW5wiqRt9hwQ903P
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:06:30 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 30 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66309709-459f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 6547
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cukPTKLzqjsKW2BUzSswfwFhi9sQlCqQcKQs6VOkRI6lEcE0a9j28DKW0330KmPNuBpZUGROLs8nqjSBMPKefWBBovQicL7t8bQytjbdtGdQwcrlhC%2BR%2BsFGrSrq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881c8cd78eda712f-OSL
alt-svc: h3=":443"; ma=86400
s3t3d2y8.afcdn.net/library/522770/e566aec30e8030f18c7ebd3bbea06723959bf574.webp
200 OK 9.8 kB URL GET HTTP/2 s3t3d2y8.afcdn.net/library/522770/e566aec30e8030f18c7ebd3bbea06723959bf574.webp
IP
ASN #60068 Datacamp Limited
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint22:9F:54:A2:AF:3E:A2:6B:FB:1A:C6:F4:B8:E8:E1:C3:A8:02:B3:29
ValidityTue, 30 Apr 2024 07:42:02 GMT - Mon, 29 Jul 2024 07:42:01 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 232d1e9f1cf6b5034d71666be0154e95
e566aec30e8030f18c7ebd3bbea06723959bf574
ebdce130817549776ec1f8c3f80b7695fab2ce68594f4250133a0dc3bfaf79f2
GET /library/522770/e566aec30e8030f18c7ebd3bbea06723959bf574.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:06:34 GMT
content-type: image/webp
content-length: 9806
last-modified: Thu, 04 Nov 2021 08:51:46 GMT
etag: "61839f22-264e"
expires: Wed, 25 Oct 2023 12:23:35 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBuUwJFAH3EnHLAA
x-77-nzt-ray: af585630291c15a64a7e3e660f373b36
x-accel-expires: @1733574840
x-accel-date: 1702038840
x-cache: HIT
x-age: 13332754
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 13332754
accept-ranges: bytes
X-Firefox-Spdy: h2
pixel.chaty.app/api/pixel/widgets
200 OK 39 B URL POST HTTP/2 pixel.chaty.app/api/pixel/widgets
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerLet's Encrypt
Subjectchaty.app
FingerprintAB:74:24:B7:7B:A1:09:10:A8:2E:40:D1:8B:DD:3F:5D:2A:61:1B:A1
ValidityWed, 24 Apr 2024 19:20:59 GMT - Tue, 23 Jul 2024 19:20:58 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 27795f2a1c6896569b9e4da83214bd52
c5911e83d9aa913bf6378fce96f13068f1c27d45
3ef0136936c8440f8f4fab859d2dc87e60e859ad3d9197a7383c6c8f2b7af0c5
POST /api/pixel/widgets HTTP/1.1
Host: pixel.chaty.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 374
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:06:35 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 57
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pRgkY1nzLIo7nGJnkG2J0Vj9H1LShvfl7w4kFofgMFCSqyn14DOjNOe6dojQhgSDLaTd8lm1q937I5S28eEpF3XeFXmKetDiTniDwckDESbLOYB%2BNsqSqYox%2Fy%2FpGVrcolU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881c8cf6cd375693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fstatic.netpub.media/r/c98c98911166f1f070e872da610a9398/47f905a4.js?npr=58581e32712a59e197a62305ec76a1da
200 OK 191 kB URL GET HTTP/2 fstatic.netpub.media/r/c98c98911166f1f070e872da610a9398/47f905a4.js?npr=58581e32712a59e197a62305ec76a1da
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subjectnetpub.media
Fingerprint45:A8:49:BA:FB:8E:4E:C2:5E:9C:6C:58:AE:95:A1:82:A3:62:8A:59
ValidityWed, 08 May 2024 01:58:12 GMT - Tue, 06 Aug 2024 01:58:11 GMT
File type JavaScript source, ASCII text, with very long lines (45122)
Size 191 kB (190648 bytes)
Hash 3ad9591d5ebf7a6304c5f90f45dc89e1
281c6609dcf50c2fceb96afe4ebba906dd244efd
1da21d598ae5423999a4158f0ef223ebc23483aaac7191da1d90556a466afb34
GET /r/c98c98911166f1f070e872da610a9398/47f905a4.js?npr=58581e32712a59e197a62305ec76a1da HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:06:32 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 08 May 2024 18:48:31 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cache-control: max-age=2678400
cf-cache-status: HIT
age: 1240
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QoQJKFjVRyMrnNDot7zpHJx590cjPksKeHsDMouuZZPQO1msJz6%2FhwDOGhn%2FIqP7wTRUEgVj42n60oI3rKd%2BKkhqF7n0SjPX2RNCmkljBo0AhSNHLdT5UWLAlY3i1mxjCkWDWnSJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881c8ce5df2db51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-FFP7FJ85WV
200 OK 257 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-FFP7FJ85WV
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File type JavaScript source, ASCII text, with very long lines (5955)
Size 257 kB (257162 bytes)
Hash 5b322f541246929b4450acb344fefdb0
e6b2012f2e0fc16d6a3b6df2b1d27a157d4998ed
d861ac7cdce465c7abcf127e2408a794a902618e062bebae52d6be5a00f17731
GET /gtag/js?id=G-FFP7FJ85WV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 20:06:30 GMT
expires: Fri, 10 May 2024 20:06:30 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 90501
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
web1s.asia/assets/web1s-3.js
200 OK 9.5 kB URL GET HTTP/3 web1s.asia/assets/web1s-3.js
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
File type JavaScript source, ASCII text, with very long lines (10176), with no line terminators
Hash 1d533bdfe39752fefe27e87f1325b2ef
d1288855aa86bf126fbd93626f703da4a15ffbee
51620548ca2df448cf02807c0d5dfa010c8e87989341a184691917dfc688d3e5
GET /assets/web1s-3.js HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkJscVZyeEhjNUc4VERMNGhZeDRJdGc9PSIsInZhbHVlIjoic1JwTUxyWjVyMGNQU2tGaUkxZlVuQmw3TExqNUt2MEtVNUtPM3kvLzZFSEE4UndSMU5NK3pvUXo2cldQUmI0MkhzNnA2cmV0OTdndHFyeWJWTGg4V3BpaDZ2WEN5VWQzVmwzN0ZhV2JERWFuZmE5OTEySUhwNXlhUWlNbnZNMGMiLCJtYWMiOiI2MDc0MTdhNWZlMmU5OWQ0MjllYjFiM2VkM2FjNDY2MTEzYjNkNjc2YmY0NTE1MGRmYWIzYzE1OTQ0MjMyYzY0In0%3D; lang=eyJpdiI6ImJYUlJKRHBOeXdBQkFYQmUvTEpqWkE9PSIsInZhbHVlIjoiZFJRdGM1WHZPdFNiV1ZDSkRrTG1BNWszNE1XbnltQS9mb2FqbFl6RHVwUy9sYjMvUE9PNUdFZk1qWC85VWZNRyIsIm1hYyI6ImE5NmFiMWUyNmE1ZGVlMzNmNWVjZTIwMDkyZmMzYzMyZmQ5NTllZjVjNWRhNWE3ZGRiZjA1YzBlNWUzNWM0YmYifQ%3D%3D; web1s_session=mmIocG4EK9HjA97fqxALQGCyrW5wiqRt9hwQ903P
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:06:30 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 30 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66309709-24ff"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 6547
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=enAp%2BY3l4bXBTCZPrfcm%2FB1Lxtgnirhi%2BS6OCE8r%2FAEZVsxG8EI8LOxsSelGauX9SFMU7GShJECIpic6yq33C37mkw%2FEZKyFHsU9508dxSi3LPWWuJLrMQq%2Fjw6u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881c8cd77ec9712f-OSL
alt-svc: h3=":443"; ma=86400
fstatic.netpub.media/static/c98c98911166f1f070e872da610a9398.min.js?1715371592292
301 Moved Permanently 191 kB URL GET HTTP/2 fstatic.netpub.media/static/c98c98911166f1f070e872da610a9398.min.js?1715371592292
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subjectnetpub.media
Fingerprint45:A8:49:BA:FB:8E:4E:C2:5E:9C:6C:58:AE:95:A1:82:A3:62:8A:59
ValidityWed, 08 May 2024 01:58:12 GMT - Tue, 06 Aug 2024 01:58:11 GMT
Size 191 kB (190648 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/c98c98911166f1f070e872da610a9398.min.js?1715371592292 HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 10 May 2024 20:06:32 GMT
content-type: text/html
content-length: 167
location: https://fstatic.netpub.media/r/c98c98911166f1f070e872da610a9398/service.js
cache-control: max-age=3600
expires: Fri, 10 May 2024 21:06:32 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PJ86c4985TzcXaZ30RojsOAX7c8t36bJwGNxYcMCieWJ5Ijnz8Jd93SUJ8P8WF04TKbv%2F7MGOafmD4mp99x26N%2FzDfdAdR1E5X7N8wlAEtjLPhZezAEKPeSl0yM0g29PpOYBjA60"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c8ce41d30b51d-OSL
X-Firefox-Spdy: h2
www.vipads.live/vn/sv?gp=d1c8K2m8aw+GfPv+T/Vu5Ert3i80L7GR+A7lRsd7UcRtARYFjk84E4D4US2k0c4yW0EqOcx7WhPBPdp7yckBF6ygTr/hlmRY/2quu83x1y1KIQSBuiskIs+JToLMLyJJVxmjFpChDsWpzQs7hlsZpnM5FkY37AoqJ3S4jNhjZItx&u_fv=0&u_url=&r_url=aHR0cHMlM0ElMkYlMkZ3ZWIxcy5hc2lhJTJGdXNiM2I2bGJVUSUyRg==&u_sw=1280&u_sh=1024&u_scd=24&plat=Linux%20x86_64&os=Linux%20x86_64&lang=en-US&enjc=11&u_bw=1280&u_bh=2142&iv=snsmp.1715371592&u_utz=0&yd=ZGNjPSZkY2w9JmNwbj0mZ3ZkPSZncnI9JmN0PTEmZGlpdD0mZGl0PSZjbW49
200 OK 1 B URL GET HTTP/2 www.vipads.live/vn/sv?gp=d1c8K2m8aw+GfPv+T/Vu5Ert3i80L7GR+A7lRsd7UcRtARYFjk84E4D4US2k0c4yW0EqOcx7WhPBPdp7yckBF6ygTr/hlmRY/2quu83x1y1KIQSBuiskIs+JToLMLyJJVxmjFpChDsWpzQs7hlsZpnM5FkY37AoqJ3S4jNhjZItx&u_fv=0&u_url=&r_url=aHR0cHMlM0ElMkYlMkZ3ZWIxcy5hc2lhJTJGdXNiM2I2bGJVUSUyRg==&u_sw=1280&u_sh=1024&u_scd=24&plat=Linux%20x86_64&os=Linux%20x86_64&lang=en-US&enjc=11&u_bw=1280&u_bh=2142&iv=snsmp.1715371592&u_utz=0&yd=ZGNjPSZkY2w9JmNwbj0mZ3ZkPSZncnI9JmN0PTEmZGlpdD0mZGl0PSZjbW49
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerUnizeto Technologies S.A.
Subjectwww.vipads.live
Fingerprint3E:B1:B6:F1:38:D5:C9:15:6F:E5:83:2C:13:7C:3A:97:0C:5C:AF:83
ValiditySun, 05 May 2024 07:09:59 GMT - Wed, 04 Jun 2025 07:09:58 GMT
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /vn/sv?gp=d1c8K2m8aw+GfPv+T/Vu5Ert3i80L7GR+A7lRsd7UcRtARYFjk84E4D4US2k0c4yW0EqOcx7WhPBPdp7yckBF6ygTr/hlmRY/2quu83x1y1KIQSBuiskIs+JToLMLyJJVxmjFpChDsWpzQs7hlsZpnM5FkY37AoqJ3S4jNhjZItx&u_fv=0&u_url=&r_url=aHR0cHMlM0ElMkYlMkZ3ZWIxcy5hc2lhJTJGdXNiM2I2bGJVUSUyRg==&u_sw=1280&u_sh=1024&u_scd=24&plat=Linux%20x86_64&os=Linux%20x86_64&lang=en-US&enjc=11&u_bw=1280&u_bh=2142&iv=snsmp.1715371592&u_utz=0&yd=ZGNjPSZkY2w9JmNwbj0mZ3ZkPSZncnI9JmN0PTEmZGlpdD0mZGl0PSZjbW49 HTTP/1.1
Host: www.vipads.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 20:06:32 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6LeLfAslAAAAAF-EeUZGqaG2BeDCnSiMX14mUlaI
200 OK 7.4 kB URL GET HTTP/3 www.google.com/recaptcha/api2/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6LeLfAslAAAAAF-EeUZGqaG2BeDCnSiMX14mUlaI
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File type HTML document, ASCII text, with very long lines (7675), with no line terminators
Hash df6ac13525040b3e2393e4ef50cd2174
033f67cb9e8e4f8d2ce78420726dbbff592218e1
2e5d5221c0622638ed31f6a8a45fdbd941776b9848620feca9ead1a6033683a5
GET /recaptcha/api2/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6LeLfAslAAAAAF-EeUZGqaG2BeDCnSiMX14mUlaI HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 10 May 2024 20:06:35 GMT
content-security-policy: script-src 'nonce-Q96o7NE_LTyLZkmkKpHoNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.googleapis.com/css?family=Nunito:300,400,500,600,700
200 OK 8.3 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Nunito:300,400,500,600,700
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File type ASCII text, with very long lines (8470), with no line terminators
Hash e55931fc5652bf57c01038c31f45fe10
f8143d6d63951c3dcb16eba91599786701994252
6b0889fa74758e89e8aee1a12496bea0e484d9ba787662f0cfb3381465d886f3
GET /css?family=Nunito:300,400,500,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 20:06:30 GMT
date: Fri, 10 May 2024 20:06:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
web1s.asia/js/clipboard.min.js
200 OK 9.2 kB URL GET HTTP/3 web1s.asia/js/clipboard.min.js
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (9394), with no line terminators
Hash e34598003b9af6d2423429255fad441e
ce50cc12229b28fdfd5476d137715e356e03d989
77f26f46b83cc4711ec3aa753accf9446ed70637f874577fc55883b071fe7abf
GET /js/clipboard.min.js HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkJscVZyeEhjNUc4VERMNGhZeDRJdGc9PSIsInZhbHVlIjoic1JwTUxyWjVyMGNQU2tGaUkxZlVuQmw3TExqNUt2MEtVNUtPM3kvLzZFSEE4UndSMU5NK3pvUXo2cldQUmI0MkhzNnA2cmV0OTdndHFyeWJWTGg4V3BpaDZ2WEN5VWQzVmwzN0ZhV2JERWFuZmE5OTEySUhwNXlhUWlNbnZNMGMiLCJtYWMiOiI2MDc0MTdhNWZlMmU5OWQ0MjllYjFiM2VkM2FjNDY2MTEzYjNkNjc2YmY0NTE1MGRmYWIzYzE1OTQ0MjMyYzY0In0%3D; lang=eyJpdiI6ImJYUlJKRHBOeXdBQkFYQmUvTEpqWkE9PSIsInZhbHVlIjoiZFJRdGM1WHZPdFNiV1ZDSkRrTG1BNWszNE1XbnltQS9mb2FqbFl6RHVwUy9sYjMvUE9PNUdFZk1qWC85VWZNRyIsIm1hYyI6ImE5NmFiMWUyNmE1ZGVlMzNmNWVjZTIwMDkyZmMzYzMyZmQ5NTllZjVjNWRhNWE3ZGRiZjA1YzBlNWUzNWM0YmYifQ%3D%3D; web1s_session=mmIocG4EK9HjA97fqxALQGCyrW5wiqRt9hwQ903P
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:06:30 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 30 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66309709-23c8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FbkEQRK020bx0JCK2r8Mejc6EnOMvkrsMB5QdzSkOUNo%2Fuq5jfDzJZvg1pFC2EUaIlktzdxDL5hkue6apbtw0Ya422%2FBR7PVA1LFrhwH8hFNNbRdlvNDBkfEk9MP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881c8cd79eee712f-OSL
alt-svc: h3=":443"; ma=86400
web1s.asia/assets/web1s-1.js
200 OK 60 kB URL GET HTTP/3 web1s.asia/assets/web1s-1.js
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
File type JavaScript source, ASCII text, with very long lines (59810), with no line terminators
Hash d7ad236e7d50c7857067d8f3fce70e9b
0c96bb52a5e32375ae226a12398f5c38c1d7c43f
7bb392f1b37c3c12cc532e7296f77d95f4f0ca0184955858426e2058dff97359
GET /assets/web1s-1.js HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkJscVZyeEhjNUc4VERMNGhZeDRJdGc9PSIsInZhbHVlIjoic1JwTUxyWjVyMGNQU2tGaUkxZlVuQmw3TExqNUt2MEtVNUtPM3kvLzZFSEE4UndSMU5NK3pvUXo2cldQUmI0MkhzNnA2cmV0OTdndHFyeWJWTGg4V3BpaDZ2WEN5VWQzVmwzN0ZhV2JERWFuZmE5OTEySUhwNXlhUWlNbnZNMGMiLCJtYWMiOiI2MDc0MTdhNWZlMmU5OWQ0MjllYjFiM2VkM2FjNDY2MTEzYjNkNjc2YmY0NTE1MGRmYWIzYzE1OTQ0MjMyYzY0In0%3D; lang=eyJpdiI6ImJYUlJKRHBOeXdBQkFYQmUvTEpqWkE9PSIsInZhbHVlIjoiZFJRdGM1WHZPdFNiV1ZDSkRrTG1BNWszNE1XbnltQS9mb2FqbFl6RHVwUy9sYjMvUE9PNUdFZk1qWC85VWZNRyIsIm1hYyI6ImE5NmFiMWUyNmE1ZGVlMzNmNWVjZTIwMDkyZmMzYzMyZmQ5NTllZjVjNWRhNWE3ZGRiZjA1YzBlNWUzNWM0YmYifQ%3D%3D; web1s_session=mmIocG4EK9HjA97fqxALQGCyrW5wiqRt9hwQ903P
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:06:30 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 30 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66309709-e9a2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 1884
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VxiLP43oAyivdGsPhZXBeb98ho40DmUHncGInWbT8Cl0fQr5VALCV9lsQAo%2F9GRP2C0VoxzkwKTD0HhE7kSEgV40jzmXrNadIiixXv%2B62WLgLxNOzRP6ybPSnLaj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881c8cd77ec5712f-OSL
alt-svc: h3=":443"; ma=86400
www.gstatic.com/recaptcha/api2/logo_48.png
200 OK 2.2 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/logo_48.png
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeLfAslAAAAAF-EeUZGqaG2BeDCnSiMX14mUlaI&co=aHR0cHM6Ly93ZWIxcy5hc2lhOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=5080h4kaldqg
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:54:07 GMT
expires: Thu, 16 May 2024 02:54:07 GMT
cache-control: public, max-age=604800
age: 148348
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ghb.adtelligent.com/v2/auction/
200 OK 3.5 kB URL POST HTTP/1.1 ghb.adtelligent.com/v2/auction/
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerZeroSSL
Subjectghb.adtelligent.com
FingerprintF5:43:CF:90:9B:4A:6C:AC:40:BA:BE:D9:17:AF:C1:56:2A:AD:A1:2D
ValidityWed, 27 Mar 2024 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (3548), with no line terminators
Hash 06f7177316cbb45c1d575463026f7a78
844abb2d28248a255a9044bf2bfa3eb76e9eac76
38cf83eea988a33f0800af1c8effc07267c9081ec95f65e97f7d55dee7ea02e1
POST /v2/auction/ HTTP/1.1
Host: ghb.adtelligent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 330
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Adtelligent
Date: Fri, 10 May 2024 20:06:33 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 899
Access-Control-Allow-Origin: https://web1s.asia
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Encoding: gzip
www.google.com/recaptcha/api.js
200 OK 850 B URL GET HTTP/2 www.google.com/recaptcha/api.js
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99
ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT
File type JavaScript source, ASCII text, with very long lines (850), with no line terminators
Hash cc9da74bc51547f7da14aea584e7bd4e
cb70339c904703d3a88777889e63b867a04ab2d1
9d640e16608a79d4f95372f1dd9c1edf1322993b6f0d6ec224ff0f01d2053d64
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Fri, 10 May 2024 20:06:30 GMT
date: Fri, 10 May 2024 20:06:30 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fstatic.netpub.media/extra/cmp/cmp-gdpr.js?v=1
301 Moved Permanently 641 B URL GET HTTP/2 fstatic.netpub.media/extra/cmp/cmp-gdpr.js?v=1
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subjectnetpub.media
Fingerprint45:A8:49:BA:FB:8E:4E:C2:5E:9C:6C:58:AE:95:A1:82:A3:62:8A:59
ValidityWed, 08 May 2024 01:58:12 GMT - Tue, 06 Aug 2024 01:58:11 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /extra/cmp/cmp-gdpr.js?v=1 HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 10 May 2024 20:06:32 GMT
content-type: text/html; charset=iso-8859-1
location: https://cmp.netpub.media/init.js?v=1
cache-control: max-age=172800
expires: Sun, 12 May 2024 15:18:31 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: HIT
age: 17281
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zzj%2F0PFP3Mx6aJYJTWiwGPVKc48NgAn%2B5M08JCSdId%2FGsNr%2FaL11sZpgt%2ByYS76OLQF4dzKa%2B34hA8YN3M5CPcIOtyyNCwY56z%2B%2F3F3HLwtY2%2FlgSGf4XurLi1lScNGhXXlhd0FQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c8ce69840b51d-OSL
X-Firefox-Spdy: h2
fstatic.netpub.media/renderer/prebid_240502.js
200 OK 2.0 MB URL GET HTTP/2 fstatic.netpub.media/renderer/prebid_240502.js
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subjectnetpub.media
Fingerprint45:A8:49:BA:FB:8E:4E:C2:5E:9C:6C:58:AE:95:A1:82:A3:62:8A:59
ValidityWed, 08 May 2024 01:58:12 GMT - Tue, 06 Aug 2024 01:58:11 GMT
Size 2.0 MB (2011316 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /renderer/prebid_240502.js HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:06:32 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 02 May 2024 14:21:49 GMT
cache-control: max-age=14400
expires: Fri, 10 May 2024 20:06:32 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2FM3xMXdyqEyzHuUGXM6n0eHQfRpluLz13xJG%2F7LivQleolDmwI1yJ8khHz%2FYTUtrD7NeJfv9gX33tXpTj47d%2B1Wf4jQdwPoLShFB6zyMb%2FeDluLAKOaBmzD9NaAEz9aCdHB8lEY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881c8ce7996fb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
web1s.asia/assets/web1s-5.js
200 OK 6.6 kB URL GET HTTP/3 web1s.asia/assets/web1s-5.js
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
File type JavaScript source, ASCII text, with very long lines (6776), with no line terminators
Hash 9add93f965df72b4fea67ef78c9af398
1254db06093a2321b9351340c087d5b35d466b04
f48306ac99fbada4bd7a873979b3469b5f1a2deb8360fdcd3f515497165e0d31
GET /assets/web1s-5.js HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkJscVZyeEhjNUc4VERMNGhZeDRJdGc9PSIsInZhbHVlIjoic1JwTUxyWjVyMGNQU2tGaUkxZlVuQmw3TExqNUt2MEtVNUtPM3kvLzZFSEE4UndSMU5NK3pvUXo2cldQUmI0MkhzNnA2cmV0OTdndHFyeWJWTGg4V3BpaDZ2WEN5VWQzVmwzN0ZhV2JERWFuZmE5OTEySUhwNXlhUWlNbnZNMGMiLCJtYWMiOiI2MDc0MTdhNWZlMmU5OWQ0MjllYjFiM2VkM2FjNDY2MTEzYjNkNjc2YmY0NTE1MGRmYWIzYzE1OTQ0MjMyYzY0In0%3D; lang=eyJpdiI6ImJYUlJKRHBOeXdBQkFYQmUvTEpqWkE9PSIsInZhbHVlIjoiZFJRdGM1WHZPdFNiV1ZDSkRrTG1BNWszNE1XbnltQS9mb2FqbFl6RHVwUy9sYjMvUE9PNUdFZk1qWC85VWZNRyIsIm1hYyI6ImE5NmFiMWUyNmE1ZGVlMzNmNWVjZTIwMDkyZmMzYzMyZmQ5NTllZjVjNWRhNWE3ZGRiZjA1YzBlNWUzNWM0YmYifQ%3D%3D; web1s_session=mmIocG4EK9HjA97fqxALQGCyrW5wiqRt9hwQ903P
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:06:30 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 30 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66309709-19ce"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 1884
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WNfuIDBTI5igXqkJYtsrQyEvP%2Bv4TaSZ%2BLHuo2FmtV1JyzOiPXN9N7hm4CfB98OXDuEMG0uA4%2Fmue2Jf2pt%2FJhrTefam78O7BNxIQNxh6%2B7fUV0DPxv7%2B2EIShzw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881c8cd78ed8712f-OSL
alt-svc: h3=":443"; ma=86400
web1s.asia/assets/web1s.js
200 OK 103 kB URL GET HTTP/3 web1s.asia/assets/web1s.js
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 103 kB (103048 bytes)
Hash f9ee7c686b5f5da8fd58c04965449a89
67ce88da4a736ca1cfa72a5a2835638d6a77babe
431f23ae1847bcee35b601764965fd625ee7dc8262780f7730081df2092f56a9
GET /assets/web1s.js HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkJscVZyeEhjNUc4VERMNGhZeDRJdGc9PSIsInZhbHVlIjoic1JwTUxyWjVyMGNQU2tGaUkxZlVuQmw3TExqNUt2MEtVNUtPM3kvLzZFSEE4UndSMU5NK3pvUXo2cldQUmI0MkhzNnA2cmV0OTdndHFyeWJWTGg4V3BpaDZ2WEN5VWQzVmwzN0ZhV2JERWFuZmE5OTEySUhwNXlhUWlNbnZNMGMiLCJtYWMiOiI2MDc0MTdhNWZlMmU5OWQ0MjllYjFiM2VkM2FjNDY2MTEzYjNkNjc2YmY0NTE1MGRmYWIzYzE1OTQ0MjMyYzY0In0%3D; lang=eyJpdiI6ImJYUlJKRHBOeXdBQkFYQmUvTEpqWkE9PSIsInZhbHVlIjoiZFJRdGM1WHZPdFNiV1ZDSkRrTG1BNWszNE1XbnltQS9mb2FqbFl6RHVwUy9sYjMvUE9PNUdFZk1qWC85VWZNRyIsIm1hYyI6ImE5NmFiMWUyNmE1ZGVlMzNmNWVjZTIwMDkyZmMzYzMyZmQ5NTllZjVjNWRhNWE3ZGRiZjA1YzBlNWUzNWM0YmYifQ%3D%3D; web1s_session=mmIocG4EK9HjA97fqxALQGCyrW5wiqRt9hwQ903P
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:06:30 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 30 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66309709-19288"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 6548
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nIKb1RElSD%2FHYEf0s5EwRDi3yHpy6dsv8RxLbY5JUCj32seuXIlfe7IfJN2Z69V62kHhTkOmq%2FSOajxtoQPoDJIW0q7jGCERusnsfI%2BDEtNGSqdIOL7BCR6i%2FFMz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881c8cd76ea2712f-OSL
alt-svc: h3=":443"; ma=86400
pv.vipads.cc/pv.php?op=pv&ext=d1c8K2m8aw+GfPv+T/Vu5Ert3i80L7GR+A7lRsd7UcRtARYFjk84E4D4US2k0c4yW0EqOcx7WhPBPdp7yckBF6ygTr/hlmRY/2quu83x1y1KIQSBuiskIs+JToLMLyJJVxmjFpChDsWpzQs7hlsZpnM5FkY37AoqJ3S4jNhjZItx
200 OK 10 B URL GET HTTP/2 pv.vipads.cc/pv.php?op=pv&ext=d1c8K2m8aw+GfPv+T/Vu5Ert3i80L7GR+A7lRsd7UcRtARYFjk84E4D4US2k0c4yW0EqOcx7WhPBPdp7yckBF6ygTr/hlmRY/2quu83x1y1KIQSBuiskIs+JToLMLyJJVxmjFpChDsWpzQs7hlsZpnM5FkY37AoqJ3S4jNhjZItx
IP
ASN #45102 Alibaba US Technology Co., Ltd.
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectpv.vipads.cc
FingerprintD7:4E:F5:D6:F9:8D:6E:49:FE:2F:A6:CD:35:5B:67:D3:20:01:08:C7
ValidityFri, 23 Jun 2023 00:00:00 GMT - Sat, 22 Jun 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 53063a3844f9806958aa161e6f76cf86
207f76c598c7589703013cbcb31c911dd4851018
a9110205708e462d51fdf204f3412727d806856d62f837049606f899352af3c4
GET /pv.php?op=pv&ext=d1c8K2m8aw+GfPv+T/Vu5Ert3i80L7GR+A7lRsd7UcRtARYFjk84E4D4US2k0c4yW0EqOcx7WhPBPdp7yckBF6ygTr/hlmRY/2quu83x1y1KIQSBuiskIs+JToLMLyJJVxmjFpChDsWpzQs7hlsZpnM5FkY37AoqJ3S4jNhjZItx HTTP/1.1
Host: pv.vipads.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 20:06:35 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Requested by https://www.youtube.com/embed/c4UwjUIHcbk
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 03:22:23 GMT
expires: Sat, 10 May 2025 03:22:23 GMT
cache-control: public, max-age=31536000
age: 60249
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240510
200 OK 1.6 kB URL GET HTTP/2 cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240510
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File type troff or preprocessor input, ASCII text, with very long lines (1730), with no line terminators
Hash e084bd4dd233206d5bb62288cd608ad3
8297a8e74eb191395c2778f6b120714123e87bfe
b469e17833ab7091d84bc64462256243910a952774a8d80ff95397d9c3f2f135
GET /gh/prebid/currency-file@1/latest.json?date=20240510 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.2052
x-jsd-version-type: version
etag: W/"638-8Xb9lBWjpNmfJcPxkPUmB/BGuZs"
content-encoding: br
accept-ranges: bytes
date: Fri, 10 May 2024 20:06:33 GMT
age: 14743
x-served-by: cache-fra-eddf8230103-FRA, cache-hel1410024-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 842
X-Firefox-Spdy: h2
web1s.asia/assets/web1s.css
200 OK 111 kB URL GET HTTP/3 web1s.asia/assets/web1s.css
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
Size 111 kB (110704 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/web1s.css HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkJscVZyeEhjNUc4VERMNGhZeDRJdGc9PSIsInZhbHVlIjoic1JwTUxyWjVyMGNQU2tGaUkxZlVuQmw3TExqNUt2MEtVNUtPM3kvLzZFSEE4UndSMU5NK3pvUXo2cldQUmI0MkhzNnA2cmV0OTdndHFyeWJWTGg4V3BpaDZ2WEN5VWQzVmwzN0ZhV2JERWFuZmE5OTEySUhwNXlhUWlNbnZNMGMiLCJtYWMiOiI2MDc0MTdhNWZlMmU5OWQ0MjllYjFiM2VkM2FjNDY2MTEzYjNkNjc2YmY0NTE1MGRmYWIzYzE1OTQ0MjMyYzY0In0%3D; lang=eyJpdiI6ImJYUlJKRHBOeXdBQkFYQmUvTEpqWkE9PSIsInZhbHVlIjoiZFJRdGM1WHZPdFNiV1ZDSkRrTG1BNWszNE1XbnltQS9mb2FqbFl6RHVwUy9sYjMvUE9PNUdFZk1qWC85VWZNRyIsIm1hYyI6ImE5NmFiMWUyNmE1ZGVlMzNmNWVjZTIwMDkyZmMzYzMyZmQ5NTllZjVjNWRhNWE3ZGRiZjA1YzBlNWUzNWM0YmYifQ%3D%3D; web1s_session=mmIocG4EK9HjA97fqxALQGCyrW5wiqRt9hwQ903P
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:06:30 GMT
content-type: text/css
last-modified: Tue, 30 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66309709-1b070"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 6548
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wvtA3bWF5N7oa157gvr0fJwP%2F85SWlpm8Y8GWCTjRdtgcBtoSfzFSOEC7i%2Fu5xBdMOSra48tlBdyTN7HKlD1H0CkPFfaFmv1iUuf%2BKmXI2yPDHKY%2BcEpwsA6ubpO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881c8cd76e9c712f-OSL
alt-svc: h3=":443"; ma=86400
cmp.netpub.media/init.js?v=1
200 OK 641 B URL GET HTTP/2 cmp.netpub.media/init.js?v=1
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subjectnetpub.media
Fingerprint45:A8:49:BA:FB:8E:4E:C2:5E:9C:6C:58:AE:95:A1:82:A3:62:8A:59
ValidityWed, 08 May 2024 01:58:12 GMT - Tue, 06 Aug 2024 01:58:11 GMT
File type ASCII text, with very long lines (693), with no line terminators
Hash 0412d7a8719a6cd7f8a1b2ddcd8e2a95
8d232e338fde1909ed8b2f809ef5144844002c98
d066e003a1bfe0271a7c631a6efa2f611aa20d1677526b01caea32dc0b664517
GET /init.js?v=1 HTTP/1.1
Host: cmp.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:06:32 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 21 Feb 2024 16:43:37 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E%2FSLZ0Qn3CQuPpOv%2FpnNt86MMPvAvSLa41y1A0viki9tSxO3fTxqRR1JenzNFtdI3hEHySO%2BwYiCq5VSG3w9TpQeSr14Ho8s9zE%2Ff1xoHLqj5gTgniGqQX6bANHwTRFXGnY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881c8ce6d887b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
web1s.asia/landing/assets/js/jquery-3.3.1.min.js
200 OK 87 kB URL GET HTTP/3 web1s.asia/landing/assets/js/jquery-3.3.1.min.js
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
File type JavaScript source, ASCII text, with very long lines (65451)
Hash a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
GET /landing/assets/js/jquery-3.3.1.min.js HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkJscVZyeEhjNUc4VERMNGhZeDRJdGc9PSIsInZhbHVlIjoic1JwTUxyWjVyMGNQU2tGaUkxZlVuQmw3TExqNUt2MEtVNUtPM3kvLzZFSEE4UndSMU5NK3pvUXo2cldQUmI0MkhzNnA2cmV0OTdndHFyeWJWTGg4V3BpaDZ2WEN5VWQzVmwzN0ZhV2JERWFuZmE5OTEySUhwNXlhUWlNbnZNMGMiLCJtYWMiOiI2MDc0MTdhNWZlMmU5OWQ0MjllYjFiM2VkM2FjNDY2MTEzYjNkNjc2YmY0NTE1MGRmYWIzYzE1OTQ0MjMyYzY0In0%3D; lang=eyJpdiI6ImJYUlJKRHBOeXdBQkFYQmUvTEpqWkE9PSIsInZhbHVlIjoiZFJRdGM1WHZPdFNiV1ZDSkRrTG1BNWszNE1XbnltQS9mb2FqbFl6RHVwUy9sYjMvUE9PNUdFZk1qWC85VWZNRyIsIm1hYyI6ImE5NmFiMWUyNmE1ZGVlMzNmNWVjZTIwMDkyZmMzYzMyZmQ5NTllZjVjNWRhNWE3ZGRiZjA1YzBlNWUzNWM0YmYifQ%3D%3D; web1s_session=mmIocG4EK9HjA97fqxALQGCyrW5wiqRt9hwQ903P
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:06:30 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 30 Apr 2024 07:00:06 GMT
vary: Accept-Encoding
etag: W/"663096f6-1538f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 6548
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jU4nUTdudcVddosDYzSm7c%2BLNRussB%2BO1uuTXnTpmN%2Fs%2BzZrfDw893R4TyNMnbMD2EZQfVohs3OMOolYVuYkPpgUVUNOadyaG9G0FVvukGHa0tNqocyLCU%2BTgD2l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881c8cd77ec2712f-OSL
alt-svc: h3=":443"; ma=86400
web1s.asia/assets/web1s-2.js
200 OK 143 kB URL GET HTTP/3 web1s.asia/assets/web1s-2.js
IP
Requested by https://web1s.asia/usb3b6lbUQ/
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 143 kB (142982 bytes)
Hash f64272699d9131a6df3edd059b34175d
10c0c5ff36a7311b3b83cf5c94d0cc8d21d5cd43
5e97f7b0a993bcc35f90793aaf6986fb9a680efa96a2cf7c7b271013d89927a3
GET /assets/web1s-2.js HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkJscVZyeEhjNUc4VERMNGhZeDRJdGc9PSIsInZhbHVlIjoic1JwTUxyWjVyMGNQU2tGaUkxZlVuQmw3TExqNUt2MEtVNUtPM3kvLzZFSEE4UndSMU5NK3pvUXo2cldQUmI0MkhzNnA2cmV0OTdndHFyeWJWTGg4V3BpaDZ2WEN5VWQzVmwzN0ZhV2JERWFuZmE5OTEySUhwNXlhUWlNbnZNMGMiLCJtYWMiOiI2MDc0MTdhNWZlMmU5OWQ0MjllYjFiM2VkM2FjNDY2MTEzYjNkNjc2YmY0NTE1MGRmYWIzYzE1OTQ0MjMyYzY0In0%3D; lang=eyJpdiI6ImJYUlJKRHBOeXdBQkFYQmUvTEpqWkE9PSIsInZhbHVlIjoiZFJRdGM1WHZPdFNiV1ZDSkRrTG1BNWszNE1XbnltQS9mb2FqbFl6RHVwUy9sYjMvUE9PNUdFZk1qWC85VWZNRyIsIm1hYyI6ImE5NmFiMWUyNmE1ZGVlMzNmNWVjZTIwMDkyZmMzYzMyZmQ5NTllZjVjNWRhNWE3ZGRiZjA1YzBlNWUzNWM0YmYifQ%3D%3D; web1s_session=mmIocG4EK9HjA97fqxALQGCyrW5wiqRt9hwQ903P
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:06:30 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 30 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66309709-22e86"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 6547
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8tOy1OB5kEgVdMPGm%2Bgd4t4BZdWH5dYvlY6MoWBiM4D6AUEeq1qYt0rVsMduqwk0lfDG3qrr5AuWXcadzg9fet5TtSfo50OjOgwt4KkEHCx3kMwkgP9%2BmPW0j%2FTG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881c8cd77ec7712f-OSL
alt-svc: h3=":443"; ma=86400
104.21.51.196
79.127.216.47
172.247.89.236
51.89.9.252
185.76.9.14
145.40.97.66
117.27.246.96
47.236.41.18