18plusaccess.com/auth/assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry
188.114.97.1200 OK 9.0 kB URL GET HTTP/3 18plusaccess.com/auth/assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry
IP 188.114.97.1:443
Requested by https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Certificate IssuerGoogle Trust Services LLC
Subject18plusaccess.com
Fingerprint3C:9E:50:DB:7C:92:2B:6C:65:E5:8A:02:EE:C7:09:60:D5:37:FF:28
ValidityMon, 29 May 2023 20:43:38 GMT - Sun, 27 Aug 2023 20:43:37 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 87fecdadac0beb95f9b7c87b3b3236f0
822f92446c0033a32462aa21208efaef1f0d8c3c
25aa724658da8e71f5cc7c35ccbb43075866af5bed964edb09979caace667b0b
GET /auth/assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry HTTP/1.1
Host: 18plusaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Cookie: __ddg1_=4rSzF7ko7eBh22C609rw; PHPSESSID=qi1mq60ue1hs4r7li17ee1fdqr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:33:56 GMT
content-type: image/png
content-length: 9024
last-modified: Tue, 28 Mar 2023 20:45:22 GMT
etag: "642351e2-2340"
expires: Sun, 04 Jun 2023 12:34:07 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 82789
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1oGYK8pM%2FFtLPAybQa1ay1hTWi7UXka5y7Uw9XGnqIiTSxV9O89RYrb6vTA8F3WzaWpqDc8DZvtWCSdn%2BpPhZc9fOSQ3%2BAg%2B%2F4Lml7yTQbGhK4pdaUVvdP7ag2BD4tRlxtZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fdd23fe41b517-OSL
alt-svc: h3=":443"; ma=86400
18plusaccess.com/api.php?type=getLink&hash=f054426fc6d5ed531f7267c879d2be58
188.114.97.1200 OK 1.3 kB URL GET HTTP/3 18plusaccess.com/api.php?type=getLink&hash=f054426fc6d5ed531f7267c879d2be58
IP 188.114.97.1:443
Requested by https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Certificate IssuerGoogle Trust Services LLC
Subject18plusaccess.com
Fingerprint3C:9E:50:DB:7C:92:2B:6C:65:E5:8A:02:EE:C7:09:60:D5:37:FF:28
ValidityMon, 29 May 2023 20:43:38 GMT - Sun, 27 Aug 2023 20:43:37 GMT
File type JSON data\012- , ASCII text, with very long lines (380), with no line terminators
Hash 54a1f424166aae1b4b84a64e29a4e82a
c063eb5c29b277368d7149d120b6df10b2653357
6eca1e2e7dd9287fbc5461ff4d1a202a33c79c89b4b29a05693ac60ecbda82dd
GET /api.php?type=getLink&hash=f054426fc6d5ed531f7267c879d2be58 HTTP/1.1
Host: 18plusaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Cookie: __ddg1_=4rSzF7ko7eBh22C609rw; PHPSESSID=qi1mq60ue1hs4r7li17ee1fdqr
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:33:56 GMT
content-type: application/json
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJpiTPbH2mvbYt7Rbo%2FB44CXxxstnBI296O2QE9QTLYB2LFDuubsEw7c%2Fz6xuIlI%2BhEEbGLCvuqGK%2Fq6arrqfCT29FrKLYVnC98gqTseSn4aekDAE%2BW0wFSZP1q9cDnbTzqI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d1fdd22ec8cb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
18plusaccess.com/auth/709.ee762b08200037b9f90c.chunk.js
188.114.97.1200 OK 4.2 kB URL GET HTTP/3 18plusaccess.com/auth/709.ee762b08200037b9f90c.chunk.js
IP 188.114.97.1:443
Requested by https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Certificate IssuerGoogle Trust Services LLC
Subject18plusaccess.com
Fingerprint3C:9E:50:DB:7C:92:2B:6C:65:E5:8A:02:EE:C7:09:60:D5:37:FF:28
ValidityMon, 29 May 2023 20:43:38 GMT - Sun, 27 Aug 2023 20:43:37 GMT
File type ASCII text, with very long lines (5075)
Hash da3e35f79cdebfc7fd294118a6d5937a
1c14266f928a25d442d5b88939815e3077953a2c
3d8f37d2a37deee46b29d89a5f2d4302489cbf29dad891b71cadcaf9470320fd
GET /auth/709.ee762b08200037b9f90c.chunk.js HTTP/1.1
Host: 18plusaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Cookie: __ddg1_=4rSzF7ko7eBh22C609rw; PHPSESSID=qi1mq60ue1hs4r7li17ee1fdqr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:33:55 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 20:45:22 GMT
etag: W/"642351e2-140e"
expires: Sun, 04 Jun 2023 14:33:03 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 75652
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lt0AD68mjssawn45EHfq5owk5eBRYnvdzMhsMo0l1WYOKx8zpUP2Tm%2FvsFo12wCI0Zw%2F0mMrAbr8ONNtLGxFbwdI4H0sUHnprbWwnSN3gNi621GRXCi9WHZszMpRV%2FyqGwjA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fdd204944b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
venus.web.telegram.org/apiw1
149.154.167.99 169 B URL venus.web.telegram.org/apiw1
IP 149.154.167.99:0
ASN #62041 Telegram Messenger Inc
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash c2a982d42f89274763eef2a44fe01030
86e6d53f6478cdd0c05611093d9c55a953454af7
d8b55de3a4d5331f3b450a86bb907afe17dc964adca30f39d101a3d55a4a9d6a
POST /apiw1 HTTP/1.1
Host: venus.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://18plusaccess.com/
Content-Length: 0
Origin: https://18plusaccess.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx/1.18.0
date: Sun, 04 Jun 2023 11:33:56 GMT
content-type: text/html
content-length: 169
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: origin, content-type
access-control-max-age: 1728000
X-Firefox-Spdy: h2
18plusaccess.com/auth/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
188.114.97.1200 OK 11 kB URL GET HTTP/3 18plusaccess.com/auth/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
IP 188.114.97.1:443
Requested by https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Certificate IssuerGoogle Trust Services LLC
Subject18plusaccess.com
Fingerprint3C:9E:50:DB:7C:92:2B:6C:65:E5:8A:02:EE:C7:09:60:D5:37:FF:28
ValidityMon, 29 May 2023 20:43:38 GMT - Sun, 27 Aug 2023 20:43:37 GMT
File type Web Open Font Format (Version 2), TrueType, length 11056, version 1.0\012- data
Hash 07db243db21ed0a6b4ff05ff429686b7
5d62925fdd7ed8e80f206d095ed093994f13d276
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
GET /auth/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP/1.1
Host: 18plusaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://18plusaccess.com/auth/main.e56db75b316ada3ec120.css
Cookie: __ddg1_=4rSzF7ko7eBh22C609rw; PHPSESSID=qi1mq60ue1hs4r7li17ee1fdqr
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:33:56 GMT
content-type: application/octet-stream
content-length: 11056
last-modified: Tue, 28 Mar 2023 20:45:21 GMT
etag: "642351e1-2b30"
expires: Sun, 04 Jun 2023 14:05:53 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 77283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2uTT85AadyMdGm5jH8FsCaNR1np%2FGbTtY9ryaFSftnG8IKb4U3RG9t%2Bv9z0QcjwW7MBRcskh12emsKCXrlrmGLK9o%2FD4lYBnAIDRn%2FThtst2FnWecsRu1sIaSyVipP2GPKAj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fdd2669b9b517-OSL
alt-svc: h3=":443"; ma=86400
18plusaccess.com/auth/8.ee29ad1fa2e8d768803d.chunk.js
188.114.97.1200 OK 15 kB URL GET HTTP/3 18plusaccess.com/auth/8.ee29ad1fa2e8d768803d.chunk.js
IP 188.114.97.1:443
Requested by https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Certificate IssuerGoogle Trust Services LLC
Subject18plusaccess.com
Fingerprint3C:9E:50:DB:7C:92:2B:6C:65:E5:8A:02:EE:C7:09:60:D5:37:FF:28
ValidityMon, 29 May 2023 20:43:38 GMT - Sun, 27 Aug 2023 20:43:37 GMT
File type Unicode text, UTF-8 text, with very long lines (24145)
Hash ddf762b4ec8141d42cd69f69f5b29ec4
1e4eab6fd54fdc07e0ee5b51832028f1257f7fd4
10064fd22f7a40f02cc5670a938189a0fcd1ac6452dd15a9c1a58857a9755e7a
GET /auth/8.ee29ad1fa2e8d768803d.chunk.js HTTP/1.1
Host: 18plusaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Cookie: __ddg1_=4rSzF7ko7eBh22C609rw; PHPSESSID=qi1mq60ue1hs4r7li17ee1fdqr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:33:56 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 20:45:22 GMT
etag: W/"642351e2-5e90"
expires: Sun, 04 Jun 2023 12:09:13 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 84283
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2BCdD7VDSJwci%2BMl11%2BalaM%2Bo2MxtL34su77mnXIKOc7SRyV09m1VYAa9o3I%2B0qeEiTH1h%2FSTrMiEkF6xSnv25lvwU51QFqRpaYIaLZ9fCmbW4nKdEbkAC79jw3UsRoBhN5r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fdd230cd7b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
18plusaccess.com/auth/npm.axios.f92fcf59ba53eefcc93b.bundle.js
188.114.97.1200 OK 31 kB URL GET HTTP/3 18plusaccess.com/auth/npm.axios.f92fcf59ba53eefcc93b.bundle.js
IP 188.114.97.1:443
Requested by https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Certificate IssuerGoogle Trust Services LLC
Subject18plusaccess.com
Fingerprint3C:9E:50:DB:7C:92:2B:6C:65:E5:8A:02:EE:C7:09:60:D5:37:FF:28
ValidityMon, 29 May 2023 20:43:38 GMT - Sun, 27 Aug 2023 20:43:37 GMT
File type ASCII text, with very long lines (28504)
Hash 1965f48ef847b4b08692e9333bae738e
6dd17f6a96e96a1ae12d3d3b3b70b1bf974c93ae
1f8763ab0d04592a57613fc94831399a173cbbf4b45327da4954568b5ab90b5c
GET /auth/npm.axios.f92fcf59ba53eefcc93b.bundle.js HTTP/1.1
Host: 18plusaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Cookie: __ddg1_=4rSzF7ko7eBh22C609rw; PHPSESSID=qi1mq60ue1hs4r7li17ee1fdqr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:33:55 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 20:45:22 GMT
etag: W/"642351e2-6f9a"
expires: Sun, 04 Jun 2023 11:46:35 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 85640
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0QUDWHx3EUH7MguFNI4IAXK1aQRFdbW8Ywvnd7MSge3yvVpaNyaqRuoNGZ7Og1JZZF%2FEThmxIpi87rhe64w0r04S1Oyb82WKXit5678o%2F1H3HvuDp9U%2FsxDDhK9ZMby5cYRQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fdd1d9dbfb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
18plusaccess.com/auth/npm.big-integer.363d763daad0ee4e2741.chunk.js
188.114.97.1 16 kB URL 18plusaccess.com/auth/npm.big-integer.363d763daad0ee4e2741.chunk.js
IP 188.114.97.1:0
Certificate IssuerGoogle Trust Services LLC
Subject18plusaccess.com
Fingerprint3C:9E:50:DB:7C:92:2B:6C:65:E5:8A:02:EE:C7:09:60:D5:37:FF:28
ValidityMon, 29 May 2023 20:43:38 GMT - Sun, 27 Aug 2023 20:43:37 GMT
File type ASCII text, with very long lines (21339)
Hash 6ce5e9590b459bd00b361dd01310c461
a2d9f2e684b1ed499ee7e07c549a31202da2082c
fd557b2bac9a6a309ff79983a9b734ebb0ead457104892de985004563df53afa
GET /auth/npm.big-integer.363d763daad0ee4e2741.chunk.js HTTP/1.1
Host: 18plusaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18plusaccess.com/auth/crypto.worker.dcf8eedefa534c62da70.chunk.js
Cookie: __ddg1_=4rSzF7ko7eBh22C609rw; PHPSESSID=qi1mq60ue1hs4r7li17ee1fdqr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:33:55 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 20:45:22 GMT
etag: W/"642351e2-53a2"
expires: Sun, 04 Jun 2023 12:09:16 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 84279
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqaVaGSqObrVXnHBrdrQSWdEoVvQuvx4MtbggzcjPO46swTh54P5OOnUgeYfRnG9L89A1UYeT30lxoCsCbTx%2F2uUCS%2Bgo%2FPDWDZAeiDAZLsW6w2t2xK6wTzb4zjDfF%2FsF%2B7q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fdd20d9e9b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
188.114.97.1200 OK 10 kB URL User Request GET HTTP/3 18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subject18plusaccess.com
Fingerprint3C:9E:50:DB:7C:92:2B:6C:65:E5:8A:02:EE:C7:09:60:D5:37:FF:28
ValidityMon, 29 May 2023 20:43:38 GMT - Sun, 27 Aug 2023 20:43:37 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8745)
Hash 7da17638a6d0b29a1d870f1fae6ecec2
a67cc34d777a287135321f4eedcc94deca82488e
0971b32f047be67537e891b6a779e1ad40c9b0bfc79b7c134a3a857d23cb26ee
Analyzer Verdict Alert openphish Telegram
GET /f054426fc6d5ed531f7267c879d2be58 HTTP/1.1
Host: 18plusaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __ddg1_=4rSzF7ko7eBh22C609rw; PHPSESSID=qi1mq60ue1hs4r7li17ee1fdqr
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:33:56 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=htiIPBzIfPGFF6QMWaZQnhcLnWy6hFzSZclSNfiTo5v5Q7mezuwwGtqLt3q81DzK0y9gdCuEA8JKp70YOdFN3g5iqLr%2FA9S62DVxELdghURQafsAVmCEbtV%2BjYkgGCAwT3DS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d1fdd20a9b9b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.3 471 B IP 142.250.74.3:0
Hash ca359c54531ea823812a5abbcf85eb97
6c9d445dc87b58e70dfd8d80a15374667f9f0b4f
32015b73ad6385df42848ae288806993cab31ee8f210e61ac5d2857fa0d30805
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 11:33:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3 471 B IP 142.250.74.3:0
Hash 0f9b480992f630430e33e1063b414542
bcaedb7914f5c0069c7f4187dad0ae8a4e2d94d9
bfcc73247d3e026090d69a4b8348f2a506fa1f8eb40fbd2e709482b7f5c5b750
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 11:33:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3 471 B IP 142.250.74.3:0
Hash 0f9b480992f630430e33e1063b414542
bcaedb7914f5c0069c7f4187dad0ae8a4e2d94d9
bfcc73247d3e026090d69a4b8348f2a506fa1f8eb40fbd2e709482b7f5c5b750
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 11:33:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/
142.250.74.132 5.5 kB IP 142.250.74.132:0
Hash 22205a457bc2d381ed753d6655566a39
4e38cbf229ab050983d3d3f9db6f8faee66596bd
a657272e4b5999f36b6f84dbbfd9aabc84952a271624c1871983c88aa035f078
GET / HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://18plusaccess.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Jun 2023 11:33:57 GMT
expires: -1
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
content-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-XQTrNEfYkBkKaWk3aMQotw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 58392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: AEC=AUEFqZe9fTVj1kLr4Y6L9nTACM97TuSU-uisXGbc-gy3ElQ-J89YYKOrqg; expires=Fri, 01-Dec-2023 11:33:57 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
__Secure-ENID=12.SE=BfVnU-GycmEAkYFs6M8frfDcpg-y7azYlAtD-Tcs2Eekof0XsUUy83WZyazXvWHpCD9n2vtX5TWGAAWV4axwjBDoSWgXwbXl-Z28Lpqw-yTQ6270fChPGfWYQsYwE7N0rQvKcMBqxvOhTnV0IFBwqWTGrpUUIFfd0OItaq_SFeA; expires=Thu, 04-Jul-2024 03:52:15 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
CONSENT=PENDING+072; expires=Tue, 03-Jun-2025 11:33:57 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
venus.web.telegram.org/apiw1
149.154.167.99 652 B URL venus.web.telegram.org/apiw1
IP 149.154.167.99:0
ASN #62041 Telegram Messenger Inc
Hash 75295e496471ad642e4f4e09be49b665
845da26db92c8e6332f2288b84ff02bcfb200249
adbb0915ec3f2b19ca65c650956e033045c1f59dcc376fd9211a27871daa0654
POST /apiw1 HTTP/1.1
Host: venus.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://18plusaccess.com/
Content-Length: 340
Origin: https://18plusaccess.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 04 Jun 2023 11:33:58 GMT
content-type: application/octet-stream
content-length: 652
pragma: no-cache
cache-control: no-store
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: origin, content-type
access-control-max-age: 1728000
strict-transport-security: max-age=35768000
X-Firefox-Spdy: h2
venus.web.telegram.org/apiw1
149.154.167.99 72 B URL venus.web.telegram.org/apiw1
IP 149.154.167.99:0
ASN #62041 Telegram Messenger Inc
Hash b191e06f834019eb6870f27916c4cbb5
d15fdea7d90249ba968c91a1a96721e9dc275342
e7eb438cb50d90cca73e71d2f2db009f9d91ce51909d7cf4baf8fa73f8a092f8
POST /apiw1 HTTP/1.1
Host: venus.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://18plusaccess.com/
Content-Length: 396
Origin: https://18plusaccess.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 04 Jun 2023 11:33:58 GMT
content-type: application/octet-stream
content-length: 72
pragma: no-cache
cache-control: no-store
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: origin, content-type
access-control-max-age: 1728000
strict-transport-security: max-age=35768000
X-Firefox-Spdy: h2
venus.web.telegram.org/apiw1
149.154.167.99 169 B URL venus.web.telegram.org/apiw1
IP 149.154.167.99:0
ASN #62041 Telegram Messenger Inc
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash c2a982d42f89274763eef2a44fe01030
86e6d53f6478cdd0c05611093d9c55a953454af7
d8b55de3a4d5331f3b450a86bb907afe17dc964adca30f39d101a3d55a4a9d6a
POST /apiw1 HTTP/1.1
Host: venus.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://18plusaccess.com/
Content-Length: 0
Origin: https://18plusaccess.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx/1.18.0
date: Sun, 04 Jun 2023 11:34:06 GMT
content-type: text/html
content-length: 169
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: origin, content-type
access-control-max-age: 1728000
X-Firefox-Spdy: h2
venus.web.telegram.org/apiw1
149.154.167.99 168 B URL venus.web.telegram.org/apiw1
IP 149.154.167.99:0
ASN #62041 Telegram Messenger Inc
Hash c976f92681d5e937f662864361e3656b
0a14513b35131787039678d43fba300bee4f64f6
8bfb9eb7ebf23704c4f7e98a0bd3231b3a0c8776ee627f5a00621e5e06a6f3b3
POST /apiw1 HTTP/1.1
Host: venus.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://18plusaccess.com/
Content-Length: 104
Origin: https://18plusaccess.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 04 Jun 2023 11:34:06 GMT
content-type: application/octet-stream
content-length: 168
pragma: no-cache
cache-control: no-store
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: origin, content-type
access-control-max-age: 1728000
strict-transport-security: max-age=35768000
X-Firefox-Spdy: h2
venus.web.telegram.org/apiw1
149.154.167.99 648 B URL venus.web.telegram.org/apiw1
IP 149.154.167.99:0
ASN #62041 Telegram Messenger Inc
Hash 154eee9c3fa83aa87a9d725ad087c5da
f74c315fe6c2556907a4382afa3d3137d3efd6c4
6db117dfda230a28dc09ad380585108472debacc6b192d3c240f3ca7c3d5873b
POST /apiw1 HTTP/1.1
Host: venus.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://18plusaccess.com/
Content-Length: 488
Origin: https://18plusaccess.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 04 Jun 2023 11:34:07 GMT
content-type: application/octet-stream
content-length: 648
pragma: no-cache
cache-control: no-store
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: origin, content-type
access-control-max-age: 1728000
strict-transport-security: max-age=35768000
X-Firefox-Spdy: h2
venus.web.telegram.org/apiw1
149.154.167.99 168 B URL venus.web.telegram.org/apiw1
IP 149.154.167.99:0
ASN #62041 Telegram Messenger Inc
Hash d0d554239b22d243a531c198c58f3850
84adf01b0bf79c217d5d496eec0bdfe72d2d7c6c
566f89bd73c23918e8a752661eda92160ccee684d4ab70590b0400df692e076c
POST /apiw1 HTTP/1.1
Host: venus.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://18plusaccess.com/
Content-Length: 120
Origin: https://18plusaccess.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 04 Jun 2023 11:34:07 GMT
content-type: application/octet-stream
content-length: 168
pragma: no-cache
cache-control: no-store
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: origin, content-type
access-control-max-age: 1728000
strict-transport-security: max-age=35768000
X-Firefox-Spdy: h2
18plusaccess.com/auth/main.3de30c2bed8077e797fd.bundle.js
188.114.97.1200 OK 26 kB URL GET HTTP/3 18plusaccess.com/auth/main.3de30c2bed8077e797fd.bundle.js
IP 188.114.97.1:443
Requested by https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Certificate IssuerGoogle Trust Services LLC
Subject18plusaccess.com
Fingerprint3C:9E:50:DB:7C:92:2B:6C:65:E5:8A:02:EE:C7:09:60:D5:37:FF:28
ValidityMon, 29 May 2023 20:43:38 GMT - Sun, 27 Aug 2023 20:43:37 GMT
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash 2ef5a8c56d0f0409197214876bcac474
4562b2eada66553a93676c5c388d6a9b12130279
0b6f257ec5dca173d65f32d5fc78d3ff6d6d25bf7740af3b29d42840f8491c41
GET /auth/main.3de30c2bed8077e797fd.bundle.js HTTP/1.1
Host: 18plusaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Cookie: __ddg1_=4rSzF7ko7eBh22C609rw; PHPSESSID=qi1mq60ue1hs4r7li17ee1fdqr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:33:56 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 20:45:22 GMT
etag: W/"642351e2-122a2"
expires: Sun, 04 Jun 2023 11:46:35 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 85641
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EVP1s%2Bg8Mz1j9Lgiuxr9LaUi3hhOSN%2BiOzgnRihUSjEwZqGMuXPmC%2FcwzxvYqaLVdGsH3yE0Bg5h1lSPQJLElj5Y8%2FkoaJPhgvZKp6%2Bko8J6NVdW%2BwwdB9Ff0tMzTYwlSdz3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fdd21fb43b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
18plusaccess.com/auth/assets/fonts/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
188.114.97.1200 OK 6.7 kB URL GET HTTP/3 18plusaccess.com/auth/assets/fonts/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
IP 188.114.97.1:443
Requested by https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Certificate IssuerGoogle Trust Services LLC
Subject18plusaccess.com
Fingerprint3C:9E:50:DB:7C:92:2B:6C:65:E5:8A:02:EE:C7:09:60:D5:37:FF:28
ValidityMon, 29 May 2023 20:43:38 GMT - Sun, 27 Aug 2023 20:43:37 GMT
File type Web Open Font Format (Version 2), TrueType, length 6720, version 1.0\012- data
Hash ddbe8450ae34795dee574854e9b01533
5c9aaeb1b9de21b0fb4c7d9b92276dc5ab81b8ab
daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca
GET /auth/assets/fonts/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2 HTTP/1.1
Host: 18plusaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://18plusaccess.com/auth/main.e56db75b316ada3ec120.css
Cookie: __ddg1_=4rSzF7ko7eBh22C609rw; PHPSESSID=qi1mq60ue1hs4r7li17ee1fdqr
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:34:07 GMT
content-type: application/octet-stream
content-length: 6720
last-modified: Tue, 28 Mar 2023 20:45:21 GMT
etag: "642351e1-1a40"
expires: Sun, 04 Jun 2023 19:58:04 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 56163
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8OAM8DdiiTAZW5xN%2Fee1Wxj2rzMSMB8mRlwTmBMzgoQz1FrBAOwP1yaOuwjWXcXItu5X2l5EsyVCS3v1JiFQJmGw0JUkORy246T1ttw2INRMhWTw52Zzx4Dl2rNllYT%2FAX%2Bp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fdd67fa4eb517-OSL
alt-svc: h3=":443"; ma=86400
18plusaccess.com/auth/assets/fonts/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
188.114.97.1200 OK 8.0 kB URL GET HTTP/3 18plusaccess.com/auth/assets/fonts/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
IP 188.114.97.1:443
Requested by https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Certificate IssuerGoogle Trust Services LLC
Subject18plusaccess.com
Fingerprint3C:9E:50:DB:7C:92:2B:6C:65:E5:8A:02:EE:C7:09:60:D5:37:FF:28
ValidityMon, 29 May 2023 20:43:38 GMT - Sun, 27 Aug 2023 20:43:37 GMT
File type Web Open Font Format (Version 2), TrueType, length 8024, version 1.0\012- data
Hash 073578b7f22768baa58cf9a87380538a
702b779b7ea064cc4713f2234dc74b1097aee389
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
GET /auth/assets/fonts/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2 HTTP/1.1
Host: 18plusaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://18plusaccess.com/auth/main.e56db75b316ada3ec120.css
Cookie: __ddg1_=4rSzF7ko7eBh22C609rw; PHPSESSID=qi1mq60ue1hs4r7li17ee1fdqr
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:34:07 GMT
content-type: application/octet-stream
content-length: 8024
last-modified: Tue, 28 Mar 2023 20:45:21 GMT
etag: "642351e1-1f58"
expires: Sun, 04 Jun 2023 19:58:03 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 56164
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AISD33BgyTbhWC%2B2dPw1ECvHFpvmpt6ZN8C0UxmZdtnev8smz3X89QOO2mNBIeMw3kOyamLT%2BEhGJN%2FYCe%2BivBivhj%2BsxUiZPnxVLXl58TVRfSmutN98DPCKEIonwUw5CJgf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fdd67fa51b517-OSL
alt-svc: h3=":443"; ma=86400
18plusaccess.com/auth/assets/fonts/KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2
188.114.97.1200 OK 6.9 kB URL GET HTTP/3 18plusaccess.com/auth/assets/fonts/KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2
IP 188.114.97.1:443
Requested by https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Certificate IssuerGoogle Trust Services LLC
Subject18plusaccess.com
Fingerprint3C:9E:50:DB:7C:92:2B:6C:65:E5:8A:02:EE:C7:09:60:D5:37:FF:28
ValidityMon, 29 May 2023 20:43:38 GMT - Sun, 27 Aug 2023 20:43:37 GMT
File type Web Open Font Format (Version 2), TrueType, length 6864, version 1.0\012- data
Hash 2efb23d70eb9a590216a126ce28120b0
27786db7735f04a4d59ad023fd327d2dea51ae68
af2fdef955568dc79de38bfb097d53586855945811b638d6c41513bd62e25cc4
GET /auth/assets/fonts/KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2 HTTP/1.1
Host: 18plusaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://18plusaccess.com/auth/main.e56db75b316ada3ec120.css
Cookie: __ddg1_=4rSzF7ko7eBh22C609rw; PHPSESSID=qi1mq60ue1hs4r7li17ee1fdqr
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:34:07 GMT
content-type: application/octet-stream
content-length: 6864
last-modified: Tue, 28 Mar 2023 20:45:21 GMT
etag: "642351e1-1ad0"
expires: Sun, 04 Jun 2023 19:58:04 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 56163
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ptum85XfCaQFkWiY%2FvYVqFdW%2FIM8Q26%2B8KLYU1QhP5vnX5NDnDG5OJENe9SMd%2FlhJJycaLEhfZROlc21M8kNUihSRR%2FM8IG5ErBHdkwibo3E6YfwYSawBEAZkd2N5%2B1JpXm9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fdd681a83b517-OSL
alt-svc: h3=":443"; ma=86400
18plusaccess.com/auth/assets/fonts/KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2
188.114.97.1200 OK 7.9 kB URL GET HTTP/3 18plusaccess.com/auth/assets/fonts/KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2
IP 188.114.97.1:443
Requested by https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Certificate IssuerGoogle Trust Services LLC
Subject18plusaccess.com
Fingerprint3C:9E:50:DB:7C:92:2B:6C:65:E5:8A:02:EE:C7:09:60:D5:37:FF:28
ValidityMon, 29 May 2023 20:43:38 GMT - Sun, 27 Aug 2023 20:43:37 GMT
File type Web Open Font Format (Version 2), TrueType, length 7924, version 1.0\012- data
Hash 5d39c40b5f1d878434af6212575d928a
3485c7ae4231075e5b7424e73c8626fdca02e0ad
ac4f45c63e7192b1c9fb64be19be7a03084e16dc33b4dcfedabb44cb390c25a2
GET /auth/assets/fonts/KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2 HTTP/1.1
Host: 18plusaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://18plusaccess.com/auth/main.e56db75b316ada3ec120.css
Cookie: __ddg1_=4rSzF7ko7eBh22C609rw; PHPSESSID=qi1mq60ue1hs4r7li17ee1fdqr
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:34:07 GMT
content-type: application/octet-stream
content-length: 7924
last-modified: Tue, 28 Mar 2023 20:45:21 GMT
etag: "642351e1-1ef4"
expires: Sun, 04 Jun 2023 19:58:04 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 56163
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=guGeegOyMn2DIefJBSmbcLsWxRUTAYmszWOE2VxDrKaIAeolPO%2BpOiufTIlhh%2FANn85xfXN5QY%2BVjjcky1zYGJwX0LTXIHP71X6JWUg0NXgF%2F7ZDj4jPTMN42kFu0Dr5rdIq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fdd681a88b517-OSL
alt-svc: h3=":443"; ma=86400
venus.web.telegram.org/apiw1
149.154.167.99 136 B URL venus.web.telegram.org/apiw1
IP 149.154.167.99:0
ASN #62041 Telegram Messenger Inc
Hash 6136935bb4ab39a718e18fa1875df25f
5047fe6d61a4d7ec39c2b9cbba910bde8805c8cb
7c38ce469c2d4a777fafd3eea230236f5c6d179346d20b034a041a1678d204a8
POST /apiw1 HTTP/1.1
Host: venus.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://18plusaccess.com/
Content-Length: 200
Origin: https://18plusaccess.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 04 Jun 2023 11:34:10 GMT
content-type: application/octet-stream
content-length: 136
pragma: no-cache
cache-control: no-store
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: origin, content-type
access-control-max-age: 1728000
strict-transport-security: max-age=35768000
X-Firefox-Spdy: h2
18plusaccess.com/auth/npm.qr-code-styling.f8f57a1c721e03c3f699.chunk.js
188.114.97.1200 OK 16 kB URL GET HTTP/3 18plusaccess.com/auth/npm.qr-code-styling.f8f57a1c721e03c3f699.chunk.js
IP 188.114.97.1:443
Requested by https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Certificate IssuerGoogle Trust Services LLC
Subject18plusaccess.com
Fingerprint3C:9E:50:DB:7C:92:2B:6C:65:E5:8A:02:EE:C7:09:60:D5:37:FF:28
ValidityMon, 29 May 2023 20:43:38 GMT - Sun, 27 Aug 2023 20:43:37 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (65245)
Hash be8bb8aacae4a7a79e6ddd80e0c61439
c7cb9bed0d158ef1db78867a25fcfe196a27777a
932e9a817af82373fc18ab3c39ad1bbc706d3b4e5979407c0ad4f5320b099136
GET /auth/npm.qr-code-styling.f8f57a1c721e03c3f699.chunk.js HTTP/1.1
Host: 18plusaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Cookie: __ddg1_=4rSzF7ko7eBh22C609rw; PHPSESSID=qi1mq60ue1hs4r7li17ee1fdqr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:33:56 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 20:45:22 GMT
etag: W/"642351e2-ff4e"
expires: Sun, 04 Jun 2023 21:48:41 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 49515
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4IH5V8bGWpI%2FBNbxNnmHefxwsJi6BqV7eHycRr8x0DHnCssSV3E4FqtrUhxQU%2FrsF95qVvLAJFJvi7Mi5L6YqPiHLX07gz22pqTSCjeeZo2WrVvh4RusdjAHY6SOqAqyCSB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fdd25f924b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
18plusaccess.com/auth/297.f6b366c75aa6db05175b.chunk.js
188.114.97.1200 OK 1.4 MB URL GET HTTP/3 18plusaccess.com/auth/297.f6b366c75aa6db05175b.chunk.js
IP 188.114.97.1:443
Requested by https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Certificate IssuerGoogle Trust Services LLC
Subject18plusaccess.com
Fingerprint3C:9E:50:DB:7C:92:2B:6C:65:E5:8A:02:EE:C7:09:60:D5:37:FF:28
ValidityMon, 29 May 2023 20:43:38 GMT - Sun, 27 Aug 2023 20:43:37 GMT
Size 1.4 MB (1430068 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /auth/297.f6b366c75aa6db05175b.chunk.js HTTP/1.1
Host: 18plusaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Cookie: __ddg1_=4rSzF7ko7eBh22C609rw; PHPSESSID=qi1mq60ue1hs4r7li17ee1fdqr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:33:56 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 20:45:22 GMT
etag: W/"642351e2-15d234"
expires: Sun, 04 Jun 2023 12:09:15 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 84281
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQ4lDVX4P0uBX%2B3hz1HN85lwEGhrzFVq1FMtIF3DZTGkI3yzpGkuHGXYYtbj36wEny3FhKPStrrRoRHOIZq03MG3LEMqu3f7M8z5YNFI2JToQ4BJH0yA%2FbGjx28wRRFwwrLd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fdd235d77b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
18plusaccess.com/auth/110.f631a7f89ada7f0d7f1d.bundle.js
188.114.97.1200 OK 25 kB URL GET HTTP/3 18plusaccess.com/auth/110.f631a7f89ada7f0d7f1d.bundle.js
IP 188.114.97.1:443
Requested by https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Certificate IssuerGoogle Trust Services LLC
Subject18plusaccess.com
Fingerprint3C:9E:50:DB:7C:92:2B:6C:65:E5:8A:02:EE:C7:09:60:D5:37:FF:28
ValidityMon, 29 May 2023 20:43:38 GMT - Sun, 27 Aug 2023 20:43:37 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /auth/110.f631a7f89ada7f0d7f1d.bundle.js HTTP/1.1
Host: 18plusaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Cookie: __ddg1_=4rSzF7ko7eBh22C609rw; PHPSESSID=qi1mq60ue1hs4r7li17ee1fdqr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:33:56 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 20:45:22 GMT
etag: W/"642351e2-61df"
expires: Sun, 04 Jun 2023 11:46:35 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 85641
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hC8qhz1WKZFEF3Vvixju3XW7ahoY%2FOSrmUmageV7MkE5dLUbMxL2flJQOm4GkCOIYrFMDZaMz5vTBavbTyVQkg3Ehz9SqFfv1dzhp%2F2Z%2BWZTUC9GUc6RE4dfKDgNocmQRH6c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fdd21fb41b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
18plusaccess.com/auth/104.062fcac0f4ebb16b79c0.chunk.js
188.114.97.1200 OK 65 kB URL GET HTTP/3 18plusaccess.com/auth/104.062fcac0f4ebb16b79c0.chunk.js
IP 188.114.97.1:443
Requested by https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Certificate IssuerGoogle Trust Services LLC
Subject18plusaccess.com
Fingerprint3C:9E:50:DB:7C:92:2B:6C:65:E5:8A:02:EE:C7:09:60:D5:37:FF:28
ValidityMon, 29 May 2023 20:43:38 GMT - Sun, 27 Aug 2023 20:43:37 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /auth/104.062fcac0f4ebb16b79c0.chunk.js HTTP/1.1
Host: 18plusaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Cookie: __ddg1_=4rSzF7ko7eBh22C609rw; PHPSESSID=qi1mq60ue1hs4r7li17ee1fdqr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:33:56 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 20:45:22 GMT
etag: W/"642351e2-fde6"
expires: Sun, 04 Jun 2023 12:09:14 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 84282
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRRWa8fihz9EQU3vwRE7DnqDWZjnAD8E0hHUWAH7Se8MJiUHH76dRUfjmgC3%2BHRT60bKol%2FwW2bpwyK79AP%2FTsZpM8i3ig4117AxDUoHkq2Ww%2Bnmmrpe9MyDiySQhhuDmYin"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fdd230ccbb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
18plusaccess.com/auth/301.3b69ce90988a4960543d.chunk.js
188.114.97.1200 OK 1.8 kB URL GET HTTP/3 18plusaccess.com/auth/301.3b69ce90988a4960543d.chunk.js
IP 188.114.97.1:443
Requested by https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Certificate IssuerGoogle Trust Services LLC
Subject18plusaccess.com
Fingerprint3C:9E:50:DB:7C:92:2B:6C:65:E5:8A:02:EE:C7:09:60:D5:37:FF:28
ValidityMon, 29 May 2023 20:43:38 GMT - Sun, 27 Aug 2023 20:43:37 GMT
File type troff or preprocessor input, ASCII text, with very long lines (1884), with no line terminators
Hash 1a0f624fdacf507700a9465c6f43ccfa
722a34552d9a39fd6b962f19a4f63833b26f0517
da8a9fd03d7e2d2263a33310ea5d9c2364a453c6a3a74b6e307d03d184382f8a
GET /auth/301.3b69ce90988a4960543d.chunk.js HTTP/1.1
Host: 18plusaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Cookie: __ddg1_=4rSzF7ko7eBh22C609rw; PHPSESSID=qi1mq60ue1hs4r7li17ee1fdqr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:33:56 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 20:45:22 GMT
etag: W/"642351e2-6e4"
expires: Sun, 04 Jun 2023 12:09:13 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 84283
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HpH6mxyfCSONwdcpdMTu%2FC7GkqULIZgdQZ23mQYjg%2FTnFxEUeIUTDvylSYoMlvnsD38Mvc8ks4MyAaVUnmCQeGF%2BWYwtVkThty9Uqtp5Jm9w0hZfHVLuq6ocZmr2Izaxdi2t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fdd230cd0b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
18plusaccess.com/auth/assets/img/favicon-16x16.png?v=jw3mK7G9Ry
188.114.97.1200 OK 1.0 kB URL GET HTTP/3 18plusaccess.com/auth/assets/img/favicon-16x16.png?v=jw3mK7G9Ry
IP 188.114.97.1:443
Requested by https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Certificate IssuerGoogle Trust Services LLC
Subject18plusaccess.com
Fingerprint3C:9E:50:DB:7C:92:2B:6C:65:E5:8A:02:EE:C7:09:60:D5:37:FF:28
ValidityMon, 29 May 2023 20:43:38 GMT - Sun, 27 Aug 2023 20:43:37 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash e3ce05eb00b3215df220efaf0fd06e21
d1533966f79dc2984c34317035f31cf3c91298c9
0d67b7e8ea46e3c959329a0e79a8c8b236187f452edc7049524245e4aa6bee21
GET /auth/assets/img/favicon-16x16.png?v=jw3mK7G9Ry HTTP/1.1
Host: 18plusaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Cookie: __ddg1_=4rSzF7ko7eBh22C609rw; PHPSESSID=qi1mq60ue1hs4r7li17ee1fdqr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:33:56 GMT
content-type: image/png
content-length: 1012
last-modified: Tue, 28 Mar 2023 20:45:22 GMT
etag: "642351e2-3f4"
expires: Sun, 04 Jun 2023 22:33:33 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 46823
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wIWGbZTnNVGX0kWDIScZReYYuol4asAVHjg2F7tkEzB2kZ9kW%2Ftu8sVSwSMcBYNl497%2BkV4Mek%2FCk8j1IKrs3nmEMB%2BS3MyAnwfgYrq%2Ba5zSDXSGIDXuFvA3v1JBmVtBi%2FF1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fdd23fe43b517-OSL
alt-svc: h3=":443"; ma=86400
18plusaccess.com/auth/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
188.114.97.1200 OK 11 kB URL GET HTTP/3 18plusaccess.com/auth/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
IP 188.114.97.1:443
Requested by https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Certificate IssuerGoogle Trust Services LLC
Subject18plusaccess.com
Fingerprint3C:9E:50:DB:7C:92:2B:6C:65:E5:8A:02:EE:C7:09:60:D5:37:FF:28
ValidityMon, 29 May 2023 20:43:38 GMT - Sun, 27 Aug 2023 20:43:37 GMT
File type Web Open Font Format (Version 2), TrueType, length 11016, version 1.0\012- data
Hash 15fa3062f8929bd3b05fdca5259db412
6ff06a34f68ad0324ddec1bbe4d453c959178b36
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
GET /auth/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: 18plusaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://18plusaccess.com/auth/main.e56db75b316ada3ec120.css
Cookie: __ddg1_=4rSzF7ko7eBh22C609rw; PHPSESSID=qi1mq60ue1hs4r7li17ee1fdqr
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:33:56 GMT
content-type: application/octet-stream
content-length: 11016
last-modified: Tue, 28 Mar 2023 20:45:21 GMT
etag: "642351e1-2b08"
expires: Sun, 04 Jun 2023 14:05:53 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 77283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JK62ekxnwmJ7zAqhxqCSrdKtzaI30LqLyMPtzmjHYNfy%2B%2F0CFFN%2FkTXsoiK9jCYF1I79zbUtwN7SoAx3V9%2B%2BUP6GXY%2BbWEbuHMIFMNpaQAmlV3rG25AcaGTIpyB6rzBbJIwO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fdd2679c5b517-OSL
alt-svc: h3=":443"; ma=86400
18plusaccess.com/auth/main.e56db75b316ada3ec120.css
188.114.97.1200 OK 407 kB URL GET HTTP/3 18plusaccess.com/auth/main.e56db75b316ada3ec120.css
IP 188.114.97.1:443
Requested by https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Certificate IssuerGoogle Trust Services LLC
Subject18plusaccess.com
Fingerprint3C:9E:50:DB:7C:92:2B:6C:65:E5:8A:02:EE:C7:09:60:D5:37:FF:28
ValidityMon, 29 May 2023 20:43:38 GMT - Sun, 27 Aug 2023 20:43:37 GMT
Size 407 kB (406610 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /auth/main.e56db75b316ada3ec120.css HTTP/1.1
Host: 18plusaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Cookie: __ddg1_=4rSzF7ko7eBh22C609rw; PHPSESSID=qi1mq60ue1hs4r7li17ee1fdqr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:33:56 GMT
content-type: text/css
last-modified: Tue, 28 Mar 2023 20:45:22 GMT
etag: W/"642351e2-63452"
expires: Sun, 04 Jun 2023 11:46:35 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 85641
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ElKCUe63jqFtkr4wytdLM5sZOCeqideZofE2x7HiPZZ%2FSSz7MGd47zoqEY52OyS%2FFndCDcx%2FRnzxEMFVu0Su6uhEke9aarTdewk27u1m88x73PC56eaNZgAPGo6EhOysf2K8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fdd21fb3bb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
18plusaccess.com/auth/crypto.worker.dcf8eedefa534c62da70.chunk.js
188.114.97.1200 OK 24 kB URL GET HTTP/3 18plusaccess.com/auth/crypto.worker.dcf8eedefa534c62da70.chunk.js
IP 188.114.97.1:443
Requested by https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Certificate IssuerGoogle Trust Services LLC
Subject18plusaccess.com
Fingerprint3C:9E:50:DB:7C:92:2B:6C:65:E5:8A:02:EE:C7:09:60:D5:37:FF:28
ValidityMon, 29 May 2023 20:43:38 GMT - Sun, 27 Aug 2023 20:43:37 GMT
File type ASCII text, with very long lines (24042), with escape sequences
Hash 8db5c17081b798cbdafdf6397b7e7611
9a2afe4a194f8ba7312be69a01dcad481560bf15
10440263c2dede419faa3bda2791ddf3f05d43a77a008e196788b99a3e027d92
GET /auth/crypto.worker.dcf8eedefa534c62da70.chunk.js HTTP/1.1
Host: 18plusaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
DNT: 1
Connection: keep-alive
Cookie: __ddg1_=4rSzF7ko7eBh22C609rw; PHPSESSID=qi1mq60ue1hs4r7li17ee1fdqr
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:33:56 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 20:45:22 GMT
etag: W/"642351e2-5e2f"
expires: Sun, 04 Jun 2023 12:09:13 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 84283
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ih%2FZZMON4jOvDsJerQai0wv94q8pMDyDXnrIQCNbPDw7q4t8s2C8ONDNqGCz1mloGYidCNAOyqEuce32L8anp1rmtha8UcK7oL1ju7pZURjRtJO6ogtStpmGIGChhZ9VqXkg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fdd22bc42b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
18plusaccess.com/auth/assets/img/logo_padded.svg
188.114.97.1200 OK 1.1 kB URL GET HTTP/3 18plusaccess.com/auth/assets/img/logo_padded.svg
IP 188.114.97.1:443
Requested by https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Certificate IssuerGoogle Trust Services LLC
Subject18plusaccess.com
Fingerprint3C:9E:50:DB:7C:92:2B:6C:65:E5:8A:02:EE:C7:09:60:D5:37:FF:28
ValidityMon, 29 May 2023 20:43:38 GMT - Sun, 27 Aug 2023 20:43:37 GMT
File type SVG Scalable Vector Graphics image\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1118), with no line terminators
Hash 4c0b48654a4881c325148a5e00964160
d7d21756c9dd4c1bf4d97087811745aad60506a0
7583a3643a9480ab4d81dd46b700cf3a38ebdd94af1a6059d2b6a3ecff8a65c5
GET /auth/assets/img/logo_padded.svg HTTP/1.1
Host: 18plusaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
DNT: 1
Connection: keep-alive
Cookie: __ddg1_=4rSzF7ko7eBh22C609rw; PHPSESSID=qi1mq60ue1hs4r7li17ee1fdqr
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:34:07 GMT
content-type: image/svg+xml
last-modified: Tue, 28 Mar 2023 20:45:21 GMT
etag: W/"642351e1-42d"
expires: Sun, 04 Jun 2023 21:48:42 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 49525
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0DktsaEjvorUF3hPsLxKin%2BxrnK7NZTbcUyfC1heicLJ6LwfEyu10nrUOkqy0dyzp6IzjOScBSra95%2B41Kgs9HSVe7s7lOkSHaCKDQDixtuEei3NvJNSqUrCfySA2BGv4WVb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fdd66a82bb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
18plusaccess.com/auth/147.cadaa8f16b30c1a7eb48.chunk.js
188.114.97.1200 OK 36 kB URL GET HTTP/3 18plusaccess.com/auth/147.cadaa8f16b30c1a7eb48.chunk.js
IP 188.114.97.1:443
Requested by https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Certificate IssuerGoogle Trust Services LLC
Subject18plusaccess.com
Fingerprint3C:9E:50:DB:7C:92:2B:6C:65:E5:8A:02:EE:C7:09:60:D5:37:FF:28
ValidityMon, 29 May 2023 20:43:38 GMT - Sun, 27 Aug 2023 20:43:37 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /auth/147.cadaa8f16b30c1a7eb48.chunk.js HTTP/1.1
Host: 18plusaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Cookie: __ddg1_=4rSzF7ko7eBh22C609rw; PHPSESSID=qi1mq60ue1hs4r7li17ee1fdqr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:33:56 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 20:45:22 GMT
etag: W/"642351e2-8c94"
expires: Sun, 04 Jun 2023 12:09:15 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 84281
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Fk2lmmqC5bxR5Lj6dAdmusdNMYYA8z3hUACAnJOh%2Fu6lpXxEZ6VsadqkHPhJDpS0YyAv1zNLOsAKLHba9My%2F%2BheLvP9I0agsHJa7vRTtygXTCLs1SkMbxWhlcQ0VkR4Ge3b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fdd235d70b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
18plusaccess.com/auth/style-desktop.7ec8ed3b19fabb19d057.css
188.114.97.1200 OK 338 B URL GET HTTP/3 18plusaccess.com/auth/style-desktop.7ec8ed3b19fabb19d057.css
IP 188.114.97.1:443
Requested by https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Certificate IssuerGoogle Trust Services LLC
Subject18plusaccess.com
Fingerprint3C:9E:50:DB:7C:92:2B:6C:65:E5:8A:02:EE:C7:09:60:D5:37:FF:28
ValidityMon, 29 May 2023 20:43:38 GMT - Sun, 27 Aug 2023 20:43:37 GMT
File type ASCII text, with very long lines (341), with no line terminators
Hash d947c1c667eb5826152b870938c046be
d039547da7d543281d91e05235bf5dade8f8a5dc
d943ecfadb13e373b80cde666c3f0ed45fc9f0e2ee856dd10562b8c2286966d7
GET /auth/style-desktop.7ec8ed3b19fabb19d057.css HTTP/1.1
Host: 18plusaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Cookie: __ddg1_=4rSzF7ko7eBh22C609rw; PHPSESSID=qi1mq60ue1hs4r7li17ee1fdqr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:33:56 GMT
content-type: text/css
last-modified: Tue, 28 Mar 2023 20:45:22 GMT
etag: W/"642351e2-152"
expires: Sun, 04 Jun 2023 12:09:13 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 84283
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GN92o03jpmZlh1AtxTbbPFxUxDVnHsREFkscRbyHIrPErj1WBeOQgXLbX%2FANyOSku%2FOX0zZU9EeUGEcS6bk%2Bxqd5BOVS5g3s56Xu2nDKJ3vEszP6BY3WvP%2FubCzHD%2FfvQQTw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fdd21fb3db517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
18plusaccess.com/auth/85.8313b4f3311fc3546260.bundle.js
188.114.97.1200 OK 7.7 kB URL GET HTTP/3 18plusaccess.com/auth/85.8313b4f3311fc3546260.bundle.js
IP 188.114.97.1:443
Requested by https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Certificate IssuerGoogle Trust Services LLC
Subject18plusaccess.com
Fingerprint3C:9E:50:DB:7C:92:2B:6C:65:E5:8A:02:EE:C7:09:60:D5:37:FF:28
ValidityMon, 29 May 2023 20:43:38 GMT - Sun, 27 Aug 2023 20:43:37 GMT
File type troff or preprocessor input, ASCII text, with very long lines (7767), with no line terminators
Hash f0d019a1f3883b75785cba96ee523d45
8623141c2dac5380dce27b8129f0cc1b7118b7e9
613199cf6ed4d50d313750d2d5eb59500840bbc48693388219a7df30ba732ffe
GET /auth/85.8313b4f3311fc3546260.bundle.js HTTP/1.1
Host: 18plusaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://18plusaccess.com/f054426fc6d5ed531f7267c879d2be58
Cookie: __ddg1_=4rSzF7ko7eBh22C609rw; PHPSESSID=qi1mq60ue1hs4r7li17ee1fdqr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:33:56 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 20:45:22 GMT
etag: W/"642351e2-1e04"
expires: Sun, 04 Jun 2023 11:46:35 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 85641
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bj7l5KBjYR6j6hZScZHgGIJJwxBM0U%2B2hUf8fWbIQcY5tzm6n8Ks6HJW0HHouZsamBd0Cl5YdnYTdg39DX00jtWT%2B6%2BQCCoqQm%2Fur6eRLKnmAK5Wul3%2FdhoWeje9PS21yewi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fdd21fb3fb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400