Report - vietsub.me/

Report Overview

Submitted URL
vietsub.me/
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2023-02-02 17:59:39
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
limurol.com	unknown	2022-07-12T15:53:17Z	2023-03-13T08:06:53Z	3.7 kB	2.8 kB	62.122.171.6
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	1.7 kB	3.6 kB	23.36.76.226
cdn.livechatinc.com	6288	2012-06-22T10:37:34Z	2023-03-13T05:22:02Z	331 B	118 kB	23.36.79.16
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	2.4 kB	4.3 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	4.2 kB	8.5 kB	142.250.74.131
qgxbluhsgad.com	unknown	2022-12-13T17:06:54Z	2023-03-13T01:35:50Z	1.4 kB	2.8 kB	62.122.171.6
apilp-gateway.gzbtdzprof.club	371252	2022-02-08T11:51:26Z	2023-02-26T21:22:19Z	1.4 kB	2.1 kB	172.67.157.151
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-13T05:09:21Z	924 B	85 kB	104.17.24.14
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-13T05:09:29Z	338 B	29 kB	31.13.72.12
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	62 kB	34.120.237.76
api4.trakipsg.net	unknown	2022-12-07T08:58:24Z	2023-02-26T21:22:19Z	1.7 kB	2.5 kB	104.21.57.166
api6.trakipsg.net	unknown	2022-12-07T08:58:24Z	2023-02-26T21:22:19Z	1.3 kB	1.9 kB	104.21.57.166
vietsub.me	unknown	2021-01-12T04:44:40Z	2023-01-25T12:27:41Z	782 B	1.5 kB	188.114.97.1
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	380 B	45 kB	142.250.74.40
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	34.223.234.225
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	1.6 kB	39 kB	142.250.74.67
hit1.club	unknown	2023-01-07T08:52:50Z	2023-02-26T02:03:57Z	7.4 kB	80 kB	188.114.96.1
api.livechatinc.com	5353	2013-12-20T15:27:35Z	2023-03-13T05:22:02Z	2.8 kB	4.0 kB	23.36.79.16
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.0 kB	8.0 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	385 B	1.7 kB	142.250.74.106
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	367 B	21 kB	142.250.74.78

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-02-02	medium	qgxbluhsgad.com	Sinkholed
2023-02-02	medium	qgxbluhsgad.com	Sinkholed
2023-02-02	medium	qgxbluhsgad.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (42)

	URL	Size	First Seen	Last Seen
	ads.vietsub.me/jads/pc.js	908 B	2023-03-13	2023-03-13
Pretty URL ads.vietsub.me/jads/pc.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash fbb7b674e96a80358e1a203537398bde 6c3476f26765279d84fb5163c5e0b1f9f1bbbc53 e5fa108c91d73133211ea7e5280d1f8bf3ab58651586e43f1099e04c9f0c6eb8 Loading...

	ads.vietsub.me/adx/pc.js	616 B	2023-03-13	2023-03-13
Pretty URL ads.vietsub.me/adx/pc.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash 87905d175e7f8f33a2aa1251a22c4b50 936b4cbf73a162f55e1cdf15f2eb55d63fe295a3 b1e0b7880d244808c54cccfec5b223828f3cd10f4dd6591426a04ea641dde9ad Loading...

	hit1.club/?a=a_ddbd5847e4eaeb4a2b594e1c92dafc6d&utm_source=sexsubtv&utm_medium=m-preload-300x250&utm_campaign=cpd-s	481 B	2023-03-12	2023-03-13
Pretty URL hit1.club/?a=a_ddbd5847e4eaeb4a2b594e1c92dafc6d&utm_source=sexsubtv&utm_medium=m-preload-300x250&utm_campaign=cpd-s IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 16:23:53 Last Seen2023-03-13 15:11:11 Times Seen1 Hash 128389222e41940ff7ee77556749cc7d 2de2c992b580487ae753cc7a80472fbd86a9dff5 f7a3457881ecd8b1d72fc0c618ad6270dd666990ad2b681bdf3567efb66c0b6b Loading...

	ads.vietsub.me/jads/adspc.js	181 B	2023-03-13	2023-03-13
Pretty URL ads.vietsub.me/jads/adspc.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash 2000389eeb252484b9b0dfdd615ea4c3 5e8ad458ffbd17dae80767ed733517858ef04b96 430f4d5694747ab9d38e5dd3895885630730d101c77dc16f88554706677d0ff6 Loading...

	vietsub.me/template/js/popular.js	677 B	2023-03-13	2023-03-13
Pretty URL vietsub.me/template/js/popular.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash 81aba691df7aeb7a4329adada6c5fb92 6da12f1444a812d958ab1d870bfb00c87b3b3ab5 fa42e28b02eccfb7e2c4ee8a41380422f463bc96705106584a9956d5525b6669 Loading...

	ads.vietsub.me/sads/pc.js	905 B	2023-03-13	2023-03-13
Pretty URL ads.vietsub.me/sads/pc.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash e011ab86934c6b9a5e6b51ce55977366 db507748c21596bb28a2641dd4502dd583f10d84 afd06050ddc0c05b917e2362b39abfd98e3feacd6b123156056ede471912c258 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-PGM4BJ6	137 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-PGM4BJ6 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash 8ba6980749eea0024ee32e1a2596ea1e 806eef4878fd1b44c8b78c3977014c0d6a075730 f6700b3b21f0c733387b69f2fd3a5f5ae23625c2ed31be8d76bf04eb83afb877 Loading...

	hit1.club/?a=a_ddbd5847e4eaeb4a2b594e1c92dafc6d&utm_source=sexsubtv&utm_medium=m-preload-300x250&utm_campaign=cpd-s	123 B	2023-03-07	2023-10-26
Pretty URL hit1.club/?a=a_ddbd5847e4eaeb4a2b594e1c92dafc6d&utm_source=sexsubtv&utm_medium=m-preload-300x250&utm_campaign=cpd-s IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:33 Last Seen2023-10-26 21:08:30 Times Seen9 Hash 232ac81a565abadf097052355fe7c3f0 9fcf5e64887b61845a55d111c18cabfdbfc19f6f b24b05a324e98bd36750649bf7e26bb8327049d2e640f743360ed4a27694a218 Loading...

	vietsub.me/template/js/bootstrap.min.js	28 kB	2023-03-13	2023-03-13
Pretty URL vietsub.me/template/js/bootstrap.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash 0089f123449e9fb488bfe68cda422fd0 beb79b2edcc57e07153c47e799d5f47d6f9c2e44 6488160ff1648179afdfb519375cce0dcba7fb1715f4205364746cacb02fb761 Loading...

	vietsub.me/	160 B	2023-03-13	2023-03-13
Pretty URL vietsub.me/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash 1e0af92bd8ddd1f18759c9e0c84c5965 8a2dc388c40bb5abfa1fcd126a95e922627f4f73 6435bdba71b95db2db8bbd74904fd7e68429c321d40a409513cbd001133783e9 Loading...

	www.googletagmanager.com/gtag/js?id=G-KC9KNTJELK&l=dataLayer&cx=c	231 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-KC9KNTJELK&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash c0ef5850f36d9ddf9f8f5a0c8ffcf293 644a06308737d85707b839867f3f997bf413281a 9ecbfcf4ce068b7def5f2bbddc600d435bcb67198402571bef6d8558423cddb1 Loading...

	vietsub.me/template/js/jquery.js	97 kB	2023-03-07	2024-04-18
Pretty URL vietsub.me/template/js/jquery.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:37 Last Seen2024-04-18 11:14:38 Times Seen673 Hash 233c7d5dea90dffee999afd6891aeb4d 28dcf912a37d855a5072b83aa78e7c432b728717 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919 Loading...

	ads.vietsub.me/adxad/adspc.js	182 B	2023-03-13	2023-03-13
Pretty URL ads.vietsub.me/adxad/adspc.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash aafeb3ca084dfbeeb7603db96f445b76 fe6fe4887fb89e108435a760e02301750c25fa56 79cd0c9797c561a600a8f2b8e3b3ca09af05f9f6428f294136b4ac10d7c9cd6c Loading...

	ads.vietsub.me/jads/pc1.html	155 B	2023-03-13	2023-03-13
Pretty URL ads.vietsub.me/jads/pc1.html IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash 694f9f293f8fc3f83e23d83285424dd0 f3250c241b7a99816aecd273a831021f348bfca1 f6f9d0ec56174d9981147d990189d4cfb516666692d58d8fac9c04494e0030ad Loading...

	ads.vietsub.me/adxad/pc.js	618 B	2023-03-13	2023-03-13
Pretty URL ads.vietsub.me/adxad/pc.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash e4ae2d77163af6eb8ac02f72d01e915d 6f862e8a537035fbb0d7047ad318b29f5cd7b7e7 bb7809cf863627d8a08e082a7d01bb16884b1fb16dd583f90cb119cfa69eab9d Loading...

	hit1.club/?a=a_ddbd5847e4eaeb4a2b594e1c92dafc6d&utm_source=sexsubtv&utm_medium=m-preload-300x250&utm_campaign=cpd-s	20 B	2023-03-13	2023-03-13
Pretty URL hit1.club/?a=a_ddbd5847e4eaeb4a2b594e1c92dafc6d&utm_source=sexsubtv&utm_medium=m-preload-300x250&utm_campaign=cpd-s IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash 8a9306579dd3bddd5e90b7c92a21b8fb b16869f14a77273d9fceb92cad12010d5985c86c 8e6f9f333f8679f622a1e31694bb0755a63e64d5c9f3dcb42ef1d2b2f2e075f1 Loading...

	api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_ddbd5847e4eaeb4a2b594e1c92dafc6d%26utm_source%3Dsexsubtv%26utm_medium%3Dm-preload-300x250%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__sprwql1d2xo	271 B	2023-03-13	2023-03-13
Pretty URL api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_ddbd5847e4eaeb4a2b594e1c92dafc6d%26utm_source%3Dsexsubtv%26utm_medium%3Dm-preload-300x250%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__sprwql1d2xo IP 23.36.79.16 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash e5397c6d2f3f7a2560fe3244fb4df5d0 2093cb0f2511f46e2ab39f0766bcaad14100794b af64671d33c4b878284c2d6a1d411ca4e7c1874dfd5050e6fc647ca06e91a92e Loading...

	vietsub.me/template/js/jquery.min.js	87 kB	2023-03-07	2024-04-20
Pretty URL vietsub.me/template/js/jquery.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:01 Last Seen2024-04-20 04:45:19 Times Seen25721 Hash 4b57cf46dc8cb95c4cca54afc85e9540 05e1ad0cc600a057886deaf237ab6e3d4fcdb5ac a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855 Loading...

	limurol.com/ssp/req/1957518/?pb=714114c6e586a337237bf3a5497fb7381675367968&psp=K3Q5-W5tOqVTAwPIU-8oRifFaSJ0TWI42CTY2Jgif4MumTe1FUvzYpdDvRjBaxcoR5kSZpdjrKqk9UmyhdwOKZmoX4ZwdVJz-ltPVjqTGkTYeFvgSuQwSsMv59q00CBv9p1D3URkcvtiICDLtEy5zFk1z89UvNN_C9HGxmhThB6r6ccwucrMfelGnVjQmId_f1ADsPNoK35Ar0j05w-T0Tv91TdqB8iRIO7CFc75ogxV7bG9x8es7uysGDJBDjDW-GlVWtOTraADfy9T-bcjdR6a5G9f6UfPWMHBCd1JZGvLXpMWUtLEq7ZETmrwGzU5S6nd87d2UX3MiYj5TO_2VGHyuE1YYDBCMKDCiN1cii8jWqTiV5Q_N5ShvBn1ejTWKyYCiSve-qc1DIy8gJXbYYSI2KFD5Rhng8yh_t4pJprIsYKL583OuJjWM5mse_WYU4pa88nWPjjOi4jdH3x5lSj4IfT4n2HPEE0whEyp9gDzJ7zWB6n4GIGThPwAmVjsG5U0uqM6XKGG404vTK1ohnVCqwpuwdMbW_I9sZFy5RuC2Dl0A5RzDnTMlUB5aCSV36Jr5QADwcV8soendS4Hs8fqBE9jR3IbduHmod9ExiqNb9zBWRbSxMtMvmjPB8k7cyqVtrpAnW9ltl5aer19&cb=_clon2584rnvxovo78lba66&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24	7 B	2023-03-07	2024-04-17
Pretty URL limurol.com/ssp/req/1957518/?pb=714114c6e586a337237bf3a5497fb7381675367968&psp=K3Q5-W5tOqVTAwPIU-8oRifFaSJ0TWI42CTY2Jgif4MumTe1FUvzYpdDvRjBaxcoR5kSZpdjrKqk9UmyhdwOKZmoX4ZwdVJz-ltPVjqTGkTYeFvgSuQwSsMv59q00CBv9p1D3URkcvtiICDLtEy5zFk1z89UvNN_C9HGxmhThB6r6ccwucrMfelGnVjQmId_f1ADsPNoK35Ar0j05w-T0Tv91TdqB8iRIO7CFc75ogxV7bG9x8es7uysGDJBDjDW-GlVWtOTraADfy9T-bcjdR6a5G9f6UfPWMHBCd1JZGvLXpMWUtLEq7ZETmrwGzU5S6nd87d2UX3MiYj5TO_2VGHyuE1YYDBCMKDCiN1cii8jWqTiV5Q_N5ShvBn1ejTWKyYCiSve-qc1DIy8gJXbYYSI2KFD5Rhng8yh_t4pJprIsYKL583OuJjWM5mse_WYU4pa88nWPjjOi4jdH3x5lSj4IfT4n2HPEE0whEyp9gDzJ7zWB6n4GIGThPwAmVjsG5U0uqM6XKGG404vTK1ohnVCqwpuwdMbW_I9sZFy5RuC2Dl0A5RzDnTMlUB5aCSV36Jr5QADwcV8soendS4Hs8fqBE9jR3IbduHmod9ExiqNb9zBWRbSxMtMvmjPB8k7cyqVtrpAnW9ltl5aer19&cb=_clon2584rnvxovo78lba66&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:23 Last Seen2024-04-17 16:44:22 Times Seen16320 Hash a97eb6fbe6f13b601d5d48c0eba8baae 736efb938caf3d0edec406932ada889f1a4f2268 a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821 Loading...

	vietsub.me/template/js/main.js	1.4 kB	2023-03-13	2023-03-13
Pretty URL vietsub.me/template/js/main.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash a7861381100cd6f0ef682a22ca51727c bd5930ae20cfc0c38ef3fb460ccdea1a5eaf56a6 68f7d12a4c262157c697e2195616c28b1e747beb22b08e157816be9b7ab1ae4f Loading...

	api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=14863323&version=101.6.6.88.166.104.50.7.1.131.1.2.412&group_id=1&jsonp=__lc_static_config	4.1 kB	2023-03-13	2023-03-13
Pretty URL api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=14863323&version=101.6.6.88.166.104.50.7.1.131.1.2.412&group_id=1&jsonp=__lc_static_config IP 23.36.79.16 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash e941efec9f16c5bd2f558d631ec4dc7e cb670de5f6f78051e60bc5cd656ef67630c92124 1f0ef55141f0f10e0bb4be4fbd65559194917e06e832f9a4cc00d7b3699f0811 Loading...

	ads.vietsub.me/sads/adspc.js	181 B	2023-03-13	2023-03-13
Pretty URL ads.vietsub.me/sads/adspc.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash f603fb3aa97a777148d8852d8bef7450 f158d19ba502a9b6a22888109b30551a1bad7bd4 39b97598da5703b9166734c2d80a46c6e47be97e5c4294dcb3c51d8918e19fb8 Loading...

	ads.vietsub.me/adx/adspc.js	180 B	2023-03-13	2023-03-13
Pretty URL ads.vietsub.me/adx/adspc.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash 83dda14020acf32f7392c409cf664d93 aa56de605a019027903b22d189ce84d3f4b27b5a 17a786a75cffb25fedbc22b05f7008a180a73ea6355769502336a1788add4de6 Loading...

	api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_e866d7f5c0e9883ad4f912365cdd9d38%26utm_source%3Dsexsubtv%26utm_medium%3Dm-popunder%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__kmauav5s6jr	271 B	2023-03-13	2023-03-13
Pretty URL api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_e866d7f5c0e9883ad4f912365cdd9d38%26utm_source%3Dsexsubtv%26utm_medium%3Dm-popunder%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__kmauav5s6jr IP 23.36.79.16 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash 7cdfa0eeab460b7e84f520624ab08c37 7c419601f9dacb0ce139728a17e915471b6ca871 f7db1a701ca0b2eabda2d8ab2bedfdc098183ea0d02a89648f37e5cd41807ec3 Loading...

	qgxbluhsgad.com/get/1957518?zoneid=1957518&jp=_cl54sshtu2y07wlvbpxagg&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=391271421828285	3.5 kB	2023-03-13	2023-03-13
Pretty URL qgxbluhsgad.com/get/1957518?zoneid=1957518&jp=_cl54sshtu2y07wlvbpxagg&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=391271421828285 IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash 7369e792f3e2f68b9330f8f2f9bf0233 b717ef894f9849f01be494e624a746af6f4f1ddd b0d073a9dba6a4cce231c7a4e1666ec4df05c7cd1c652e16b577e5c7035ca65a Loading...

	connect.facebook.net/en_US/fbevents.js	109 kB	2023-03-13	2023-11-17
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:47:19 Last Seen2023-11-17 16:32:25 Times Seen5 Hash beca88e7d9125b63f58be285031b0930 08cda009ebdf601f0ffe06b0ee3065fff2fb105b c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	www.googletagmanager.com/gtag/js?id=UA-172139683-1	112 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=UA-172139683-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash 6a4d14a251dd20dcbac6e18c8007293b 5a18c60e9e2cf9582de5217df65ee660ce82b4b9 9a0163fa68e11e5541a785107bd0dce549c647bd70fd3b45e89862be2e2c588a Loading...

	hit1.club/?a=a_ddbd5847e4eaeb4a2b594e1c92dafc6d&utm_source=sexsubtv&utm_medium=m-preload-300x250&utm_campaign=cpd-s	745 B	2023-03-12	2023-03-13
Pretty URL hit1.club/?a=a_ddbd5847e4eaeb4a2b594e1c92dafc6d&utm_source=sexsubtv&utm_medium=m-preload-300x250&utm_campaign=cpd-s IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 16:23:53 Last Seen2023-03-13 15:11:11 Times Seen1 Hash 7f57e61acdf60101da46466e66af0a98 a0b6a9df959906f772122e9e1805a3934d0f5a9c 732c36b5334a2e7d77dce926b776bdf2d2ec0fd5738df5e50cdbde2a759da545 Loading...

	cdn.livechatinc.com/tracking.js	87 kB	2023-03-13	2023-03-14
Pretty URL cdn.livechatinc.com/tracking.js IP 23.36.79.16 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:11:34 Last Seen2023-03-14 06:27:26 Times Seen1 Hash 29e075294399875f6fd4bdaa0f4a20e4 4b66dda1ae90f520557c9e3190686a4c4301282c b3fcf409ea4cc82df451395238d14a5c25a8bde7f6d6bf547125ed0b374e2dda Loading...

	api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_bc661f6ebb4a1ff874b371184be3d9ec%26utm_source%3Dsexvccxyz%26utm_medium%3Dm-preload-300x250%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__ksmch7l7i59	271 B	2023-03-13	2023-03-13
Pretty URL api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_bc661f6ebb4a1ff874b371184be3d9ec%26utm_source%3Dsexvccxyz%26utm_medium%3Dm-preload-300x250%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__ksmch7l7i59 IP 23.36.79.16 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash 7b02da7920f84b8978eca617c4eea7b3 4d3f399ea700e021c3cee46252caec19e29ac826 3489efb2f261ca039ee679dedaf5016a34cdebe453162c9ba4975e5cdb3a4139 Loading...

	api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_d21b05784909e2017486d731c84fcdd7%26utm_source%3Dsexvccxyz%26utm_medium%3Dm-popunder%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__y83ryptv4g	270 B	2023-03-13	2023-03-13
Pretty URL api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_d21b05784909e2017486d731c84fcdd7%26utm_source%3Dsexvccxyz%26utm_medium%3Dm-popunder%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__y83ryptv4g IP 23.36.79.16 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash e9c3f82bfed9a9e5f3a545e617005e88 d757e1408bbe7d25b9fb45e342413d9189835d0d 52f58d3ee2986f80f1b0791a17b8aa94bf2b11a17c55404222fcccb90b83ab08 Loading...

	qgxbluhsgad.com/t/9/fret/meow4/1957518/eaf3c389.js	74 kB	2023-03-13	2023-03-13
Pretty URL qgxbluhsgad.com/t/9/fret/meow4/1957518/eaf3c389.js IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash fc30b86379baf03db4f4f92c22d2e7c1 f4803f85532cb75e91efca6b20588405d0e1e2c5 2106f68195e43b39b91b882477f31ee1ea4ceb0f46087a2597bffd52d52ecf73 Loading...

	www.googletagmanager.com/gtag/js?id=UA-141678041-1	112 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=UA-141678041-1 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash 8f786bf6f6550baab72015cb2cf8ec1f 71932dacfab36ad95a772b865a4ca60a7b1f8d8a 812dd48ef20470c2ef484ac87a1cc33c0b66b7f56443f59b0255ec02c86b2ed6 Loading...

		Size	First Seen	Last Seen
	#1 Write - 78a711a13ff9e158efc13df19134864e	246 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash 78a711a13ff9e158efc13df19134864e a44fa3b5818a99264cc37e946ba3ee75bfe106d0 dd1092e558636e08139988a53d15f1c965772149e77b463d29658f686f3c7947 Loading...

	#2 Write - bce8f3ad72a537a9ff2fbeef5e49843a	161 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash bce8f3ad72a537a9ff2fbeef5e49843a 0d88133ce73ae87e9f4e0c1f8452ca34c0de5950 f06c60326f9496a68c0650b31ae4ed1634a020f0496f9f7523d3bd79590b21e6 Loading...

	#3 Write - c97c74b3eb0a1e41525fec0d36c25467	161 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash c97c74b3eb0a1e41525fec0d36c25467 1c687c7f209cde853d8c5c6753ce25f615ae189b 11019e328ac1bc5c6129bd828009efa8bc0358c57ac0a34551820416c131f130 Loading...

	#4 Write - d316c48b2ed120e35ddc412449fbdbb2	162 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash d316c48b2ed120e35ddc412449fbdbb2 3fb160a9d482b6c02aca30041a30951d48801a5c b0f9451107a439e6debab7084beb061d3abefd410447e45fb2ba6c2ed7ffc328 Loading...

	#5 Write - ba28fd3ff252e495f47095a850099596	160 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash ba28fd3ff252e495f47095a850099596 0c3614ed4c8fbae4298b8331cc8f258532fe7417 15dd665450224ce00dd674470672ff9be396e500d17fe37456efa0d423b1f37c Loading...

	#6 Write - a51f7e6b7ed6ad1a03e6111153720611	254 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash a51f7e6b7ed6ad1a03e6111153720611 c7efe01cb7d19e623d864a5c6b69d8ac1110e54a 3683bdc3966a137e3081fe2ec35f5f4c56d78070e88f3a19bbd514a051c8887f Loading...

	#7 Write - dcb238b966dc35a72ab80595689d0b40	247 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash dcb238b966dc35a72ab80595689d0b40 f512ffab2986d89e4bc0741decd41238a519e50c 216b0e9391ebb877bb07e59805c07c5297052e58a050810a9c785ccc5c5f5985 Loading...

	#8 Write - 57d337b96460ababdd4bb1c5d1606f97	253 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 15:11:11 Last Seen2023-03-13 15:11:11 Times Seen1 Hash 57d337b96460ababdd4bb1c5d1606f97 fe008d6f8f0430a53e90b501d9fb695ee3cd9e26 231b63cc22e96b2ecd5de70d77ae975eff250d98a223d6f9aed721653f9c2641 Loading...

HTTP Transactions (95)

URL IP Response Size

vietsub.me/

188.114.97.1

301 Moved Permanently

0 B

URL HTTP/1.1
vietsub.me/
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: vietsub.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 17:59:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 02 Feb 2023 18:59:26 GMT
Location: https://vietsub.me/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AExCY0GeYwI4%2Bn%2BbijmtKO%2FVM%2BQKRURbPYneUvpPqRbvAhgKT11GSynAetjL1u9Bbayc4%2FqTf9IWh9WHhV6ESegWP2gZ56Yktse7WDJWrRUaKkbqYIVy2UmCyRYE"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7934d2197d92b4f3-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6355
Expires: Thu, 02 Feb 2023 19:45:22 GMT
Date: Thu, 02 Feb 2023 17:59:27 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4814
Expires: Thu, 02 Feb 2023 19:19:41 GMT
Date: Thu, 02 Feb 2023 17:59:27 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4341
Expires: Thu, 02 Feb 2023 19:11:48 GMT
Date: Thu, 02 Feb 2023 17:59:27 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 17:43:31 GMT
content-type: application/json
age: 956
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 24k91+FHIOPCwwMEDhJTcMU/wa3Teazl7nUR+64bsp0k4TBI46wo1CQqaXTkrqe7tFA8RmBunD/9YvLbI+WxcQ==
x-amz-request-id: QEGJBYCAG2F6WN0Y
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 17:23:12 GMT
age: 2175
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:59:27 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.24.14

200 OK

5.6 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietsub.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:27 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 587803
expires: Tue, 23 Jan 2024 17:59:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uTbJTSl1kXs6K2NgEOT8txrSDNROp6PuBZ1Ll9OcU8A2DkBaEFLCuEd%2BzObJZRKUS67xqK6pfBtmiV6kcSULF6QH5QrGZnWAWkFDt%2Bal6Mdl%2BMs4UI0AL7AN3zfzrc622fzaoe2e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7934d21d6e3bb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-141678041-1

142.250.74.40

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-141678041-1
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1759)
Size
44 kB (43950 bytes)
Hash
d67dff0fa03fe8aa8ace4c0e75727f69
9e671114d35de464a3ad7a33214a31f93e796d23
0cd08514c39782cd4fc997803d65ee3c16605a471ad2f582b965eb7b38f4dbad

HTTP Headers

GET /gtag/js?id=UA-141678041-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietsub.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 02 Feb 2023 17:59:27 GMT
expires: Thu, 02 Feb 2023 17:59:27 GMT
cache-control: private, max-age=900
last-modified: Thu, 02 Feb 2023 17:04:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43950
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9148
Expires: Thu, 02 Feb 2023 20:31:55 GMT
Date: Thu, 02 Feb 2023 17:59:27 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 17:07:19 GMT
age: 3128
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Open+Sans

142.250.74.106

200 OK

1.1 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.1 kB (1073 bytes)
Hash
bd1189eb2a37eeeef4efb36be6c7292d
842cbe8053c69975829efb9ac33218e478ce8c4f
3100d00982e9b3d484c4345639a23316f08a88ea7ae3401562a80b0375eb5ff0

HTTP Headers

GET /css?family=Open+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietsub.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Feb 2023 17:59:27 GMT
date: Thu, 02 Feb 2023 17:59:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

qgxbluhsgad.com/solid.gif?z=1957518&abvar=4

62.122.171.6

200 OK

43 B

URL HTTP/2
qgxbluhsgad.com/solid.gif?z=1957518&abvar=4
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /solid.gif?z=1957518&abvar=4 HTTP/1.1
Host: qgxbluhsgad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vietsub.me
Connection: keep-alive
Referer: https://vietsub.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:59:28 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

104.17.24.14

200 OK

77 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vietsub.me
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:28 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 668698
expires: Tue, 23 Jan 2024 17:59:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6Tm1PkqkQ0kwPsU65UbGguFhyBVAtP7hsjQ3NLicXYhRiuyhQMoOq7EHqLoq8MSCi119yGUJeetaxtXH1I7x1rIhpVvhDsjvC3JzogS4xsk%2BqsczdDgUneu1CJocksVzgVBIBcP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7934d2207e44b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

34.223.234.225

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.223.234.225:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0JwveJJ0cav6joJk39jujg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IKONfOkVf6U23VaZlT0Z7RouUDE=

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2

142.250.74.67

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12972, version 1.0\012- data
Size
13 kB (12972 bytes)
Hash
f155ae6c5a655f05edb86445bd7e8d76
23115e9e59853e36044ae725d809759b7e8fa5f2
140ef34d138412106d0dc0bf060ba49acf6eaa6610c5bab642b182ddd0d68c8a

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vietsub.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12972
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 02:06:31 GMT
expires: Sat, 27 Jan 2024 02:06:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:15:57 GMT
content-type: font/woff2
age: 575577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

142.250.74.67

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Size
17 kB (16740 bytes)
Hash
e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vietsub.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:44:37 GMT
expires: Fri, 02 Feb 2024 00:44:37 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
age: 62091
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVIGxA.woff2

142.250.74.67

200 OK

7.1 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVIGxA.woff2
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7136, version 1.0\012- data
Size
7.1 kB (7136 bytes)
Hash
c01023539039aee9c88104f9dafcc26c
2035b78a91b36409ce7ac5609bbf7e962127d307
628293787399254217cbac6ee79dee0b2be51b66354fd05a3b79846a28533b46

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVIGxA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vietsub.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7136
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 10:05:13 GMT
expires: Sat, 27 Jan 2024 10:05:13 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:26:34 GMT
content-type: font/woff2
age: 546855
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

limurol.com/ssp/req/1957518/?pb=714114c6e586a337237bf3a5497fb7381675367968&psp=K3Q5-W5tOqVTAwPIU-8oRifFaSJ0TWI42CTY2Jgif4MumTe1FUvzYpdDvRjBaxcoR5kSZpdjrKqk9UmyhdwOKZmoX4ZwdVJz-ltPVjqTGkTYeFvgSuQwSsMv59q00CBv9p1D3URkcvtiICDLtEy5zFk1z89UvNN_C9HGxmhThB6r6ccwucrMfelGnVjQmId_f1ADsPNoK35Ar0j05w-T0Tv91TdqB8iRIO7CFc75ogxV7bG9x8es7uysGDJBDjDW-GlVWtOTraADfy9T-bcjdR6a5G9f6UfPWMHBCd1JZGvLXpMWUtLEq7ZETmrwGzU5S6nd87d2UX3MiYj5TO_2VGHyuE1YYDBCMKDCiN1cii8jWqTiV5Q_N5ShvBn1ejTWKyYCiSve-qc1DIy8gJXbYYSI2KFD5Rhng8yh_t4pJprIsYKL583OuJjWM5mse_WYU4pa88nWPjjOi4jdH3x5lSj4IfT4n2HPEE0whEyp9gDzJ7zWB6n4GIGThPwAmVjsG5U0uqM6XKGG404vTK1ohnVCqwpuwdMbW_I9sZFy5RuC2Dl0A5RzDnTMlUB5aCSV36Jr5QADwcV8soendS4Hs8fqBE9jR3IbduHmod9ExiqNb9zBWRbSxMtMvmjPB8k7cyqVtrpAnW9ltl5aer19&cb=_clon2584rnvxovo78lba66&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24

62.122.171.6

200 OK

7 B

URL HTTP/2
limurol.com/ssp/req/1957518/?pb=714114c6e586a337237bf3a5497fb7381675367968&psp=K3Q5-W5tOqVTAwPIU-8oRifFaSJ0TWI42CTY2Jgif4MumTe1FUvzYpdDvRjBaxcoR5kSZpdjrKqk9UmyhdwOKZmoX4ZwdVJz-ltPVjqTGkTYeFvgSuQwSsMv59q00CBv9p1D3URkcvtiICDLtEy5zFk1z89UvNN_C9HGxmhThB6r6ccwucrMfelGnVjQmId_f1ADsPNoK35Ar0j05w-T0Tv91TdqB8iRIO7CFc75ogxV7bG9x8es7uysGDJBDjDW-GlVWtOTraADfy9T-bcjdR6a5G9f6UfPWMHBCd1JZGvLXpMWUtLEq7ZETmrwGzU5S6nd87d2UX3MiYj5TO_2VGHyuE1YYDBCMKDCiN1cii8jWqTiV5Q_N5ShvBn1ejTWKyYCiSve-qc1DIy8gJXbYYSI2KFD5Rhng8yh_t4pJprIsYKL583OuJjWM5mse_WYU4pa88nWPjjOi4jdH3x5lSj4IfT4n2HPEE0whEyp9gDzJ7zWB6n4GIGThPwAmVjsG5U0uqM6XKGG404vTK1ohnVCqwpuwdMbW_I9sZFy5RuC2Dl0A5RzDnTMlUB5aCSV36Jr5QADwcV8soendS4Hs8fqBE9jR3IbduHmod9ExiqNb9zBWRbSxMtMvmjPB8k7cyqVtrpAnW9ltl5aer19&cb=_clon2584rnvxovo78lba66&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

HTTP Headers

GET /ssp/req/1957518/?pb=714114c6e586a337237bf3a5497fb7381675367968&psp=K3Q5-W5tOqVTAwPIU-8oRifFaSJ0TWI42CTY2Jgif4MumTe1FUvzYpdDvRjBaxcoR5kSZpdjrKqk9UmyhdwOKZmoX4ZwdVJz-ltPVjqTGkTYeFvgSuQwSsMv59q00CBv9p1D3URkcvtiICDLtEy5zFk1z89UvNN_C9HGxmhThB6r6ccwucrMfelGnVjQmId_f1ADsPNoK35Ar0j05w-T0Tv91TdqB8iRIO7CFc75ogxV7bG9x8es7uysGDJBDjDW-GlVWtOTraADfy9T-bcjdR6a5G9f6UfPWMHBCd1JZGvLXpMWUtLEq7ZETmrwGzU5S6nd87d2UX3MiYj5TO_2VGHyuE1YYDBCMKDCiN1cii8jWqTiV5Q_N5ShvBn1ejTWKyYCiSve-qc1DIy8gJXbYYSI2KFD5Rhng8yh_t4pJprIsYKL583OuJjWM5mse_WYU4pa88nWPjjOi4jdH3x5lSj4IfT4n2HPEE0whEyp9gDzJ7zWB6n4GIGThPwAmVjsG5U0uqM6XKGG404vTK1ohnVCqwpuwdMbW_I9sZFy5RuC2Dl0A5RzDnTMlUB5aCSV36Jr5QADwcV8soendS4Hs8fqBE9jR3IbduHmod9ExiqNb9zBWRbSxMtMvmjPB8k7cyqVtrpAnW9ltl5aer19&cb=_clon2584rnvxovo78lba66&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietsub.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:59:28 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=23020212591060caa04d4847aea5f417932f; Path=/; Expires=Fri, 02 Feb 2024 17:59:28 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

62.122.171.6

200 OK

7 B

URL HTTP/2
limurol.com/ssp/req/1957518/?pb=714114c6e586a337237bf3a5497fb7381675367968&psp=K3Q5-W5tOqVTAwPIU-8oRifFaSJ0TWI42CTY2Jgif4MumTe1FUvzYpdDvRjBaxcoR5kSZpdjrKqk9UmyhdwOKZmoX4ZwdVJz-ltPVjqTGkTYeFvgSuQwSsMv59q00CBv9p1D3URkcvtiICDLtEy5zFk1z89UvNN_C9HGxmhThB6r6ccwucrMfelGnVjQmId_f1ADsPNoK35Ar0j05w-T0Tv91TdqB8iRIO7CFc75ogxV7bG9x8es7uysGDJBDjDW-GlVWtOTraADfy9T-bcjdR6a5G9f6UfPWMHBCd1JZGvLXpMWUtLEq7ZETmrwGzU5S6nd87d2UX3MiYj5TO_2VGHyuE1YYDBCMKDCiN1cii8jWqTiV5Q_N5ShvBn1ejTWKyYCiSve-qc1DIy8gJXbYYSI2KFD5Rhng8yh_t4pJprIsYKL583OuJjWM5mse_WYU4pa88nWPjjOi4jdH3x5lSj4IfT4n2HPEE0whEyp9gDzJ7zWB6n4GIGThPwAmVjsG5U0uqM6XKGG404vTK1ohnVCqwpuwdMbW_I9sZFy5RuC2Dl0A5RzDnTMlUB5aCSV36Jr5QADwcV8soendS4Hs8fqBE9jR3IbduHmod9ExiqNb9zBWRbSxMtMvmjPB8k7cyqVtrpAnW9ltl5aer19&cb=_clon2584rnvxovo78lba66&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

HTTP Headers

GET /ssp/req/1957518/?pb=714114c6e586a337237bf3a5497fb7381675367968&psp=K3Q5-W5tOqVTAwPIU-8oRifFaSJ0TWI42CTY2Jgif4MumTe1FUvzYpdDvRjBaxcoR5kSZpdjrKqk9UmyhdwOKZmoX4ZwdVJz-ltPVjqTGkTYeFvgSuQwSsMv59q00CBv9p1D3URkcvtiICDLtEy5zFk1z89UvNN_C9HGxmhThB6r6ccwucrMfelGnVjQmId_f1ADsPNoK35Ar0j05w-T0Tv91TdqB8iRIO7CFc75ogxV7bG9x8es7uysGDJBDjDW-GlVWtOTraADfy9T-bcjdR6a5G9f6UfPWMHBCd1JZGvLXpMWUtLEq7ZETmrwGzU5S6nd87d2UX3MiYj5TO_2VGHyuE1YYDBCMKDCiN1cii8jWqTiV5Q_N5ShvBn1ejTWKyYCiSve-qc1DIy8gJXbYYSI2KFD5Rhng8yh_t4pJprIsYKL583OuJjWM5mse_WYU4pa88nWPjjOi4jdH3x5lSj4IfT4n2HPEE0whEyp9gDzJ7zWB6n4GIGThPwAmVjsG5U0uqM6XKGG404vTK1ohnVCqwpuwdMbW_I9sZFy5RuC2Dl0A5RzDnTMlUB5aCSV36Jr5QADwcV8soendS4Hs8fqBE9jR3IbduHmod9ExiqNb9zBWRbSxMtMvmjPB8k7cyqVtrpAnW9ltl5aer19&cb=_clon2584rnvxovo78lba66&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietsub.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:59:28 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=23020212599a2161962bf1444aaa07181097; Path=/; Expires=Fri, 02 Feb 2024 17:59:28 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

62.122.171.6

200 OK

7 B

URL HTTP/2
limurol.com/ssp/req/1957518/?pb=714114c6e586a337237bf3a5497fb7381675367968&psp=K3Q5-W5tOqVTAwPIU-8oRifFaSJ0TWI42CTY2Jgif4MumTe1FUvzYpdDvRjBaxcoR5kSZpdjrKqk9UmyhdwOKZmoX4ZwdVJz-ltPVjqTGkTYeFvgSuQwSsMv59q00CBv9p1D3URkcvtiICDLtEy5zFk1z89UvNN_C9HGxmhThB6r6ccwucrMfelGnVjQmId_f1ADsPNoK35Ar0j05w-T0Tv91TdqB8iRIO7CFc75ogxV7bG9x8es7uysGDJBDjDW-GlVWtOTraADfy9T-bcjdR6a5G9f6UfPWMHBCd1JZGvLXpMWUtLEq7ZETmrwGzU5S6nd87d2UX3MiYj5TO_2VGHyuE1YYDBCMKDCiN1cii8jWqTiV5Q_N5ShvBn1ejTWKyYCiSve-qc1DIy8gJXbYYSI2KFD5Rhng8yh_t4pJprIsYKL583OuJjWM5mse_WYU4pa88nWPjjOi4jdH3x5lSj4IfT4n2HPEE0whEyp9gDzJ7zWB6n4GIGThPwAmVjsG5U0uqM6XKGG404vTK1ohnVCqwpuwdMbW_I9sZFy5RuC2Dl0A5RzDnTMlUB5aCSV36Jr5QADwcV8soendS4Hs8fqBE9jR3IbduHmod9ExiqNb9zBWRbSxMtMvmjPB8k7cyqVtrpAnW9ltl5aer19&cb=_clon2584rnvxovo78lba66&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

HTTP Headers

GET /ssp/req/1957518/?pb=714114c6e586a337237bf3a5497fb7381675367968&psp=K3Q5-W5tOqVTAwPIU-8oRifFaSJ0TWI42CTY2Jgif4MumTe1FUvzYpdDvRjBaxcoR5kSZpdjrKqk9UmyhdwOKZmoX4ZwdVJz-ltPVjqTGkTYeFvgSuQwSsMv59q00CBv9p1D3URkcvtiICDLtEy5zFk1z89UvNN_C9HGxmhThB6r6ccwucrMfelGnVjQmId_f1ADsPNoK35Ar0j05w-T0Tv91TdqB8iRIO7CFc75ogxV7bG9x8es7uysGDJBDjDW-GlVWtOTraADfy9T-bcjdR6a5G9f6UfPWMHBCd1JZGvLXpMWUtLEq7ZETmrwGzU5S6nd87d2UX3MiYj5TO_2VGHyuE1YYDBCMKDCiN1cii8jWqTiV5Q_N5ShvBn1ejTWKyYCiSve-qc1DIy8gJXbYYSI2KFD5Rhng8yh_t4pJprIsYKL583OuJjWM5mse_WYU4pa88nWPjjOi4jdH3x5lSj4IfT4n2HPEE0whEyp9gDzJ7zWB6n4GIGThPwAmVjsG5U0uqM6XKGG404vTK1ohnVCqwpuwdMbW_I9sZFy5RuC2Dl0A5RzDnTMlUB5aCSV36Jr5QADwcV8soendS4Hs8fqBE9jR3IbduHmod9ExiqNb9zBWRbSxMtMvmjPB8k7cyqVtrpAnW9ltl5aer19&cb=_clon2584rnvxovo78lba66&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietsub.me/
Cookie: UID=23020212599a2161962bf1444aaa07181097
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:59:28 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.78

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.78:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietsub.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 02 Feb 2023 17:45:20 GMT
expires: Thu, 02 Feb 2023 19:45:20 GMT
cache-control: public, max-age=7200
age: 848
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
284e0acee87ba87873d5f9c94957d295
e492bed9cca7b2d19f6f79946586f6fd39147bd9
808d74da41d1d4cd8c9007e1e3c0629aabc0faff4678dd4bde1855c7cf15ef83

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "808D74DA41D1D4CD8C9007E1E3C0629AABC0FAFF4678DD4BDE1855C7CF15EF83"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 02 Feb 2023 23:59:28 GMT
Date: Thu, 02 Feb 2023 17:59:28 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
6934eb69fffd66583abb85b6f82e6339
df048c186995edbf9bf75c777cd3158130ebe905
74b2379c4f899b779d3862351756898446905b54e41bb502fd04978373ed314b

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "74B2379C4F899B779D3862351756898446905B54E41BB502FD04978373ED314B"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21585
Expires: Thu, 02 Feb 2023 23:59:13 GMT
Date: Thu, 02 Feb 2023 17:59:28 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
6934eb69fffd66583abb85b6f82e6339
df048c186995edbf9bf75c777cd3158130ebe905
74b2379c4f899b779d3862351756898446905b54e41bb502fd04978373ed314b

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "74B2379C4F899B779D3862351756898446905B54E41BB502FD04978373ED314B"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21550
Expires: Thu, 02 Feb 2023 23:58:38 GMT
Date: Thu, 02 Feb 2023 17:59:28 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
6934eb69fffd66583abb85b6f82e6339
df048c186995edbf9bf75c777cd3158130ebe905
74b2379c4f899b779d3862351756898446905b54e41bb502fd04978373ed314b

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "74B2379C4F899B779D3862351756898446905B54E41BB502FD04978373ED314B"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21575
Expires: Thu, 02 Feb 2023 23:59:03 GMT
Date: Thu, 02 Feb 2023 17:59:28 GMT
Connection: keep-alive

hit1.club/images/slogan-lazy.png

188.114.96.1

200 OK

129 B

URL HTTP/2
hit1.club/images/slogan-lazy.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1170 x 155, 1-bit colormap, non-interlaced\012- data
Size
129 B (129 bytes)
Hash
27f84407bf1ad0f6c3db165673c3cac6
3c6379e318da6831dcb64c4f63e7ed69dc88a508
b830918f319cd17ca69a4271ed20a9555e013481471541f0795108765bfa39dc

HTTP Headers

GET /images/slogan-lazy.png HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: image/png
content-length: 129
last-modified: Thu, 22 Dec 2022 08:46:04 GMT
etag: "63a4194c-81"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3849
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uODTX7AQDA7VGlnkI15zFv2rRFNT4YXTOGGgNj66pa6cw2%2BnF0wRr87ADTl2jAEzr3nuvCBt%2Bd9qy5K2tafJQp7J3FiiRQtQt%2BqpfytFocY9iXrvR2prj2Xarps%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934d228de46b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

hit1.club/images/logo-lazy.png

188.114.96.1

200 OK

136 B

URL HTTP/2
hit1.club/images/logo-lazy.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 602 x 388, 1-bit colormap, non-interlaced\012- data
Size
136 B (136 bytes)
Hash
345bfedb6937de67a3e5939eb576b451
87bf873835a8b66318834b43e5cb3afdea2e3784
8a9930aff6d5088b41634199e993c52cddafb23ebc7f5ab5d347fa6c3f1f38cf

HTTP Headers

GET /images/logo-lazy.png HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: image/png
content-length: 136
last-modified: Thu, 22 Dec 2022 08:46:04 GMT
etag: "63a4194c-88"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3849
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yp0NVN42WV1VX%2BA%2BaLPzvBplmC0AnEdOQlzud24Y4KigqeQRMCzWCfg6B9q3VZiE5BqLJLSDfwKrsJydey8Dx0ZBfk3s%2F3wTqDOr%2BWdoeh5wam98jHmtVTo4tg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934d228de45b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

hit1.club/images/tab-dangky-full-lazy.png

188.114.96.1

200 OK

117 B

URL HTTP/2
hit1.club/images/tab-dangky-full-lazy.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 785 x 99, 1-bit colormap, non-interlaced\012- data
Size
117 B (117 bytes)
Hash
dbd78b8e74807d328d8336eed1655696
7bed3c8783e9f14e81762241d4ee19f3879fa376
3cae147a84de1564dc325ef9c439cfc00c74102820a82b5cb1c163011a645cc9

HTTP Headers

GET /images/tab-dangky-full-lazy.png HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: image/png
content-length: 117
last-modified: Mon, 16 Jan 2023 05:11:34 GMT
etag: "63c4dc86-75"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3849
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ls9p9l0eDDCIBrsPMNFJmdE9ScLtwmlg6N4101WNOVd%2B8oWoqsRAmLMU3yi5PICVbMpkiYArV%2BTRHMlnTiMwi%2BXx6m46A6rHAke8NbLYGl8WNLZviTu8PxxVPR0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934d228ee4db515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

hit1.club/images/slogan-mb-lazy.png

188.114.96.1

200 OK

128 B

URL HTTP/2
hit1.club/images/slogan-mb-lazy.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1086 x 155, 1-bit colormap, non-interlaced\012- data
Size
128 B (128 bytes)
Hash
c33c4fe72af6fbbd38e71484ff3545e1
c49a8fa656a30e9ea37476aecd93af5fa863b1ab
b54aa8ba0851f8d7ffa3c60a4b609851a616b4532f3b328621fb7be5de368ed1

HTTP Headers

GET /images/slogan-mb-lazy.png HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: image/png
content-length: 128
last-modified: Thu, 22 Dec 2022 08:46:04 GMT
etag: "63a4194c-80"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3849
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5E05p421DuNZzbXa8BeqEviLzlGeUL0mfXYP64KScKhY8%2FF02ymIaEdGFU%2B5DT6BOYBe9eXa3bgaSf0gSp0Up8k4B4m0vawDwI%2BuMtole%2Bp3%2B5VJ5SweRqVGxeU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934d228de4cb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

hit1.club/images/btn-lazy.png

188.114.96.1

200 OK

120 B

URL HTTP/2
hit1.club/images/btn-lazy.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 608 x 172, 1-bit colormap, non-interlaced\012- data
Size
120 B (120 bytes)
Hash
675ac894f2d4559daf40286843b6138d
cbbe36403453a4c4fdb35053f175c6d917f39c00
3eb50d684e6be6867aef9713bfcee4cea197f416e8c6542e527c1e5aacfbe65a

HTTP Headers

GET /images/btn-lazy.png HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: image/png
content-length: 120
last-modified: Thu, 22 Dec 2022 08:46:04 GMT
etag: "63a4194c-78"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3849
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDX%2FrfhRthBjTrTgGQmt2jDVhDR5TWYhThj3hhKYl%2Fv87CBLxgoY%2FEpafKiWF0ZIUYVwNc8f780Bv3nByud%2B%2BJLB%2BrcenXu4xACXw02QOsuhdMSbDdDtB2qBvvE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934d228ee51b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

hit1.club/images/btn-dl-lazy.png

188.114.96.1

200 OK

155 B

URL HTTP/2
hit1.club/images/btn-dl-lazy.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1022 x 383, 1-bit colormap, non-interlaced\012- data
Size
155 B (155 bytes)
Hash
6a5745d946048c112ed9396af9dddce5
18f4870cc197dfe8ba0e53f198bd2afeaed993d3
bcf1ae2c589de263cb71af6567b216fbeab958fe4fccd873d07c6482dd832dd5

HTTP Headers

GET /images/btn-dl-lazy.png HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: image/png
content-length: 155
last-modified: Thu, 22 Dec 2022 08:46:04 GMT
etag: "63a4194c-9b"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3849
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQq8pkzgwg2eNHQ615yXyGSB1oSrrRD7b%2B0QjXq3aJc9yOmxdi8p1K1BB%2BlRecuZq6o4HnUTVF9BMPF4IC1U4VGuJRuXgDui0TXPRIiyiIEvGG7nQLfe6A42CoE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934d228ee53b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

hit1.club/images/thumb-thank-lazy.png

188.114.96.1

200 OK

222 B

URL HTTP/2
hit1.club/images/thumb-thank-lazy.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1125 x 739, 1-bit colormap, non-interlaced\012- data
Size
222 B (222 bytes)
Hash
b9487ce9d01b25e1d2a21d01e3e722a4
d0a0f0cc6b3a9f44d954e45ffd66c0708d5c52e4
0115a4449d2869cb08969f83fc4f1efce5853853915b8896363e7f8ae7c66082

HTTP Headers

GET /images/thumb-thank-lazy.png HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: image/png
content-length: 222
last-modified: Thu, 22 Dec 2022 08:46:04 GMT
etag: "63a4194c-de"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3849
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWSXORmUhOXIYCDl93Ep8YUH0wgEUeCQ89%2Bhc%2FmOWsPY3EQLQXmoFHUvkdTIkp7xExWjaX49%2B0lQET1pgUPsvV03ms5MZNEfhgFmQudIH7DnYQMkIgleLsSVPyc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934d228ee55b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

hit1.club/images/btn-web-lazy.png

188.114.96.1

200 OK

132 B

URL HTTP/2
hit1.club/images/btn-web-lazy.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 929 x 214, 1-bit colormap, non-interlaced\012- data
Size
132 B (132 bytes)
Hash
265c48db8fe4addbc6c199a119d88e1e
7f029f8da68fe537cd587cd7fd78db29d573a7dc
cba264a3b36ba0c615f498f385c997795eab5cd943c44bec4030007e39bcc82c

HTTP Headers

GET /images/btn-web-lazy.png HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: image/png
content-length: 132
last-modified: Thu, 22 Dec 2022 08:46:04 GMT
etag: "63a4194c-84"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3849
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4VQRlSS51HXBjv%2Fc3YDkMvbLrljOdK7cTCM%2BB%2Bt63k2zH3sH19oQH39eP3b2s02Cki%2FzafD9IaXUcft0OFWNb5TeLJGQ8UsHqofrpEeRiIpJpdX6Rz6filqDTOw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934d228ee59b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

hit1.club/images/loading.gif

188.114.96.1

200 OK

1.6 kB

URL HTTP/2
hit1.club/images/loading.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 22 x 22\012- data
Size
1.6 kB (1635 bytes)
Hash
48ad2ddb9bf71b8673824232e0ecb0bc
f69bb75f7253646e94f14eb162097cacd62e3d66
5ade47c7bfe9cb00a16c8b4fa265aa07e8fa676f051e23d1d8a4fbfdb86fef1b

HTTP Headers

GET /images/loading.gif HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: image/gif
content-length: 1635
last-modified: Thu, 22 Dec 2022 08:46:04 GMT
etag: "63a4194c-663"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3849
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TqOeQbyaIL8XGjne22bSASgTDsdK5OqB5mRUgZrQcMT7D5WI%2Fj566YFAznkNlLOj5tf969heW8CNa76nxfV57Rgch5dqKVCjUE9S592T3BhFOJCqjkIeFG5zeig%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934d228ee60b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
6934eb69fffd66583abb85b6f82e6339
df048c186995edbf9bf75c777cd3158130ebe905
74b2379c4f899b779d3862351756898446905b54e41bb502fd04978373ed314b

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "74B2379C4F899B779D3862351756898446905B54E41BB502FD04978373ED314B"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21574
Expires: Thu, 02 Feb 2023 23:59:03 GMT
Date: Thu, 02 Feb 2023 17:59:29 GMT
Connection: keep-alive

hit1.club/images/adv-lazy.png

188.114.96.1

200 OK

502 B

URL HTTP/2
hit1.club/images/adv-lazy.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
502 B (502 bytes)
Hash
0156f711252312ca2c0faa0cd24b2dec
608f3aa96657b5ceb12856737b9c362d773776fe
623de47acfb000c14e411acf67949874997e51931075205ad71d800e4dad4821

HTTP Headers

GET /images/adv-lazy.png HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: image/png
content-length: 216
last-modified: Mon, 16 Jan 2023 05:11:34 GMT
etag: "63c4dc86-d8"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3849
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZEVszKOJPFxCr4o3uoLpBgT2M4zaoEe4Q5MzLaWHlWYHl6C3ATnMj6py3qh694lRVb%2FNQISSCTkiuCT%2BABd%2FMKdrvKyh9mFVz7jpdM4wDnNr4gwbAONAXFSOL8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934d228ee5ab515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

hit1.club/images/banner-lazy.png

188.114.96.1

200 OK

407 B

URL HTTP/2
hit1.club/images/banner-lazy.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
407 B (407 bytes)
Hash
508b4c0b372a54a460e4aa5053a8fa39
28bcf4a40ed8ed8f61b9728f023ba4d21c201dcc
d3616a924223068f84f7e5b3e70d9723e3b36c66cfb20bd5e09165e7aca7e662

HTTP Headers

GET /images/banner-lazy.png HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: image/png
content-length: 131
last-modified: Thu, 22 Dec 2022 08:46:04 GMT
etag: "63a4194c-83"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3849
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5sw4%2BCVkuGlGUV4h0ox4m4VVLi%2B82RcjZpkjZKK3PQcSBkIzZsPRcSGPypczLhKvMQ0fF7TayP7Juep9JrgtGjN7Wymp6Okb2Y%2FNJdmqqCIAZ1nPvW6chpfk6M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934d228ee62b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

hit1.club/build/style.min.css?v=1.1.1

188.114.96.1

200 OK

12 kB

URL HTTP/2
hit1.club/build/style.min.css?v=1.1.1
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (19301), with no line terminators
Size
12 kB (12031 bytes)
Hash
61b82cd2caf8b6a412606bfa3c81a9ec
fb89dabc2db8edcfa5b10b7e111af33e2af2acc2
86e185dbca59c58d57f595f7c1ab3466441e30209ca0a3d3bbd5298a3ebf2320

HTTP Headers

GET /build/style.min.css?v=1.1.1 HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: text/css
last-modified: Mon, 16 Jan 2023 06:43:00 GMT
etag: W/"63c4f1f4-4b65"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3849
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJ4JcUPNoDkn8VAGPmdaT%2FwtO3tr4YnNj8ftd558ABBCrfFfNpqkv4xawng2Svy98PWnLzQGvk559W%2F9x7qclx%2FyLHPhdpEV8TNtreeT%2FbhPNbKV90rHQcVwJ8s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934d228de44b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9110
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 17:59:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9110
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 17:59:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9110
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 17:59:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9110
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 17:59:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9110
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 17:59:29 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd8c5ba-bd1b-4dda-ae36-680f02b388f8.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd8c5ba-bd1b-4dda-ae36-680f02b388f8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10807 bytes)
Hash
b91a1323efe4b01a2d1a2e8485117934
43d04a554f6ef512e7b21ac09287efc0e4e5efee
393e3ab81aee9fda022d06c25789be66e56aaf56f81b0514ab5dfec445087bdf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd8c5ba-bd1b-4dda-ae36-680f02b388f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10807
x-amzn-requestid: 9fff89ce-35f7-4b09-b766-6e65b4586c10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ5PHm7oAMFdfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bd07-0ed090976c8a74542e225f4c;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FESYmaA4l_a_3Md_9_0DZyzRCVPPIujyejd6lAO0pWS2bfwLzUsjfA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 07:02:27 GMT
age: 39422
etag: "43d04a554f6ef512e7b21ac09287efc0e4e5efee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8642 bytes)
Hash
0f85742f336de59ca88f7f964a8b33f4
0fc7177f8cb06421a8807e93989f651bda743567
fbd5fd39c39c218b0fa956f8cb8050cbdbfcb109a92303f6175d73cc8c339526

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8642
x-amzn-requestid: 79840c68-3e99-428d-9c01-9e4a93a34486
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdUzH1-oAMFiwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc1e-5bb93c5126aaff474900da63;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Mc8C-oesi4njIn2K2f56GKuyt6erRJAqCU-B4InhTD8oIoqo4s5-Fg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:43 GMT
age: 70846
etag: "0fc7177f8cb06421a8807e93989f651bda743567"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9221 bytes)
Hash
df4a4906103a8f409c066b1cded71384
22847e3926db3e3d5f6b529297a4abe8b377c3a6
84a14b73b2cc7f4641eaa5539cbee0a109ae2b05cf88d06797a2b00c8d4f0c43

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9221
x-amzn-requestid: 209c2ad4-7a1f-4867-bf98-4ca8621111a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTBFv5IAMFgqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-1627a9d603c69f7760ad013b;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kAkcQOKAvuq3k-X081MLCqon-cnQJqGryVeE0fwX0a7bcXgJlySIvg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:12:07 GMT
age: 71242
etag: "22847e3926db3e3d5f6b529297a4abe8b377c3a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15857 bytes)
Hash
4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C1kqthy0eZop0UZfG3_op5xeBOVGiPLYfia4uS1l4-kchEzV6ccE9w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 07:28:37 GMT
age: 37852
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5561 bytes)
Hash
d910c24f5a6108cb74103cd70692a703
9fe648fa464e46d16f685aca1704f3414eda4107
5cbe5e571e62555225621440203ae24a3b8c41ac7f49b6b731bc2c94e620797f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5561
x-amzn-requestid: 76ca969b-a840-4d5c-97c1-2dfd93b8f630
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKYE3-IAMFqbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-2729fe22420bcc0563c39aff;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: E91BIw8QT3vXXQY8GIPpnRqnTZV4paZ3wynf7UjLnjeIfwS0tiC1Gg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:12:07 GMT
age: 71242
etag: "9fe648fa464e46d16f685aca1704f3414eda4107"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5356 bytes)
Hash
7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XyDZc0F-b0rxwoS5wvSXBuBfYE7JljMmuXseBjLOBk4HvxU5gE7Oqg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:55 GMT
age: 70834
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.livechatinc.com/tracking.js

23.36.79.16

200 OK

118 kB

URL HTTP/2
cdn.livechatinc.com/tracking.js
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (65449)
Size
118 kB (117527 bytes)
Hash
d58909b2217c87f4df3d5de2bcdcaa96
85b6b4911a24e08874a51e0692d42017563327ac
c5c61c871d27b3956b53892d8ee85b0f97902899d9596bb605312974819cb41d

HTTP Headers

GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Wed, 25 Jan 2023 08:47:12 GMT
x-amz-version-id: iNzmqDcn1iRKaLiTk37THrDgz9osPO8C
server: AmazonS3
content-encoding: br
etag: W/"29e075294399875f6fd4bdaa0f4a20e4"
vary: Accept-Encoding
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: qzl-0Ag5XGkDv_kWLbnI4JJvQy7icD_Dvire8pnIpy79iQNET2NH5w==
content-length: 26103
cache-control: max-age=28800
expires: Fri, 03 Feb 2023 01:59:30 GMT
date: Thu, 02 Feb 2023 17:59:30 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ede42358dbe8cf2e6b7e6a2653774d01
5dc8ca0b929f04fb15c7ff81d0a9decda023b7fb
8e841815d41c4ade06e328cb1ffb9be342640167ec6acb658f6b4b373e23a52a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4969
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:30 GMT
Last-Modified: Thu, 02 Feb 2023 16:36:41 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ede42358dbe8cf2e6b7e6a2653774d01
5dc8ca0b929f04fb15c7ff81d0a9decda023b7fb
8e841815d41c4ade06e328cb1ffb9be342640167ec6acb658f6b4b373e23a52a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5377
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:30 GMT
Last-Modified: Thu, 02 Feb 2023 16:29:53 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ede42358dbe8cf2e6b7e6a2653774d01
5dc8ca0b929f04fb15c7ff81d0a9decda023b7fb
8e841815d41c4ade06e328cb1ffb9be342640167ec6acb658f6b4b373e23a52a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4969
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:30 GMT
Last-Modified: Thu, 02 Feb 2023 16:36:41 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

hit1.club/?a=a_bc661f6ebb4a1ff874b371184be3d9ec&utm_source=sexvccxyz&utm_medium=m-preload-300x250&utm_campaign=cpd-s

188.114.96.1

200 OK

4.3 kB

URL HTTP/2
hit1.club/?a=a_bc661f6ebb4a1ff874b371184be3d9ec&utm_source=sexvccxyz&utm_medium=m-preload-300x250&utm_campaign=cpd-s
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (307)
Size
4.3 kB (4295 bytes)
Hash
86c123b6c3402f58b9c6e231ebce5b47
3c4d059ff3664ac8c540a939294e2217ab576619
0d0baa88887e4803118906bd7cff511a6133bfde9e9cca2053fee3d2b7db5220

HTTP Headers

GET /?a=a_bc661f6ebb4a1ff874b371184be3d9ec&utm_source=sexvccxyz&utm_medium=m-preload-300x250&utm_campaign=cpd-s HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.vietsub.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.1.13
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8lFV6cRaCfQwPByRp%2FKhlBT0DijRRB15XCC%2BXUs79cglD%2BPjNIwU%2ByrfBz%2Fn5Hja2v5z75Vy%2FUYMoEdjWSJNgyqSRsy7N5hdWwsddZOW3iOHNAjv1dwVMUM%2BrYY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d225b999b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

28 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
28 kB (27843 bytes)
Hash
dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: NqZan+mDFwEYnZDiSxnCwOEAhYqZ+EXiShuVlidKrH2lZbMiZ4wwBaTO1GJxSeRVmpaKrRyira8dvuv6FuhD/w==
content-length: 27843
x-fb-trip-id: 1904183273
date: Thu, 02 Feb 2023 17:59:30 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ede42358dbe8cf2e6b7e6a2653774d01
5dc8ca0b929f04fb15c7ff81d0a9decda023b7fb
8e841815d41c4ade06e328cb1ffb9be342640167ec6acb658f6b4b373e23a52a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4969
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:30 GMT
Last-Modified: Thu, 02 Feb 2023 16:36:41 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

hit1.club/?a=a_e866d7f5c0e9883ad4f912365cdd9d38&utm_source=sexsubtv&utm_medium=m-popunder&utm_campaign=cpd-s

188.114.96.1

200 OK

47 kB

URL HTTP/2
hit1.club/?a=a_e866d7f5c0e9883ad4f912365cdd9d38&utm_source=sexsubtv&utm_medium=m-popunder&utm_campaign=cpd-s
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (307)
Size
47 kB (47280 bytes)
Hash
f6067b1b9c64d5dfe288b89ba72e5f63
5e7a9c38e6ffcac9b100ad264ae9325f3d4db841
d2db5c48af089986eaa36519709f979b8fb85a10893544cb1c320ce19a11c9d0

HTTP Headers

GET /?a=a_e866d7f5c0e9883ad4f912365cdd9d38&utm_source=sexsubtv&utm_medium=m-popunder&utm_campaign=cpd-s HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.vietsub.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.1.13
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPk%2B3gXTxRx4Ff8%2B7LYn4YwWtH53Qdv4Q4%2Fp2JlaR3J0S5QJn7d5jzSVpR1X%2BUYS3FRMZWTUDGNEze10Ou3MQOavAINO0Vq6uW2sBvECA%2FjohBjjPEZ2mB51h9Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d225b9a8b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_e866d7f5c0e9883ad4f912365cdd9d38%26utm_source%3Dsexsubtv%26utm_medium%3Dm-popunder%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__kmauav5s6jr

23.36.79.16

200 OK

271 B

URL HTTP/2
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_e866d7f5c0e9883ad4f912365cdd9d38%26utm_source%3Dsexsubtv%26utm_medium%3Dm-popunder%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__kmauav5s6jr
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with no line terminators
Size
271 B (271 bytes)
Hash
7cdfa0eeab460b7e84f520624ab08c37
7c419601f9dacb0ce139728a17e915471b6ca871
f7db1a701ca0b2eabda2d8ab2bedfdc098183ea0d02a89648f37e5cd41807ec3

HTTP Headers

GET /v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_e866d7f5c0e9883ad4f912365cdd9d38%26utm_source%3Dsexsubtv%26utm_medium%3Dm-popunder%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__kmauav5s6jr HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-security-policy: frame-ancestors ;
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from
content-length: 271
date: Thu, 02 Feb 2023 17:59:30 GMT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
1c9bbac59fbc0981fde7af5c05295f77
3d160bb99415b4bdbb1d1f185bb46dbb1ace0d93
f7e63159b009854fc525e18f739198daf640b446aae76c027fce22d710ce9b16

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:30 GMT
Server: ECS (amb/6BA4)
Content-Length: 279

api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=14863323&version=101.6.6.88.166.104.50.7.1.131.1.2.412&group_id=1&jsonp=__lc_static_config

23.36.79.16

200 OK

1.6 kB

URL HTTP/2
api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=14863323&version=101.6.6.88.166.104.50.7.1.131.1.2.412&group_id=1&jsonp=__lc_static_config
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (3941), with no line terminators
Size
1.6 kB (1577 bytes)
Hash
2bb10d46526006fd95adfe381df98b85
0a36f2aea88b9af47c361fc0638e07ccd44bc057
9d05b9df397569a282b1db15ee69f349793ef6c1728ce468398d565d26546cb2

HTTP Headers

GET /v3.3/customer/action/get_configuration?license_id=14863323&version=101.6.6.88.166.104.50.7.1.131.1.2.412&group_id=1&jsonp=__lc_static_config HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 1577
cache-control: public, max-age=600
expires: Thu, 02 Feb 2023 18:09:30 GMT
date: Thu, 02 Feb 2023 17:59:30 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/Aec17uIGqak

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/Aec17uIGqak
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a04b444e2ab6a4f28fe042f926e5ff54
6370d7e693b1936a49d95b24b0074981b5b0ae03
5f98a26b965c14d6d71f6e216eaba1d4b83b9c344c1caaf7c9a5e36138da5ea1

HTTP Headers

POST /s/gts1p5/Aec17uIGqak HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1p5/Aec17uIGqak

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/Aec17uIGqak
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a04b444e2ab6a4f28fe042f926e5ff54
6370d7e693b1936a49d95b24b0074981b5b0ae03
5f98a26b965c14d6d71f6e216eaba1d4b83b9c344c1caaf7c9a5e36138da5ea1

HTTP Headers

POST /s/gts1p5/Aec17uIGqak HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1p5/Aec17uIGqak

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/Aec17uIGqak
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a04b444e2ab6a4f28fe042f926e5ff54
6370d7e693b1936a49d95b24b0074981b5b0ae03
5f98a26b965c14d6d71f6e216eaba1d4b83b9c344c1caaf7c9a5e36138da5ea1

HTTP Headers

POST /s/gts1p5/Aec17uIGqak HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
1c9bbac59fbc0981fde7af5c05295f77
3d160bb99415b4bdbb1d1f185bb46dbb1ace0d93
f7e63159b009854fc525e18f739198daf640b446aae76c027fce22d710ce9b16

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:30 GMT
Server: ECS (amb/6BB7)
Content-Length: 279

ocsp.pki.goog/s/gts1p5/Aec17uIGqak

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/Aec17uIGqak
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a04b444e2ab6a4f28fe042f926e5ff54
6370d7e693b1936a49d95b24b0074981b5b0ae03
5f98a26b965c14d6d71f6e216eaba1d4b83b9c344c1caaf7c9a5e36138da5ea1

HTTP Headers

POST /s/gts1p5/Aec17uIGqak HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_bc661f6ebb4a1ff874b371184be3d9ec%26utm_source%3Dsexvccxyz%26utm_medium%3Dm-preload-300x250%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__ksmch7l7i59

23.36.79.16

200 OK

271 B

URL HTTP/2
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_bc661f6ebb4a1ff874b371184be3d9ec%26utm_source%3Dsexvccxyz%26utm_medium%3Dm-preload-300x250%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__ksmch7l7i59
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with no line terminators
Size
271 B (271 bytes)
Hash
7b02da7920f84b8978eca617c4eea7b3
4d3f399ea700e021c3cee46252caec19e29ac826
3489efb2f261ca039ee679dedaf5016a34cdebe453162c9ba4975e5cdb3a4139

HTTP Headers

GET /v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_bc661f6ebb4a1ff874b371184be3d9ec%26utm_source%3Dsexvccxyz%26utm_medium%3Dm-preload-300x250%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__ksmch7l7i59 HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-security-policy: frame-ancestors ;
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from
content-length: 271
date: Thu, 02 Feb 2023 17:59:30 GMT
X-Firefox-Spdy: h2

api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_d21b05784909e2017486d731c84fcdd7%26utm_source%3Dsexvccxyz%26utm_medium%3Dm-popunder%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__y83ryptv4g

23.36.79.16

200 OK

270 B

URL HTTP/2
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_d21b05784909e2017486d731c84fcdd7%26utm_source%3Dsexvccxyz%26utm_medium%3Dm-popunder%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__y83ryptv4g
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with no line terminators
Size
270 B (270 bytes)
Hash
e9c3f82bfed9a9e5f3a545e617005e88
d757e1408bbe7d25b9fb45e342413d9189835d0d
52f58d3ee2986f80f1b0791a17b8aa94bf2b11a17c55404222fcccb90b83ab08

HTTP Headers

GET /v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_d21b05784909e2017486d731c84fcdd7%26utm_source%3Dsexvccxyz%26utm_medium%3Dm-popunder%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__y83ryptv4g HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-security-policy: frame-ancestors ;
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from
content-length: 270
date: Thu, 02 Feb 2023 17:59:30 GMT
X-Firefox-Spdy: h2

api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_ddbd5847e4eaeb4a2b594e1c92dafc6d%26utm_source%3Dsexsubtv%26utm_medium%3Dm-preload-300x250%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__sprwql1d2xo

23.36.79.16

200 OK

271 B

URL HTTP/2
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_ddbd5847e4eaeb4a2b594e1c92dafc6d%26utm_source%3Dsexsubtv%26utm_medium%3Dm-preload-300x250%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__sprwql1d2xo
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with no line terminators
Size
271 B (271 bytes)
Hash
e5397c6d2f3f7a2560fe3244fb4df5d0
2093cb0f2511f46e2ab39f0766bcaad14100794b
af64671d33c4b878284c2d6a1d411ca4e7c1874dfd5050e6fc647ca06e91a92e

HTTP Headers

GET /v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_ddbd5847e4eaeb4a2b594e1c92dafc6d%26utm_source%3Dsexsubtv%26utm_medium%3Dm-preload-300x250%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__sprwql1d2xo HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-security-policy: frame-ancestors ;
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from
content-length: 271
date: Thu, 02 Feb 2023 17:59:30 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/Aec17uIGqak

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/Aec17uIGqak
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a04b444e2ab6a4f28fe042f926e5ff54
6370d7e693b1936a49d95b24b0074981b5b0ae03
5f98a26b965c14d6d71f6e216eaba1d4b83b9c344c1caaf7c9a5e36138da5ea1

HTTP Headers

POST /s/gts1p5/Aec17uIGqak HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
1c9bbac59fbc0981fde7af5c05295f77
3d160bb99415b4bdbb1d1f185bb46dbb1ace0d93
f7e63159b009854fc525e18f739198daf640b446aae76c027fce22d710ce9b16

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:30 GMT
Server: ECS (amb/6B7E)
Content-Length: 279

ocsp.pki.goog/s/gts1p5/Aec17uIGqak

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/Aec17uIGqak
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a04b444e2ab6a4f28fe042f926e5ff54
6370d7e693b1936a49d95b24b0074981b5b0ae03
5f98a26b965c14d6d71f6e216eaba1d4b83b9c344c1caaf7c9a5e36138da5ea1

HTTP Headers

POST /s/gts1p5/Aec17uIGqak HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

apilp-gateway.gzbtdzprof.club/sw/collect?aff_id=a_bc661f6ebb4a1ff874b371184be3d9ec

172.67.157.151

200 OK

0 B

URL HTTP/2
apilp-gateway.gzbtdzprof.club/sw/collect?aff_id=a_bc661f6ebb4a1ff874b371184be3d9ec
IP
172.67.157.151:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sw/collect?aff_id=a_bc661f6ebb4a1ff874b371184be3d9ec HTTP/1.1
Host: apilp-gateway.gzbtdzprof.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hit1.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:30 GMT
content-type: application/json; charset=utf-8
x-execution-time: 0.224 ms
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sD9CXjUnFskD%2F7gCCpUNYa30Fop5JBDoD%2FdWDD8UmbSTB9bi%2Fg7HfmrIehiUSNKVY2b5Wbg%2BGFOKEyKwA31Lq%2FEzo%2BDRVwVSTMjRWjJOx%2BHWpTucM3CpfFtRNTeM0zNLZSJ1YUt5KOaNBsJxerM2oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d22f1ebdb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api4.trakipsg.net/sw/collect?aff_id=a_e866d7f5c0e9883ad4f912365cdd9d38

104.21.57.166

200 OK

0 B

URL HTTP/2
api4.trakipsg.net/sw/collect?aff_id=a_e866d7f5c0e9883ad4f912365cdd9d38
IP
104.21.57.166:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sw/collect?aff_id=a_e866d7f5c0e9883ad4f912365cdd9d38 HTTP/1.1
Host: api4.trakipsg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hit1.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:30 GMT
content-type: application/json; charset=utf-8
x-execution-time: 0.24 ms
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cS%2FNoDSX%2FcbGvod0Jckk6tvXo9I40exj9AveRM%2BObM7VO2Ap8C7fFQIxrwRDN1a7qKw4nnpjS%2BILTuDTHVVlOSaVG1epDL3Efxo7HlEKNQg7jsbkSxyyldnBYDyE%2BYN1KVNNSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d2300b28b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

vietsub.me/

188.114.96.1

200 OK

0 B

URL HTTP/2
vietsub.me/
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: vietsub.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=jd6nsvne27s2hrqa8j1d7uknl7; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxDvTSwCtSlu9Wi5zY7o5gyNpIzNiIG0Am3wgRoDETouk5i4WAE92Ez8mygPW%2FWh111x5indLPmi%2FxvrIUAKHy7ZgKRWKXPrtG5iPknY%2F%2BsgDiGI8e01DNZ6GuZa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d21b2d530b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

hit1.club/vendor/bootstrap/css/bootstrap.min.css

188.114.96.1

200 OK

0 B

URL HTTP/2
hit1.club/vendor/bootstrap/css/bootstrap.min.css
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /vendor/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: text/css
last-modified: Thu, 22 Dec 2022 08:46:04 GMT
etag: W/"63a4194c-2565e"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3849
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMvHlrzlFKF1JPj84B9WptbPBL%2FKcOR%2Fc42Ph00EZsFP1q6S9slN6Mf3%2BMlYEWiIT%2FM7zQtNuLWqMgMfz3RpNzs%2BlMy3Qjpasfb4wkSAg3GdcBYgYMTIHHTdTMU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934d228de37b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

apilp-gateway.gzbtdzprof.club/sw/collect?aff_id=a_ddbd5847e4eaeb4a2b594e1c92dafc6d

172.67.157.151

200 OK

0 B

URL HTTP/2
apilp-gateway.gzbtdzprof.club/sw/collect?aff_id=a_ddbd5847e4eaeb4a2b594e1c92dafc6d
IP
172.67.157.151:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sw/collect?aff_id=a_ddbd5847e4eaeb4a2b594e1c92dafc6d HTTP/1.1
Host: apilp-gateway.gzbtdzprof.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hit1.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:30 GMT
content-type: application/json; charset=utf-8
x-execution-time: 1.847 ms
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42qm6Jk3kERjBu4nhH3Dg5r51km5%2BqCePXgUHvv62%2Fcy2G7q70QLvq%2Bm8OiMwH%2Fu2f3XwzQW41nMTxnRiODOWSweQ9PtGvf6jHjpvOr9tHzBthABwtfFAhofPz%2BEMqS%2BxAfy1%2BbDmU2XGoKhcWl4KA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d22f0eb5b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

qgxbluhsgad.com/t/9/fret/meow4/1957518/eaf3c389.js

62.122.171.6

200 OK

0 B

URL HTTP/2
qgxbluhsgad.com/t/9/fret/meow4/1957518/eaf3c389.js
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /t/9/fret/meow4/1957518/eaf3c389.js HTTP/1.1
Host: qgxbluhsgad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietsub.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:59:27 GMT
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 12:41:59 GMT
vary: Accept-Encoding
etag: W/"63d90c97-1213d"
x-js-ab1: var4
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

api6.trakipsg.net/sw/collect?aff_id=a_e866d7f5c0e9883ad4f912365cdd9d38

104.21.57.166

200 OK

0 B

URL HTTP/2
api6.trakipsg.net/sw/collect?aff_id=a_e866d7f5c0e9883ad4f912365cdd9d38
IP
104.21.57.166:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sw/collect?aff_id=a_e866d7f5c0e9883ad4f912365cdd9d38 HTTP/1.1
Host: api6.trakipsg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hit1.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:30 GMT
content-type: application/json; charset=utf-8
x-execution-time: 0.26 ms
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FqBhbcvVksZQVx7um497crUJACBvXrnv6q0yBC6GJwOAAoZalZIGakcnU3drp9nFEOSP9p6y3480KAT3biyEjRfIJGH1ci5Vn6wNucxd8Lrq4iy6j8KcH%2BNPuZFR8xWpjxCeVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d22ffb25b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api6.trakipsg.net/sw/collect?aff_id=a_ddbd5847e4eaeb4a2b594e1c92dafc6d

104.21.57.166

200 OK

0 B

URL HTTP/2
api6.trakipsg.net/sw/collect?aff_id=a_ddbd5847e4eaeb4a2b594e1c92dafc6d
IP
104.21.57.166:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sw/collect?aff_id=a_ddbd5847e4eaeb4a2b594e1c92dafc6d HTTP/1.1
Host: api6.trakipsg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hit1.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:31 GMT
content-type: application/json; charset=utf-8
x-execution-time: 0.305 ms
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgfwxxtOcrdePJOsD2ctBYonEA6XGOscYPgwCyCEBF4UG7ok4vTIW74M1aNdK8g34fYa1vbYL%2F%2BIJJJhBoHqcys0ePmp0WNlEr2z6ycCUo9%2BTyoqBJbN5pZ%2BunSgIeYdAyLQ8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d2306ba7b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api4.trakipsg.net/sw/collect?aff_id=a_d21b05784909e2017486d731c84fcdd7

104.21.57.166

200 OK

0 B

URL HTTP/2
api4.trakipsg.net/sw/collect?aff_id=a_d21b05784909e2017486d731c84fcdd7
IP
104.21.57.166:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sw/collect?aff_id=a_d21b05784909e2017486d731c84fcdd7 HTTP/1.1
Host: api4.trakipsg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hit1.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:30 GMT
content-type: application/json; charset=utf-8
x-execution-time: 0.285 ms
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yVcRyUZfhjFdODM5a0dz3VjhL1fEhdwrt6A7nbLTnanyF484WDGM5DYfVobFQlwH9ce8IhDnWg6MbH9gmutPQ3GZA6idB7g6OhIGHTzGNl1EHTWatepe6Pt8upGpsmeH3pJeZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d22fdaf1b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api4.trakipsg.net/sw/collect?aff_id=a_bc661f6ebb4a1ff874b371184be3d9ec

104.21.57.166

200 OK

0 B

URL HTTP/2
api4.trakipsg.net/sw/collect?aff_id=a_bc661f6ebb4a1ff874b371184be3d9ec
IP
104.21.57.166:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sw/collect?aff_id=a_bc661f6ebb4a1ff874b371184be3d9ec HTTP/1.1
Host: api4.trakipsg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hit1.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:30 GMT
content-type: application/json; charset=utf-8
x-execution-time: 0.282 ms
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8UUjGxREdfHnoQGaWVGgaO1bK11CfuIS3RXzBlbXeFOOC9988DCEVRBrhgEP2OZZsLaM3eb%2FixyWujTrsJXpPIf41MpjIyFN1h5JxyScIH9uMMnQkXdjvoN9vmrPHBNInLhunw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d22fdafdb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api6.trakipsg.net/sw/collect?aff_id=a_bc661f6ebb4a1ff874b371184be3d9ec

104.21.57.166

200 OK

0 B

URL HTTP/2
api6.trakipsg.net/sw/collect?aff_id=a_bc661f6ebb4a1ff874b371184be3d9ec
IP
104.21.57.166:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sw/collect?aff_id=a_bc661f6ebb4a1ff874b371184be3d9ec HTTP/1.1
Host: api6.trakipsg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hit1.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:31 GMT
content-type: application/json; charset=utf-8
x-execution-time: 0.223 ms
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5QGe57IH0tMXP48tiqmlA1jcTY7WKKaWGq%2BFKQkp2Ht8z9UltwPbbYuzNnqg3cyde%2Bizr2iSLif5qOnefa54TaxFxCuFEW9O%2FRANXQNpGaRj3b3pT6ty2zBbSi2YPu0%2BWWzuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d22feb04b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api4.trakipsg.net/sw/collect?aff_id=a_ddbd5847e4eaeb4a2b594e1c92dafc6d

104.21.57.166

200 OK

0 B

URL HTTP/2
api4.trakipsg.net/sw/collect?aff_id=a_ddbd5847e4eaeb4a2b594e1c92dafc6d
IP
104.21.57.166:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sw/collect?aff_id=a_ddbd5847e4eaeb4a2b594e1c92dafc6d HTTP/1.1
Host: api4.trakipsg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hit1.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:31 GMT
content-type: application/json; charset=utf-8
x-execution-time: 0.335 ms
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4f9y7P5PDTPzaelq3xQlGFFC2Gi%2B0Z%2FTltUGLI0BQck%2Bf1frZgjRag26Wrr1AetZh9jfgh5skyRvKc3PseyNU0FgpSRhu%2Bzxqirg37wpGsbP5WUtK3YoRwNSlVLDZYPKDqqAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d22fcaeeb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

qgxbluhsgad.com/get/1957518?zoneid=1957518&jp=_cl54sshtu2y07wlvbpxagg&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=391271421828285

62.122.171.6

200 OK

0 B

URL HTTP/2
qgxbluhsgad.com/get/1957518?zoneid=1957518&jp=_cl54sshtu2y07wlvbpxagg&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=391271421828285
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /get/1957518?zoneid=1957518&jp=_cl54sshtu2y07wlvbpxagg&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=391271421828285 HTTP/1.1
Host: qgxbluhsgad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietsub.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:59:28 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=23020212591e1f7dd6934a4a3c93495812df; Path=/; Expires=Fri, 02 Feb 2024 17:59:28 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

hit1.club/?a=a_ddbd5847e4eaeb4a2b594e1c92dafc6d&utm_source=sexsubtv&utm_medium=m-preload-300x250&utm_campaign=cpd-s

188.114.96.1

200 OK

0 B

URL HTTP/2
hit1.club/?a=a_ddbd5847e4eaeb4a2b594e1c92dafc6d&utm_source=sexsubtv&utm_medium=m-preload-300x250&utm_campaign=cpd-s
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?a=a_ddbd5847e4eaeb4a2b594e1c92dafc6d&utm_source=sexsubtv&utm_medium=m-preload-300x250&utm_campaign=cpd-s HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.vietsub.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.1.13
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MM2AGXav0j4VxhP%2FIukXWuEaLpwVWpmFxi467Y%2FXMYlyJn3iBVTnwDNE1rpq5J9uIaEQN%2B6d0%2BkzEAm3Grst5O9h3NQcRE1C2mBpYme9baIp1DZm8G4baOIAass%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d2259977b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

hit1.club/vendor/fontawesome-free/css/all.min.css

188.114.96.1

200 OK

0 B

URL HTTP/2
hit1.club/vendor/fontawesome-free/css/all.min.css
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /vendor/fontawesome-free/css/all.min.css HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: text/css
last-modified: Thu, 22 Dec 2022 08:46:04 GMT
etag: W/"63a4194c-da9f"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3849
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Q4uujBileRvNVOoiLQhQ7av0d2%2FHacpCRYliQ18roDJ0qOPatPdKFYqmiB5FzY4W7Yx6NnpDkqrqnLRIEGG5qYpo7PYCX9cxzHp%2BwVPxtYT1kR4v5n7J%2BC%2F10E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934d228de39b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

hit1.club/?a=a_d21b05784909e2017486d731c84fcdd7&utm_source=sexvccxyz&utm_medium=m-popunder&utm_campaign=cpd-s

188.114.96.1

200 OK

0 B

URL HTTP/2
hit1.club/?a=a_d21b05784909e2017486d731c84fcdd7&utm_source=sexvccxyz&utm_medium=m-popunder&utm_campaign=cpd-s
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?a=a_d21b05784909e2017486d731c84fcdd7&utm_source=sexvccxyz&utm_medium=m-popunder&utm_campaign=cpd-s HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.vietsub.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.1.13
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHFKu0ZLQZ4vKCEHV23bHAJ9hNJMIjYVxw0sNMgzptYVdK9BZSEmzpIKEuoI0ur7qhDKtyl%2FQOZ3C45mlYjlflX1U986bJMRk5zGLdbVchJUi%2FQdx1qoqovq82M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d225a996b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

apilp-gateway.gzbtdzprof.club/sw/collect?aff_id=a_e866d7f5c0e9883ad4f912365cdd9d38

172.67.157.151

200 OK

0 B

URL HTTP/2
apilp-gateway.gzbtdzprof.club/sw/collect?aff_id=a_e866d7f5c0e9883ad4f912365cdd9d38
IP
172.67.157.151:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sw/collect?aff_id=a_e866d7f5c0e9883ad4f912365cdd9d38 HTTP/1.1
Host: apilp-gateway.gzbtdzprof.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hit1.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:31 GMT
content-type: application/json; charset=utf-8
x-execution-time: 0.249 ms
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t9WCpo8Hu9QtyJ94aC062xofGem6smz%2FXddRDRSCxc6oZZQzohzzki69XTdlH6cU6brImBD5S39uK5UiQP7xPqGZWHE7K8SLRaGk6gk4u0SbDhR8B8P1hUs710zDATM%2F%2B9SAa1EAnA149Fxg2xCa7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d23038adb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (42)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML