vietsub.me/
188.114.97.1301 Moved Permanently 0 B IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: vietsub.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 17:59:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 02 Feb 2023 18:59:26 GMT
Location: https://vietsub.me/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AExCY0GeYwI4%2Bn%2BbijmtKO%2FVM%2BQKRURbPYneUvpPqRbvAhgKT11GSynAetjL1u9Bbayc4%2FqTf9IWh9WHhV6ESegWP2gZ56Yktse7WDJWrRUaKkbqYIVy2UmCyRYE"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7934d2197d92b4f3-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6355
Expires: Thu, 02 Feb 2023 19:45:22 GMT
Date: Thu, 02 Feb 2023 17:59:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4814
Expires: Thu, 02 Feb 2023 19:19:41 GMT
Date: Thu, 02 Feb 2023 17:59:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4341
Expires: Thu, 02 Feb 2023 19:11:48 GMT
Date: Thu, 02 Feb 2023 17:59:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 17:43:31 GMT
content-type: application/json
age: 956
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 24k91+FHIOPCwwMEDhJTcMU/wa3Teazl7nUR+64bsp0k4TBI46wo1CQqaXTkrqe7tFA8RmBunD/9YvLbI+WxcQ==
x-amz-request-id: QEGJBYCAG2F6WN0Y
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 17:23:12 GMT
age: 2175
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:59:27 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.24.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietsub.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:27 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 587803
expires: Tue, 23 Jan 2024 17:59:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uTbJTSl1kXs6K2NgEOT8txrSDNROp6PuBZ1Ll9OcU8A2DkBaEFLCuEd%2BzObJZRKUS67xqK6pfBtmiV6kcSULF6QH5QrGZnWAWkFDt%2Bal6Mdl%2BMs4UI0AL7AN3zfzrc622fzaoe2e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7934d21d6e3bb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-141678041-1
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-141678041-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (1759)
Hash d67dff0fa03fe8aa8ace4c0e75727f69
9e671114d35de464a3ad7a33214a31f93e796d23
0cd08514c39782cd4fc997803d65ee3c16605a471ad2f582b965eb7b38f4dbad
GET /gtag/js?id=UA-141678041-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietsub.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 02 Feb 2023 17:59:27 GMT
expires: Thu, 02 Feb 2023 17:59:27 GMT
cache-control: private, max-age=900
last-modified: Thu, 02 Feb 2023 17:04:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43950
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9148
Expires: Thu, 02 Feb 2023 20:31:55 GMT
Date: Thu, 02 Feb 2023 17:59:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 17:07:19 GMT
age: 3128
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans
142.250.74.106200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans
IP 142.250.74.106:0
Hash bd1189eb2a37eeeef4efb36be6c7292d
842cbe8053c69975829efb9ac33218e478ce8c4f
3100d00982e9b3d484c4345639a23316f08a88ea7ae3401562a80b0375eb5ff0
GET /css?family=Open+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietsub.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Feb 2023 17:59:27 GMT
date: Thu, 02 Feb 2023 17:59:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
qgxbluhsgad.com/solid.gif?z=1957518&abvar=4
62.122.171.6200 OK 43 B URL HTTP/2 qgxbluhsgad.com/solid.gif?z=1957518&abvar=4
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
POST /solid.gif?z=1957518&abvar=4 HTTP/1.1
Host: qgxbluhsgad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vietsub.me
Connection: keep-alive
Referer: https://vietsub.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:59:28 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
104.17.24.14200 OK 77 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 104.17.24.14:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vietsub.me
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:28 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 668698
expires: Tue, 23 Jan 2024 17:59:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6Tm1PkqkQ0kwPsU65UbGguFhyBVAtP7hsjQ3NLicXYhRiuyhQMoOq7EHqLoq8MSCi119yGUJeetaxtXH1I7x1rIhpVvhDsjvC3JzogS4xsk%2BqsczdDgUneu1CJocksVzgVBIBcP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7934d2207e44b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
34.223.234.225101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.223.234.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0JwveJJ0cav6joJk39jujg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IKONfOkVf6U23VaZlT0Z7RouUDE=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2
142.250.74.67200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 12972, version 1.0\012- data
Hash f155ae6c5a655f05edb86445bd7e8d76
23115e9e59853e36044ae725d809759b7e8fa5f2
140ef34d138412106d0dc0bf060ba49acf6eaa6610c5bab642b182ddd0d68c8a
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vietsub.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12972
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 02:06:31 GMT
expires: Sat, 27 Jan 2024 02:06:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:15:57 GMT
content-type: font/woff2
age: 575577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
142.250.74.67200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vietsub.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:44:37 GMT
expires: Fri, 02 Feb 2024 00:44:37 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
age: 62091
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVIGxA.woff2
142.250.74.67200 OK 7.1 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVIGxA.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 7136, version 1.0\012- data
Hash c01023539039aee9c88104f9dafcc26c
2035b78a91b36409ce7ac5609bbf7e962127d307
628293787399254217cbac6ee79dee0b2be51b66354fd05a3b79846a28533b46
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVIGxA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vietsub.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7136
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 10:05:13 GMT
expires: Sat, 27 Jan 2024 10:05:13 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:26:34 GMT
content-type: font/woff2
age: 546855
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
limurol.com/ssp/req/1957518/?pb=714114c6e586a337237bf3a5497fb7381675367968&psp=K3Q5-W5tOqVTAwPIU-8oRifFaSJ0TWI42CTY2Jgif4MumTe1FUvzYpdDvRjBaxcoR5kSZpdjrKqk9UmyhdwOKZmoX4ZwdVJz-ltPVjqTGkTYeFvgSuQwSsMv59q00CBv9p1D3URkcvtiICDLtEy5zFk1z89UvNN_C9HGxmhThB6r6ccwucrMfelGnVjQmId_f1ADsPNoK35Ar0j05w-T0Tv91TdqB8iRIO7CFc75ogxV7bG9x8es7uysGDJBDjDW-GlVWtOTraADfy9T-bcjdR6a5G9f6UfPWMHBCd1JZGvLXpMWUtLEq7ZETmrwGzU5S6nd87d2UX3MiYj5TO_2VGHyuE1YYDBCMKDCiN1cii8jWqTiV5Q_N5ShvBn1ejTWKyYCiSve-qc1DIy8gJXbYYSI2KFD5Rhng8yh_t4pJprIsYKL583OuJjWM5mse_WYU4pa88nWPjjOi4jdH3x5lSj4IfT4n2HPEE0whEyp9gDzJ7zWB6n4GIGThPwAmVjsG5U0uqM6XKGG404vTK1ohnVCqwpuwdMbW_I9sZFy5RuC2Dl0A5RzDnTMlUB5aCSV36Jr5QADwcV8soendS4Hs8fqBE9jR3IbduHmod9ExiqNb9zBWRbSxMtMvmjPB8k7cyqVtrpAnW9ltl5aer19&cb=_clon2584rnvxovo78lba66&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1957518/?pb=714114c6e586a337237bf3a5497fb7381675367968&psp=K3Q5-W5tOqVTAwPIU-8oRifFaSJ0TWI42CTY2Jgif4MumTe1FUvzYpdDvRjBaxcoR5kSZpdjrKqk9UmyhdwOKZmoX4ZwdVJz-ltPVjqTGkTYeFvgSuQwSsMv59q00CBv9p1D3URkcvtiICDLtEy5zFk1z89UvNN_C9HGxmhThB6r6ccwucrMfelGnVjQmId_f1ADsPNoK35Ar0j05w-T0Tv91TdqB8iRIO7CFc75ogxV7bG9x8es7uysGDJBDjDW-GlVWtOTraADfy9T-bcjdR6a5G9f6UfPWMHBCd1JZGvLXpMWUtLEq7ZETmrwGzU5S6nd87d2UX3MiYj5TO_2VGHyuE1YYDBCMKDCiN1cii8jWqTiV5Q_N5ShvBn1ejTWKyYCiSve-qc1DIy8gJXbYYSI2KFD5Rhng8yh_t4pJprIsYKL583OuJjWM5mse_WYU4pa88nWPjjOi4jdH3x5lSj4IfT4n2HPEE0whEyp9gDzJ7zWB6n4GIGThPwAmVjsG5U0uqM6XKGG404vTK1ohnVCqwpuwdMbW_I9sZFy5RuC2Dl0A5RzDnTMlUB5aCSV36Jr5QADwcV8soendS4Hs8fqBE9jR3IbduHmod9ExiqNb9zBWRbSxMtMvmjPB8k7cyqVtrpAnW9ltl5aer19&cb=_clon2584rnvxovo78lba66&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1957518/?pb=714114c6e586a337237bf3a5497fb7381675367968&psp=K3Q5-W5tOqVTAwPIU-8oRifFaSJ0TWI42CTY2Jgif4MumTe1FUvzYpdDvRjBaxcoR5kSZpdjrKqk9UmyhdwOKZmoX4ZwdVJz-ltPVjqTGkTYeFvgSuQwSsMv59q00CBv9p1D3URkcvtiICDLtEy5zFk1z89UvNN_C9HGxmhThB6r6ccwucrMfelGnVjQmId_f1ADsPNoK35Ar0j05w-T0Tv91TdqB8iRIO7CFc75ogxV7bG9x8es7uysGDJBDjDW-GlVWtOTraADfy9T-bcjdR6a5G9f6UfPWMHBCd1JZGvLXpMWUtLEq7ZETmrwGzU5S6nd87d2UX3MiYj5TO_2VGHyuE1YYDBCMKDCiN1cii8jWqTiV5Q_N5ShvBn1ejTWKyYCiSve-qc1DIy8gJXbYYSI2KFD5Rhng8yh_t4pJprIsYKL583OuJjWM5mse_WYU4pa88nWPjjOi4jdH3x5lSj4IfT4n2HPEE0whEyp9gDzJ7zWB6n4GIGThPwAmVjsG5U0uqM6XKGG404vTK1ohnVCqwpuwdMbW_I9sZFy5RuC2Dl0A5RzDnTMlUB5aCSV36Jr5QADwcV8soendS4Hs8fqBE9jR3IbduHmod9ExiqNb9zBWRbSxMtMvmjPB8k7cyqVtrpAnW9ltl5aer19&cb=_clon2584rnvxovo78lba66&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietsub.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:59:28 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=23020212591060caa04d4847aea5f417932f; Path=/; Expires=Fri, 02 Feb 2024 17:59:28 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
limurol.com/ssp/req/1957518/?pb=714114c6e586a337237bf3a5497fb7381675367968&psp=K3Q5-W5tOqVTAwPIU-8oRifFaSJ0TWI42CTY2Jgif4MumTe1FUvzYpdDvRjBaxcoR5kSZpdjrKqk9UmyhdwOKZmoX4ZwdVJz-ltPVjqTGkTYeFvgSuQwSsMv59q00CBv9p1D3URkcvtiICDLtEy5zFk1z89UvNN_C9HGxmhThB6r6ccwucrMfelGnVjQmId_f1ADsPNoK35Ar0j05w-T0Tv91TdqB8iRIO7CFc75ogxV7bG9x8es7uysGDJBDjDW-GlVWtOTraADfy9T-bcjdR6a5G9f6UfPWMHBCd1JZGvLXpMWUtLEq7ZETmrwGzU5S6nd87d2UX3MiYj5TO_2VGHyuE1YYDBCMKDCiN1cii8jWqTiV5Q_N5ShvBn1ejTWKyYCiSve-qc1DIy8gJXbYYSI2KFD5Rhng8yh_t4pJprIsYKL583OuJjWM5mse_WYU4pa88nWPjjOi4jdH3x5lSj4IfT4n2HPEE0whEyp9gDzJ7zWB6n4GIGThPwAmVjsG5U0uqM6XKGG404vTK1ohnVCqwpuwdMbW_I9sZFy5RuC2Dl0A5RzDnTMlUB5aCSV36Jr5QADwcV8soendS4Hs8fqBE9jR3IbduHmod9ExiqNb9zBWRbSxMtMvmjPB8k7cyqVtrpAnW9ltl5aer19&cb=_clon2584rnvxovo78lba66&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1957518/?pb=714114c6e586a337237bf3a5497fb7381675367968&psp=K3Q5-W5tOqVTAwPIU-8oRifFaSJ0TWI42CTY2Jgif4MumTe1FUvzYpdDvRjBaxcoR5kSZpdjrKqk9UmyhdwOKZmoX4ZwdVJz-ltPVjqTGkTYeFvgSuQwSsMv59q00CBv9p1D3URkcvtiICDLtEy5zFk1z89UvNN_C9HGxmhThB6r6ccwucrMfelGnVjQmId_f1ADsPNoK35Ar0j05w-T0Tv91TdqB8iRIO7CFc75ogxV7bG9x8es7uysGDJBDjDW-GlVWtOTraADfy9T-bcjdR6a5G9f6UfPWMHBCd1JZGvLXpMWUtLEq7ZETmrwGzU5S6nd87d2UX3MiYj5TO_2VGHyuE1YYDBCMKDCiN1cii8jWqTiV5Q_N5ShvBn1ejTWKyYCiSve-qc1DIy8gJXbYYSI2KFD5Rhng8yh_t4pJprIsYKL583OuJjWM5mse_WYU4pa88nWPjjOi4jdH3x5lSj4IfT4n2HPEE0whEyp9gDzJ7zWB6n4GIGThPwAmVjsG5U0uqM6XKGG404vTK1ohnVCqwpuwdMbW_I9sZFy5RuC2Dl0A5RzDnTMlUB5aCSV36Jr5QADwcV8soendS4Hs8fqBE9jR3IbduHmod9ExiqNb9zBWRbSxMtMvmjPB8k7cyqVtrpAnW9ltl5aer19&cb=_clon2584rnvxovo78lba66&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1957518/?pb=714114c6e586a337237bf3a5497fb7381675367968&psp=K3Q5-W5tOqVTAwPIU-8oRifFaSJ0TWI42CTY2Jgif4MumTe1FUvzYpdDvRjBaxcoR5kSZpdjrKqk9UmyhdwOKZmoX4ZwdVJz-ltPVjqTGkTYeFvgSuQwSsMv59q00CBv9p1D3URkcvtiICDLtEy5zFk1z89UvNN_C9HGxmhThB6r6ccwucrMfelGnVjQmId_f1ADsPNoK35Ar0j05w-T0Tv91TdqB8iRIO7CFc75ogxV7bG9x8es7uysGDJBDjDW-GlVWtOTraADfy9T-bcjdR6a5G9f6UfPWMHBCd1JZGvLXpMWUtLEq7ZETmrwGzU5S6nd87d2UX3MiYj5TO_2VGHyuE1YYDBCMKDCiN1cii8jWqTiV5Q_N5ShvBn1ejTWKyYCiSve-qc1DIy8gJXbYYSI2KFD5Rhng8yh_t4pJprIsYKL583OuJjWM5mse_WYU4pa88nWPjjOi4jdH3x5lSj4IfT4n2HPEE0whEyp9gDzJ7zWB6n4GIGThPwAmVjsG5U0uqM6XKGG404vTK1ohnVCqwpuwdMbW_I9sZFy5RuC2Dl0A5RzDnTMlUB5aCSV36Jr5QADwcV8soendS4Hs8fqBE9jR3IbduHmod9ExiqNb9zBWRbSxMtMvmjPB8k7cyqVtrpAnW9ltl5aer19&cb=_clon2584rnvxovo78lba66&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietsub.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:59:28 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=23020212599a2161962bf1444aaa07181097; Path=/; Expires=Fri, 02 Feb 2024 17:59:28 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
limurol.com/ssp/req/1957518/?pb=714114c6e586a337237bf3a5497fb7381675367968&psp=K3Q5-W5tOqVTAwPIU-8oRifFaSJ0TWI42CTY2Jgif4MumTe1FUvzYpdDvRjBaxcoR5kSZpdjrKqk9UmyhdwOKZmoX4ZwdVJz-ltPVjqTGkTYeFvgSuQwSsMv59q00CBv9p1D3URkcvtiICDLtEy5zFk1z89UvNN_C9HGxmhThB6r6ccwucrMfelGnVjQmId_f1ADsPNoK35Ar0j05w-T0Tv91TdqB8iRIO7CFc75ogxV7bG9x8es7uysGDJBDjDW-GlVWtOTraADfy9T-bcjdR6a5G9f6UfPWMHBCd1JZGvLXpMWUtLEq7ZETmrwGzU5S6nd87d2UX3MiYj5TO_2VGHyuE1YYDBCMKDCiN1cii8jWqTiV5Q_N5ShvBn1ejTWKyYCiSve-qc1DIy8gJXbYYSI2KFD5Rhng8yh_t4pJprIsYKL583OuJjWM5mse_WYU4pa88nWPjjOi4jdH3x5lSj4IfT4n2HPEE0whEyp9gDzJ7zWB6n4GIGThPwAmVjsG5U0uqM6XKGG404vTK1ohnVCqwpuwdMbW_I9sZFy5RuC2Dl0A5RzDnTMlUB5aCSV36Jr5QADwcV8soendS4Hs8fqBE9jR3IbduHmod9ExiqNb9zBWRbSxMtMvmjPB8k7cyqVtrpAnW9ltl5aer19&cb=_clon2584rnvxovo78lba66&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1957518/?pb=714114c6e586a337237bf3a5497fb7381675367968&psp=K3Q5-W5tOqVTAwPIU-8oRifFaSJ0TWI42CTY2Jgif4MumTe1FUvzYpdDvRjBaxcoR5kSZpdjrKqk9UmyhdwOKZmoX4ZwdVJz-ltPVjqTGkTYeFvgSuQwSsMv59q00CBv9p1D3URkcvtiICDLtEy5zFk1z89UvNN_C9HGxmhThB6r6ccwucrMfelGnVjQmId_f1ADsPNoK35Ar0j05w-T0Tv91TdqB8iRIO7CFc75ogxV7bG9x8es7uysGDJBDjDW-GlVWtOTraADfy9T-bcjdR6a5G9f6UfPWMHBCd1JZGvLXpMWUtLEq7ZETmrwGzU5S6nd87d2UX3MiYj5TO_2VGHyuE1YYDBCMKDCiN1cii8jWqTiV5Q_N5ShvBn1ejTWKyYCiSve-qc1DIy8gJXbYYSI2KFD5Rhng8yh_t4pJprIsYKL583OuJjWM5mse_WYU4pa88nWPjjOi4jdH3x5lSj4IfT4n2HPEE0whEyp9gDzJ7zWB6n4GIGThPwAmVjsG5U0uqM6XKGG404vTK1ohnVCqwpuwdMbW_I9sZFy5RuC2Dl0A5RzDnTMlUB5aCSV36Jr5QADwcV8soendS4Hs8fqBE9jR3IbduHmod9ExiqNb9zBWRbSxMtMvmjPB8k7cyqVtrpAnW9ltl5aer19&cb=_clon2584rnvxovo78lba66&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1957518/?pb=714114c6e586a337237bf3a5497fb7381675367968&psp=K3Q5-W5tOqVTAwPIU-8oRifFaSJ0TWI42CTY2Jgif4MumTe1FUvzYpdDvRjBaxcoR5kSZpdjrKqk9UmyhdwOKZmoX4ZwdVJz-ltPVjqTGkTYeFvgSuQwSsMv59q00CBv9p1D3URkcvtiICDLtEy5zFk1z89UvNN_C9HGxmhThB6r6ccwucrMfelGnVjQmId_f1ADsPNoK35Ar0j05w-T0Tv91TdqB8iRIO7CFc75ogxV7bG9x8es7uysGDJBDjDW-GlVWtOTraADfy9T-bcjdR6a5G9f6UfPWMHBCd1JZGvLXpMWUtLEq7ZETmrwGzU5S6nd87d2UX3MiYj5TO_2VGHyuE1YYDBCMKDCiN1cii8jWqTiV5Q_N5ShvBn1ejTWKyYCiSve-qc1DIy8gJXbYYSI2KFD5Rhng8yh_t4pJprIsYKL583OuJjWM5mse_WYU4pa88nWPjjOi4jdH3x5lSj4IfT4n2HPEE0whEyp9gDzJ7zWB6n4GIGThPwAmVjsG5U0uqM6XKGG404vTK1ohnVCqwpuwdMbW_I9sZFy5RuC2Dl0A5RzDnTMlUB5aCSV36Jr5QADwcV8soendS4Hs8fqBE9jR3IbduHmod9ExiqNb9zBWRbSxMtMvmjPB8k7cyqVtrpAnW9ltl5aer19&cb=_clon2584rnvxovo78lba66&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietsub.me/
Cookie: UID=23020212599a2161962bf1444aaa07181097
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:59:28 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.78200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietsub.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 02 Feb 2023 17:45:20 GMT
expires: Thu, 02 Feb 2023 19:45:20 GMT
cache-control: public, max-age=7200
age: 848
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 284e0acee87ba87873d5f9c94957d295
e492bed9cca7b2d19f6f79946586f6fd39147bd9
808d74da41d1d4cd8c9007e1e3c0629aabc0faff4678dd4bde1855c7cf15ef83
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "808D74DA41D1D4CD8C9007E1E3C0629AABC0FAFF4678DD4BDE1855C7CF15EF83"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 02 Feb 2023 23:59:28 GMT
Date: Thu, 02 Feb 2023 17:59:28 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6934eb69fffd66583abb85b6f82e6339
df048c186995edbf9bf75c777cd3158130ebe905
74b2379c4f899b779d3862351756898446905b54e41bb502fd04978373ed314b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "74B2379C4F899B779D3862351756898446905B54E41BB502FD04978373ED314B"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21585
Expires: Thu, 02 Feb 2023 23:59:13 GMT
Date: Thu, 02 Feb 2023 17:59:28 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6934eb69fffd66583abb85b6f82e6339
df048c186995edbf9bf75c777cd3158130ebe905
74b2379c4f899b779d3862351756898446905b54e41bb502fd04978373ed314b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "74B2379C4F899B779D3862351756898446905B54E41BB502FD04978373ED314B"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21550
Expires: Thu, 02 Feb 2023 23:58:38 GMT
Date: Thu, 02 Feb 2023 17:59:28 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6934eb69fffd66583abb85b6f82e6339
df048c186995edbf9bf75c777cd3158130ebe905
74b2379c4f899b779d3862351756898446905b54e41bb502fd04978373ed314b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "74B2379C4F899B779D3862351756898446905B54E41BB502FD04978373ED314B"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21575
Expires: Thu, 02 Feb 2023 23:59:03 GMT
Date: Thu, 02 Feb 2023 17:59:28 GMT
Connection: keep-alive
hit1.club/images/slogan-lazy.png
188.114.96.1200 OK 129 B URL HTTP/2 hit1.club/images/slogan-lazy.png
IP 188.114.96.1:0
File type PNG image data, 1170 x 155, 1-bit colormap, non-interlaced\012- data
Hash 27f84407bf1ad0f6c3db165673c3cac6
3c6379e318da6831dcb64c4f63e7ed69dc88a508
b830918f319cd17ca69a4271ed20a9555e013481471541f0795108765bfa39dc
GET /images/slogan-lazy.png HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: image/png
content-length: 129
last-modified: Thu, 22 Dec 2022 08:46:04 GMT
etag: "63a4194c-81"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3849
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uODTX7AQDA7VGlnkI15zFv2rRFNT4YXTOGGgNj66pa6cw2%2BnF0wRr87ADTl2jAEzr3nuvCBt%2Bd9qy5K2tafJQp7J3FiiRQtQt%2BqpfytFocY9iXrvR2prj2Xarps%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934d228de46b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hit1.club/images/logo-lazy.png
188.114.96.1200 OK 136 B URL HTTP/2 hit1.club/images/logo-lazy.png
IP 188.114.96.1:0
File type PNG image data, 602 x 388, 1-bit colormap, non-interlaced\012- data
Hash 345bfedb6937de67a3e5939eb576b451
87bf873835a8b66318834b43e5cb3afdea2e3784
8a9930aff6d5088b41634199e993c52cddafb23ebc7f5ab5d347fa6c3f1f38cf
GET /images/logo-lazy.png HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: image/png
content-length: 136
last-modified: Thu, 22 Dec 2022 08:46:04 GMT
etag: "63a4194c-88"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3849
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yp0NVN42WV1VX%2BA%2BaLPzvBplmC0AnEdOQlzud24Y4KigqeQRMCzWCfg6B9q3VZiE5BqLJLSDfwKrsJydey8Dx0ZBfk3s%2F3wTqDOr%2BWdoeh5wam98jHmtVTo4tg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934d228de45b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hit1.club/images/tab-dangky-full-lazy.png
188.114.96.1200 OK 117 B URL HTTP/2 hit1.club/images/tab-dangky-full-lazy.png
IP 188.114.96.1:0
File type PNG image data, 785 x 99, 1-bit colormap, non-interlaced\012- data
Hash dbd78b8e74807d328d8336eed1655696
7bed3c8783e9f14e81762241d4ee19f3879fa376
3cae147a84de1564dc325ef9c439cfc00c74102820a82b5cb1c163011a645cc9
GET /images/tab-dangky-full-lazy.png HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: image/png
content-length: 117
last-modified: Mon, 16 Jan 2023 05:11:34 GMT
etag: "63c4dc86-75"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3849
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ls9p9l0eDDCIBrsPMNFJmdE9ScLtwmlg6N4101WNOVd%2B8oWoqsRAmLMU3yi5PICVbMpkiYArV%2BTRHMlnTiMwi%2BXx6m46A6rHAke8NbLYGl8WNLZviTu8PxxVPR0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934d228ee4db515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hit1.club/images/slogan-mb-lazy.png
188.114.96.1200 OK 128 B URL HTTP/2 hit1.club/images/slogan-mb-lazy.png
IP 188.114.96.1:0
File type PNG image data, 1086 x 155, 1-bit colormap, non-interlaced\012- data
Hash c33c4fe72af6fbbd38e71484ff3545e1
c49a8fa656a30e9ea37476aecd93af5fa863b1ab
b54aa8ba0851f8d7ffa3c60a4b609851a616b4532f3b328621fb7be5de368ed1
GET /images/slogan-mb-lazy.png HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: image/png
content-length: 128
last-modified: Thu, 22 Dec 2022 08:46:04 GMT
etag: "63a4194c-80"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3849
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5E05p421DuNZzbXa8BeqEviLzlGeUL0mfXYP64KScKhY8%2FF02ymIaEdGFU%2B5DT6BOYBe9eXa3bgaSf0gSp0Up8k4B4m0vawDwI%2BuMtole%2Bp3%2B5VJ5SweRqVGxeU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934d228de4cb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hit1.club/images/btn-lazy.png
188.114.96.1200 OK 120 B URL HTTP/2 hit1.club/images/btn-lazy.png
IP 188.114.96.1:0
File type PNG image data, 608 x 172, 1-bit colormap, non-interlaced\012- data
Hash 675ac894f2d4559daf40286843b6138d
cbbe36403453a4c4fdb35053f175c6d917f39c00
3eb50d684e6be6867aef9713bfcee4cea197f416e8c6542e527c1e5aacfbe65a
GET /images/btn-lazy.png HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: image/png
content-length: 120
last-modified: Thu, 22 Dec 2022 08:46:04 GMT
etag: "63a4194c-78"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3849
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDX%2FrfhRthBjTrTgGQmt2jDVhDR5TWYhThj3hhKYl%2Fv87CBLxgoY%2FEpafKiWF0ZIUYVwNc8f780Bv3nByud%2B%2BJLB%2BrcenXu4xACXw02QOsuhdMSbDdDtB2qBvvE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934d228ee51b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hit1.club/images/btn-dl-lazy.png
188.114.96.1200 OK 155 B URL HTTP/2 hit1.club/images/btn-dl-lazy.png
IP 188.114.96.1:0
File type PNG image data, 1022 x 383, 1-bit colormap, non-interlaced\012- data
Hash 6a5745d946048c112ed9396af9dddce5
18f4870cc197dfe8ba0e53f198bd2afeaed993d3
bcf1ae2c589de263cb71af6567b216fbeab958fe4fccd873d07c6482dd832dd5
GET /images/btn-dl-lazy.png HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: image/png
content-length: 155
last-modified: Thu, 22 Dec 2022 08:46:04 GMT
etag: "63a4194c-9b"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3849
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQq8pkzgwg2eNHQ615yXyGSB1oSrrRD7b%2B0QjXq3aJc9yOmxdi8p1K1BB%2BlRecuZq6o4HnUTVF9BMPF4IC1U4VGuJRuXgDui0TXPRIiyiIEvGG7nQLfe6A42CoE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934d228ee53b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hit1.club/images/thumb-thank-lazy.png
188.114.96.1200 OK 222 B URL HTTP/2 hit1.club/images/thumb-thank-lazy.png
IP 188.114.96.1:0
File type PNG image data, 1125 x 739, 1-bit colormap, non-interlaced\012- data
Hash b9487ce9d01b25e1d2a21d01e3e722a4
d0a0f0cc6b3a9f44d954e45ffd66c0708d5c52e4
0115a4449d2869cb08969f83fc4f1efce5853853915b8896363e7f8ae7c66082
GET /images/thumb-thank-lazy.png HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: image/png
content-length: 222
last-modified: Thu, 22 Dec 2022 08:46:04 GMT
etag: "63a4194c-de"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3849
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWSXORmUhOXIYCDl93Ep8YUH0wgEUeCQ89%2Bhc%2FmOWsPY3EQLQXmoFHUvkdTIkp7xExWjaX49%2B0lQET1pgUPsvV03ms5MZNEfhgFmQudIH7DnYQMkIgleLsSVPyc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934d228ee55b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hit1.club/images/btn-web-lazy.png
188.114.96.1200 OK 132 B URL HTTP/2 hit1.club/images/btn-web-lazy.png
IP 188.114.96.1:0
File type PNG image data, 929 x 214, 1-bit colormap, non-interlaced\012- data
Hash 265c48db8fe4addbc6c199a119d88e1e
7f029f8da68fe537cd587cd7fd78db29d573a7dc
cba264a3b36ba0c615f498f385c997795eab5cd943c44bec4030007e39bcc82c
GET /images/btn-web-lazy.png HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: image/png
content-length: 132
last-modified: Thu, 22 Dec 2022 08:46:04 GMT
etag: "63a4194c-84"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3849
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4VQRlSS51HXBjv%2Fc3YDkMvbLrljOdK7cTCM%2BB%2Bt63k2zH3sH19oQH39eP3b2s02Cki%2FzafD9IaXUcft0OFWNb5TeLJGQ8UsHqofrpEeRiIpJpdX6Rz6filqDTOw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934d228ee59b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hit1.club/images/loading.gif
188.114.96.1200 OK 1.6 kB URL HTTP/2 hit1.club/images/loading.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 22 x 22\012- data
Hash 48ad2ddb9bf71b8673824232e0ecb0bc
f69bb75f7253646e94f14eb162097cacd62e3d66
5ade47c7bfe9cb00a16c8b4fa265aa07e8fa676f051e23d1d8a4fbfdb86fef1b
GET /images/loading.gif HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: image/gif
content-length: 1635
last-modified: Thu, 22 Dec 2022 08:46:04 GMT
etag: "63a4194c-663"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3849
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TqOeQbyaIL8XGjne22bSASgTDsdK5OqB5mRUgZrQcMT7D5WI%2Fj566YFAznkNlLOj5tf969heW8CNa76nxfV57Rgch5dqKVCjUE9S592T3BhFOJCqjkIeFG5zeig%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934d228ee60b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6934eb69fffd66583abb85b6f82e6339
df048c186995edbf9bf75c777cd3158130ebe905
74b2379c4f899b779d3862351756898446905b54e41bb502fd04978373ed314b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "74B2379C4F899B779D3862351756898446905B54E41BB502FD04978373ED314B"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21574
Expires: Thu, 02 Feb 2023 23:59:03 GMT
Date: Thu, 02 Feb 2023 17:59:29 GMT
Connection: keep-alive
hit1.club/images/adv-lazy.png
188.114.96.1200 OK 502 B URL HTTP/2 hit1.club/images/adv-lazy.png
IP 188.114.96.1:0
Hash 0156f711252312ca2c0faa0cd24b2dec
608f3aa96657b5ceb12856737b9c362d773776fe
623de47acfb000c14e411acf67949874997e51931075205ad71d800e4dad4821
GET /images/adv-lazy.png HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: image/png
content-length: 216
last-modified: Mon, 16 Jan 2023 05:11:34 GMT
etag: "63c4dc86-d8"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3849
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZEVszKOJPFxCr4o3uoLpBgT2M4zaoEe4Q5MzLaWHlWYHl6C3ATnMj6py3qh694lRVb%2FNQISSCTkiuCT%2BABd%2FMKdrvKyh9mFVz7jpdM4wDnNr4gwbAONAXFSOL8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934d228ee5ab515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hit1.club/images/banner-lazy.png
188.114.96.1200 OK 407 B URL HTTP/2 hit1.club/images/banner-lazy.png
IP 188.114.96.1:0
Hash 508b4c0b372a54a460e4aa5053a8fa39
28bcf4a40ed8ed8f61b9728f023ba4d21c201dcc
d3616a924223068f84f7e5b3e70d9723e3b36c66cfb20bd5e09165e7aca7e662
GET /images/banner-lazy.png HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: image/png
content-length: 131
last-modified: Thu, 22 Dec 2022 08:46:04 GMT
etag: "63a4194c-83"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3849
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5sw4%2BCVkuGlGUV4h0ox4m4VVLi%2B82RcjZpkjZKK3PQcSBkIzZsPRcSGPypczLhKvMQ0fF7TayP7Juep9JrgtGjN7Wymp6Okb2Y%2FNJdmqqCIAZ1nPvW6chpfk6M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934d228ee62b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hit1.club/build/style.min.css?v=1.1.1
188.114.96.1200 OK 12 kB URL HTTP/2 hit1.club/build/style.min.css?v=1.1.1
IP 188.114.96.1:0
File type ASCII text, with very long lines (19301), with no line terminators
Hash 61b82cd2caf8b6a412606bfa3c81a9ec
fb89dabc2db8edcfa5b10b7e111af33e2af2acc2
86e185dbca59c58d57f595f7c1ab3466441e30209ca0a3d3bbd5298a3ebf2320
GET /build/style.min.css?v=1.1.1 HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: text/css
last-modified: Mon, 16 Jan 2023 06:43:00 GMT
etag: W/"63c4f1f4-4b65"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3849
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJ4JcUPNoDkn8VAGPmdaT%2FwtO3tr4YnNj8ftd558ABBCrfFfNpqkv4xawng2Svy98PWnLzQGvk559W%2F9x7qclx%2FyLHPhdpEV8TNtreeT%2FbhPNbKV90rHQcVwJ8s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934d228de44b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9110
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 17:59:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9110
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 17:59:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9110
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 17:59:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9110
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 17:59:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9110
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 17:59:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd8c5ba-bd1b-4dda-ae36-680f02b388f8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd8c5ba-bd1b-4dda-ae36-680f02b388f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b91a1323efe4b01a2d1a2e8485117934
43d04a554f6ef512e7b21ac09287efc0e4e5efee
393e3ab81aee9fda022d06c25789be66e56aaf56f81b0514ab5dfec445087bdf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd8c5ba-bd1b-4dda-ae36-680f02b388f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10807
x-amzn-requestid: 9fff89ce-35f7-4b09-b766-6e65b4586c10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ5PHm7oAMFdfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bd07-0ed090976c8a74542e225f4c;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FESYmaA4l_a_3Md_9_0DZyzRCVPPIujyejd6lAO0pWS2bfwLzUsjfA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 07:02:27 GMT
age: 39422
etag: "43d04a554f6ef512e7b21ac09287efc0e4e5efee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0f85742f336de59ca88f7f964a8b33f4
0fc7177f8cb06421a8807e93989f651bda743567
fbd5fd39c39c218b0fa956f8cb8050cbdbfcb109a92303f6175d73cc8c339526
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8642
x-amzn-requestid: 79840c68-3e99-428d-9c01-9e4a93a34486
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdUzH1-oAMFiwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc1e-5bb93c5126aaff474900da63;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Mc8C-oesi4njIn2K2f56GKuyt6erRJAqCU-B4InhTD8oIoqo4s5-Fg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:43 GMT
age: 70846
etag: "0fc7177f8cb06421a8807e93989f651bda743567"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df4a4906103a8f409c066b1cded71384
22847e3926db3e3d5f6b529297a4abe8b377c3a6
84a14b73b2cc7f4641eaa5539cbee0a109ae2b05cf88d06797a2b00c8d4f0c43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9221
x-amzn-requestid: 209c2ad4-7a1f-4867-bf98-4ca8621111a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTBFv5IAMFgqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-1627a9d603c69f7760ad013b;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kAkcQOKAvuq3k-X081MLCqon-cnQJqGryVeE0fwX0a7bcXgJlySIvg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:12:07 GMT
age: 71242
etag: "22847e3926db3e3d5f6b529297a4abe8b377c3a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C1kqthy0eZop0UZfG3_op5xeBOVGiPLYfia4uS1l4-kchEzV6ccE9w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 07:28:37 GMT
age: 37852
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d910c24f5a6108cb74103cd70692a703
9fe648fa464e46d16f685aca1704f3414eda4107
5cbe5e571e62555225621440203ae24a3b8c41ac7f49b6b731bc2c94e620797f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5561
x-amzn-requestid: 76ca969b-a840-4d5c-97c1-2dfd93b8f630
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKYE3-IAMFqbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-2729fe22420bcc0563c39aff;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: E91BIw8QT3vXXQY8GIPpnRqnTZV4paZ3wynf7UjLnjeIfwS0tiC1Gg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:12:07 GMT
age: 71242
etag: "9fe648fa464e46d16f685aca1704f3414eda4107"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XyDZc0F-b0rxwoS5wvSXBuBfYE7JljMmuXseBjLOBk4HvxU5gE7Oqg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:55 GMT
age: 70834
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.livechatinc.com/tracking.js
23.36.79.16200 OK 118 kB URL HTTP/2 cdn.livechatinc.com/tracking.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (65449)
Size 118 kB (117527 bytes)
Hash d58909b2217c87f4df3d5de2bcdcaa96
85b6b4911a24e08874a51e0692d42017563327ac
c5c61c871d27b3956b53892d8ee85b0f97902899d9596bb605312974819cb41d
GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 25 Jan 2023 08:47:12 GMT
x-amz-version-id: iNzmqDcn1iRKaLiTk37THrDgz9osPO8C
server: AmazonS3
content-encoding: br
etag: W/"29e075294399875f6fd4bdaa0f4a20e4"
vary: Accept-Encoding
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: qzl-0Ag5XGkDv_kWLbnI4JJvQy7icD_Dvire8pnIpy79iQNET2NH5w==
content-length: 26103
cache-control: max-age=28800
expires: Fri, 03 Feb 2023 01:59:30 GMT
date: Thu, 02 Feb 2023 17:59:30 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ede42358dbe8cf2e6b7e6a2653774d01
5dc8ca0b929f04fb15c7ff81d0a9decda023b7fb
8e841815d41c4ade06e328cb1ffb9be342640167ec6acb658f6b4b373e23a52a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4969
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:30 GMT
Last-Modified: Thu, 02 Feb 2023 16:36:41 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ede42358dbe8cf2e6b7e6a2653774d01
5dc8ca0b929f04fb15c7ff81d0a9decda023b7fb
8e841815d41c4ade06e328cb1ffb9be342640167ec6acb658f6b4b373e23a52a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5377
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:30 GMT
Last-Modified: Thu, 02 Feb 2023 16:29:53 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ede42358dbe8cf2e6b7e6a2653774d01
5dc8ca0b929f04fb15c7ff81d0a9decda023b7fb
8e841815d41c4ade06e328cb1ffb9be342640167ec6acb658f6b4b373e23a52a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4969
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:30 GMT
Last-Modified: Thu, 02 Feb 2023 16:36:41 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
hit1.club/?a=a_bc661f6ebb4a1ff874b371184be3d9ec&utm_source=sexvccxyz&utm_medium=m-preload-300x250&utm_campaign=cpd-s
188.114.96.1200 OK 4.3 kB URL HTTP/2 hit1.club/?a=a_bc661f6ebb4a1ff874b371184be3d9ec&utm_source=sexvccxyz&utm_medium=m-preload-300x250&utm_campaign=cpd-s
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (307)
Hash 86c123b6c3402f58b9c6e231ebce5b47
3c4d059ff3664ac8c540a939294e2217ab576619
0d0baa88887e4803118906bd7cff511a6133bfde9e9cca2053fee3d2b7db5220
GET /?a=a_bc661f6ebb4a1ff874b371184be3d9ec&utm_source=sexvccxyz&utm_medium=m-preload-300x250&utm_campaign=cpd-s HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.vietsub.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.1.13
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8lFV6cRaCfQwPByRp%2FKhlBT0DijRRB15XCC%2BXUs79cglD%2BPjNIwU%2ByrfBz%2Fn5Hja2v5z75Vy%2FUYMoEdjWSJNgyqSRsy7N5hdWwsddZOW3iOHNAjv1dwVMUM%2BrYY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d225b999b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: NqZan+mDFwEYnZDiSxnCwOEAhYqZ+EXiShuVlidKrH2lZbMiZ4wwBaTO1GJxSeRVmpaKrRyira8dvuv6FuhD/w==
content-length: 27843
x-fb-trip-id: 1904183273
date: Thu, 02 Feb 2023 17:59:30 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ede42358dbe8cf2e6b7e6a2653774d01
5dc8ca0b929f04fb15c7ff81d0a9decda023b7fb
8e841815d41c4ade06e328cb1ffb9be342640167ec6acb658f6b4b373e23a52a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4969
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:30 GMT
Last-Modified: Thu, 02 Feb 2023 16:36:41 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
hit1.club/?a=a_e866d7f5c0e9883ad4f912365cdd9d38&utm_source=sexsubtv&utm_medium=m-popunder&utm_campaign=cpd-s
188.114.96.1200 OK 47 kB URL HTTP/2 hit1.club/?a=a_e866d7f5c0e9883ad4f912365cdd9d38&utm_source=sexsubtv&utm_medium=m-popunder&utm_campaign=cpd-s
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (307)
Hash f6067b1b9c64d5dfe288b89ba72e5f63
5e7a9c38e6ffcac9b100ad264ae9325f3d4db841
d2db5c48af089986eaa36519709f979b8fb85a10893544cb1c320ce19a11c9d0
GET /?a=a_e866d7f5c0e9883ad4f912365cdd9d38&utm_source=sexsubtv&utm_medium=m-popunder&utm_campaign=cpd-s HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.vietsub.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.1.13
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPk%2B3gXTxRx4Ff8%2B7LYn4YwWtH53Qdv4Q4%2Fp2JlaR3J0S5QJn7d5jzSVpR1X%2BUYS3FRMZWTUDGNEze10Ou3MQOavAINO0Vq6uW2sBvECA%2FjohBjjPEZ2mB51h9Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d225b9a8b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_e866d7f5c0e9883ad4f912365cdd9d38%26utm_source%3Dsexsubtv%26utm_medium%3Dm-popunder%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__kmauav5s6jr
23.36.79.16200 OK 271 B URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_e866d7f5c0e9883ad4f912365cdd9d38%26utm_source%3Dsexsubtv%26utm_medium%3Dm-popunder%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__kmauav5s6jr
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 7cdfa0eeab460b7e84f520624ab08c37
7c419601f9dacb0ce139728a17e915471b6ca871
f7db1a701ca0b2eabda2d8ab2bedfdc098183ea0d02a89648f37e5cd41807ec3
GET /v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_e866d7f5c0e9883ad4f912365cdd9d38%26utm_source%3Dsexsubtv%26utm_medium%3Dm-popunder%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__kmauav5s6jr HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: frame-ancestors ;
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from
content-length: 271
date: Thu, 02 Feb 2023 17:59:30 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1c9bbac59fbc0981fde7af5c05295f77
3d160bb99415b4bdbb1d1f185bb46dbb1ace0d93
f7e63159b009854fc525e18f739198daf640b446aae76c027fce22d710ce9b16
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:30 GMT
Server: ECS (amb/6BA4)
Content-Length: 279
api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=14863323&version=101.6.6.88.166.104.50.7.1.131.1.2.412&group_id=1&jsonp=__lc_static_config
23.36.79.16200 OK 1.6 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=14863323&version=101.6.6.88.166.104.50.7.1.131.1.2.412&group_id=1&jsonp=__lc_static_config
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (3941), with no line terminators
Hash 2bb10d46526006fd95adfe381df98b85
0a36f2aea88b9af47c361fc0638e07ccd44bc057
9d05b9df397569a282b1db15ee69f349793ef6c1728ce468398d565d26546cb2
GET /v3.3/customer/action/get_configuration?license_id=14863323&version=101.6.6.88.166.104.50.7.1.131.1.2.412&group_id=1&jsonp=__lc_static_config HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 1577
cache-control: public, max-age=600
expires: Thu, 02 Feb 2023 18:09:30 GMT
date: Thu, 02 Feb 2023 17:59:30 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/Aec17uIGqak
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Aec17uIGqak
IP 142.250.74.131:0
Hash a04b444e2ab6a4f28fe042f926e5ff54
6370d7e693b1936a49d95b24b0074981b5b0ae03
5f98a26b965c14d6d71f6e216eaba1d4b83b9c344c1caaf7c9a5e36138da5ea1
POST /s/gts1p5/Aec17uIGqak HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/Aec17uIGqak
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Aec17uIGqak
IP 142.250.74.131:0
Hash a04b444e2ab6a4f28fe042f926e5ff54
6370d7e693b1936a49d95b24b0074981b5b0ae03
5f98a26b965c14d6d71f6e216eaba1d4b83b9c344c1caaf7c9a5e36138da5ea1
POST /s/gts1p5/Aec17uIGqak HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/Aec17uIGqak
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Aec17uIGqak
IP 142.250.74.131:0
Hash a04b444e2ab6a4f28fe042f926e5ff54
6370d7e693b1936a49d95b24b0074981b5b0ae03
5f98a26b965c14d6d71f6e216eaba1d4b83b9c344c1caaf7c9a5e36138da5ea1
POST /s/gts1p5/Aec17uIGqak HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1c9bbac59fbc0981fde7af5c05295f77
3d160bb99415b4bdbb1d1f185bb46dbb1ace0d93
f7e63159b009854fc525e18f739198daf640b446aae76c027fce22d710ce9b16
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:30 GMT
Server: ECS (amb/6BB7)
Content-Length: 279
ocsp.pki.goog/s/gts1p5/Aec17uIGqak
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Aec17uIGqak
IP 142.250.74.131:0
Hash a04b444e2ab6a4f28fe042f926e5ff54
6370d7e693b1936a49d95b24b0074981b5b0ae03
5f98a26b965c14d6d71f6e216eaba1d4b83b9c344c1caaf7c9a5e36138da5ea1
POST /s/gts1p5/Aec17uIGqak HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_bc661f6ebb4a1ff874b371184be3d9ec%26utm_source%3Dsexvccxyz%26utm_medium%3Dm-preload-300x250%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__ksmch7l7i59
23.36.79.16200 OK 271 B URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_bc661f6ebb4a1ff874b371184be3d9ec%26utm_source%3Dsexvccxyz%26utm_medium%3Dm-preload-300x250%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__ksmch7l7i59
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 7b02da7920f84b8978eca617c4eea7b3
4d3f399ea700e021c3cee46252caec19e29ac826
3489efb2f261ca039ee679dedaf5016a34cdebe453162c9ba4975e5cdb3a4139
GET /v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_bc661f6ebb4a1ff874b371184be3d9ec%26utm_source%3Dsexvccxyz%26utm_medium%3Dm-preload-300x250%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__ksmch7l7i59 HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: frame-ancestors ;
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from
content-length: 271
date: Thu, 02 Feb 2023 17:59:30 GMT
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_d21b05784909e2017486d731c84fcdd7%26utm_source%3Dsexvccxyz%26utm_medium%3Dm-popunder%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__y83ryptv4g
23.36.79.16200 OK 270 B URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_d21b05784909e2017486d731c84fcdd7%26utm_source%3Dsexvccxyz%26utm_medium%3Dm-popunder%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__y83ryptv4g
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash e9c3f82bfed9a9e5f3a545e617005e88
d757e1408bbe7d25b9fb45e342413d9189835d0d
52f58d3ee2986f80f1b0791a17b8aa94bf2b11a17c55404222fcccb90b83ab08
GET /v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_d21b05784909e2017486d731c84fcdd7%26utm_source%3Dsexvccxyz%26utm_medium%3Dm-popunder%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__y83ryptv4g HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: frame-ancestors ;
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from
content-length: 270
date: Thu, 02 Feb 2023 17:59:30 GMT
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_ddbd5847e4eaeb4a2b594e1c92dafc6d%26utm_source%3Dsexsubtv%26utm_medium%3Dm-preload-300x250%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__sprwql1d2xo
23.36.79.16200 OK 271 B URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_ddbd5847e4eaeb4a2b594e1c92dafc6d%26utm_source%3Dsexsubtv%26utm_medium%3Dm-preload-300x250%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__sprwql1d2xo
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash e5397c6d2f3f7a2560fe3244fb4df5d0
2093cb0f2511f46e2ab39f0766bcaad14100794b
af64671d33c4b878284c2d6a1d411ca4e7c1874dfd5050e6fc647ca06e91a92e
GET /v3.3/customer/action/get_dynamic_configuration?license_id=14863323&url=https%3A%2F%2Fhit1.club%2F%3Fa%3Da_ddbd5847e4eaeb4a2b594e1c92dafc6d%26utm_source%3Dsexsubtv%26utm_medium%3Dm-preload-300x250%26utm_campaign%3Dcpd-s&channel_type=code&jsonp=__sprwql1d2xo HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: frame-ancestors ;
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from
content-length: 271
date: Thu, 02 Feb 2023 17:59:30 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/Aec17uIGqak
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Aec17uIGqak
IP 142.250.74.131:0
Hash a04b444e2ab6a4f28fe042f926e5ff54
6370d7e693b1936a49d95b24b0074981b5b0ae03
5f98a26b965c14d6d71f6e216eaba1d4b83b9c344c1caaf7c9a5e36138da5ea1
POST /s/gts1p5/Aec17uIGqak HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1c9bbac59fbc0981fde7af5c05295f77
3d160bb99415b4bdbb1d1f185bb46dbb1ace0d93
f7e63159b009854fc525e18f739198daf640b446aae76c027fce22d710ce9b16
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:30 GMT
Server: ECS (amb/6B7E)
Content-Length: 279
ocsp.pki.goog/s/gts1p5/Aec17uIGqak
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Aec17uIGqak
IP 142.250.74.131:0
Hash a04b444e2ab6a4f28fe042f926e5ff54
6370d7e693b1936a49d95b24b0074981b5b0ae03
5f98a26b965c14d6d71f6e216eaba1d4b83b9c344c1caaf7c9a5e36138da5ea1
POST /s/gts1p5/Aec17uIGqak HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:59:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apilp-gateway.gzbtdzprof.club/sw/collect?aff_id=a_bc661f6ebb4a1ff874b371184be3d9ec
172.67.157.151200 OK 0 B URL HTTP/2 apilp-gateway.gzbtdzprof.club/sw/collect?aff_id=a_bc661f6ebb4a1ff874b371184be3d9ec
IP 172.67.157.151:0
GET /sw/collect?aff_id=a_bc661f6ebb4a1ff874b371184be3d9ec HTTP/1.1
Host: apilp-gateway.gzbtdzprof.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hit1.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:30 GMT
content-type: application/json; charset=utf-8
x-execution-time: 0.224 ms
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sD9CXjUnFskD%2F7gCCpUNYa30Fop5JBDoD%2FdWDD8UmbSTB9bi%2Fg7HfmrIehiUSNKVY2b5Wbg%2BGFOKEyKwA31Lq%2FEzo%2BDRVwVSTMjRWjJOx%2BHWpTucM3CpfFtRNTeM0zNLZSJ1YUt5KOaNBsJxerM2oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d22f1ebdb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api4.trakipsg.net/sw/collect?aff_id=a_e866d7f5c0e9883ad4f912365cdd9d38
104.21.57.166200 OK 0 B URL HTTP/2 api4.trakipsg.net/sw/collect?aff_id=a_e866d7f5c0e9883ad4f912365cdd9d38
IP 104.21.57.166:0
GET /sw/collect?aff_id=a_e866d7f5c0e9883ad4f912365cdd9d38 HTTP/1.1
Host: api4.trakipsg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hit1.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:30 GMT
content-type: application/json; charset=utf-8
x-execution-time: 0.24 ms
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cS%2FNoDSX%2FcbGvod0Jckk6tvXo9I40exj9AveRM%2BObM7VO2Ap8C7fFQIxrwRDN1a7qKw4nnpjS%2BILTuDTHVVlOSaVG1epDL3Efxo7HlEKNQg7jsbkSxyyldnBYDyE%2BYN1KVNNSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d2300b28b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vietsub.me/
188.114.96.1200 OK 0 B IP 188.114.96.1:0
GET / HTTP/1.1
Host: vietsub.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=jd6nsvne27s2hrqa8j1d7uknl7; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxDvTSwCtSlu9Wi5zY7o5gyNpIzNiIG0Am3wgRoDETouk5i4WAE92Ez8mygPW%2FWh111x5indLPmi%2FxvrIUAKHy7ZgKRWKXPrtG5iPknY%2F%2BsgDiGI8e01DNZ6GuZa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d21b2d530b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hit1.club/vendor/bootstrap/css/bootstrap.min.css
188.114.96.1200 OK 0 B URL HTTP/2 hit1.club/vendor/bootstrap/css/bootstrap.min.css
IP 188.114.96.1:0
GET /vendor/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: text/css
last-modified: Thu, 22 Dec 2022 08:46:04 GMT
etag: W/"63a4194c-2565e"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3849
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMvHlrzlFKF1JPj84B9WptbPBL%2FKcOR%2Fc42Ph00EZsFP1q6S9slN6Mf3%2BMlYEWiIT%2FM7zQtNuLWqMgMfz3RpNzs%2BlMy3Qjpasfb4wkSAg3GdcBYgYMTIHHTdTMU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934d228de37b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
apilp-gateway.gzbtdzprof.club/sw/collect?aff_id=a_ddbd5847e4eaeb4a2b594e1c92dafc6d
172.67.157.151200 OK 0 B URL HTTP/2 apilp-gateway.gzbtdzprof.club/sw/collect?aff_id=a_ddbd5847e4eaeb4a2b594e1c92dafc6d
IP 172.67.157.151:0
GET /sw/collect?aff_id=a_ddbd5847e4eaeb4a2b594e1c92dafc6d HTTP/1.1
Host: apilp-gateway.gzbtdzprof.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hit1.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:30 GMT
content-type: application/json; charset=utf-8
x-execution-time: 1.847 ms
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42qm6Jk3kERjBu4nhH3Dg5r51km5%2BqCePXgUHvv62%2Fcy2G7q70QLvq%2Bm8OiMwH%2Fu2f3XwzQW41nMTxnRiODOWSweQ9PtGvf6jHjpvOr9tHzBthABwtfFAhofPz%2BEMqS%2BxAfy1%2BbDmU2XGoKhcWl4KA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d22f0eb5b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
qgxbluhsgad.com/t/9/fret/meow4/1957518/eaf3c389.js
62.122.171.6200 OK 0 B URL HTTP/2 qgxbluhsgad.com/t/9/fret/meow4/1957518/eaf3c389.js
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /t/9/fret/meow4/1957518/eaf3c389.js HTTP/1.1
Host: qgxbluhsgad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietsub.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:59:27 GMT
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 12:41:59 GMT
vary: Accept-Encoding
etag: W/"63d90c97-1213d"
x-js-ab1: var4
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
api6.trakipsg.net/sw/collect?aff_id=a_e866d7f5c0e9883ad4f912365cdd9d38
104.21.57.166200 OK 0 B URL HTTP/2 api6.trakipsg.net/sw/collect?aff_id=a_e866d7f5c0e9883ad4f912365cdd9d38
IP 104.21.57.166:0
GET /sw/collect?aff_id=a_e866d7f5c0e9883ad4f912365cdd9d38 HTTP/1.1
Host: api6.trakipsg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hit1.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:30 GMT
content-type: application/json; charset=utf-8
x-execution-time: 0.26 ms
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FqBhbcvVksZQVx7um497crUJACBvXrnv6q0yBC6GJwOAAoZalZIGakcnU3drp9nFEOSP9p6y3480KAT3biyEjRfIJGH1ci5Vn6wNucxd8Lrq4iy6j8KcH%2BNPuZFR8xWpjxCeVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d22ffb25b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api6.trakipsg.net/sw/collect?aff_id=a_ddbd5847e4eaeb4a2b594e1c92dafc6d
104.21.57.166200 OK 0 B URL HTTP/2 api6.trakipsg.net/sw/collect?aff_id=a_ddbd5847e4eaeb4a2b594e1c92dafc6d
IP 104.21.57.166:0
GET /sw/collect?aff_id=a_ddbd5847e4eaeb4a2b594e1c92dafc6d HTTP/1.1
Host: api6.trakipsg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hit1.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:31 GMT
content-type: application/json; charset=utf-8
x-execution-time: 0.305 ms
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgfwxxtOcrdePJOsD2ctBYonEA6XGOscYPgwCyCEBF4UG7ok4vTIW74M1aNdK8g34fYa1vbYL%2F%2BIJJJhBoHqcys0ePmp0WNlEr2z6ycCUo9%2BTyoqBJbN5pZ%2BunSgIeYdAyLQ8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d2306ba7b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api4.trakipsg.net/sw/collect?aff_id=a_d21b05784909e2017486d731c84fcdd7
104.21.57.166200 OK 0 B URL HTTP/2 api4.trakipsg.net/sw/collect?aff_id=a_d21b05784909e2017486d731c84fcdd7
IP 104.21.57.166:0
GET /sw/collect?aff_id=a_d21b05784909e2017486d731c84fcdd7 HTTP/1.1
Host: api4.trakipsg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hit1.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:30 GMT
content-type: application/json; charset=utf-8
x-execution-time: 0.285 ms
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yVcRyUZfhjFdODM5a0dz3VjhL1fEhdwrt6A7nbLTnanyF484WDGM5DYfVobFQlwH9ce8IhDnWg6MbH9gmutPQ3GZA6idB7g6OhIGHTzGNl1EHTWatepe6Pt8upGpsmeH3pJeZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d22fdaf1b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api4.trakipsg.net/sw/collect?aff_id=a_bc661f6ebb4a1ff874b371184be3d9ec
104.21.57.166200 OK 0 B URL HTTP/2 api4.trakipsg.net/sw/collect?aff_id=a_bc661f6ebb4a1ff874b371184be3d9ec
IP 104.21.57.166:0
GET /sw/collect?aff_id=a_bc661f6ebb4a1ff874b371184be3d9ec HTTP/1.1
Host: api4.trakipsg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hit1.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:30 GMT
content-type: application/json; charset=utf-8
x-execution-time: 0.282 ms
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8UUjGxREdfHnoQGaWVGgaO1bK11CfuIS3RXzBlbXeFOOC9988DCEVRBrhgEP2OZZsLaM3eb%2FixyWujTrsJXpPIf41MpjIyFN1h5JxyScIH9uMMnQkXdjvoN9vmrPHBNInLhunw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d22fdafdb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api6.trakipsg.net/sw/collect?aff_id=a_bc661f6ebb4a1ff874b371184be3d9ec
104.21.57.166200 OK 0 B URL HTTP/2 api6.trakipsg.net/sw/collect?aff_id=a_bc661f6ebb4a1ff874b371184be3d9ec
IP 104.21.57.166:0
GET /sw/collect?aff_id=a_bc661f6ebb4a1ff874b371184be3d9ec HTTP/1.1
Host: api6.trakipsg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hit1.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:31 GMT
content-type: application/json; charset=utf-8
x-execution-time: 0.223 ms
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5QGe57IH0tMXP48tiqmlA1jcTY7WKKaWGq%2BFKQkp2Ht8z9UltwPbbYuzNnqg3cyde%2Bizr2iSLif5qOnefa54TaxFxCuFEW9O%2FRANXQNpGaRj3b3pT6ty2zBbSi2YPu0%2BWWzuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d22feb04b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api4.trakipsg.net/sw/collect?aff_id=a_ddbd5847e4eaeb4a2b594e1c92dafc6d
104.21.57.166200 OK 0 B URL HTTP/2 api4.trakipsg.net/sw/collect?aff_id=a_ddbd5847e4eaeb4a2b594e1c92dafc6d
IP 104.21.57.166:0
GET /sw/collect?aff_id=a_ddbd5847e4eaeb4a2b594e1c92dafc6d HTTP/1.1
Host: api4.trakipsg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hit1.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:31 GMT
content-type: application/json; charset=utf-8
x-execution-time: 0.335 ms
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4f9y7P5PDTPzaelq3xQlGFFC2Gi%2B0Z%2FTltUGLI0BQck%2Bf1frZgjRag26Wrr1AetZh9jfgh5skyRvKc3PseyNU0FgpSRhu%2Bzxqirg37wpGsbP5WUtK3YoRwNSlVLDZYPKDqqAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d22fcaeeb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
qgxbluhsgad.com/get/1957518?zoneid=1957518&jp=_cl54sshtu2y07wlvbpxagg&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=391271421828285
62.122.171.6200 OK 0 B URL HTTP/2 qgxbluhsgad.com/get/1957518?zoneid=1957518&jp=_cl54sshtu2y07wlvbpxagg&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=391271421828285
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1957518?zoneid=1957518&jp=_cl54sshtu2y07wlvbpxagg&nojs=0&ix=0&abvar=4&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=391271421828285 HTTP/1.1
Host: qgxbluhsgad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietsub.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:59:28 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=23020212591e1f7dd6934a4a3c93495812df; Path=/; Expires=Fri, 02 Feb 2024 17:59:28 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
hit1.club/?a=a_ddbd5847e4eaeb4a2b594e1c92dafc6d&utm_source=sexsubtv&utm_medium=m-preload-300x250&utm_campaign=cpd-s
188.114.96.1200 OK 0 B URL HTTP/2 hit1.club/?a=a_ddbd5847e4eaeb4a2b594e1c92dafc6d&utm_source=sexsubtv&utm_medium=m-preload-300x250&utm_campaign=cpd-s
IP 188.114.96.1:0
GET /?a=a_ddbd5847e4eaeb4a2b594e1c92dafc6d&utm_source=sexsubtv&utm_medium=m-preload-300x250&utm_campaign=cpd-s HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.vietsub.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.1.13
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MM2AGXav0j4VxhP%2FIukXWuEaLpwVWpmFxi467Y%2FXMYlyJn3iBVTnwDNE1rpq5J9uIaEQN%2B6d0%2BkzEAm3Grst5O9h3NQcRE1C2mBpYme9baIp1DZm8G4baOIAass%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d2259977b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hit1.club/vendor/fontawesome-free/css/all.min.css
188.114.96.1200 OK 0 B URL HTTP/2 hit1.club/vendor/fontawesome-free/css/all.min.css
IP 188.114.96.1:0
GET /vendor/fontawesome-free/css/all.min.css HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: text/css
last-modified: Thu, 22 Dec 2022 08:46:04 GMT
etag: W/"63a4194c-da9f"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3849
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Q4uujBileRvNVOoiLQhQ7av0d2%2FHacpCRYliQ18roDJ0qOPatPdKFYqmiB5FzY4W7Yx6NnpDkqrqnLRIEGG5qYpo7PYCX9cxzHp%2BwVPxtYT1kR4v5n7J%2BC%2F10E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934d228de39b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hit1.club/?a=a_d21b05784909e2017486d731c84fcdd7&utm_source=sexvccxyz&utm_medium=m-popunder&utm_campaign=cpd-s
188.114.96.1200 OK 0 B URL HTTP/2 hit1.club/?a=a_d21b05784909e2017486d731c84fcdd7&utm_source=sexvccxyz&utm_medium=m-popunder&utm_campaign=cpd-s
IP 188.114.96.1:0
GET /?a=a_d21b05784909e2017486d731c84fcdd7&utm_source=sexvccxyz&utm_medium=m-popunder&utm_campaign=cpd-s HTTP/1.1
Host: hit1.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.vietsub.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:29 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.1.13
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHFKu0ZLQZ4vKCEHV23bHAJ9hNJMIjYVxw0sNMgzptYVdK9BZSEmzpIKEuoI0ur7qhDKtyl%2FQOZ3C45mlYjlflX1U986bJMRk5zGLdbVchJUi%2FQdx1qoqovq82M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d225a996b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
apilp-gateway.gzbtdzprof.club/sw/collect?aff_id=a_e866d7f5c0e9883ad4f912365cdd9d38
172.67.157.151200 OK 0 B URL HTTP/2 apilp-gateway.gzbtdzprof.club/sw/collect?aff_id=a_e866d7f5c0e9883ad4f912365cdd9d38
IP 172.67.157.151:0
GET /sw/collect?aff_id=a_e866d7f5c0e9883ad4f912365cdd9d38 HTTP/1.1
Host: apilp-gateway.gzbtdzprof.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hit1.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:59:31 GMT
content-type: application/json; charset=utf-8
x-execution-time: 0.249 ms
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t9WCpo8Hu9QtyJ94aC062xofGem6smz%2FXddRDRSCxc6oZZQzohzzki69XTdlH6cU6brImBD5S39uK5UiQP7xPqGZWHE7K8SLRaGk6gk4u0SbDhR8B8P1hUs710zDATM%2F%2B9SAa1EAnA149Fxg2xCa7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934d23038adb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2