cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
104.17.25.14200 OK 10 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
IP 104.17.25.14:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (59119)
Hash ecd507b3125edc4d2a03aa6ae5d07da9
a57ee68d11601b0fd8e5037fc241ff65a754473c
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
GET /ajax/libs/font-awesome/5.15.4/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 04:41:34 GMT
content-type: text/css; charset=utf-8
content-length: 10462
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "613fa20b-28de"
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 81017
expires: Wed, 30 Apr 2025 04:41:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QCsqV0BJAF%2BJd9iuoKclRGbBmtKNIoLs3ScgNuttLtv9URlOM2Bx6KNknrMFr0xPhB4vWu59ko07MFAITWa5ARYf2Qz02LFiIXFetqjKGY2xee6%2BXJpHlkCZf7Uac9GLuEN00OpP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881741f4bc31b50b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/popper.js/2.9.2/umd/popper.min.js
104.17.25.14200 OK 6.0 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/2.9.2/umd/popper.min.js
IP 104.17.25.14:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (18506)
Hash 83e6ef063fa41ff8d8c00956a7cd3fd9
8eeb7bf71e8a978b82a1a198015f14d73d2ea592
5a07c69f9061eb12e39a031358a4f567f30a002ad6182639ac84fd1bda2f6e65
GET /ajax/libs/popper.js/2.9.2/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 04:41:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 6002
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6065f4e2-48a2"
last-modified: Thu, 01 Apr 2021 16:29:22 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 715553
expires: Wed, 30 Apr 2025 04:41:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NxvGhgSjAxx1%2FWpjIMHLScBCi5THrns1WwLwNIMbW9UMGv%2B6Q2246puh6e4L7M88arD7WbOGxHYqlJZlUAvte1tj3goYObv1mlVGKMzWQoXR1gkM5APDh2FnzyX6VLpH29oHKGKR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881741f4ec59b50b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-FFP7FJ85WV
142.250.74.168200 OK 90 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-FFP7FJ85WV
IP 142.250.74.168:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File type JavaScript source, ASCII text, with very long lines (5955)
Hash badcb601648b2cec4baaf686599abd80
6c1f7ee93eaf237f71a224e036cc2606903dfa3d
8c5688b689fda0ba56dde3d1f29432ef5ddace630d1a64baa63511592adb0f72
GET /gtag/js?id=G-FFP7FJ85WV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 04:41:34 GMT
expires: Fri, 10 May 2024 04:41:34 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 90465
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Nunito:300,400,500,600,700
142.250.74.42200 OK 4.7 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Nunito:300,400,500,600,700
IP 142.250.74.42:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File type gzip compressed data, max compression
Hash 24cf14b3a84190fd89dacc6bf12191a1
7ad3a62d9fb5290a037dba75b0149b02c7dc8bf1
43b4a08c216307caf4709ed05acaccf4fcd74b6ea9362205f2893370e96e703a
GET /css?family=Nunito:300,400,500,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 04:41:34 GMT
date: Fri, 10 May 2024 04:41:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.chaty.app/pixel.js?id=PjlHFsfb
172.67.219.241200 OK 28 kB URL GET HTTP/2 cdn.chaty.app/pixel.js?id=PjlHFsfb
IP 172.67.219.241:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerLet's Encrypt
Subjectchaty.app
FingerprintAB:74:24:B7:7B:A1:09:10:A8:2E:40:D1:8B:DD:3F:5D:2A:61:1B:A1
ValidityWed, 24 Apr 2024 19:20:59 GMT - Tue, 23 Jul 2024 19:20:58 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash fabe65ec46d38e090ec90016f1bc9a1f
e5ad156dd91976d6219d903e007adb6c07019d2d
fcee6d5712022714996cba94f4fa5cef591b07c97438553371983430802c9fa5
GET /pixel.js?id=PjlHFsfb HTTP/1.1
Host: cdn.chaty.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 04:41:34 GMT
content-type: application/javascript
last-modified: Tue, 07 May 2024 10:40:10 GMT
etag: W/"fabe65ec46d38e090ec90016f1bc9a1f"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e9eeb72bccacc26d81e7bd02c27d126a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: aFTiR6cW5DYSBW3rj3Qe2f8vTavn6J2JE2xWZF5wyDkyJBU3x2Gp_w==
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wbWdgD%2BT1m%2FCrZEKZbWjPnomyxaUn2Vk5e8uSGtGppqFScOP20knIwG%2F1%2Bke96Km1y%2B%2BmjIfNDx0KzaFVfaoIg6MAmF%2F48uy3RCyh9HKm6YwtEA%2BHK%2B3vDSTlBa1nSCb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881741f518ed5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
web1s.asia/assets/web1s-2.css
172.67.185.125200 OK 17 kB URL GET HTTP/3 web1s.asia/assets/web1s-2.css
IP 172.67.185.125:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
File type gzip compressed data, from Unix
Hash 2b816d305d7d09720e739be0546cb76a
a005028cbf5ed56d55302c59a84a9766abcc2d36
9a74fa4bf869ee8dba5c39f886ccb5df30cb2af6e71443fea4190c0492023d76
GET /assets/web1s-2.css HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlB0Tk5iUU9kOVVyV1NDOFJmem0vRlE9PSIsInZhbHVlIjoiSlVzVEhpZHdqT3BaK0dpTldIWTEwclZKL2daWGxMRDU5d2tBOFRSUGtrd2JyV2NKSnZtTUhHUmNRWTk4N0YxSGdYREI3M2F3d2VhckxEVnRHejAzMnVSK01DeFdTMkRKREtjaHdvR1VIYnRvNXBId2U5V1lTazRRQkVRSEFyT0giLCJtYWMiOiIwYzIzZjI0ODE2ODJjOWQwZjc4ZWE1YTdiZjE4NzAyZGE0NzlkZDhjZGRjMjY3MzQyODI4ZjBjZmFlMWQzNmY2In0%3D; lang=eyJpdiI6IlhJMVh1aTU2U0JNYVpFazBoZ2RvSkE9PSIsInZhbHVlIjoidnRocjlkdHhnODdYbll2RzBDR2pmT3FmMzJNUlNWUjR5RjA2MHFPZGpXRFJGdm9ERk9wMitLMmVrMzhZTC9nMSIsIm1hYyI6IjNhMjI3N2RkYTIwODA5Nzg4MDliZDhiYjM1M2U0YjczMDYzOTBlMDQ1MmY3OGQwMDljMjc3NDgxNjFmYjQ5ODEifQ%3D%3D; web1s_session=GljJVxxtq4KyBTftbgeKxpy2Poz5PVSDgDxmTZpt
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 04:41:34 GMT
content-type: text/css
last-modified: Tue, 30 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66309709-7c57"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8l05d7zCZZPlD7V5M%2BZY0ASuV5myK3DRtnMKZvubh0H6EBR8sTSTAL0%2B%2FGualfzQ1uWRvdqJw059ee7HjJvHhnkKf87dt4MDWEWlaLNXCOgA5NhCZ2zwCIMQwVSu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881741f49fcc56c4-OSL
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2
216.58.207.227200 OK 39 kB URL GET HTTP/2 fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2
IP 216.58.207.227:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 39124, version 1.0
Hash 86b73ab5f530be7984b704414f2a711d
8e297794ed7b6f5ea476d14b5270df12e8f3e42a
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
GET /s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 39124
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:54:18 GMT
expires: Fri, 09 May 2025 02:54:18 GMT
cache-control: public, max-age=31536000
age: 92836
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
web1s.asia/assets/web1s-1.css
172.67.185.125200 OK 65 kB URL GET HTTP/3 web1s.asia/assets/web1s-1.css
IP 172.67.185.125:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
File type gzip compressed data, from Unix
Hash ec8edc7b2b75f804f48b74596329c102
ccbc18aff85e86dc19d9223de878dd6f0b9ecfbd
cc38c4b5bae9d086d9e16c0767998ef16c12145a203bfceaeac5b5e12575ffac
GET /assets/web1s-1.css HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlB0Tk5iUU9kOVVyV1NDOFJmem0vRlE9PSIsInZhbHVlIjoiSlVzVEhpZHdqT3BaK0dpTldIWTEwclZKL2daWGxMRDU5d2tBOFRSUGtrd2JyV2NKSnZtTUhHUmNRWTk4N0YxSGdYREI3M2F3d2VhckxEVnRHejAzMnVSK01DeFdTMkRKREtjaHdvR1VIYnRvNXBId2U5V1lTazRRQkVRSEFyT0giLCJtYWMiOiIwYzIzZjI0ODE2ODJjOWQwZjc4ZWE1YTdiZjE4NzAyZGE0NzlkZDhjZGRjMjY3MzQyODI4ZjBjZmFlMWQzNmY2In0%3D; lang=eyJpdiI6IlhJMVh1aTU2U0JNYVpFazBoZ2RvSkE9PSIsInZhbHVlIjoidnRocjlkdHhnODdYbll2RzBDR2pmT3FmMzJNUlNWUjR5RjA2MHFPZGpXRFJGdm9ERk9wMitLMmVrMzhZTC9nMSIsIm1hYyI6IjNhMjI3N2RkYTIwODA5Nzg4MDliZDhiYjM1M2U0YjczMDYzOTBlMDQ1MmY3OGQwMDljMjc3NDgxNjFmYjQ5ODEifQ%3D%3D; web1s_session=GljJVxxtq4KyBTftbgeKxpy2Poz5PVSDgDxmTZpt
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 04:41:34 GMT
content-type: text/css
last-modified: Tue, 30 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66309709-575bd"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2lnV0a%2FP%2BfZMLH%2BCFT4jnqxoh11F4OaVrj7eOmbqlxkv1OY2TGwybzHvwm2XiEo7P538svKiZlKE1wqmVyHUgK2l7frHwB5q%2Fe4vLmSTNlK%2FeCEsRWOGYLFfA8CW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881741f48fc056c4-OSL
alt-svc: h3=":443"; ma=86400
web1s.asia/assets/style.css
172.67.185.125200 OK 19 kB URL GET HTTP/3 web1s.asia/assets/style.css
IP 172.67.185.125:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
File type gzip compressed data, from Unix
Hash baa58d6afd644cd909976d2ed5357f71
dd0a499e78ff8dfddf90a64166d4fef1c733ef9a
6ac0d5b1ca80ca7b512b9157e1baf0b37167402051b92e04a24efd264bfceed9
GET /assets/style.css HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlB0Tk5iUU9kOVVyV1NDOFJmem0vRlE9PSIsInZhbHVlIjoiSlVzVEhpZHdqT3BaK0dpTldIWTEwclZKL2daWGxMRDU5d2tBOFRSUGtrd2JyV2NKSnZtTUhHUmNRWTk4N0YxSGdYREI3M2F3d2VhckxEVnRHejAzMnVSK01DeFdTMkRKREtjaHdvR1VIYnRvNXBId2U5V1lTazRRQkVRSEFyT0giLCJtYWMiOiIwYzIzZjI0ODE2ODJjOWQwZjc4ZWE1YTdiZjE4NzAyZGE0NzlkZDhjZGRjMjY3MzQyODI4ZjBjZmFlMWQzNmY2In0%3D; lang=eyJpdiI6IlhJMVh1aTU2U0JNYVpFazBoZ2RvSkE9PSIsInZhbHVlIjoidnRocjlkdHhnODdYbll2RzBDR2pmT3FmMzJNUlNWUjR5RjA2MHFPZGpXRFJGdm9ERk9wMitLMmVrMzhZTC9nMSIsIm1hYyI6IjNhMjI3N2RkYTIwODA5Nzg4MDliZDhiYjM1M2U0YjczMDYzOTBlMDQ1MmY3OGQwMDljMjc3NDgxNjFmYjQ5ODEifQ%3D%3D; web1s_session=GljJVxxtq4KyBTftbgeKxpy2Poz5PVSDgDxmTZpt
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 04:41:34 GMT
content-type: text/css
last-modified: Tue, 30 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66309709-1e1c1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mC3AqhNuKV00yUTCWIXzEWB0GwvPERYnh4zmHdE8vw52rEo1jdcyPhKH8ASUY%2FyP2GyWgKfnDotfeWvYsR3ScEFNpt8QoCIHr0%2BBiUzfxFvZDMOaQ0h7llT4q1u9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881741f49fcd56c4-OSL
alt-svc: h3=":443"; ma=86400
fstatic.netpub.media/static/c98c98911166f1f070e872da610a9398.min.js?1715316095659
172.67.70.145301 Moved Permanently 167 B URL GET HTTP/2 fstatic.netpub.media/static/c98c98911166f1f070e872da610a9398.min.js?1715316095659
IP 172.67.70.145:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerGoogle Trust Services LLC
Subjectnetpub.media
Fingerprint45:A8:49:BA:FB:8E:4E:C2:5E:9C:6C:58:AE:95:A1:82:A3:62:8A:59
ValidityWed, 08 May 2024 01:58:12 GMT - Tue, 06 Aug 2024 01:58:11 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash 0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
GET /static/c98c98911166f1f070e872da610a9398.min.js?1715316095659 HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 10 May 2024 04:41:35 GMT
content-type: text/html
content-length: 167
location: https://fstatic.netpub.media/r/c98c98911166f1f070e872da610a9398/service.js
cache-control: max-age=3600
expires: Fri, 10 May 2024 05:41:35 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tqvy9MUR55BN58PInGB%2F7v4CYq6RL17Y64W26FNZQV4BVGi%2Fsq9VZWl3XxCNwy0jBG8lVoFpcqwwkT%2FVZ2LP%2FAI1gipZBC57sFZlVVBce0POVL%2B3a4d4hPVUZlLkoDWeWr18AhmL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881741fe0fc9569a-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2
216.58.207.227200 OK 39 kB URL GET HTTP/2 fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2
IP 216.58.207.227:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 39124, version 1.0
Hash 86b73ab5f530be7984b704414f2a711d
8e297794ed7b6f5ea476d14b5270df12e8f3e42a
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
GET /s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 39124
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:54:18 GMT
expires: Fri, 09 May 2025 02:54:18 GMT
cache-control: public, max-age=31536000
age: 92837
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofIOuaBXso.woff2
216.58.207.227200 OK 13 kB URL GET HTTP/2 fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofIOuaBXso.woff2
IP 216.58.207.227:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 12960, version 1.0
Hash d85818512999b52a5ceb6a1bcbeb26e2
ea7b3e2551d915f2a4012c7cb3351123e11d6db9
b13b3f5f54caca6c306100e27a223e03fc2a4b1d3df1f6f770b977e32a9d94c7
GET /s/nunito/v26/XRXV3I6Li01BKofIOuaBXso.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:34:11 GMT
expires: Fri, 09 May 2025 02:34:11 GMT
cache-control: public, max-age=31536000
age: 94044
last-modified: Wed, 13 Sep 2023 23:24:35 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s.magsrv.com/v1/api.php
95.211.229.245200 OK 2.2 kB IP 95.211.229.245:443
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT
Hash ddb9623353688bf4a934a5800ee10948
c1a88e0a91a50ba6599092a31c0cf5543cd9da4d
19a85e3d1f093d547c9a021108a6687467cd0664bc0a0edaaaa35fd501f31593
POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 316
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 04:41:35 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://web1s.asia
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22663da57fc014f2.966447992355019996%22%3B%7D; expires=Sun, 10-May-2026 04:41:35 GMT; Max-Age=63072000; path=/; domain=magsrv.com; secure; SameSite=None
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
qph.cf2.quoracdn.net/main-qimg-845336ca80754d6c0cc00307d88520d1
162.159.152.17200 OK 96 B URL GET HTTP/2 qph.cf2.quoracdn.net/main-qimg-845336ca80754d6c0cc00307d88520d1
IP 162.159.152.17:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerLet's Encrypt
Subjectquora.com
FingerprintB0:EF:CB:8C:1F:11:42:62:F1:35:F2:63:13:E9:7A:70:16:ED:B0:1B
ValiditySun, 31 Mar 2024 16:22:00 GMT - Sat, 29 Jun 2024 16:21:59 GMT
File type PNG image data, 4 x 4, 1-bit colormap, non-interlaced
Hash 98b7417fe79f2cd8beefa55ff259f51f
7322ea094fae476afb7cd0f5a2c6c17c3d33fe52
f23d2f5f76c5d39dd10168d73ce1af2b1adc33ee9d0205a655e8d8248d464dd1
GET /main-qimg-845336ca80754d6c0cc00307d88520d1 HTTP/1.1
Host: qph.cf2.quoracdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 04:41:35 GMT
content-type: image/webp
content-length: 96
cache-control: public, max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=1103
etag: "845336ca80754d6c0cc00307d88520d1"
expires: Mon, 08 May 2034 04:41:35 GMT
last-modified: Sat, 29 Jul 2023 12:27:49 GMT
vary: Accept
x-amz-id-2: m8DPHWOEYwum8srg2xlduaBNr+60x0WOugmnKTShyhGSAtYpc9dXTd3eXDjShmhNTmudixWDyrCvzdKDss+HSg==
x-amz-replication-status: COMPLETED
x-amz-request-id: Q4JBNC6AJ8XJCJHA
x-amz-server-side-encryption: AES256
x-amz-version-id: TaNcoumswQYrP9DUAwdTbPqA4q3zGU1v
cf-cache-status: HIT
age: 822047
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
server: cloudflare
cf-ray: 881741ff281e56ca-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cmp.netpub.media/17153160960690.4315456542405822/run.js?v=17153160960690.4315456542405822
172.67.70.145200 OK 966 B URL GET HTTP/2 cmp.netpub.media/17153160960690.4315456542405822/run.js?v=17153160960690.4315456542405822
IP 172.67.70.145:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerGoogle Trust Services LLC
Subjectnetpub.media
Fingerprint45:A8:49:BA:FB:8E:4E:C2:5E:9C:6C:58:AE:95:A1:82:A3:62:8A:59
ValidityWed, 08 May 2024 01:58:12 GMT - Tue, 06 Aug 2024 01:58:11 GMT
File type JavaScript source, ASCII text, with CRLF line terminators
Hash 54f643b0fa8a7d71cb117679a6fbb2ce
573d440c0f9fa4cf53e85cf86a86eba173933a1c
851d2ece063bcac9a5addec55308a32557f978d2daf3950395fc3dc41e9e9336
GET /17153160960690.4315456542405822/run.js?v=17153160960690.4315456542405822 HTTP/1.1
Host: cmp.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 04:41:36 GMT
content-type: application/javascript
last-modified: Wed, 21 Feb 2024 16:05:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gxC6pwAPbrQDi1DEzmnyAlC%2FP0axnbsacVMiJWmQWyXdhmHrh2S6iplQBEExzHAoKDx%2Ba2Fmcl%2BVVplp1AS6X73TqDj%2BNzHOZRZMqPud1%2FPi4rDCC6bTSLrvNpM0R%2B0iV7c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881742007964569a-OSL
content-encoding: br
X-Firefox-Spdy: h2
mp.4dex.io/prebid
104.18.34.178204 No Content 0 B IP 104.18.34.178:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint02:E1:92:C5:72:6D:E0:64:4A:46:05:69:81:98:7C:43:13:E7:15:7A
ValidityTue, 01 Aug 2023 00:00:00 GMT - Wed, 31 Jul 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1313
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Fri, 10 May 2024 04:41:36 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://web1s.asia
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. parseadrequest website disabled
x-version: 3.0.0-gcp-ams
x-warn: Parsing the Prebid Request. website_disabled, Parsing the Prebid Request. domain_invalid, Parsing the Prebid Request. int_scc_sid
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 88174202fc06b529-OSL
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.84.158204 No Content 0 B IP 147.75.84.158:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerLet's Encrypt
Subject*.a-mo.net
FingerprintC4:70:11:35:C8:44:C9:33:89:20:3A:0D:10:63:D9:93:3F:F1:AC:9D
ValiditySun, 05 May 2024 10:53:54 GMT - Sat, 03 Aug 2024 10:53:53 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1288
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://web1s.asia
cache-control: max-age=0, private, must-revalidate
date: Fri, 10 May 2024 04:41:36 GMT
server: envoy
vary: origin, accept-encoding, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
www.vipads.live/vn/sv?gp=cedeoNYTMejtHL8w9Ta9xT8iy5nn4J1HsJp1GpUxM0M2rIzaUM4zs9yxL6S4DKJq9pv0JnN3GBO2o3k3ihXWEQrYBohcB+o3+YNjtJPuzF6iN0Ut8habImY2Kafol7xXBhyyVDLrHMvM4WaL53eol6AFfNZE8+t2N0JTWTAq1fEO&u_fv=0&u_url=&r_url=aHR0cHMlM0ElMkYlMkZ3ZWIxcy5hc2lhJTJGYXBpLW1vZGUlMkZraDYxSnF2eXBuJTJG&u_sw=1280&u_sh=1024&u_scd=24&plat=Linux%20x86_64&os=Linux%20x86_64&lang=en-US&enjc=11&u_bw=1280&u_bh=802&iv=dssrt.1715316096&u_utz=0&yd=ZGNjPSZkY2w9JmNwbj0mZ3ZkPSZncnI9JmN0PTEmZGlpdD0mZGl0PSZjbW49
172.247.89.236200 OK 62 B URL GET HTTP/2 www.vipads.live/vn/sv?gp=cedeoNYTMejtHL8w9Ta9xT8iy5nn4J1HsJp1GpUxM0M2rIzaUM4zs9yxL6S4DKJq9pv0JnN3GBO2o3k3ihXWEQrYBohcB+o3+YNjtJPuzF6iN0Ut8habImY2Kafol7xXBhyyVDLrHMvM4WaL53eol6AFfNZE8+t2N0JTWTAq1fEO&u_fv=0&u_url=&r_url=aHR0cHMlM0ElMkYlMkZ3ZWIxcy5hc2lhJTJGYXBpLW1vZGUlMkZraDYxSnF2eXBuJTJG&u_sw=1280&u_sh=1024&u_scd=24&plat=Linux%20x86_64&os=Linux%20x86_64&lang=en-US&enjc=11&u_bw=1280&u_bh=802&iv=dssrt.1715316096&u_utz=0&yd=ZGNjPSZkY2w9JmNwbj0mZ3ZkPSZncnI9JmN0PTEmZGlpdD0mZGl0PSZjbW49
IP 172.247.89.236:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerUnizeto Technologies S.A.
Subjectwww.vipads.live
Fingerprint3E:B1:B6:F1:38:D5:C9:15:6F:E5:83:2C:13:7C:3A:97:0C:5C:AF:83
ValiditySun, 05 May 2024 07:09:59 GMT - Wed, 04 Jun 2025 07:09:58 GMT
File type ASCII text, with no line terminators
Hash 0ae019582bc84340917185a63e2dbf10
64082b032248c3d8424e4f3ef4ac18c02cb424c2
1f37ccec72e1af3459f3f9aa1f5cb4816f3def822eb8edd0d117c8aba8281af3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /vn/sv?gp=cedeoNYTMejtHL8w9Ta9xT8iy5nn4J1HsJp1GpUxM0M2rIzaUM4zs9yxL6S4DKJq9pv0JnN3GBO2o3k3ihXWEQrYBohcB+o3+YNjtJPuzF6iN0Ut8habImY2Kafol7xXBhyyVDLrHMvM4WaL53eol6AFfNZE8+t2N0JTWTAq1fEO&u_fv=0&u_url=&r_url=aHR0cHMlM0ElMkYlMkZ3ZWIxcy5hc2lhJTJGYXBpLW1vZGUlMkZraDYxSnF2eXBuJTJG&u_sw=1280&u_sh=1024&u_scd=24&plat=Linux%20x86_64&os=Linux%20x86_64&lang=en-US&enjc=11&u_bw=1280&u_bh=802&iv=dssrt.1715316096&u_utz=0&yd=ZGNjPSZkY2w9JmNwbj0mZ3ZkPSZncnI9JmN0PTEmZGlpdD0mZGl0PSZjbW49 HTTP/1.1
Host: www.vipads.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 04:41:36 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
172.64.149.23 316 B URL zerossl.ocsp.sectigo.com/
IP 172.64.149.23:0
Hash 60250272e2ad34cffd614458c6eeaec0
3be72b0101f0459115de3cab8c510c848829bfd2
3def3196e2dd6415db4aadb1b483595e1f77a76cdb89eb70af56df201a022d8e
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 04:41:36 GMT
Content-Type: application/ocsp-response
Content-Length: 316
Connection: keep-alive
Last-Modified: Tue, 07 May 2024 00:48:27 GMT
Expires: Tue, 14 May 2024 00:48:26 GMT
Etag: "3be72b0101f0459115de3cab8c510c848829bfd2"
Cache-Control: max-age=331298,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 881742048bfb7128-OSL
ghb.adtelligent.com/v2/auction/
23.227.151.194200 OK 912 B URL POST HTTP/1.1 ghb.adtelligent.com/v2/auction/
IP 23.227.151.194:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerZeroSSL
Subjectghb.adtelligent.com
FingerprintF5:43:CF:90:9B:4A:6C:AC:40:BA:BE:D9:17:AF:C1:56:2A:AD:A1:2D
ValidityWed, 27 Mar 2024 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT
Hash 106a014d109c273dffc4d10ae6aa5280
fa1988bd20eecdde07554d072b9fb2a0877dad11
cf8197daeebd46c5c99578044df73910565edfe1823c5f141d2181508ba314a2
POST /v2/auction/ HTTP/1.1
Host: ghb.adtelligent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 339
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Adtelligent
Date: Fri, 10 May 2024 04:41:36 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 912
Access-Control-Allow-Origin: https://web1s.asia
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Encoding: gzip
web1s.asia/icon.png
172.67.185.125200 OK 3.8 kB IP 172.67.185.125:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Hash 0d66d063be8815bc0a53be87a2d1443a
e0a156f73b99645a4f24db32405d99c3c876c8a7
38a66259f21010e9392b777d39d7b08cfc936538c9c20536672c91f33594e943
GET /icon.png HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlB0Tk5iUU9kOVVyV1NDOFJmem0vRlE9PSIsInZhbHVlIjoiSlVzVEhpZHdqT3BaK0dpTldIWTEwclZKL2daWGxMRDU5d2tBOFRSUGtrd2JyV2NKSnZtTUhHUmNRWTk4N0YxSGdYREI3M2F3d2VhckxEVnRHejAzMnVSK01DeFdTMkRKREtjaHdvR1VIYnRvNXBId2U5V1lTazRRQkVRSEFyT0giLCJtYWMiOiIwYzIzZjI0ODE2ODJjOWQwZjc4ZWE1YTdiZjE4NzAyZGE0NzlkZDhjZGRjMjY3MzQyODI4ZjBjZmFlMWQzNmY2In0%3D; lang=eyJpdiI6IlhJMVh1aTU2U0JNYVpFazBoZ2RvSkE9PSIsInZhbHVlIjoidnRocjlkdHhnODdYbll2RzBDR2pmT3FmMzJNUlNWUjR5RjA2MHFPZGpXRFJGdm9ERk9wMitLMmVrMzhZTC9nMSIsIm1hYyI6IjNhMjI3N2RkYTIwODA5Nzg4MDliZDhiYjM1M2U0YjczMDYzOTBlMDQ1MmY3OGQwMDljMjc3NDgxNjFmYjQ5ODEifQ%3D%3D; web1s_session=GljJVxxtq4KyBTftbgeKxpy2Poz5PVSDgDxmTZpt; _ga_FFP7FJ85WV=GS1.1.1715316094.1.0.1715316094.0.0.0; _ga=GA1.1.395808618.1715316095; UBGLAI63GV=dssrt.1715316096; __vn_cpvx_b_46_cpv_plan_ids=%7C218%7C; __vn_cpvx_b_46_cpv_plan_uids=%7C13884%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 04:41:37 GMT
content-type: image/png
content-length: 3798
last-modified: Tue, 30 Apr 2024 07:00:25 GMT
etag: "66309709-ed6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vSslGqYb%2FpDSBnmi2JWByvACzMJBwwJDqZTTsOyZheHgzG%2BOHpWYVA9duoOKcOgz5Kg2Kz5C%2BtGX5rXJlfvoOQRdDsA%2BYrRb76G14rJrfd93HjfRDWVdcw2puI62"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881742076ba956c4-OSL
alt-svc: h3=":443"; ma=86400
cdn.vipads.cc/ad.png
172.247.84.36200 OK 8.3 kB IP 172.247.84.36:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerLet's Encrypt
Subjectcdn.vipads.cc
FingerprintC3:8B:84:FA:07:43:6F:09:EC:98:76:C0:11:F3:0B:CA:24:1F:6E:9E
ValidityMon, 15 Apr 2024 02:35:32 GMT - Sun, 14 Jul 2024 02:35:31 GMT
File type PNG image data, 684 x 90, 8-bit/color RGB, non-interlaced
Hash f38c793c9e8d38db287e7a27bd8bc033
fc1dfe25c6c83580fb18e4840ad4a86a4aba5e74
d2b4ec238e35ede0f85be7a9ddb686b8a51d4a7e301ee7e41f89178648bcc57c
GET /ad.png HTTP/1.1
Host: cdn.vipads.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 04:41:37 GMT
Content-Type: image/png
Content-Length: 8267
Connection: keep-alive
Last-Modified: Thu, 09 May 2024 09:54:12 GMT
ETag: "663c9d44-204b"
Expires: Sat, 08 Jun 2024 09:59:33 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA11PSW7DMAz8Sj9gY4YiteTccwu06ANkOwZ66SWHJgAfX8oBgqAaSJS4zIwEohNsIl6Ak/KUzBvnhlllpqm/vX+40n/PCy9zv3x3N5FS4IW1ZThBUuBGUeYR6VYsaa5embS1qk7z5AhIFHTcZoDIqkChWR6q8K/P12MzIJ6Aq1goHB5CSDyYHNdB1LQaNhbZe8+LjlfqFodta8vcRuOzadwxg00OdjwwjdZETRLWYsGPdL/cflb3p8YBe4yOqf/VO9Lwz/hbBNfUtqVylbBV+nLe9/CY95yIstSl/QE722/igQEAAA==
95.211.229.245200 OK 20 B URL GET HTTP/1.1 s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA11PSW7DMAz8Sj9gY4YiteTccwu06ANkOwZ66SWHJgAfX8oBgqAaSJS4zIwEohNsIl6Ak/KUzBvnhlllpqm/vX+40n/PCy9zv3x3N5FS4IW1ZThBUuBGUeYR6VYsaa5embS1qk7z5AhIFHTcZoDIqkChWR6q8K/P12MzIJ6Aq1goHB5CSDyYHNdB1LQaNhbZe8+LjlfqFodta8vcRuOzadwxg00OdjwwjdZETRLWYsGPdL/cflb3p8YBe4yOqf/VO9Lwz/hbBNfUtqVylbBV+nLe9/CY95yIstSl/QE722/igQEAAA==
IP 95.211.229.245:443
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT
File type gzip compressed data, max speed, from Unix
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA11PSW7DMAz8Sj9gY4YiteTccwu06ANkOwZ66SWHJgAfX8oBgqAaSJS4zIwEohNsIl6Ak/KUzBvnhlllpqm/vX+40n/PCy9zv3x3N5FS4IW1ZThBUuBGUeYR6VYsaa5embS1qk7z5AhIFHTcZoDIqkChWR6q8K/P12MzIJ6Aq1goHB5CSDyYHNdB1LQaNhbZe8+LjlfqFodta8vcRuOzadwxg00OdjwwjdZETRLWYsGPdL/cflb3p8YBe4yOqf/VO9Lwz/hbBNfUtqVylbBV+nLe9/CY95yIstSl/QE722/igQEAAA== HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22663da57fc014f2.966447992355019996%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 04:41:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://web1s.asia
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
ocsp.trust-provider.cn/
117.27.246.96 600 B IP 117.27.246.96:0
Hash 03f03519097fbf1d368ef11b7c0245ca
1fd9a66fae01d4b636d26d7094e29334851f5962
4fb64c47fb42ba8e0d2a60c5e50c1c4b9c289e3e054790e82da558b002ba09cf
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: volc-dcdn
Content-Type: application/ocsp-response
Content-Length: 600
Connection: keep-alive
etag: "1fd9a66fae01d4b636d26d7094e29334851f5962"
cf-cache-status: EXPIRED
accept-ranges: bytes
cf-ray: 8805027bda6784ca-HKG
age: 1658
ctl-cache-status: HIT from hk-xianggang4-ca01, HIT from fj-quanzhou7-ca33, HIT from sn-xian3-ca06
date: Fri, 10 May 2024 04:41:37 GMT
expires: Tue, 14 May 2024 22:51:52 GMT
last-modified: Tue, 07 May 2024 22:51:53 GMT
x-ccacdn-proxy-id: scdpinlb5
request-id: 663da5819c48b0aba84359ecaaedf93d
cache-control: max-age=3600
x-frame-options: SAMEORIGIN
via: n172-013-216.fzmp.ToB
x-request-ip: 91.90.42.154
x-tt-trace-tag: id=5
x-dsa-trace-id: 17153160970b22ab38c44e0465fa3fbbe9172e9c3d
X-Dsa-Origin-Status: 200
server-timing: cdn-cache;desc=MISS, origin;dur=37, edge;dur=0
ocsp.trust-provider.cn/
117.27.246.96 600 B IP 117.27.246.96:0
Hash 03f03519097fbf1d368ef11b7c0245ca
1fd9a66fae01d4b636d26d7094e29334851f5962
4fb64c47fb42ba8e0d2a60c5e50c1c4b9c289e3e054790e82da558b002ba09cf
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: volc-dcdn
Content-Type: application/ocsp-response
Content-Length: 600
Connection: keep-alive
accept-ranges: bytes
cf-ray: 8805027bda6784ca-HKG
request-id: 663da58259f582cecab3cac9b52b2098
expires: Tue, 14 May 2024 22:51:52 GMT
etag: "1fd9a66fae01d4b636d26d7094e29334851f5962"
cache-control: max-age=3600
date: Fri, 10 May 2024 04:41:38 GMT
last-modified: Tue, 07 May 2024 22:51:53 GMT
age: 0
x-ccacdn-proxy-id: scdpinlb5
x-frame-options: SAMEORIGIN
cf-cache-status: EXPIRED
ctl-cache-status: HIT from hk-xianggang4-ca01, HIT from fj-quanzhou7-ca33, HIT from zj-shaoxing1-ca14
via: n172-013-215.fzmp.ToB
x-request-ip: 91.90.42.154
x-tt-trace-tag: id=5
x-dsa-trace-id: 1715316097a3dc48bbcdf85f758860c1814ce21672
X-Dsa-Origin-Status: 200
server-timing: cdn-cache;desc=MISS, origin;dur=43, edge;dur=0
s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA11Py2rDMBD8lf5AzOxL0ubccwst/QDZjqGXXnxoAvvxXcUQQjVI7GpmViMG6wl2IrwAZ6WzWDhNjkl5ItN4e/8Ipfi9zLRPff/uYcy1Iio1LwgCETHCiK2IhnrW1URLi0ai7i1FFhJIcBI6qgkgNOaWtDBHur4+X++bEhwCXNnSek+Qz3BoNriOMa7NsFLlrfcy6+ikWx62Ll5oHcLnyDgwQeoxHQ+chlRIhTNYLsT9uu+3nyXiSThgD+tw/WcPsIwfqA5NzK3X1UtfhC9U3d223pZ5894cc1n+ABGZKiR/AQAA
95.211.229.245200 OK 20 B URL GET HTTP/1.1 s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA11Py2rDMBD8lf5AzOxL0ubccwst/QDZjqGXXnxoAvvxXcUQQjVI7GpmViMG6wl2IrwAZ6WzWDhNjkl5ItN4e/8Ipfi9zLRPff/uYcy1Iio1LwgCETHCiK2IhnrW1URLi0ai7i1FFhJIcBI6qgkgNOaWtDBHur4+X++bEhwCXNnSek+Qz3BoNriOMa7NsFLlrfcy6+ikWx62Ll5oHcLnyDgwQeoxHQ+chlRIhTNYLsT9uu+3nyXiSThgD+tw/WcPsIwfqA5NzK3X1UtfhC9U3d223pZ5894cc1n+ABGZKiR/AQAA
IP 95.211.229.245:443
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT
File type gzip compressed data, max speed, from Unix
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA11Py2rDMBD8lf5AzOxL0ubccwst/QDZjqGXXnxoAvvxXcUQQjVI7GpmViMG6wl2IrwAZ6WzWDhNjkl5ItN4e/8Ipfi9zLRPff/uYcy1Iio1LwgCETHCiK2IhnrW1URLi0ai7i1FFhJIcBI6qgkgNOaWtDBHur4+X++bEhwCXNnSek+Qz3BoNriOMa7NsFLlrfcy6+ikWx62Ll5oHcLnyDgwQeoxHQ+chlRIhTNYLsT9uu+3nyXiSThgD+tw/WcPsIwfqA5NzK3X1UtfhC9U3d223pZ5894cc1n+ABGZKiR/AQAA HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22663da57fc014f2.966447992355019996%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 04:41:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://web1s.asia
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s3t3d2y8.afcdn.net/library/522770/ff02686e229577ee87459bca3340a8a71dac76e9.gif
185.76.9.26200 OK 32 kB URL GET HTTP/2 s3t3d2y8.afcdn.net/library/522770/ff02686e229577ee87459bca3340a8a71dac76e9.gif
IP 185.76.9.26:443
ASN #60068 Datacamp Limited
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint22:9F:54:A2:AF:3E:A2:6B:FB:1A:C6:F4:B8:E8:E1:C3:A8:02:B3:29
ValidityTue, 30 Apr 2024 07:42:02 GMT - Mon, 29 Jul 2024 07:42:01 GMT
File type GIF image data, version 87a, 300 x 250
Hash fe578a033bacd29fce05ceeaa6793efe
ff02686e229577ee87459bca3340a8a71dac76e9
f2783f5782e19163df175211e9162cbef426aec575ffd68f332f6adc2e43030a
GET /library/522770/ff02686e229577ee87459bca3340a8a71dac76e9.gif HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 04:41:38 GMT
content-type: image/gif
content-length: 31753
last-modified: Tue, 22 Jun 2021 15:10:17 GMT
etag: "60d1fd59-7c09"
expires: Tue, 24 Oct 2023 15:47:56 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBuUwJFAH3Um/JAA
x-77-nzt-ray: af5856309608f38782a53d664ef03808
x-accel-expires: @1732934176
x-accel-date: 1702114864
x-cache: HIT
x-age: 13201234
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 13201234
accept-ranges: bytes
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/522770/04acbb678195a275c6dd299316373dd8e36cb668.webp
185.76.9.26200 OK 9.3 kB URL GET HTTP/2 s3t3d2y8.afcdn.net/library/522770/04acbb678195a275c6dd299316373dd8e36cb668.webp
IP 185.76.9.26:443
ASN #60068 Datacamp Limited
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint22:9F:54:A2:AF:3E:A2:6B:FB:1A:C6:F4:B8:E8:E1:C3:A8:02:B3:29
ValidityTue, 30 Apr 2024 07:42:02 GMT - Mon, 29 Jul 2024 07:42:01 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp
Hash eb03f4e5d663ede8681562a9c16eef8b
04acbb678195a275c6dd299316373dd8e36cb668
f6cab5e8a71d551694a9d2e5defc0f834536c70d7505712438642c72988c34fc
GET /library/522770/04acbb678195a275c6dd299316373dd8e36cb668.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 04:41:38 GMT
content-type: image/webp
content-length: 9332
last-modified: Thu, 04 Nov 2021 11:03:44 GMT
etag: "6183be10-2474"
expires: Tue, 24 Oct 2023 13:39:51 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBuUwJFAH3G2THAA
x-77-nzt-ray: af5856309608f38782a53d6653a15308
x-accel-expires: @1732464809
x-accel-date: 1702248807
x-cache: HIT
x-age: 13067291
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 13067291
accept-ranges: bytes
X-Firefox-Spdy: h2
imgsrc.baidu.com/forum/pic/item/e1fe9925bc315c600a8c49dbcbb1cb13495477ec.gif
104.193.88.109200 OK 495 kB URL GET HTTP/2 imgsrc.baidu.com/forum/pic/item/e1fe9925bc315c600a8c49dbcbb1cb13495477ec.gif
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 640 x 200
Size 495 kB (495197 bytes)
Hash 4921839d6ed37398568c77c4d902fba3
7de340f1c8a5d5c0e457bebed75db1cf300efb48
56509c83ce34c532b175de73343f185b836c68250efdd38a0244d27850608d12
GET /forum/pic/item/e1fe9925bc315c600a8c49dbcbb1cb13495477ec.gif HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 10 May 2024 04:41:38 GMT
content-type: image/gif
content-length: 495197
expires: Thu, 30 May 2024 08:55:25 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: 4921839d6ed37398568c77c4d902fba3
age: 848773
accept-ranges: bytes
access-control-allow-origin: *
ohc-global-saved-time: Tue, 30 Apr 2024 08:55:25 GMT
ohc-cache-hit: sfo01-sys-jorcol09.sfo01.baidu.com [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
147.75.84.158204 No Content 0 B URL GET HTTP/2 prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
IP 147.75.84.158:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerLet's Encrypt
Subject*.a-mo.net
FingerprintC4:70:11:35:C8:44:C9:33:89:20:3A:0D:10:63:D9:93:3F:F1:AC:9D
ValiditySun, 05 May 2024 10:53:54 GMT - Sat, 03 Aug 2024 10:53:53 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid= HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: max-age=0, private, must-revalidate
date: Fri, 10 May 2024 04:41:40 GMT
server: envoy
vary: accept-encoding, Accept-Encoding
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
onetag-sys.com/usync/?pubId=59a18369e249bfb
51.89.9.253204 No Content 0 B URL GET HTTP/2 onetag-sys.com/usync/?pubId=59a18369e249bfb
IP 51.89.9.253:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90
ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=59a18369e249bfb HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2
onetag-sys.com/usync/?cb=1715316098118
51.89.9.253204 No Content 0 B URL GET HTTP/2 onetag-sys.com/usync/?cb=1715316098118
IP 51.89.9.253:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90
ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?cb=1715316098118 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2
id.a-mx.com/sync/?tagId=bmV0cHViLmNvbQ&ref=null&u=https://web1s.asia/api-mode/kh61Jqvypn/&tl=https://web1s.asia/api-mode/kh61Jqvypn/&nf=0&rt=true&v=8.40.0&av=2.0&vg=pbjs_netpub240502&us_privacy=null&am=null&gdpr=0&gdpr_consent=
79.127.227.46200 OK 66 B URL GET HTTP/1.1 id.a-mx.com/sync/?tagId=bmV0cHViLmNvbQ&ref=null&u=https://web1s.asia/api-mode/kh61Jqvypn/&tl=https://web1s.asia/api-mode/kh61Jqvypn/&nf=0&rt=true&v=8.40.0&av=2.0&vg=pbjs_netpub240502&us_privacy=null&am=null&gdpr=0&gdpr_consent=
IP 79.127.227.46:443
ASN #60068 Datacamp Limited
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerSectigo Limited
Subjectid.a-mx.com
FingerprintE1:1E:89:FE:28:E7:84:69:37:FD:D0:2F:18:B1:BB:F3:45:1E:1C:E9
ValidityThu, 12 Oct 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hash e8f2abd3dada5abd4acae768b9a61fca
dd549e61b7b7d01f8eef75a2c4e7920fe482ddf6
3c71156f7ad4db98dbd1f8903e78c5072aac5d3d684ffd9f643b732f3ab6db77
GET /sync/?tagId=bmV0cHViLmNvbQ&ref=null&u=https://web1s.asia/api-mode/kh61Jqvypn/&tl=https://web1s.asia/api-mode/kh61Jqvypn/&nf=0&rt=true&v=8.40.0&av=2.0&vg=pbjs_netpub240502&us_privacy=null&am=null&gdpr=0&gdpr_consent= HTTP/1.1
Host: id.a-mx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Fri, 10 May 2024 04:41:41 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://web1s.asia
content-type: application/json
content-length: 66
zerossl.ocsp.sectigo.com/
172.64.149.23 315 B URL zerossl.ocsp.sectigo.com/
IP 172.64.149.23:0
Hash 2d47e3de33f2d7890c8a17081df21790
c5a68676de71046481ce54be700275bc3b82cd18
5d3d64957961e945a610bd0420b77e9086049ca8a9f567375b4998daf6785441
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 04:41:41 GMT
Content-Type: application/ocsp-response
Content-Length: 315
Connection: keep-alive
Last-Modified: Thu, 09 May 2024 23:59:26 GMT
Expires: Thu, 16 May 2024 23:59:25 GMT
Etag: "c5a68676de71046481ce54be700275bc3b82cd18"
Cache-Control: max-age=588356,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 881742220b6a7128-OSL
s.adtelligent.com/sync.html?aid=651796
142.132.249.186200 OK 713 B URL GET HTTP/1.1 s.adtelligent.com/sync.html?aid=651796
IP 142.132.249.186:443
ASN #24940 Hetzner Online GmbH
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerZeroSSL
Subjects.adtelligent.com
Fingerprint76:DE:03:04:D6:32:51:7E:E7:A9:8B:0B:04:C4:86:10:D8:A2:4D:72
ValidityFri, 22 Mar 2024 00:00:00 GMT - Thu, 20 Jun 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (1416), with no line terminators
Hash c5951b4315c1282cdbf34b3efc49c0f8
170740db0bae644d6a52428abbb71df1f3398567
01c9be38842b288e9c91d6c083390a7865dae38ae79f8b2c4d5957b595a4dc96
GET /sync.html?aid=651796 HTTP/1.1
Host: s.adtelligent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Adtelligent
Date: Fri, 10 May 2024 04:41:40 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 713
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Encoding: gzip
Set-Cookie: vmuid=6a34c1bfdffa09a3; expires=Sun, 11 Aug 2024 04:41:41 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
zerossl.ocsp.sectigo.com/
172.64.149.23 315 B URL zerossl.ocsp.sectigo.com/
IP 172.64.149.23:0
Hash 815550ffdce0f0e40de9d2a07d2fd1c5
f6a192190e6579bff9e58894bbfdd40db0fd0a39
731cab321e62cb0d5005075d1548ba5fb49f6a0b1c348a9d819ff8e1d8f3a7a8
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 04:41:41 GMT
Content-Type: application/ocsp-response
Content-Length: 315
Connection: keep-alive
Last-Modified: Wed, 08 May 2024 17:45:10 GMT
Expires: Wed, 15 May 2024 17:45:09 GMT
Etag: "f6a192190e6579bff9e58894bbfdd40db0fd0a39"
Cache-Control: max-age=480149,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 88174222fbd87128-OSL
s.console.adtarget.com.tr/sync.html?aid=748067
142.132.249.185204 No Content 0 B URL GET HTTP/1.1 s.console.adtarget.com.tr/sync.html?aid=748067
IP 142.132.249.185:443
ASN #24940 Hetzner Online GmbH
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerZeroSSL
Subjects.console.adtarget.com.tr
FingerprintBC:91:3A:C5:4F:E2:45:62:D9:A6:3C:F6:EB:BA:23:C8:B2:D7:B9:4D
ValidityMon, 18 Mar 2024 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync.html?aid=748067 HTTP/1.1
Host: s.console.adtarget.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: Adtarget
Date: Fri, 10 May 2024 04:41:40 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
onetag-sys.com/usync/?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D241%26traffic_source%3Dsnippet%26session%3D55CDD07E1E477609%26sp%3D651796%26pb%3D449137%26c%3D622134%26a%3D558187%26domain%3D%26extuid%3D%24%7BUSER_TOKEN%7D
51.89.9.253302 Found 0 B URL GET HTTP/2 onetag-sys.com/usync/?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D241%26traffic_source%3Dsnippet%26session%3D55CDD07E1E477609%26sp%3D651796%26pb%3D449137%26c%3D622134%26a%3D558187%26domain%3D%26extuid%3D%24%7BUSER_TOKEN%7D
IP 51.89.9.253:443
Requested by https://s.adtelligent.com/sync.html?aid=651796
Certificate IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90
ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D241%26traffic_source%3Dsnippet%26session%3D55CDD07E1E477609%26sp%3D651796%26pb%3D449137%26c%3D622134%26a%3D558187%26domain%3D%26extuid%3D%24%7BUSER_TOKEN%7D HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
cache-control: no-store
location: https://sync.adtelligent.com/csync?t=g&ep=241&traffic_source=snippet&session=55CDD07E1E477609&sp=651796&pb=449137&c=622134&a=558187&domain=&extuid=
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
172.64.149.23 316 B URL zerossl.ocsp.sectigo.com/
IP 172.64.149.23:0
Hash b420ff34535a1c831df48a1db1fed5f4
14d038a075469a191ca4cba80e656b8127a69431
333b379092ae6431a2ea6fee2f2ffbc27a8cae65e6a652bf308eac4ed425047a
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 04:41:41 GMT
Content-Type: application/ocsp-response
Content-Length: 316
Connection: keep-alive
Last-Modified: Tue, 07 May 2024 18:09:21 GMT
Expires: Tue, 14 May 2024 18:09:20 GMT
Etag: "14d038a075469a191ca4cba80e656b8127a69431"
Cache-Control: max-age=394794,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 881742241c6e7128-OSL
ads121.adtelligent.com/tracking/csmatch/?aid=651796cmpId=570607err=fail
142.132.249.186200 OK 43 B URL GET HTTP/1.1 ads121.adtelligent.com/tracking/csmatch/?aid=651796cmpId=570607err=fail
IP 142.132.249.186:443
ASN #24940 Hetzner Online GmbH
Requested by https://s.adtelligent.com/sync.html?aid=651796
Certificate IssuerZeroSSL
Subjectads121.adtelligent.com
Fingerprint8B:84:2E:47:BB:15:F9:52:DB:1C:9B:A6:ED:70:8A:3B:03:A0:8B:0A
ValiditySun, 07 Apr 2024 00:00:00 GMT - Sat, 06 Jul 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /tracking/csmatch/?aid=651796cmpId=570607err=fail HTTP/1.1
Host: ads121.adtelligent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.adtelligent.com/
Cookie: vmuid=6a34c1bfdffa09a3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Adtelligent
Date: Fri, 10 May 2024 04:41:40 GMT
Content-Type: image/gif
Content-Length: 43
Access-Control-Allow-Origin: https://s.adtelligent.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
sync.adtelligent.com/csync?t=g&ep=241&traffic_source=snippet&session=55CDD07E1E477609&sp=651796&pb=449137&c=622134&a=558187&domain=&extuid=
185.83.71.234200 OK 43 B URL GET HTTP/1.1 sync.adtelligent.com/csync?t=g&ep=241&traffic_source=snippet&session=55CDD07E1E477609&sp=651796&pb=449137&c=622134&a=558187&domain=&extuid=
IP 185.83.71.234:443
Requested by https://s.adtelligent.com/sync.html?aid=651796
Certificate IssuerLet's Encrypt
Subjectsync.adtelligent.com
Fingerprint2C:5E:FE:77:91:E0:9E:98:A2:D1:1A:0C:31:06:E4:A9:4C:23:EB:E7
ValidityTue, 19 Mar 2024 22:06:15 GMT - Mon, 17 Jun 2024 22:06:14 GMT
File type GIF image data, version 89a, 1 x 1
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /csync?t=g&ep=241&traffic_source=snippet&session=55CDD07E1E477609&sp=651796&pb=449137&c=622134&a=558187&domain=&extuid= HTTP/1.1
Host: sync.adtelligent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.adtelligent.com/
DNT: 1
Connection: keep-alive
Cookie: vmuid=6a34c1bfdffa09a3
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Adtelligent
Date: Fri, 10 May 2024 04:41:41 GMT
Content-Type: image/gif
Content-Length: 43
Etag: 6a34c1bfdffa09a3
Set-Cookie: vmuid=6a34c1bfdffa09a3; expires=Sun, 11 Aug 2024 04:41:42 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
ads121.adtelligent.com/tracking/csmatch/?aid=651796cmpId=622134
142.132.249.186200 OK 43 B URL GET HTTP/1.1 ads121.adtelligent.com/tracking/csmatch/?aid=651796cmpId=622134
IP 142.132.249.186:443
ASN #24940 Hetzner Online GmbH
Requested by https://s.adtelligent.com/sync.html?aid=651796
Certificate IssuerZeroSSL
Subjectads121.adtelligent.com
Fingerprint8B:84:2E:47:BB:15:F9:52:DB:1C:9B:A6:ED:70:8A:3B:03:A0:8B:0A
ValiditySun, 07 Apr 2024 00:00:00 GMT - Sat, 06 Jul 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /tracking/csmatch/?aid=651796cmpId=622134 HTTP/1.1
Host: ads121.adtelligent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.adtelligent.com/
Cookie: vmuid=6a34c1bfdffa09a3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Adtelligent
Date: Fri, 10 May 2024 04:41:41 GMT
Content-Type: image/gif
Content-Length: 43
Access-Control-Allow-Origin: https://s.adtelligent.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
fstatic.netpub.media/r/c98c98911166f1f070e872da610a9398/47f905a4.js?npr=58581e32712a59e197a62305ec76a1da
172.67.70.145200 OK 43 kB URL GET HTTP/2 fstatic.netpub.media/r/c98c98911166f1f070e872da610a9398/47f905a4.js?npr=58581e32712a59e197a62305ec76a1da
IP 172.67.70.145:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerGoogle Trust Services LLC
Subjectnetpub.media
Fingerprint45:A8:49:BA:FB:8E:4E:C2:5E:9C:6C:58:AE:95:A1:82:A3:62:8A:59
ValidityWed, 08 May 2024 01:58:12 GMT - Tue, 06 Aug 2024 01:58:11 GMT
File type JavaScript source, ASCII text, with very long lines (45122)
Hash 3ad9591d5ebf7a6304c5f90f45dc89e1
281c6609dcf50c2fceb96afe4ebba906dd244efd
1da21d598ae5423999a4158f0ef223ebc23483aaac7191da1d90556a466afb34
GET /r/c98c98911166f1f070e872da610a9398/47f905a4.js?npr=58581e32712a59e197a62305ec76a1da HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 04:41:35 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 08 May 2024 18:48:31 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cache-control: max-age=2678400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TtdPLmABryOCtHnQjjZ7DQDDCDDn6sDn6ekGG5E33v03s4tiGEy%2FX0aA%2B4GkbApxaa8eat8tZ8qkjYbCzk%2B63Q5puIjOWJbDqQAXx0zNEcqGIZrKHbi3K7QXA00DresHwdnl%2B8kB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881741fe9809569a-OSL
content-encoding: br
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.84.158204 No Content 0 B IP 147.75.84.158:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerLet's Encrypt
Subject*.a-mo.net
FingerprintC4:70:11:35:C8:44:C9:33:89:20:3A:0D:10:63:D9:93:3F:F1:AC:9D
ValiditySun, 05 May 2024 10:53:54 GMT - Sat, 03 Aug 2024 10:53:53 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1384
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://web1s.asia
cache-control: max-age=0, private, must-revalidate
date: Fri, 10 May 2024 04:41:57 GMT
server: envoy
vary: origin, accept-encoding, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
fstatic.netpub.media/extra/cmp/cmp-gdpr.js?v=1
172.67.70.145301 Moved Permanently 590 B URL GET HTTP/2 fstatic.netpub.media/extra/cmp/cmp-gdpr.js?v=1
IP 172.67.70.145:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerGoogle Trust Services LLC
Subjectnetpub.media
Fingerprint45:A8:49:BA:FB:8E:4E:C2:5E:9C:6C:58:AE:95:A1:82:A3:62:8A:59
ValidityWed, 08 May 2024 01:58:12 GMT - Tue, 06 Aug 2024 01:58:11 GMT
Hash 12e78141485dfb48bce6875209f44a8b
a0cacb8708a5676426129c86327aa48c9ae3359e
d2ae6584cb4f43cddcef5dd4837a6f4851ed2f2fcff49899834d13d65cf7cb8c
GET /extra/cmp/cmp-gdpr.js?v=1 HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 10 May 2024 04:41:35 GMT
content-type: text/html; charset=iso-8859-1
location: https://cmp.netpub.media/init.js?v=1
cache-control: max-age=172800
expires: Fri, 10 May 2024 15:18:24 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: HIT
age: 134591
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2F6i98tmi9KhC6ji%2BJG%2B7JCpfIs7skZgvazgCFpsfZbOjZJIEaKK36mTqO%2F9ZuYM0fugu58zUzD7Ei4oTWp8cL42k5ONftT4BhJd0FlKze1gB7bJMVChHxY%2BY9NP9n%2BeSAy3rcJM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881741ffd8fa569a-OSL
X-Firefox-Spdy: h2
mp.4dex.io/prebid
104.18.34.178204 No Content 0 B IP 104.18.34.178:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint02:E1:92:C5:72:6D:E0:64:4A:46:05:69:81:98:7C:43:13:E7:15:7A
ValidityTue, 01 Aug 2023 00:00:00 GMT - Wed, 31 Jul 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1463
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Fri, 10 May 2024 04:41:58 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://web1s.asia
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. parseadrequest website disabled
x-version: 3.0.0-gcp-ams
x-warn: Parsing the Prebid Request. website_disabled, Parsing the Prebid Request. domain_invalid, Parsing the Prebid Request. int_scc_sid
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8817428b7d1ab529-OSL
X-Firefox-Spdy: h2
cmp.netpub.media/init.js?v=1
172.67.70.145200 OK 641 B URL GET HTTP/2 cmp.netpub.media/init.js?v=1
IP 172.67.70.145:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerGoogle Trust Services LLC
Subjectnetpub.media
Fingerprint45:A8:49:BA:FB:8E:4E:C2:5E:9C:6C:58:AE:95:A1:82:A3:62:8A:59
ValidityWed, 08 May 2024 01:58:12 GMT - Tue, 06 Aug 2024 01:58:11 GMT
File type ASCII text, with very long lines (693), with no line terminators
Hash 0412d7a8719a6cd7f8a1b2ddcd8e2a95
8d232e338fde1909ed8b2f809ef5144844002c98
d066e003a1bfe0271a7c631a6efa2f611aa20d1677526b01caea32dc0b664517
GET /init.js?v=1 HTTP/1.1
Host: cmp.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 04:41:36 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 21 Feb 2024 16:43:37 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AnzpfVM3mQRT4ZGb6OgVAjmIG1lrxtdnmWBF2l3aXxEqI1Y%2Bfki%2B%2BISY8ExDWhLOmc%2FF8ekxJbv1xCbiAITxamJskJOFSaeSc5B7YTQ1jNJmQWWPqT3WHgAvaBH8SW5MF1s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881742001934569a-OSL
content-encoding: br
X-Firefox-Spdy: h2
web1s.asia/assets/web1s-5.js
172.67.185.125200 OK 6.6 kB URL GET HTTP/3 web1s.asia/assets/web1s-5.js
IP 172.67.185.125:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
File type JavaScript source, ASCII text, with very long lines (6776), with no line terminators
Hash 9add93f965df72b4fea67ef78c9af398
1254db06093a2321b9351340c087d5b35d466b04
f48306ac99fbada4bd7a873979b3469b5f1a2deb8360fdcd3f515497165e0d31
GET /assets/web1s-5.js HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlB0Tk5iUU9kOVVyV1NDOFJmem0vRlE9PSIsInZhbHVlIjoiSlVzVEhpZHdqT3BaK0dpTldIWTEwclZKL2daWGxMRDU5d2tBOFRSUGtrd2JyV2NKSnZtTUhHUmNRWTk4N0YxSGdYREI3M2F3d2VhckxEVnRHejAzMnVSK01DeFdTMkRKREtjaHdvR1VIYnRvNXBId2U5V1lTazRRQkVRSEFyT0giLCJtYWMiOiIwYzIzZjI0ODE2ODJjOWQwZjc4ZWE1YTdiZjE4NzAyZGE0NzlkZDhjZGRjMjY3MzQyODI4ZjBjZmFlMWQzNmY2In0%3D; lang=eyJpdiI6IlhJMVh1aTU2U0JNYVpFazBoZ2RvSkE9PSIsInZhbHVlIjoidnRocjlkdHhnODdYbll2RzBDR2pmT3FmMzJNUlNWUjR5RjA2MHFPZGpXRFJGdm9ERk9wMitLMmVrMzhZTC9nMSIsIm1hYyI6IjNhMjI3N2RkYTIwODA5Nzg4MDliZDhiYjM1M2U0YjczMDYzOTBlMDQ1MmY3OGQwMDljMjc3NDgxNjFmYjQ5ODEifQ%3D%3D; web1s_session=GljJVxxtq4KyBTftbgeKxpy2Poz5PVSDgDxmTZpt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 04:41:34 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 30 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66309709-19ce"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nCozTr7%2BWNwc3f4hwT%2Bx9%2B9XoUcgW4IRPC8RPe5sJumXUOiosM92axeXkSH7WiFyc4KAdAOJsVuVcsAHNDZDmOsjHtEl8lHVIXow0RZUnZJVFprrdRf0cqkBkzFQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881741f4bfe156c4-OSL
alt-svc: h3=":443"; ma=86400
web1s.asia/assets/web1s-2.js
172.67.185.125200 OK 143 kB URL GET HTTP/3 web1s.asia/assets/web1s-2.js
IP 172.67.185.125:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 143 kB (142982 bytes)
Hash f64272699d9131a6df3edd059b34175d
10c0c5ff36a7311b3b83cf5c94d0cc8d21d5cd43
5e97f7b0a993bcc35f90793aaf6986fb9a680efa96a2cf7c7b271013d89927a3
GET /assets/web1s-2.js HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlB0Tk5iUU9kOVVyV1NDOFJmem0vRlE9PSIsInZhbHVlIjoiSlVzVEhpZHdqT3BaK0dpTldIWTEwclZKL2daWGxMRDU5d2tBOFRSUGtrd2JyV2NKSnZtTUhHUmNRWTk4N0YxSGdYREI3M2F3d2VhckxEVnRHejAzMnVSK01DeFdTMkRKREtjaHdvR1VIYnRvNXBId2U5V1lTazRRQkVRSEFyT0giLCJtYWMiOiIwYzIzZjI0ODE2ODJjOWQwZjc4ZWE1YTdiZjE4NzAyZGE0NzlkZDhjZGRjMjY3MzQyODI4ZjBjZmFlMWQzNmY2In0%3D; lang=eyJpdiI6IlhJMVh1aTU2U0JNYVpFazBoZ2RvSkE9PSIsInZhbHVlIjoidnRocjlkdHhnODdYbll2RzBDR2pmT3FmMzJNUlNWUjR5RjA2MHFPZGpXRFJGdm9ERk9wMitLMmVrMzhZTC9nMSIsIm1hYyI6IjNhMjI3N2RkYTIwODA5Nzg4MDliZDhiYjM1M2U0YjczMDYzOTBlMDQ1MmY3OGQwMDljMjc3NDgxNjFmYjQ5ODEifQ%3D%3D; web1s_session=GljJVxxtq4KyBTftbgeKxpy2Poz5PVSDgDxmTZpt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 04:41:34 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 30 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66309709-22e86"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m0pIAZKfRqN2ShqUJZvPC4y799Mka%2B61cBKYhX1k54YDOqwPXKO3u4Xk%2BlnXpLWoB6Vhvl8hSiDW89RSEx91dPfWG69svz9%2B0o3kJyVQdGqA6lRgbErUEY1bX7Vn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881741f49fd456c4-OSL
alt-svc: h3=":443"; ma=86400
fstatic.netpub.media/renderer/prebid_240502.js
172.67.70.145200 OK 2.0 MB URL GET HTTP/2 fstatic.netpub.media/renderer/prebid_240502.js
IP 172.67.70.145:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerGoogle Trust Services LLC
Subjectnetpub.media
Fingerprint45:A8:49:BA:FB:8E:4E:C2:5E:9C:6C:58:AE:95:A1:82:A3:62:8A:59
ValidityWed, 08 May 2024 01:58:12 GMT - Tue, 06 Aug 2024 01:58:11 GMT
Size 2.0 MB (2011316 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /renderer/prebid_240502.js HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 04:41:36 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 02 May 2024 14:21:49 GMT
cache-control: max-age=14400
expires: Fri, 10 May 2024 04:41:37 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2BFnR0tnPAjWl84nv8A%2FF52tt9ck5MrM4a%2BiUUqdMgmuBwrDqCJAJvI12hd5o%2FkK3mAupV%2B7Ki9G%2FAHeTsif7ZnZE2jdcnhJJ4AbyhTXd2SF%2B5FfZScOFa5GqquFUyfvElJg9hbP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881742008971569a-OSL
content-encoding: br
X-Firefox-Spdy: h2
web1s.asia/assets/web1s.js
172.67.185.125200 OK 103 kB URL GET HTTP/3 web1s.asia/assets/web1s.js
IP 172.67.185.125:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 103 kB (103048 bytes)
Hash f9ee7c686b5f5da8fd58c04965449a89
67ce88da4a736ca1cfa72a5a2835638d6a77babe
431f23ae1847bcee35b601764965fd625ee7dc8262780f7730081df2092f56a9
GET /assets/web1s.js HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlB0Tk5iUU9kOVVyV1NDOFJmem0vRlE9PSIsInZhbHVlIjoiSlVzVEhpZHdqT3BaK0dpTldIWTEwclZKL2daWGxMRDU5d2tBOFRSUGtrd2JyV2NKSnZtTUhHUmNRWTk4N0YxSGdYREI3M2F3d2VhckxEVnRHejAzMnVSK01DeFdTMkRKREtjaHdvR1VIYnRvNXBId2U5V1lTazRRQkVRSEFyT0giLCJtYWMiOiIwYzIzZjI0ODE2ODJjOWQwZjc4ZWE1YTdiZjE4NzAyZGE0NzlkZDhjZGRjMjY3MzQyODI4ZjBjZmFlMWQzNmY2In0%3D; lang=eyJpdiI6IlhJMVh1aTU2U0JNYVpFazBoZ2RvSkE9PSIsInZhbHVlIjoidnRocjlkdHhnODdYbll2RzBDR2pmT3FmMzJNUlNWUjR5RjA2MHFPZGpXRFJGdm9ERk9wMitLMmVrMzhZTC9nMSIsIm1hYyI6IjNhMjI3N2RkYTIwODA5Nzg4MDliZDhiYjM1M2U0YjczMDYzOTBlMDQ1MmY3OGQwMDljMjc3NDgxNjFmYjQ5ODEifQ%3D%3D; web1s_session=GljJVxxtq4KyBTftbgeKxpy2Poz5PVSDgDxmTZpt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 04:41:34 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 30 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66309709-19288"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4APNvT%2FHufcxqtfvzvrhSTu2cLRv0VhAfa5hPcOjAYDsmwtHleOa%2Bw5bThmLE3AOuRZh0CG%2BqW3D6RePEdZFyEihbS54Uz%2BBSWcxLvrchLzTTCuKq4aUiKjgCoJ2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881741f48fc156c4-OSL
alt-svc: h3=":443"; ma=86400
www.vipads.live/vn/8840D886-F08E-46-33-9C642005CB7F.blpha
0.0.0.0 0 B URL GET www.vipads.live/vn/8840D886-F08E-46-33-9C642005CB7F.blpha
IP 0.0.0.0:0
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerUnizeto Technologies S.A.
Subjectwww.vipads.live
Fingerprint3E:B1:B6:F1:38:D5:C9:15:6F:E5:83:2C:13:7C:3A:97:0C:5C:AF:83
ValiditySun, 05 May 2024 07:09:59 GMT - Wed, 04 Jun 2025 07:09:58 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /vn/8840D886-F08E-46-33-9C642005CB7F.blpha HTTP/1.1
Host: www.vipads.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 04:41:35 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Fri, 10 May 2024 04:41:35 GMT
expires: Fri, 10 May 2024 04:56:35 GMT
cache-control: max-age=900
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
onetag-sys.com/prebid-request
51.89.9.253200 OK 15 B URL POST HTTP/2 onetag-sys.com/prebid-request
IP 51.89.9.253:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90
ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash ba3521ccf7af080a568234f8e8a12a05
7d395437fdda85c7043352a30e356d095f77b19e
e81b0645d550bb2f6da79d0d92ab1b6b7e984dfbaef4db76ebf4216bb896ef8b
POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1667
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://web1s.asia
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2
fstatic.netpub.media/r/c98c98911166f1f070e872da610a9398/service.js
172.67.70.145302 Found 191 kB URL GET HTTP/2 fstatic.netpub.media/r/c98c98911166f1f070e872da610a9398/service.js
IP 172.67.70.145:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerGoogle Trust Services LLC
Subjectnetpub.media
Fingerprint45:A8:49:BA:FB:8E:4E:C2:5E:9C:6C:58:AE:95:A1:82:A3:62:8A:59
ValidityWed, 08 May 2024 01:58:12 GMT - Tue, 06 Aug 2024 01:58:11 GMT
Size 191 kB (190648 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/c98c98911166f1f070e872da610a9398/service.js HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 10 May 2024 04:41:35 GMT
content-type: text/html; charset=iso-8859-1
location: https://fstatic.netpub.media/r/c98c98911166f1f070e872da610a9398/47f905a4.js?npr=58581e32712a59e197a62305ec76a1da
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ieo531jh8g7Wek9RQV893FMiveo8lqeUIXD97VaQkWy%2BNsuOoVYMSMoeitwaufdiyxH4drIJWrUq8VCnyFn6PdoNLBYtKuvKbY5yun%2BJjvu3piMgUfMzCMqJGTExFgFslxxz47V3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881741fe4fe8569a-OSL
X-Firefox-Spdy: h2
a.magsrv.com/ad-provider.js
185.76.9.18200 OK 165 kB URL GET HTTP/2 a.magsrv.com/ad-provider.js
IP 185.76.9.18:443
ASN #60068 Datacamp Limited
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT
File type JavaScript source, ASCII text, with very long lines (34846)
Size 165 kB (164763 bytes)
Hash 23dca35363e4f4fbf7671ab6c7755f84
057432c37ba5cf65231392a9e07a565ef6689ece
8339d1105cfdcb822ad213c724fd2bdff27a3887df7e5ce28e801fab46e3b370
GET /ad-provider.js HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 04:41:35 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"057432c37ba5cf65231392a9e07"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Thu, 09 May 2024 13:34:49 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQHXiQEAAAwBuUwKDAH3MQAAAAgBnJIhHwGB
x-77-nzt-ray: c0a4cc28eef91bca7fa53d668118b927
x-accel-expires: @1715326502
x-77-cache: HIT
content-encoding: gzip
x-accel-date: 1715315702
x-77-age: 393
server: CDN77-Turbo
x-cache: HIT
x-age: 393
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
web1s.asia/api-mode/kh61Jqvypn/
172.67.185.125200 OK 19 kB URL User Request GET HTTP/2 web1s.asia/api-mode/kh61Jqvypn/
IP 172.67.185.125:443
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api-mode/kh61Jqvypn/ HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 04:41:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
x-ratelimit-limit: 600
x-ratelimit-remaining: 598
set-cookie: XSRF-TOKEN=eyJpdiI6IlB0Tk5iUU9kOVVyV1NDOFJmem0vRlE9PSIsInZhbHVlIjoiSlVzVEhpZHdqT3BaK0dpTldIWTEwclZKL2daWGxMRDU5d2tBOFRSUGtrd2JyV2NKSnZtTUhHUmNRWTk4N0YxSGdYREI3M2F3d2VhckxEVnRHejAzMnVSK01DeFdTMkRKREtjaHdvR1VIYnRvNXBId2U5V1lTazRRQkVRSEFyT0giLCJtYWMiOiIwYzIzZjI0ODE2ODJjOWQwZjc4ZWE1YTdiZjE4NzAyZGE0NzlkZDhjZGRjMjY3MzQyODI4ZjBjZmFlMWQzNmY2In0%3D; expires=Sat, 11-May-2024 00:41:33 GMT; Max-Age=72000; path=/; samesite=lax
lang=eyJpdiI6IlhJMVh1aTU2U0JNYVpFazBoZ2RvSkE9PSIsInZhbHVlIjoidnRocjlkdHhnODdYbll2RzBDR2pmT3FmMzJNUlNWUjR5RjA2MHFPZGpXRFJGdm9ERk9wMitLMmVrMzhZTC9nMSIsIm1hYyI6IjNhMjI3N2RkYTIwODA5Nzg4MDliZDhiYjM1M2U0YjczMDYzOTBlMDQ1MmY3OGQwMDljMjc3NDgxNjFmYjQ5ODEifQ%3D%3D; expires=Sat, 10-May-2025 04:41:33 GMT; Max-Age=31536000; path=/; httponly; samesite=lax
web1s_session=GljJVxxtq4KyBTftbgeKxpy2Poz5PVSDgDxmTZpt; expires=Sat, 11-May-2024 00:41:33 GMT; Max-Age=72000; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cFMyQUEWa8jaWbAhzTc%2FS6JZdHI0H1oAqYhFL4IHKynow2ND4XmFrPXZgXVx%2BqP26ZkKKSevJm2RKbDDW1yk7d0PnSqSP%2Fai%2FCxNocCMWZs9YAnEgqkVK8tVMVDm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881741efdb36568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
pv.vipads.cc/pv.php?op=pv&ext=cedeoNYTMejtHL8w9Ta9xT8iy5nn4J1HsJp1GpUxM0M2rIzaUM4zs9yxL6S4DKJq9pv0JnN3GBO2o3k3ihXWEQrYBohcB+o3+YNjtJPuzF6iN0Ut8habImY2Kafol7xXBhyyVDLrHMvM4WaL53eol6AFfNZE8+t2N0JTWTAq1fEO
47.236.41.18200 OK 10 B URL GET HTTP/2 pv.vipads.cc/pv.php?op=pv&ext=cedeoNYTMejtHL8w9Ta9xT8iy5nn4J1HsJp1GpUxM0M2rIzaUM4zs9yxL6S4DKJq9pv0JnN3GBO2o3k3ihXWEQrYBohcB+o3+YNjtJPuzF6iN0Ut8habImY2Kafol7xXBhyyVDLrHMvM4WaL53eol6AFfNZE8+t2N0JTWTAq1fEO
IP 47.236.41.18:443
ASN #45102 Alibaba US Technology Co., Ltd.
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectpv.vipads.cc
FingerprintD7:4E:F5:D6:F9:8D:6E:49:FE:2F:A6:CD:35:5B:67:D3:20:01:08:C7
ValidityFri, 23 Jun 2023 00:00:00 GMT - Sat, 22 Jun 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash af7f065f567473967704382a9c5dc3d2
440eda0d60c94c3f31aea57d636227a2f8487d0d
68b60cc3b951fd39b232475bf40b54a71619c351d5a040fbc7d38e0e3fd2ae9c
GET /pv.php?op=pv&ext=cedeoNYTMejtHL8w9Ta9xT8iy5nn4J1HsJp1GpUxM0M2rIzaUM4zs9yxL6S4DKJq9pv0JnN3GBO2o3k3ihXWEQrYBohcB+o3+YNjtJPuzF6iN0Ut8habImY2Kafol7xXBhyyVDLrHMvM4WaL53eol6AFfNZE8+t2N0JTWTAq1fEO HTTP/1.1
Host: pv.vipads.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 04:41:38 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240510
151.101.1.229200 OK 1.6 kB URL GET HTTP/2 cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240510
IP 151.101.1.229:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File type troff or preprocessor input, ASCII text, with very long lines (1728), with no line terminators
Hash 37649f4da315fdc8190701235a37f38d
2e1f5ffbcb02a74d2aa0d2422ead97d8e969c0c0
9fad7194fa92c968cd78c4ccb4b149e29a0c3900c9738883f7c485337957d66f
GET /gh/prebid/currency-file@1/latest.json?date=20240510 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.2051
x-jsd-version-type: version
etag: W/"636-F7P1nj6lgKy7qNb7Ir7Pmxc03uc"
content-encoding: br
accept-ranges: bytes
date: Fri, 10 May 2024 04:41:36 GMT
age: 2443
x-served-by: cache-fra-eddf8230103-FRA, cache-hel1410027-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 832
X-Firefox-Spdy: h2
web1s.asia/assets/web1s-3.js
172.67.185.125200 OK 9.5 kB URL GET HTTP/3 web1s.asia/assets/web1s-3.js
IP 172.67.185.125:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
File type JavaScript source, ASCII text, with very long lines (10176), with no line terminators
Hash 1d533bdfe39752fefe27e87f1325b2ef
d1288855aa86bf126fbd93626f703da4a15ffbee
51620548ca2df448cf02807c0d5dfa010c8e87989341a184691917dfc688d3e5
GET /assets/web1s-3.js HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlB0Tk5iUU9kOVVyV1NDOFJmem0vRlE9PSIsInZhbHVlIjoiSlVzVEhpZHdqT3BaK0dpTldIWTEwclZKL2daWGxMRDU5d2tBOFRSUGtrd2JyV2NKSnZtTUhHUmNRWTk4N0YxSGdYREI3M2F3d2VhckxEVnRHejAzMnVSK01DeFdTMkRKREtjaHdvR1VIYnRvNXBId2U5V1lTazRRQkVRSEFyT0giLCJtYWMiOiIwYzIzZjI0ODE2ODJjOWQwZjc4ZWE1YTdiZjE4NzAyZGE0NzlkZDhjZGRjMjY3MzQyODI4ZjBjZmFlMWQzNmY2In0%3D; lang=eyJpdiI6IlhJMVh1aTU2U0JNYVpFazBoZ2RvSkE9PSIsInZhbHVlIjoidnRocjlkdHhnODdYbll2RzBDR2pmT3FmMzJNUlNWUjR5RjA2MHFPZGpXRFJGdm9ERk9wMitLMmVrMzhZTC9nMSIsIm1hYyI6IjNhMjI3N2RkYTIwODA5Nzg4MDliZDhiYjM1M2U0YjczMDYzOTBlMDQ1MmY3OGQwMDljMjc3NDgxNjFmYjQ5ODEifQ%3D%3D; web1s_session=GljJVxxtq4KyBTftbgeKxpy2Poz5PVSDgDxmTZpt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 04:41:34 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 30 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66309709-24ff"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q%2B%2BXUhf6SwtmH4FYXbPN5SP8YukRtEdNPV%2BLh7cmPZTuWEga8pIbAbWc%2F1GyA%2B9WPRYGWSk9cLxd0QHSFeTqHUZOTVTf7dcZRSmfPsIf1l24fNvLsB3TNP24yX95"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881741f4bfdf56c4-OSL
alt-svc: h3=":443"; ma=86400
web1s.asia/landing/assets/js/jquery-3.3.1.min.js
172.67.185.125200 OK 87 kB URL GET HTTP/3 web1s.asia/landing/assets/js/jquery-3.3.1.min.js
IP 172.67.185.125:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
File type JavaScript source, ASCII text, with very long lines (65451)
Hash a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
GET /landing/assets/js/jquery-3.3.1.min.js HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlB0Tk5iUU9kOVVyV1NDOFJmem0vRlE9PSIsInZhbHVlIjoiSlVzVEhpZHdqT3BaK0dpTldIWTEwclZKL2daWGxMRDU5d2tBOFRSUGtrd2JyV2NKSnZtTUhHUmNRWTk4N0YxSGdYREI3M2F3d2VhckxEVnRHejAzMnVSK01DeFdTMkRKREtjaHdvR1VIYnRvNXBId2U5V1lTazRRQkVRSEFyT0giLCJtYWMiOiIwYzIzZjI0ODE2ODJjOWQwZjc4ZWE1YTdiZjE4NzAyZGE0NzlkZDhjZGRjMjY3MzQyODI4ZjBjZmFlMWQzNmY2In0%3D; lang=eyJpdiI6IlhJMVh1aTU2U0JNYVpFazBoZ2RvSkE9PSIsInZhbHVlIjoidnRocjlkdHhnODdYbll2RzBDR2pmT3FmMzJNUlNWUjR5RjA2MHFPZGpXRFJGdm9ERk9wMitLMmVrMzhZTC9nMSIsIm1hYyI6IjNhMjI3N2RkYTIwODA5Nzg4MDliZDhiYjM1M2U0YjczMDYzOTBlMDQ1MmY3OGQwMDljMjc3NDgxNjFmYjQ5ODEifQ%3D%3D; web1s_session=GljJVxxtq4KyBTftbgeKxpy2Poz5PVSDgDxmTZpt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 04:41:34 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 30 Apr 2024 07:00:06 GMT
vary: Accept-Encoding
etag: W/"663096f6-1538f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SQgY15FkzDbkr9FqO7WEV6Bu9QiOMTpxSmS3lYZf5PoRUy22nVIrPs8gf%2B%2Bkm5N2D%2BmEuR7EzzCjM%2BDd47x4GLWtjr%2FzmaPy1JRRhPadNalWOcFStbxHBlpuKidE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881741f49fce56c4-OSL
alt-svc: h3=":443"; ma=86400
web1s.asia/assets/web1s-4.js
172.67.185.125200 OK 8.2 kB URL GET HTTP/3 web1s.asia/assets/web1s-4.js
IP 172.67.185.125:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
File type JavaScript source, ASCII text, with very long lines (8365), with no line terminators
Hash 08e6714eaf3cfe8f3c7839f22d90ba4e
94fdad68854d0d3482b877aef7ba7c2eb265c621
e424039d5a737a1bda8a5ded60919e5067085729310762eebb09c20e07d249c8
GET /assets/web1s-4.js HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlB0Tk5iUU9kOVVyV1NDOFJmem0vRlE9PSIsInZhbHVlIjoiSlVzVEhpZHdqT3BaK0dpTldIWTEwclZKL2daWGxMRDU5d2tBOFRSUGtrd2JyV2NKSnZtTUhHUmNRWTk4N0YxSGdYREI3M2F3d2VhckxEVnRHejAzMnVSK01DeFdTMkRKREtjaHdvR1VIYnRvNXBId2U5V1lTazRRQkVRSEFyT0giLCJtYWMiOiIwYzIzZjI0ODE2ODJjOWQwZjc4ZWE1YTdiZjE4NzAyZGE0NzlkZDhjZGRjMjY3MzQyODI4ZjBjZmFlMWQzNmY2In0%3D; lang=eyJpdiI6IlhJMVh1aTU2U0JNYVpFazBoZ2RvSkE9PSIsInZhbHVlIjoidnRocjlkdHhnODdYbll2RzBDR2pmT3FmMzJNUlNWUjR5RjA2MHFPZGpXRFJGdm9ERk9wMitLMmVrMzhZTC9nMSIsIm1hYyI6IjNhMjI3N2RkYTIwODA5Nzg4MDliZDhiYjM1M2U0YjczMDYzOTBlMDQ1MmY3OGQwMDljMjc3NDgxNjFmYjQ5ODEifQ%3D%3D; web1s_session=GljJVxxtq4KyBTftbgeKxpy2Poz5PVSDgDxmTZpt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 04:41:34 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 30 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66309709-1feb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a1SHz84ht6vc5bjumY44eoi5G23HKNEP9BQutEpIT9X1uS3GXBIJ3R9AozQey4Dlp1kzhzNw5ItrLo2gIe2uup3ddZkcu6H3rBfxZvBgiwR4IGhy7MA9bNyQPiPl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881741f4bfe056c4-OSL
alt-svc: h3=":443"; ma=86400
a.magsrv.com/ad-provider.js
185.76.9.18200 OK 165 kB URL GET HTTP/2 a.magsrv.com/ad-provider.js
IP 185.76.9.18:443
ASN #60068 Datacamp Limited
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT
File type JavaScript source, ASCII text, with very long lines (34846)
Size 165 kB (164763 bytes)
Hash 23dca35363e4f4fbf7671ab6c7755f84
057432c37ba5cf65231392a9e07a565ef6689ece
8339d1105cfdcb822ad213c724fd2bdff27a3887df7e5ce28e801fab46e3b370
GET /ad-provider.js HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 04:41:34 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"057432c37ba5cf65231392a9e07"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Thu, 09 May 2024 13:34:49 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3iAEAAAwBuUwKDAH3MQAAAAgBnJIhHwGB
x-77-nzt-ray: c0a4cc28eef91bca7ea53d66c781d00f
x-accel-expires: @1715326502
x-77-cache: HIT
content-encoding: gzip
x-accel-date: 1715315702
x-77-age: 392
server: CDN77-Turbo
x-cache: HIT
x-age: 392
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
web1s.asia/assets/web1s-1.js
172.67.185.125200 OK 60 kB URL GET HTTP/3 web1s.asia/assets/web1s-1.js
IP 172.67.185.125:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
File type JavaScript source, ASCII text, with very long lines (59810), with no line terminators
Hash d7ad236e7d50c7857067d8f3fce70e9b
0c96bb52a5e32375ae226a12398f5c38c1d7c43f
7bb392f1b37c3c12cc532e7296f77d95f4f0ca0184955858426e2058dff97359
GET /assets/web1s-1.js HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlB0Tk5iUU9kOVVyV1NDOFJmem0vRlE9PSIsInZhbHVlIjoiSlVzVEhpZHdqT3BaK0dpTldIWTEwclZKL2daWGxMRDU5d2tBOFRSUGtrd2JyV2NKSnZtTUhHUmNRWTk4N0YxSGdYREI3M2F3d2VhckxEVnRHejAzMnVSK01DeFdTMkRKREtjaHdvR1VIYnRvNXBId2U5V1lTazRRQkVRSEFyT0giLCJtYWMiOiIwYzIzZjI0ODE2ODJjOWQwZjc4ZWE1YTdiZjE4NzAyZGE0NzlkZDhjZGRjMjY3MzQyODI4ZjBjZmFlMWQzNmY2In0%3D; lang=eyJpdiI6IlhJMVh1aTU2U0JNYVpFazBoZ2RvSkE9PSIsInZhbHVlIjoidnRocjlkdHhnODdYbll2RzBDR2pmT3FmMzJNUlNWUjR5RjA2MHFPZGpXRFJGdm9ERk9wMitLMmVrMzhZTC9nMSIsIm1hYyI6IjNhMjI3N2RkYTIwODA5Nzg4MDliZDhiYjM1M2U0YjczMDYzOTBlMDQ1MmY3OGQwMDljMjc3NDgxNjFmYjQ5ODEifQ%3D%3D; web1s_session=GljJVxxtq4KyBTftbgeKxpy2Poz5PVSDgDxmTZpt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 04:41:34 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 30 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66309709-e9a2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9epqqA3tkx0RgfPlQCRhAXjl79ql%2FzL9oGzY0ElPoWzq2gttaRQvzHt3Y99m%2FLFPhC9%2F8otU0UbQvW7LZzh9CKiL8Z1Btv0WmUY77leYSr8dBsEC13%2B%2FBi7nDX3p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881741f49fd256c4-OSL
alt-svc: h3=":443"; ma=86400
web1s.asia/assets/web1s-6.js
172.67.185.125200 OK 18 kB URL GET HTTP/3 web1s.asia/assets/web1s-6.js
IP 172.67.185.125:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/web1s-6.js HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlB0Tk5iUU9kOVVyV1NDOFJmem0vRlE9PSIsInZhbHVlIjoiSlVzVEhpZHdqT3BaK0dpTldIWTEwclZKL2daWGxMRDU5d2tBOFRSUGtrd2JyV2NKSnZtTUhHUmNRWTk4N0YxSGdYREI3M2F3d2VhckxEVnRHejAzMnVSK01DeFdTMkRKREtjaHdvR1VIYnRvNXBId2U5V1lTazRRQkVRSEFyT0giLCJtYWMiOiIwYzIzZjI0ODE2ODJjOWQwZjc4ZWE1YTdiZjE4NzAyZGE0NzlkZDhjZGRjMjY3MzQyODI4ZjBjZmFlMWQzNmY2In0%3D; lang=eyJpdiI6IlhJMVh1aTU2U0JNYVpFazBoZ2RvSkE9PSIsInZhbHVlIjoidnRocjlkdHhnODdYbll2RzBDR2pmT3FmMzJNUlNWUjR5RjA2MHFPZGpXRFJGdm9ERk9wMitLMmVrMzhZTC9nMSIsIm1hYyI6IjNhMjI3N2RkYTIwODA5Nzg4MDliZDhiYjM1M2U0YjczMDYzOTBlMDQ1MmY3OGQwMDljMjc3NDgxNjFmYjQ5ODEifQ%3D%3D; web1s_session=GljJVxxtq4KyBTftbgeKxpy2Poz5PVSDgDxmTZpt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 04:41:34 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 30 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66309709-459f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tz0dK4ODdgRoQNgtAjTYi9YjunafDNsY9OIwqnQdUv2SvfTVkYb%2Fo5w%2FxJVFZtDqSd%2BgMll4GQxMweEO0PxbV9MZerJVuPYwgm7CE5nO%2FqGgLO%2BZAR9iEZQvHEyx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881741f4bfe256c4-OSL
alt-svc: h3=":443"; ma=86400
pixel.chaty.app/api/pixel/widgets
104.21.62.38200 OK 39 B URL POST HTTP/2 pixel.chaty.app/api/pixel/widgets
IP 104.21.62.38:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerLet's Encrypt
Subjectchaty.app
FingerprintAB:74:24:B7:7B:A1:09:10:A8:2E:40:D1:8B:DD:3F:5D:2A:61:1B:A1
ValidityWed, 24 Apr 2024 19:20:59 GMT - Tue, 23 Jul 2024 19:20:58 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 27795f2a1c6896569b9e4da83214bd52
c5911e83d9aa913bf6378fce96f13068f1c27d45
3ef0136936c8440f8f4fab859d2dc87e60e859ad3d9197a7383c6c8f2b7af0c5
POST /api/pixel/widgets HTTP/1.1
Host: pixel.chaty.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 325
Origin: https://web1s.asia
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 04:41:39 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hUhsct70vWrhK7wxijkt3VUFe79yGUB6WK89hfMKCE%2BpjFJj9aRfwrzacNoBuzIfkwP7PzlruP9XPE4yq2%2FD5Q9VEZd2xxPN37UE57QtlGh9ncHtZI%2FNOlM2%2BsNTJZtIZ64%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88174212c9b3b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
web1s.io/api-mode/kh61Jqvypn
188.114.96.1302 Found 19 kB URL User Request GET HTTP/2 web1s.io/api-mode/kh61Jqvypn
IP 188.114.96.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.io
FingerprintBF:BB:7B:1D:97:EB:6F:15:91:7A:6D:7B:3A:EB:F2:BE:AD:DC:93:52
ValidityWed, 17 Apr 2024 10:38:27 GMT - Tue, 16 Jul 2024 10:38:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api-mode/kh61Jqvypn HTTP/1.1
Host: web1s.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 10 May 2024 04:41:33 GMT
content-type: text/html; charset=UTF-8
location: https://web1s.asia/api-mode/kh61Jqvypn/
cache-control: no-cache, private
x-ratelimit-limit: 600
x-ratelimit-remaining: 599
set-cookie: XSRF-TOKEN=eyJpdiI6IjA5cFl5OXQ0L2ZVeVhJbVdmMklUbnc9PSIsInZhbHVlIjoibk9RdWJXY1Zra3RjbEU2QUJTWFhwZXhGYXVRaDVtV1V0K2tyN2NOVjZ3VjZ4MVdqd0ZmdjY4eVNLTXhxcjBEM2djencvRTU3SEwwRkRBMFpobXhrVlpuRUNSOXJBS2VXVU84bm5xcUlqYjlYUEd0NHRpTGFobUVqNkU0aHBCckgiLCJtYWMiOiJhYWJkMTExN2E1Y2EwMmJmM2I3MGVlOTQ4NjI2YWQ3MmVkODkwYmJhZDhkMmExYTY5YjBiYmI4Mzc0YzU5ZWRhIn0%3D; expires=Sat, 11-May-2024 00:41:33 GMT; Max-Age=72000; path=/; samesite=lax
lang=eyJpdiI6IkNDM1RrSU5vY3JqdnNBNVhOSW1KeWc9PSIsInZhbHVlIjoibGRnTno2UjlaU0U3cEE0UlJlUVFWek0vRDR4aGU3UFlNZjkxc2dnMWZuQU9DRnFsaW9NVEZwaE1oUWhJQW1uWSIsIm1hYyI6ImUzZjdkNDA3NmE1Mzk3NWNjOGY1YmRlNTg5NzI1MGQxOTI0Y2QxOGNjN2QwNGIyYjllZTIwYzI3ZjNhZTE1YTgifQ%3D%3D; expires=Sat, 10-May-2025 04:41:33 GMT; Max-Age=31536000; path=/; httponly; samesite=lax
web1s_session=ZXpg1KjRvRDHSvEamIhqrmy8VtngLJExv7U1IHIy; expires=Sat, 11-May-2024 00:41:33 GMT; Max-Age=72000; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BIW5H%2BNpyL3QCs0RTa2pH4ObpR70UGJBmzesMWQiLBt%2FrWFvd3sBm2CbiJ7BY%2Fw4qrdCHxY36WK4fOaeQAMhPgP5i07wEmp3%2Fk7cyxoFMq1dsF0FrkA3NHURTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881741ecdfa0569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
web1s.asia/assets/web1s.css
172.67.185.125200 OK 111 kB URL GET HTTP/3 web1s.asia/assets/web1s.css
IP 172.67.185.125:443
Requested by https://web1s.asia/api-mode/kh61Jqvypn/
Certificate IssuerGoogle Trust Services LLC
Subjectweb1s.asia
Fingerprint9A:D5:F5:13:A0:AC:F9:AC:2A:19:5B:0B:CA:D1:EB:45:DD:60:9A:20
ValidityThu, 11 Apr 2024 22:03:19 GMT - Wed, 10 Jul 2024 22:03:18 GMT
Size 111 kB (110704 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/web1s.css HTTP/1.1
Host: web1s.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlB0Tk5iUU9kOVVyV1NDOFJmem0vRlE9PSIsInZhbHVlIjoiSlVzVEhpZHdqT3BaK0dpTldIWTEwclZKL2daWGxMRDU5d2tBOFRSUGtrd2JyV2NKSnZtTUhHUmNRWTk4N0YxSGdYREI3M2F3d2VhckxEVnRHejAzMnVSK01DeFdTMkRKREtjaHdvR1VIYnRvNXBId2U5V1lTazRRQkVRSEFyT0giLCJtYWMiOiIwYzIzZjI0ODE2ODJjOWQwZjc4ZWE1YTdiZjE4NzAyZGE0NzlkZDhjZGRjMjY3MzQyODI4ZjBjZmFlMWQzNmY2In0%3D; lang=eyJpdiI6IlhJMVh1aTU2U0JNYVpFazBoZ2RvSkE9PSIsInZhbHVlIjoidnRocjlkdHhnODdYbll2RzBDR2pmT3FmMzJNUlNWUjR5RjA2MHFPZGpXRFJGdm9ERk9wMitLMmVrMzhZTC9nMSIsIm1hYyI6IjNhMjI3N2RkYTIwODA5Nzg4MDliZDhiYjM1M2U0YjczMDYzOTBlMDQ1MmY3OGQwMDljMjc3NDgxNjFmYjQ5ODEifQ%3D%3D; web1s_session=GljJVxxtq4KyBTftbgeKxpy2Poz5PVSDgDxmTZpt
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 04:41:34 GMT
content-type: text/css
last-modified: Tue, 30 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66309709-1b070"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CeGD9aRAAZgY6o%2FT%2FlDRQ87BTGDdURH5chAFJXqJySq2%2BJR2IfYwRFhphmVgQHIayacv9%2BIJ99%2BG53DDOIe4ELm4FWB8XTeubSSJICPrfsC8TnqzMH46zgwQzBAT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 881741f48fbf56c4-OSL
alt-svc: h3=":443"; ma=86400