fex.net/403?file_id=4331645080
194.106.216.70301 Moved Permanently 185 B URL HTTP/1.1 fex.net/403?file_id=4331645080
IP 194.106.216.70:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cb6ffbb4043c88e63023bdbe1273e7f6
51ab256fee07ae97343aea50861f5b9b0214cac2
e2085b8ac766c65a76f7e31e2ee5d257f7728465331a46ee58005fd212575348
GET /403?file_id=4331645080 HTTP/1.1
Host: fex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.12.2
Date: Tue, 17 Jan 2023 02:36:40 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: https://fex.net/403?file_id=4331645080
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2258cd6b877a3aca8f4c84074e65ac4b
4e46c70941f8e497e8afc8d078644e7f81761a1c
faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12261
Expires: Tue, 17 Jan 2023 06:01:01 GMT
Date: Tue, 17 Jan 2023 02:36:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 405f8f149ccdf0005ca0d890c96a9cb4
64de3200cef76133dfad901d6709697d6842405e
3a10790c397a419450ac2c90b941fd20bc49af1dbaeb34678836306de8febfce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A10790C397A419450AC2C90B941FD20BC49AF1DBAEB34678836306DE8FEBFCE"
Last-Modified: Mon, 16 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11355
Expires: Tue, 17 Jan 2023 05:45:55 GMT
Date: Tue, 17 Jan 2023 02:36:40 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 17 Jan 2023 01:42:14 GMT
content-type: application/json
age: 3266
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d6e2abd68203014e8e24d4a9e20e980a
5edbbb1a36083d5077b90b82e7aa10049e90c5d6
88cf8dae194a5e92a8c36a4c54ae71a609eaaed6e99d3986b3834c40d2fceeaa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88CF8DAE194A5E92A8C36A4C54AE71A609EAAED6E99D3986B3834C40D2FCEEAA"
Last-Modified: Sun, 15 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9833
Expires: Tue, 17 Jan 2023 05:20:33 GMT
Date: Tue, 17 Jan 2023 02:36:40 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: lFrLwGpZD+oc4Ee9UPEx/EEyCNKu9UJHPKZzSVFpoI0AQUoRMr2XTcKLfqSXcQ2q4ZB6GQcc5Cc=
x-amz-request-id: V78ZMWBZPA8T1GXJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 17 Jan 2023 01:44:48 GMT
age: 3112
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 02:36:40 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1b2e51abfd12507b00ebd8b7afda6308
4d3d5fa49e007714dd37da7da25d9d490d05bd0a
85a04d4cf987fcc2d087ab815a8d373e164a2adf2bf478e7a5c1fae3e109ba26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 02:36:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.polyfill.io/v2/polyfill.min.js
151.101.65.26200 OK 126 B URL HTTP/2 cdn.polyfill.io/v2/polyfill.min.js
IP 151.101.65.26:0
Hash 73facef13260d15915b31c39a22317b8
2e0d6642d943b6bba33c14ed89db6ca0d98e7844
fe0e7a42051b9bde30f5d3f6679756e2aad5814be1914d6606d961f6e15f07f7
GET /v2/polyfill.min.js HTTP/1.1
Host: cdn.polyfill.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fex.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
content-type: text/javascript; charset=utf-8
last-modified: Wed, 16 Nov 2022 09:56:10 GMT
content-encoding: br
age: 0
accept-ranges: bytes
useragent_normaliser: firefox/105.0.0
date: Tue, 17 Jan 2023 02:36:40 GMT
vary: User-Agent, Accept-Encoding
server-timing: PASS, fastly;desc="Edge time";dur=11
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 126
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.21.226:0
Hash 435a98962f7710761caccd6f879a3647
903424631f1040a7a85413dde1410d48db78cdca
7fc5b4d543af160a79e8197f0cdb61cb0c8c658b7f25f1439b21d860507af705
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 02:36:40 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "C4621722124C3F5E53703F424E7782520C7579AE"
Expires: Tue, 17 Jan 2023 13:00:00 GMT
Last-Modified: Tue, 17 Jan 2023 01:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 75
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78abb463aec60b61-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1b2e51abfd12507b00ebd8b7afda6308
4d3d5fa49e007714dd37da7da25d9d490d05bd0a
85a04d4cf987fcc2d087ab815a8d373e164a2adf2bf478e7a5c1fae3e109ba26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 02:36:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6f4934ef37f04950c15313f2cdc6902d
3ed5b8439867115a06edaf046472ee8d271c33ea
3fb58a81be10df91f59e3f6ceed7d607f77409087515cf675ff0d098c482c574
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 02:36:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-K8R2T8R
142.250.74.168200 OK 41 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-K8R2T8R
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 8406b665c2fd8d32ae1c5256cc4b139b
20f8d2ea62ac36e7e5546532cbcf3bea37fd8557
92d5e7b75d287cb5fa85c2d7b1e20c58a6f76b54d8169ebe4d13428b70b9fa06
GET /gtm.js?id=GTM-K8R2T8R HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fex.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 17 Jan 2023 02:36:40 GMT
expires: Tue, 17 Jan 2023 02:36:40 GMT
cache-control: private, max-age=900
last-modified: Tue, 17 Jan 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 40987
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6f4934ef37f04950c15313f2cdc6902d
3ed5b8439867115a06edaf046472ee8d271c33ea
3fb58a81be10df91f59e3f6ceed7d607f77409087515cf675ff0d098c482c574
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 02:36:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 17 Jan 2023 02:17:25 GMT
age: 1156
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d03545e1fc5a8876441094039811aac5
99fcc840f3516298625c528e9b408132f7fcbb9c
166fa7c7bb716b2cd02a47884ee00df31030dfb4b2a6fdae7b59b19f87739123
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2515
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 02:36:41 GMT
Last-Modified: Tue, 17 Jan 2023 01:54:46 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
fex.net/client/desktop/static/js/main.a2e4dcdb.chunk.js
194.106.216.70200 OK 411 kB URL HTTP/2 fex.net/client/desktop/static/js/main.a2e4dcdb.chunk.js
IP 194.106.216.70:0
Size 411 kB (411109 bytes)
Hash da7462a155cdc31c535494727ac9006c
5a0146a470d3da94229e83a3f00ec703258acfc2
0363dab1c5d3c607885cc387670d971363ac0f3c8cd20012453ee581b92a48f3
GET /client/desktop/static/js/main.a2e4dcdb.chunk.js HTTP/1.1
Host: fex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fex.net/403?file_id=4331645080
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.12.2
date: Tue, 17 Jan 2023 02:36:40 GMT
content-type: application/javascript
last-modified: Wed, 28 Dec 2022 11:17:18 GMT
etag: W/"63ac25be-197e0b"
expires: Tue, 17 Jan 2023 14:36:40 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: gzip
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.88.225.167101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.225.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RtOQzCi8AjJ6yz4TuZ20MQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CwDbODa2A4i5FYukgfG2A/hfsl4=
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fex.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 17 Jan 2023 00:41:07 GMT
expires: Tue, 17 Jan 2023 02:41:07 GMT
cache-control: public, max-age=7200
age: 6934
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fex.net/client/desktop/icons/apple-touch-icon.png
194.106.216.70200 OK 2.6 kB URL HTTP/2 fex.net/client/desktop/icons/apple-touch-icon.png
IP 194.106.216.70:0
File type PNG image data, 180 x 180, 8-bit colormap, non-interlaced\012- data
Hash 391826e45c7655966da3dadacf35d658
4d6f84482b6c33520f4e76327e1df854f647df1d
95a411bd95373ecc53e43a5a720561317e8cc8db93d0ee271f96551e8526d7b2
GET /client/desktop/icons/apple-touch-icon.png HTTP/1.1
Host: fex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fex.net/403?file_id=4331645080
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.12.2
date: Tue, 17 Jan 2023 02:36:41 GMT
content-type: image/png
content-length: 2552
last-modified: Wed, 28 Dec 2022 11:17:18 GMT
etag: "63ac25be-9f8"
expires: Tue, 17 Jan 2023 14:36:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
fex.net/client/desktop/icons/favicon-16x16.png
194.106.216.70200 OK 564 B URL HTTP/2 fex.net/client/desktop/icons/favicon-16x16.png
IP 194.106.216.70:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 5f919e1bbe1ad54c9729b60776f7cfb6
424dd512779a1d32d9b91f473681e519a080a3ea
3cbd1ac94045fffcf5ccdd4abd7c9eda7aaf2baed4d74cab5a175fefd863bca5
GET /client/desktop/icons/favicon-16x16.png HTTP/1.1
Host: fex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fex.net/403?file_id=4331645080
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.12.2
date: Tue, 17 Jan 2023 02:36:41 GMT
content-type: image/png
content-length: 564
last-modified: Wed, 28 Dec 2022 11:17:18 GMT
etag: "63ac25be-234"
expires: Tue, 17 Jan 2023 14:36:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 46016837fa657816c9759b877cfd0a84
a2d7e97f1f2e86c2889af087fbd569177eca7958
4ff15623841a08fe9936578c1d95aeb2a1c5c9942cae7a4881f35f79430a1735
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 02:36:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-134700492-1&cid=835086417.1673923002&jid=1170965180&gjid=119990016&_gid=2021021053.1673923002&_u=YEDAAUAAAAAAACAAI~&z=1945783243
64.233.165.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-134700492-1&cid=835086417.1673923002&jid=1170965180&gjid=119990016&_gid=2021021053.1673923002&_u=YEDAAUAAAAAAACAAI~&z=1945783243
IP 64.233.165.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-134700492-1&cid=835086417.1673923002&jid=1170965180&gjid=119990016&_gid=2021021053.1673923002&_u=YEDAAUAAAAAAACAAI~&z=1945783243 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://fex.net
Connection: keep-alive
Referer: https://fex.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://fex.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 17 Jan 2023 02:36:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.fex.net/api/v1/config/anonymous
194.106.216.70200 OK 0 B URL HTTP/2 api.fex.net/api/v1/config/anonymous
IP 194.106.216.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v1/config/anonymous HTTP/1.1
Host: api.fex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://fex.net/
Origin: https://fex.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx/1.12.2
date: Tue, 17 Jan 2023 02:36:41 GMT
content-type: text/html; charset=utf-8
content-length: 0
allow: OPTIONS, HEAD, GET
access-control-allow-origin: https://fex.net
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
vary: Origin
x-robots-tag: noindex, nofollow, noindex, nofollow
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 46016837fa657816c9759b877cfd0a84
a2d7e97f1f2e86c2889af087fbd569177eca7958
4ff15623841a08fe9936578c1d95aeb2a1c5c9942cae7a4881f35f79430a1735
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 02:36:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.fex.net/api/v1/config/anonymous
194.106.216.70200 OK 3.2 kB URL HTTP/2 api.fex.net/api/v1/config/anonymous
IP 194.106.216.70:0
File type JSON data\012- , ASCII text, with very long lines (3206)
Hash c02c42d91d2093043740e9e176c201de
a1d1341a42d67b80d2c80b8a7f80d58649416e3d
70dd826fc03096eaa3718107bebacc14cb5e18862a1bad2f96205d91fe42646d
GET /api/v1/config/anonymous HTTP/1.1
Host: api.fex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fex.net/
Content-Type: application/json
Origin: https://fex.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.12.2
date: Tue, 17 Jan 2023 02:36:42 GMT
content-type: application/json; charset=utf-8
content-length: 3207
access-control-allow-origin: https://fex.net
access-control-allow-credentials: true
vary: Origin
x-robots-tag: noindex, nofollow, noindex, nofollow
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6b70b334388cc7c3c2afbf53572e9dca
c4c5b6f3cf3dc8b3cbadcb45fd578ecfcb406eb1
d231560628e5028fb74b132e6de1562cecbc1fc4ab4fc96c8fce638beb8ddbc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 02:36:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9c27cc551532f9424a9c944b490c3c45
1da7d84941c2ac6ffe4dfdf044d96c5b07d38b11
ae4dcb0d9d7fd53177cefc7d6c4c4101af88a85a2970a4693b33217d8dfdcf48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 02:36:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-134700492-1&cid=835086417.1673923002&jid=1170965180&_u=YEDAAUAAAAAAACAAI~&z=1819395923
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-134700492-1&cid=835086417.1673923002&jid=1170965180&_u=YEDAAUAAAAAAACAAI~&z=1819395923
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-134700492-1&cid=835086417.1673923002&jid=1170965180&_u=YEDAAUAAAAAAACAAI~&z=1819395923 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fex.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 17 Jan 2023 02:36:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-134700492-1&cid=835086417.1673923002&jid=1170965180&_u=YEDAAUAAAAAAACAAI~&z=1819395923
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-134700492-1&cid=835086417.1673923002&jid=1170965180&_u=YEDAAUAAAAAAACAAI~&z=1819395923
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-134700492-1&cid=835086417.1673923002&jid=1170965180&_u=YEDAAUAAAAAAACAAI~&z=1819395923 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fex.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 17 Jan 2023 02:36:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6a0c99efce2ba7294ef4b88e9810c411
90e325963c1355d4c2ab6500689850a2df4c419f
957f138460650b9cecf197fb62ec2b92fae42eb5d9d431a348f8f518470612c8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 02:36:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9c27cc551532f9424a9c944b490c3c45
1da7d84941c2ac6ffe4dfdf044d96c5b07d38b11
ae4dcb0d9d7fd53177cefc7d6c4c4101af88a85a2970a4693b33217d8dfdcf48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 02:36:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b4c80fca9a7bc1b84369cdb60024668
91427b4fd16fa613fb83f053b271f00396b36e90
07bb6c4b267a5f46a15cca9ad9644ca38af67daa1448ad67f583f58e3c8dfcc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 02:36:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b4c80fca9a7bc1b84369cdb60024668
91427b4fd16fa613fb83f053b271f00396b36e90
07bb6c4b267a5f46a15cca9ad9644ca38af67daa1448ad67f583f58e3c8dfcc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 02:36:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b4c80fca9a7bc1b84369cdb60024668
91427b4fd16fa613fb83f053b271f00396b36e90
07bb6c4b267a5f46a15cca9ad9644ca38af67daa1448ad67f583f58e3c8dfcc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 02:36:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
216.58.207.227200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 29752, version 1.0\012- data
Hash ab1fc8621287e4ea9319a3136812cf80
fb4ed2e52e2a8d7ac50a7618a0c2ea5507a24ef3
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fex.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 15 Jan 2023 03:18:10 GMT
expires: Mon, 15 Jan 2024 03:18:10 GMT
cache-control: public, max-age=31536000
age: 170312
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
216.58.207.227200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30480, version 1.0\012- data
Hash 0e7e5f9d3a8ef121149827180b790b5c
0e9f9333078e5df9245630ff6f68ba1d9da3c403
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fex.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30480
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 20:08:19 GMT
expires: Thu, 11 Jan 2024 20:08:19 GMT
cache-control: public, max-age=31536000
age: 455303
last-modified: Wed, 27 Apr 2022 16:04:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKew72j00.woff2
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKew72j00.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 20860, version 1.0\012- data
Hash 15b0d42b9ec6606a60edbdcced868466
73ca3f9f966f6722e78409b22db328ce4da475a9
f1400c92345dcd9dbf746acab2c60e8580aa959473e9e56c8772cadcf7734b76
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKew72j00.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fex.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 04:05:48 GMT
expires: Tue, 16 Jan 2024 04:05:48 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:15:59 GMT
content-type: font/woff2
age: 81054
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b4c80fca9a7bc1b84369cdb60024668
91427b4fd16fa613fb83f053b271f00396b36e90
07bb6c4b267a5f46a15cca9ad9644ca38af67daa1448ad67f583f58e3c8dfcc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 02:36:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b4c80fca9a7bc1b84369cdb60024668
91427b4fd16fa613fb83f053b271f00396b36e90
07bb6c4b267a5f46a15cca9ad9644ca38af67daa1448ad67f583f58e3c8dfcc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 02:36:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
216.58.207.227200 OK 35 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 34852, version 1.0\012- data
Hash 0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fex.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 00:48:21 GMT
expires: Tue, 16 Jan 2024 00:48:21 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
age: 92901
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fex.net/client/desktop/static/css/28.67741ca0.chunk.css
194.106.216.70200 OK 13 kB URL HTTP/2 fex.net/client/desktop/static/css/28.67741ca0.chunk.css
IP 194.106.216.70:0
Hash 12bc71943973ccb8467b257262fd0500
df6d6cd15545d19e5991d612d86b7b1c886e4ba8
7f2735e3e5cb2dd2cf7fa5e801b3ef91f2527ba34e903bd4636d1fde71fd7f12
GET /client/desktop/static/css/28.67741ca0.chunk.css HTTP/1.1
Host: fex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fex.net/403?file_id=4331645080
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.12.2
date: Tue, 17 Jan 2023 02:36:40 GMT
content-type: text/css
last-modified: Wed, 28 Dec 2022 11:17:18 GMT
etag: W/"63ac25be-146d0"
expires: Tue, 17 Jan 2023 14:36:40 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f519c81e7711d00b13adf28706dcf4b8
8257c3324a4ffd06dc6ab505a5ccd9531a610af0
d0900b9ed6360654f767270593aa0fe415d269334e515ca4d13b673680db0262
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D0900B9ED6360654F767270593AA0FE415D269334E515CA4D13B673680DB0262"
Last-Modified: Sat, 14 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3041
Expires: Tue, 17 Jan 2023 03:27:23 GMT
Date: Tue, 17 Jan 2023 02:36:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f519c81e7711d00b13adf28706dcf4b8
8257c3324a4ffd06dc6ab505a5ccd9531a610af0
d0900b9ed6360654f767270593aa0fe415d269334e515ca4d13b673680db0262
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D0900B9ED6360654F767270593AA0FE415D269334E515CA4D13B673680DB0262"
Last-Modified: Sat, 14 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3041
Expires: Tue, 17 Jan 2023 03:27:23 GMT
Date: Tue, 17 Jan 2023 02:36:42 GMT
Connection: keep-alive
c.hit.ua/hit?i=7&g=0&x=3&s=1&c=1&t=0&w=1280&h=1024&d=24&r=&u=https%3A//fex.net/403%3Ffile_id%3D4331645080&0.370173241871505
89.184.81.35200 OK 351 B URL HTTP/2 c.hit.ua/hit?i=7&g=0&x=3&s=1&c=1&t=0&w=1280&h=1024&d=24&r=&u=https%3A//fex.net/403%3Ffile_id%3D4331645080&0.370173241871505
IP 89.184.81.35:0
ASN #28907 Internet Invest Ltd.
Hash ae6c0503ee03647c74edc31cb1394856
3cc8947c273d9db2aac47219d3055553376c3bbe
9cf3890f32a6ee75ed123fa8f95fa253f26c483a28c417a3ce0a71a2ef9be193
GET /hit?i=7&g=0&x=3&s=1&c=1&t=0&w=1280&h=1024&d=24&r=&u=https%3A//fex.net/403%3Ffile_id%3D4331645080&0.370173241871505 HTTP/1.1
Host: c.hit.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fex.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Tue, 17 Jan 2023 02:36:42 GMT
content-type: application/x-javascript
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
p3p: policyref="/w3c/p3p.xml", CP="UNI"
set-cookie: uid=1220075014.1673923002.2228961011; path=/; Secure; SameSite=None; domain=.hit.ua; expires=Fri, 16 Jan 2026 02:36:42 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0cd18c4a19cce4db4c1ee660e9a0a967
a60b429532788a57a53e8674de365ddd84fcf3e4
878401e98ec0ea4de88dad035d00618a4d3f382329f326711f3916b4325aab88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 02:36:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.162200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.162:0
File type ASCII text, with very long lines (4885)
Hash f2caac0fc7d86b7ec7d9e34c94dde6c5
f5cdb2c4284c00d3ea3ee73374107296809ee106
6200a4bbbc508a53b7c0716d7922ea2f8ec832eb7110d9c43ac3b0e68ee02044
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fex.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 17 Jan 2023 02:36:42 GMT
expires: Tue, 17 Jan 2023 02:36:42 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 5670859623682980002
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49348
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15405
Expires: Tue, 17 Jan 2023 06:53:27 GMT
Date: Tue, 17 Jan 2023 02:36:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15405
Expires: Tue, 17 Jan 2023 06:53:27 GMT
Date: Tue, 17 Jan 2023 02:36:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15405
Expires: Tue, 17 Jan 2023 06:53:27 GMT
Date: Tue, 17 Jan 2023 02:36:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15405
Expires: Tue, 17 Jan 2023 06:53:27 GMT
Date: Tue, 17 Jan 2023 02:36:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15405
Expires: Tue, 17 Jan 2023 06:53:27 GMT
Date: Tue, 17 Jan 2023 02:36:42 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87b645d1-9bdf-4fcb-990e-f3dfb01d71d5.jpeg
34.120.237.76200 OK 2.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87b645d1-9bdf-4fcb-990e-f3dfb01d71d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57f4bddae2488cc36924ba39e6cb5b75
84c4e591d4ec54c3f9b6749044029145103f2fb8
30f39db37bf4f4089a2c180cf3415dbcd2e73e4ad6088eb1ecf31c9f6f00d521
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87b645d1-9bdf-4fcb-990e-f3dfb01d71d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2711
x-amzn-requestid: 430c97a5-4c0a-44db-9d6b-9ee70a7195d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: exe1nHOvoAMFdYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c3ab56-0b014a2a5ed5c5e11e9c8327;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 07:29:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3wVLWMCi0beEkSWrqXCiTZkcvJQii9WwU6Oy7RR3_ekn-yt_gp1xRg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 11:27:05 GMT
age: 54577
etag: "84c4e591d4ec54c3f9b6749044029145103f2fb8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4bea3a8-a37c-4400-a7fe-c935f3758bbc.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4bea3a8-a37c-4400-a7fe-c935f3758bbc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 21f47639234f79c560d44fc1d42d6aca
56cbcaed180dd893cde9dcf3721f6b86158aca9b
a2fa6d73aee8fc0c2ef001de097b1f0e262fcfcda31f97a05912c41eea1c946b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4bea3a8-a37c-4400-a7fe-c935f3758bbc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7209
x-amzn-requestid: c3b968c0-5b08-45bf-9f58-03a1fb574e8f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2tm5FNqIAMFo6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c2f8-28d7f6dc7fea377b3c33282b;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:34:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: pQ54ou2q6Dt1SH_7zOCVwNnlKdYxbdRnAO5qICIRJ6SzjHJAPmt5GA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 21:56:51 GMT
age: 16791
etag: "56cbcaed180dd893cde9dcf3721f6b86158aca9b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad391a3-52d8-4a92-ab46-4ad076c43cf8.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad391a3-52d8-4a92-ab46-4ad076c43cf8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad210f0ba6ce6930724549cbba76e83d
e4badc3fbca9913bc11d968dac5cad1f900ff492
ad5f754d5dbe870feabfe090a46838614e96d72e78b9a2a8010ab339c67130be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad391a3-52d8-4a92-ab46-4ad076c43cf8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9529
x-amzn-requestid: 56f2b9a5-91c6-421a-ad84-165376e23dcf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2tm6Fm-oAMFrDQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c2f8-67a0c1fe6aad6e6b71e50463;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:34:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mzmFGVDfMuZte5CJUmchEQIVAuDUKdGfUpm7PRTUqnsP44IcDmbl8A==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 21:46:15 GMT
etag: "e4badc3fbca9913bc11d968dac5cad1f900ff492"
content-type: image/jpeg
age: 17427
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1490db-aa8a-4724-a608-8c0c03f98b35.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1490db-aa8a-4724-a608-8c0c03f98b35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 805a998e9a6fc452c152ab9542b6d0cd
0bd57ea7809abfa4136506f565ac8ba45c936406
b24e0b322cacda63e43582e713cb38d80914f6b82c735307188a2ddd9829338f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1490db-aa8a-4724-a608-8c0c03f98b35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10736
x-amzn-requestid: 78c83dbb-f641-4ece-bd8d-ce9d524f100d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2tm5FLvoAMFn1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c2f8-73b261b87d3eb7b709161fdf;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:34:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hUS-ajMYSYKXI2jsZJApvgUgr0lnbrm02BXZ6rsPS5h0daBcIRtgEw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 21:46:15 GMT
age: 17427
etag: "0bd57ea7809abfa4136506f565ac8ba45c936406"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0f4b6ad-4bfa-468c-ac97-628f5ed79b68.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0f4b6ad-4bfa-468c-ac97-628f5ed79b68.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7558650f7e974b34a7b3cb0c3c3a310c
7adb15e8c38cb18b57a696f8c1f08c523e1137e4
3179a4c545337e9a32d4f1ab851a3ec30ee16b44014c127630e1efcbf77e0c29
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0f4b6ad-4bfa-468c-ac97-628f5ed79b68.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10592
x-amzn-requestid: 7cb5c56a-324a-4eef-b2d0-63e151ae2920
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etlLyEhToAMF34Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c21be4-7b48a8de0c2957dc329af0e0;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 03:05:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U4yiXXjOtTAxXIINAt6tIZGqsp1XPD2TMvcDPG_daMfEZ3Cf6fNKDw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 08:25:07 GMT
age: 65495
etag: "7adb15e8c38cb18b57a696f8c1f08c523e1137e4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9297b226-d4aa-49e6-b351-77061f381097.jpeg
34.120.237.76200 OK 3.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9297b226-d4aa-49e6-b351-77061f381097.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d877fea13674783b11ec5f6c3e93810
6691f478a758386f8c7a0f714fbfe8d36b1bf257
b64d0343ca935e1618a3cedfa7fa837467917daf09bf667cf7709f52341e8015
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9297b226-d4aa-49e6-b351-77061f381097.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3172
x-amzn-requestid: 18de115a-9b45-4dc5-ac81-be90514e7acb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2s__EXOoAMFhyw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c1ff-5aafd9526583391c1e182be6;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:30:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CnUr67O4sv9O5yZucmA3HgM7IXu5CQhEnMMKSdwhooAE-OYdX7Ij5g==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 21:51:54 GMT
etag: "6691f478a758386f8c7a0f714fbfe8d36b1bf257"
content-type: image/jpeg
age: 17088
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0cd18c4a19cce4db4c1ee660e9a0a967
a60b429532788a57a53e8674de365ddd84fcf3e4
878401e98ec0ea4de88dad035d00618a4d3f382329f326711f3916b4325aab88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 02:36:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
aj1913.online/0c34d1aa.js?allpages
212.124.124.19200 14 kB URL HTTP/1.1 aj1913.online/0c34d1aa.js?allpages
IP 212.124.124.19:0
ASN #47328 True Records Inc.
File type ASCII text, with very long lines (37214), with no line terminators
Hash 6f6e1ceb6afa41273990884527a36be4
976f29cf3107bf6ffab658f00c9a9b09d8496254
2fb03ad71a429efc882f00b9e454510305d2c01cc61fddbac44f8957ebc4a4e9
GET /0c34d1aa.js?allpages HTTP/1.1
Host: aj1913.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fex.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
accept-ranges: bytes
etag: "0c903a08717e72dfb659fb018bcb40167"
content-type: application/javascript
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Tue, 17 Jan 2023 02:36:42 GMT
aj1913.online/0c34d1aa.js?ForbiddenPage
212.124.124.19200 14 kB URL HTTP/1.1 aj1913.online/0c34d1aa.js?ForbiddenPage
IP 212.124.124.19:0
ASN #47328 True Records Inc.
File type ASCII text, with very long lines (37153), with no line terminators
Hash efe38c2bf30e142d4e4a12a387c83b58
a52bb258a802cc0838f144117c95c5cf285b9096
5ef730d3a5e0db597b02b6adda37e607affa0e0ec40eca7e6f0e2253c46b68d1
GET /0c34d1aa.js?ForbiddenPage HTTP/1.1
Host: aj1913.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fex.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
accept-ranges: bytes
etag: "0a81f0eb8164ae24c7a179ed7a5b354ca"
content-type: application/javascript
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Tue, 17 Jan 2023 02:36:42 GMT
aj1913.online/zJEx9pENBArOib025D9fO4IA7Os4dqjebjYHasRe308s48U-OflwOQIaAhZJJxDOuRqFtJhofeXuK1WFpE1uGMZRM-o9l5q97SBx7Lld9_KTzVr10kVfbXitqsfpbvp2z6p_xSTBvAkLQqLj28D5pUVCKCcfzJhu4RySgwbvhE0WpdbiH83-ZNM0QOnq3tmFrN8CYAZha0syQpCJgUoVysP7I7jnQEsqXri42IjT2Gt0vFJ5KRtaeCSpkDu4AMiNiB-SITkqbiVyoI4GhyZMOBylnYzcnprJuElItdFJn7iH4H3M7i-DsoR_Q0CZ6hfHBMxKcX7IYk_JNqLTZckQU4wkP6gywn24vc4hcJUvHcjbwKZU5pa2HLuWDstzf9exVKTwNss5clPk9W5hjAPYRNFIhSZSYenZoEJ45L2NTpjKqag_HW1bM0KCBIfphOXUdMXRposg336iiqg?
212.124.124.19200 985 B URL HTTP/1.1 aj1913.online/zJEx9pENBArOib025D9fO4IA7Os4dqjebjYHasRe308s48U-OflwOQIaAhZJJxDOuRqFtJhofeXuK1WFpE1uGMZRM-o9l5q97SBx7Lld9_KTzVr10kVfbXitqsfpbvp2z6p_xSTBvAkLQqLj28D5pUVCKCcfzJhu4RySgwbvhE0WpdbiH83-ZNM0QOnq3tmFrN8CYAZha0syQpCJgUoVysP7I7jnQEsqXri42IjT2Gt0vFJ5KRtaeCSpkDu4AMiNiB-SITkqbiVyoI4GhyZMOBylnYzcnprJuElItdFJn7iH4H3M7i-DsoR_Q0CZ6hfHBMxKcX7IYk_JNqLTZckQU4wkP6gywn24vc4hcJUvHcjbwKZU5pa2HLuWDstzf9exVKTwNss5clPk9W5hjAPYRNFIhSZSYenZoEJ45L2NTpjKqag_HW1bM0KCBIfphOXUdMXRposg336iiqg?
IP 212.124.124.19:0
ASN #47328 True Records Inc.
File type JSON data\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (985), with no line terminators
Hash 7053d3b35cfe0cd1ada84fc957fa8554
94472fe01c3a1beca5964e5de3f02e00bcec4a4f
32c98995d83fc2da6065d70d25063228a63aab6b40a130fc8df3cc41c23414a9
POST /zJEx9pENBArOib025D9fO4IA7Os4dqjebjYHasRe308s48U-OflwOQIaAhZJJxDOuRqFtJhofeXuK1WFpE1uGMZRM-o9l5q97SBx7Lld9_KTzVr10kVfbXitqsfpbvp2z6p_xSTBvAkLQqLj28D5pUVCKCcfzJhu4RySgwbvhE0WpdbiH83-ZNM0QOnq3tmFrN8CYAZha0syQpCJgUoVysP7I7jnQEsqXri42IjT2Gt0vFJ5KRtaeCSpkDu4AMiNiB-SITkqbiVyoI4GhyZMOBylnYzcnprJuElItdFJn7iH4H3M7i-DsoR_Q0CZ6hfHBMxKcX7IYk_JNqLTZckQU4wkP6gywn24vc4hcJUvHcjbwKZU5pa2HLuWDstzf9exVKTwNss5clPk9W5hjAPYRNFIhSZSYenZoEJ45L2NTpjKqag_HW1bM0KCBIfphOXUdMXRposg336iiqg? HTTP/1.1
Host: aj1913.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fex.net
Connection: keep-alive
Referer: https://fex.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200
cache-control: no-cache, no-store, must-revalidate
p3p: CP="CAO PSA OUR"
expires: 0
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://fex.net
set-cookie: UUID=51521075-ee68-5cd9-8075-55bd1b13bfa0; Domain=.aj1913.online; Expires=Thu, 16-Jan-2025 02:36:42 GMT; Path=/; Secure; SameSite=None
content-type: application/json;charset=UTF-8
content-length: 985
date: Tue, 17 Jan 2023 02:36:42 GMT
aj1913.online/zCQ3zMGVyTs8VTf9MkDMf0-_1CDhIrJOy7tuZe1BjV13niOed1KE5XqhV5eTABL_3fYlM089rHwwSUbE8TRSiksQD9AxZk6hImB3VfMjZXOD3x-IS9JvnzIGWWqg5jIBZfIcEjOR2g4d8v2TtHxnZXcXmmh89TUqmDymaGdMcj-GEUmCOkubVmGXMnjxM1bQrDNiUUtW7-XU31FUAdlysmDgOTSPcvHnoG4FEOY3mmWBWJ1m9aHEXtPtG13bXmtuTYtRaNLQy5y8LAxahH0Cdg0XVMXoPwVIeL0I3VmaPm8WarS4HKBkSDqZPboocCJ_b9DNzvjTemhL3Fi_lI79SHm5qOSm1C-mKqyC_ExA-BBVj2rxrppPFuxPzfEIvVdu6h1dgJcWmRAEve3qQMeYfy55lkIvhn5S2IzwmS3iglH0DqpgLWR54mybuxkP1oLfIkHRooM8z2KH29g?
212.124.124.19200 13 kB URL HTTP/1.1 aj1913.online/zCQ3zMGVyTs8VTf9MkDMf0-_1CDhIrJOy7tuZe1BjV13niOed1KE5XqhV5eTABL_3fYlM089rHwwSUbE8TRSiksQD9AxZk6hImB3VfMjZXOD3x-IS9JvnzIGWWqg5jIBZfIcEjOR2g4d8v2TtHxnZXcXmmh89TUqmDymaGdMcj-GEUmCOkubVmGXMnjxM1bQrDNiUUtW7-XU31FUAdlysmDgOTSPcvHnoG4FEOY3mmWBWJ1m9aHEXtPtG13bXmtuTYtRaNLQy5y8LAxahH0Cdg0XVMXoPwVIeL0I3VmaPm8WarS4HKBkSDqZPboocCJ_b9DNzvjTemhL3Fi_lI79SHm5qOSm1C-mKqyC_ExA-BBVj2rxrppPFuxPzfEIvVdu6h1dgJcWmRAEve3qQMeYfy55lkIvhn5S2IzwmS3iglH0DqpgLWR54mybuxkP1oLfIkHRooM8z2KH29g?
IP 212.124.124.19:0
ASN #47328 True Records Inc.
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (39221), with no line terminators
Hash 5f635b525b1f4aa94fa7b0560cd9d46a
4a1cde7c3663a9cccceb8cc4eb0b54ad3e0c872e
09aca610352a9cf6c370524e156f6e4e1dff4e959e7d51707eae9e40cd7bc12b
POST /zCQ3zMGVyTs8VTf9MkDMf0-_1CDhIrJOy7tuZe1BjV13niOed1KE5XqhV5eTABL_3fYlM089rHwwSUbE8TRSiksQD9AxZk6hImB3VfMjZXOD3x-IS9JvnzIGWWqg5jIBZfIcEjOR2g4d8v2TtHxnZXcXmmh89TUqmDymaGdMcj-GEUmCOkubVmGXMnjxM1bQrDNiUUtW7-XU31FUAdlysmDgOTSPcvHnoG4FEOY3mmWBWJ1m9aHEXtPtG13bXmtuTYtRaNLQy5y8LAxahH0Cdg0XVMXoPwVIeL0I3VmaPm8WarS4HKBkSDqZPboocCJ_b9DNzvjTemhL3Fi_lI79SHm5qOSm1C-mKqyC_ExA-BBVj2rxrppPFuxPzfEIvVdu6h1dgJcWmRAEve3qQMeYfy55lkIvhn5S2IzwmS3iglH0DqpgLWR54mybuxkP1oLfIkHRooM8z2KH29g? HTTP/1.1
Host: aj1913.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fex.net
Connection: keep-alive
Referer: https://fex.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200
cache-control: no-cache, no-store, must-revalidate
p3p: CP="CAO PSA OUR"
expires: 0
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://fex.net
set-cookie: UUID=51521075-ee68-5cd9-8075-55bd1b13bfa0; Domain=.aj1913.online; Expires=Thu, 16-Jan-2025 02:36:42 GMT; Path=/; Secure; SameSite=None
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Tue, 17 Jan 2023 02:36:42 GMT
aj1913.online/zOFeAQq5inXwJLIvLFrEfIKPb0kRv4Fh-qHNfMe7bqTO5rcdDVhCTKVzwMrEAfM9UitUxZ0_RCfVnOsx3w11FcArEKyc6YKxhz4HbQ1q0ZdgO2knRRh2pUkNeTjyF8f3Kt2L8tX5CAYqgGPUkN382aVNY4YrAmXr1MBNVHBvHxrjJZiL0RKQupnv1E947hHwoww8Nj-zKL4_DkL36MF3a7IkHpD3rVjt5nspLsNAPAewDM-fhkRLCFRL-M-gbYyeev-H2YGpaHRPXZj6yDijVF93EBvbDZDnYXYwtX56CE3TsTfx-0APNIotoU14_Dr-Kbbk7TKf4HrlpZ7WkBits8EPIh85ibCCpVNaSCSj2ZwymZw13tEbY_BozFg?DC=DO
212.124.124.19200 49 B URL HTTP/1.1 aj1913.online/zOFeAQq5inXwJLIvLFrEfIKPb0kRv4Fh-qHNfMe7bqTO5rcdDVhCTKVzwMrEAfM9UitUxZ0_RCfVnOsx3w11FcArEKyc6YKxhz4HbQ1q0ZdgO2knRRh2pUkNeTjyF8f3Kt2L8tX5CAYqgGPUkN382aVNY4YrAmXr1MBNVHBvHxrjJZiL0RKQupnv1E947hHwoww8Nj-zKL4_DkL36MF3a7IkHpD3rVjt5nspLsNAPAewDM-fhkRLCFRL-M-gbYyeev-H2YGpaHRPXZj6yDijVF93EBvbDZDnYXYwtX56CE3TsTfx-0APNIotoU14_Dr-Kbbk7TKf4HrlpZ7WkBits8EPIh85ibCCpVNaSCSj2ZwymZw13tEbY_BozFg?DC=DO
IP 212.124.124.19:0
ASN #47328 True Records Inc.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 56398e76be6355ad5999b262208a17c9
a1fdee122b95748d81cee426d717c05b5174fe96
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
GET /zOFeAQq5inXwJLIvLFrEfIKPb0kRv4Fh-qHNfMe7bqTO5rcdDVhCTKVzwMrEAfM9UitUxZ0_RCfVnOsx3w11FcArEKyc6YKxhz4HbQ1q0ZdgO2knRRh2pUkNeTjyF8f3Kt2L8tX5CAYqgGPUkN382aVNY4YrAmXr1MBNVHBvHxrjJZiL0RKQupnv1E947hHwoww8Nj-zKL4_DkL36MF3a7IkHpD3rVjt5nspLsNAPAewDM-fhkRLCFRL-M-gbYyeev-H2YGpaHRPXZj6yDijVF93EBvbDZDnYXYwtX56CE3TsTfx-0APNIotoU14_Dr-Kbbk7TKf4HrlpZ7WkBits8EPIh85ibCCpVNaSCSj2ZwymZw13tEbY_BozFg?DC=DO HTTP/1.1
Host: aj1913.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fex.net/
Cookie: UUID=51521075-ee68-5cd9-8075-55bd1b13bfa0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
cache-control: no-cache
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
accept-ranges: bytes
etag: W/"49-1669117906000"
last-modified: Tue, 22 Nov 2022 11:51:46 GMT
content-type: image/gif
content-length: 49
date: Tue, 17 Jan 2023 02:36:42 GMT
aj1913.online/zz8s9nAdIK08uNm8huXSSSofkbTTksnFJeC-phl3xr8Oud38Bi6kyqfPB3kWCf2xESSrW0DQGzpAj527tgGG-CVsH-FT_uid6NVHUHm8bGstyy3RaTZ5zKPdiCRia1t2RtS1vDoG-H9sTjm771iWgy2rIogwd6GxRyuThewFIpOc2X56iA1bR51W4me4YzROHc2MpQ5U1cvKowSXVn2I9dFw9UqhfTUUDV2CML4j3AxvqHWy33XeSDu3qXlqsDHWWBQ9mL-qZTtMUzzNGm1KMVWONTDXt89gZdqpIn-cHl_IyOyJDZ7qphdn_7quQa0InzKplFsU1AZdf5MJJmHjBFoNDgPb4I3M-zNCcmhgFzpKHswadOUaUmPHFKNqFPf7-x_0FERrr5MeVVQk?DC=DO
212.124.124.19200 43 B URL HTTP/1.1 aj1913.online/zz8s9nAdIK08uNm8huXSSSofkbTTksnFJeC-phl3xr8Oud38Bi6kyqfPB3kWCf2xESSrW0DQGzpAj527tgGG-CVsH-FT_uid6NVHUHm8bGstyy3RaTZ5zKPdiCRia1t2RtS1vDoG-H9sTjm771iWgy2rIogwd6GxRyuThewFIpOc2X56iA1bR51W4me4YzROHc2MpQ5U1cvKowSXVn2I9dFw9UqhfTUUDV2CML4j3AxvqHWy33XeSDu3qXlqsDHWWBQ9mL-qZTtMUzzNGm1KMVWONTDXt89gZdqpIn-cHl_IyOyJDZ7qphdn_7quQa0InzKplFsU1AZdf5MJJmHjBFoNDgPb4I3M-zNCcmhgFzpKHswadOUaUmPHFKNqFPf7-x_0FERrr5MeVVQk?DC=DO
IP 212.124.124.19:0
ASN #47328 True Records Inc.
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /zz8s9nAdIK08uNm8huXSSSofkbTTksnFJeC-phl3xr8Oud38Bi6kyqfPB3kWCf2xESSrW0DQGzpAj527tgGG-CVsH-FT_uid6NVHUHm8bGstyy3RaTZ5zKPdiCRia1t2RtS1vDoG-H9sTjm771iWgy2rIogwd6GxRyuThewFIpOc2X56iA1bR51W4me4YzROHc2MpQ5U1cvKowSXVn2I9dFw9UqhfTUUDV2CML4j3AxvqHWy33XeSDu3qXlqsDHWWBQ9mL-qZTtMUzzNGm1KMVWONTDXt89gZdqpIn-cHl_IyOyJDZ7qphdn_7quQa0InzKplFsU1AZdf5MJJmHjBFoNDgPb4I3M-zNCcmhgFzpKHswadOUaUmPHFKNqFPf7-x_0FERrr5MeVVQk?DC=DO HTTP/1.1
Host: aj1913.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fex.net/
Cookie: UUID=51521075-ee68-5cd9-8075-55bd1b13bfa0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
cache-control: no-cache
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="CAO PSA OUR"
set-cookie: bsc=184-1673926603109-123-1--; Domain=.aj1913.online; Expires=Wed, 17-Jan-2024 02:36:43 GMT; Path=/; Secure; SameSite=None
ucv=20-NO-1674009403109-24--; Domain=.aj1913.online; Expires=Wed, 17-Jan-2024 02:36:43 GMT; Path=/; Secure; SameSite=None
access-control-allow-origin: *
accept-ranges: bytes
etag: W/"43-1669117898000"
last-modified: Tue, 22 Nov 2022 11:51:38 GMT
content-type: image/gif
content-length: 43
date: Tue, 17 Jan 2023 02:36:42 GMT
aj1913.online/z3vof7oFvAgPxFk8tmOT1SjMN0lkIrDLXJL0SYBGiKR4QN4LFWUlLe82C2PQ5cH-ODrEATLXdrA2KhIfOOCzAvcHNfIB5QVDMmrfHxK7I_2Ez08R6XXoJoM9y6RKCi8ukBRCgp2OoZTglEsnrnHok6LKqsQ0pHlsL-gr5soeO1FMm6R-usNZLld_A7FhPEBQRflAaoRQfl_F_aK8e9DOMb8IatTQNmgWPmaD_N8jIYk1c1q2uScWlPFDQItECG9dOCAtGNDGSG7lCO5IYXQxzq1X6d4qGg3SOvA__7ApVq3rinBAdHa2NWABPJPZHsnTjiSmr3QVL3f9lqYtWElIb1M5MXVvimhuxuFIR-Ektj-vIiEH_ZRzuFQ9r_DOk3ZS5GuT__dx5I9uPWDF6CYEzx4enrmFw5vYDY0qNh00AoCHRLrq-3b7awDz_fkuYFOzOb5xo9c062vT79A?
212.124.124.19200 985 B URL HTTP/1.1 aj1913.online/z3vof7oFvAgPxFk8tmOT1SjMN0lkIrDLXJL0SYBGiKR4QN4LFWUlLe82C2PQ5cH-ODrEATLXdrA2KhIfOOCzAvcHNfIB5QVDMmrfHxK7I_2Ez08R6XXoJoM9y6RKCi8ukBRCgp2OoZTglEsnrnHok6LKqsQ0pHlsL-gr5soeO1FMm6R-usNZLld_A7FhPEBQRflAaoRQfl_F_aK8e9DOMb8IatTQNmgWPmaD_N8jIYk1c1q2uScWlPFDQItECG9dOCAtGNDGSG7lCO5IYXQxzq1X6d4qGg3SOvA__7ApVq3rinBAdHa2NWABPJPZHsnTjiSmr3QVL3f9lqYtWElIb1M5MXVvimhuxuFIR-Ektj-vIiEH_ZRzuFQ9r_DOk3ZS5GuT__dx5I9uPWDF6CYEzx4enrmFw5vYDY0qNh00AoCHRLrq-3b7awDz_fkuYFOzOb5xo9c062vT79A?
IP 212.124.124.19:0
ASN #47328 True Records Inc.
File type JSON data\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (985), with no line terminators
Hash 7917e043dd46f2ae0b49a5e6ce080965
9ffc030ca29c8c271d094efb8de01663b7d68ebc
3fa34d34fd0af30c603602eae7f4c2d2df5db7e46d46c705e8f49b1b51971eac
POST /z3vof7oFvAgPxFk8tmOT1SjMN0lkIrDLXJL0SYBGiKR4QN4LFWUlLe82C2PQ5cH-ODrEATLXdrA2KhIfOOCzAvcHNfIB5QVDMmrfHxK7I_2Ez08R6XXoJoM9y6RKCi8ukBRCgp2OoZTglEsnrnHok6LKqsQ0pHlsL-gr5soeO1FMm6R-usNZLld_A7FhPEBQRflAaoRQfl_F_aK8e9DOMb8IatTQNmgWPmaD_N8jIYk1c1q2uScWlPFDQItECG9dOCAtGNDGSG7lCO5IYXQxzq1X6d4qGg3SOvA__7ApVq3rinBAdHa2NWABPJPZHsnTjiSmr3QVL3f9lqYtWElIb1M5MXVvimhuxuFIR-Ektj-vIiEH_ZRzuFQ9r_DOk3ZS5GuT__dx5I9uPWDF6CYEzx4enrmFw5vYDY0qNh00AoCHRLrq-3b7awDz_fkuYFOzOb5xo9c062vT79A? HTTP/1.1
Host: aj1913.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fex.net
Connection: keep-alive
Referer: https://fex.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200
cache-control: no-cache, no-store, must-revalidate
p3p: CP="CAO PSA OUR"
expires: 0
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://fex.net
set-cookie: UUID=51521075-ee68-5cd9-8075-55bd1b13bfa0; Domain=.aj1913.online; Expires=Thu, 16-Jan-2025 02:36:43 GMT; Path=/; Secure; SameSite=None
content-type: application/json;charset=UTF-8
content-length: 985
date: Tue, 17 Jan 2023 02:36:42 GMT
aj1913.online/zbxaCYRFen7wHMUGuZFxEaUEe97uPIH10Ucea6Nzi57DBdHI0cLCyoVJlLOZQmzmRQjWPweSkCylK-pUGbduJXksoTLlcpaqG6fzJLzF0BDnP0lNBMnekBAl64K8z0Dk67TbWhZXXvLHZ4H5hGX4nL8HI3Pmoc7djajyJbQJTNCkON5eYjbdz6EiHY1HaMcBeFncH0yTbm4iMEWHMDeajG51iv29kkwWI8hC2n7_wOvq5Nxmx_gSuw_bCiWgeipO9ZbD7Lis_5mzs98OlcCwp5rCk9tWOEo0TZmXrBmtRe8Cf3RA0MsKN4eumEehZJiBpc4Pp71PGXqs5MWuQ2wNwKFtucVLZuYWz1s9SvYbzRzhDkMTYKPT-13LPzQ?DC=DO
212.124.124.19200 49 B URL HTTP/1.1 aj1913.online/zbxaCYRFen7wHMUGuZFxEaUEe97uPIH10Ucea6Nzi57DBdHI0cLCyoVJlLOZQmzmRQjWPweSkCylK-pUGbduJXksoTLlcpaqG6fzJLzF0BDnP0lNBMnekBAl64K8z0Dk67TbWhZXXvLHZ4H5hGX4nL8HI3Pmoc7djajyJbQJTNCkON5eYjbdz6EiHY1HaMcBeFncH0yTbm4iMEWHMDeajG51iv29kkwWI8hC2n7_wOvq5Nxmx_gSuw_bCiWgeipO9ZbD7Lis_5mzs98OlcCwp5rCk9tWOEo0TZmXrBmtRe8Cf3RA0MsKN4eumEehZJiBpc4Pp71PGXqs5MWuQ2wNwKFtucVLZuYWz1s9SvYbzRzhDkMTYKPT-13LPzQ?DC=DO
IP 212.124.124.19:0
ASN #47328 True Records Inc.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 56398e76be6355ad5999b262208a17c9
a1fdee122b95748d81cee426d717c05b5174fe96
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
GET /zbxaCYRFen7wHMUGuZFxEaUEe97uPIH10Ucea6Nzi57DBdHI0cLCyoVJlLOZQmzmRQjWPweSkCylK-pUGbduJXksoTLlcpaqG6fzJLzF0BDnP0lNBMnekBAl64K8z0Dk67TbWhZXXvLHZ4H5hGX4nL8HI3Pmoc7djajyJbQJTNCkON5eYjbdz6EiHY1HaMcBeFncH0yTbm4iMEWHMDeajG51iv29kkwWI8hC2n7_wOvq5Nxmx_gSuw_bCiWgeipO9ZbD7Lis_5mzs98OlcCwp5rCk9tWOEo0TZmXrBmtRe8Cf3RA0MsKN4eumEehZJiBpc4Pp71PGXqs5MWuQ2wNwKFtucVLZuYWz1s9SvYbzRzhDkMTYKPT-13LPzQ?DC=DO HTTP/1.1
Host: aj1913.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fex.net/
Cookie: UUID=51521075-ee68-5cd9-8075-55bd1b13bfa0; bsc=184-1673926603109-123-1--; ucv=20-NO-1674009403109-24--
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
cache-control: no-cache
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
accept-ranges: bytes
etag: W/"49-1669117906000"
last-modified: Tue, 22 Nov 2022 11:51:46 GMT
content-type: image/gif
content-length: 49
date: Tue, 17 Jan 2023 02:36:42 GMT
adservice.google.no/adsid/integrator.js?domain=fex.net
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=fex.net
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=fex.net HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fex.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 17 Jan 2023 02:36:43 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 65da68ebd2261838345d8d3c901f68e1
eca2d245e8088e234ff653f952d20a5c02b30782
7be389a576bdf77f00aa9c51e86a5ca524a2d606501539d58f635f5057956dd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 02:36:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6a0c99efce2ba7294ef4b88e9810c411
90e325963c1355d4c2ab6500689850a2df4c419f
957f138460650b9cecf197fb62ec2b92fae42eb5d9d431a348f8f518470612c8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 02:36:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=fex.net&callback=_gfp_s_&client=ca-pub-8564894658009468&gpid_exp=1
142.250.74.34200 OK 246 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=fex.net&callback=_gfp_s_&client=ca-pub-8564894658009468&gpid_exp=1
IP 142.250.74.34:0
File type ASCII text, with very long lines (381), with no line terminators
Hash 096fdd78d96b58a0b77abfa0e81d3daf
26e928dd020b35ffcaebb88edcbc4bf5daa748c6
898abfa290eb6eb6bc5b023763d28f09f8c8ca34aac963bccfc337bfff20ae82
GET /gampad/cookie.js?domain=fex.net&callback=_gfp_s_&client=ca-pub-8564894658009468&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fex.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 17 Jan 2023 02:36:43 GMT
server: cafe
cache-control: private
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=fex.net
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=fex.net
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=fex.net HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fex.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 17 Jan 2023 02:36:43 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 65da68ebd2261838345d8d3c901f68e1
eca2d245e8088e234ff653f952d20a5c02b30782
7be389a576bdf77f00aa9c51e86a5ca524a2d606501539d58f635f5057956dd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 02:36:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=fex.net
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=fex.net
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=fex.net HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fex.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 17 Jan 2023 02:36:43 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/mysidia/1fa652aa70ababc78244f8b54c5f124c.js?tag=client_fast_engine_2019
142.250.74.35200 OK 4.2 kB URL HTTP/2 www.gstatic.com/mysidia/1fa652aa70ababc78244f8b54c5f124c.js?tag=client_fast_engine_2019
IP 142.250.74.35:0
File type ASCII text, with very long lines (2630)
Hash 07d9fc34dd6c802cd322fbf6610fd6e6
2ae9051b3d1d380e364c287f4d40dbd7dc3ac776
1ae14752e0fd53b7eab881df1cfeae4ac5c7279b2a7988e6502c9e33841bfdff
GET /mysidia/1fa652aa70ababc78244f8b54c5f124c.js?tag=client_fast_engine_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 4234
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 01:37:32 GMT
expires: Mon, 17 Apr 2023 01:37:32 GMT
cache-control: public, max-age=7776000
last-modified: Thu, 12 Jan 2023 21:59:13 GMT
content-type: text/javascript
age: 3551
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/mysidia/1361b6196af0d1e07082d1e4b1fa3dae.js?tag=text/vanilla_highlight
142.250.74.35200 OK 4.5 kB URL HTTP/2 www.gstatic.com/mysidia/1361b6196af0d1e07082d1e4b1fa3dae.js?tag=text/vanilla_highlight
IP 142.250.74.35:0
File type C++ source, ASCII text, with very long lines (1812)
Hash 27a508710464f863df3ded1a2fe0d268
3cc34753fe3e8a093f3041a40d10c2287f02d87b
22faed1b7b02490bc8c70376d433791bd078cdefa93895c6bbb54d797b5a0cc0
GET /mysidia/1361b6196af0d1e07082d1e4b1fa3dae.js?tag=text/vanilla_highlight HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 4492
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 01:56:35 GMT
expires: Tue, 11 Apr 2023 01:56:35 GMT
cache-control: public, max-age=7776000
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
content-type: text/javascript
age: 520808
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1ab3c7781d7bfdd4978054e71e8a2d41
1c38ed215f24ed5be893edd64aae2d0c732f32ee
5026934ea312f7ec6622df4df7560a949266c732a1404189105d8b99e00de217
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 02:36:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1ab3c7781d7bfdd4978054e71e8a2d41
1c38ed215f24ed5be893edd64aae2d0c732f32ee
5026934ea312f7ec6622df4df7560a949266c732a1404189105d8b99e00de217
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 02:36:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js
216.58.211.1200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1506)
Hash 5b7f8f3b88683f1be8c3cd38c6eac34c
40ac969c50aa9e810c739114f36da64b9c0032c6
b058db00e166a46363182af58e3b632f131aa773e6721f14808c400ead7943a8
GET /pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7538
x-xss-protection: 0
date: Mon, 16 Jan 2023 18:59:22 GMT
expires: Mon, 30 Jan 2023 18:59:22 GMT
cache-control: public, max-age=1209600
age: 27441
etag: 18140588555649875417
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js
216.58.211.1200 OK 8.9 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1569)
Hash 405113cd450d20a7a8794680fe6d9085
aa285e8e9e3a07ea817e5bbc81d36c40f3edfe40
884ddf0329fcc7c276fd337734c4454c42c4e9c8ca3ed4371d544c8c3acbdfd9
GET /pagead/js/r20230111/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 8889
x-xss-protection: 0
date: Mon, 16 Jan 2023 19:03:53 GMT
expires: Mon, 30 Jan 2023 19:03:53 GMT
cache-control: public, max-age=1209600
age: 27170
etag: 3049769697470197148
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.34200 OK 49 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.34:0
File type ASCII text, with very long lines (3504)
Hash e40f18060da80ec51347a32db6a47fab
b9199bd9cd65752cd17f99452a4d66a844ad01b8
1eb517784df31e4be7c639831d413ead1e59ae5f33dc767a98f9c548face5f03
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 49309
date: Tue, 17 Jan 2023 02:36:43 GMT
expires: Tue, 17 Jan 2023 02:36:43 GMT
cache-control: private, max-age=3000
etag: "1673441803913192"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
216.58.207.227200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 14:34:21 GMT
expires: Fri, 12 Jan 2024 14:34:21 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
age: 388943
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic
IP 142.250.74.74:0
GET /css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fex.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 17 Jan 2023 02:36:40 GMT
date: Tue, 17 Jan 2023 02:36:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fex.net/client/desktop/static/css/main.b397d6d7.chunk.css
194.106.216.70200 OK 0 B URL HTTP/2 fex.net/client/desktop/static/css/main.b397d6d7.chunk.css
IP 194.106.216.70:0
GET /client/desktop/static/css/main.b397d6d7.chunk.css HTTP/1.1
Host: fex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fex.net/403?file_id=4331645080
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.12.2
date: Tue, 17 Jan 2023 02:36:40 GMT
content-type: text/css
last-modified: Wed, 28 Dec 2022 11:17:18 GMT
etag: W/"63ac25be-47eda"
expires: Tue, 17 Jan 2023 14:36:40 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: gzip
X-Firefox-Spdy: h2
fex.net/client/desktop/static/js/28.a3d9d3b7.chunk.js
194.106.216.70200 OK 0 B URL HTTP/2 fex.net/client/desktop/static/js/28.a3d9d3b7.chunk.js
IP 194.106.216.70:0
GET /client/desktop/static/js/28.a3d9d3b7.chunk.js HTTP/1.1
Host: fex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fex.net/403?file_id=4331645080
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.12.2
date: Tue, 17 Jan 2023 02:36:40 GMT
content-type: application/javascript
last-modified: Wed, 28 Dec 2022 11:17:18 GMT
etag: W/"63ac25be-1c0aa3"
expires: Tue, 17 Jan 2023 14:36:40 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: gzip
X-Firefox-Spdy: h2
fex.net/client/desktop/locales/en/translations.json
194.106.216.70200 OK 0 B URL HTTP/2 fex.net/client/desktop/locales/en/translations.json
IP 194.106.216.70:0
GET /client/desktop/locales/en/translations.json HTTP/1.1
Host: fex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fex.net/403?file_id=4331645080
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.12.2
date: Tue, 17 Jan 2023 02:36:41 GMT
content-type: application/json
last-modified: Wed, 28 Dec 2022 11:17:18 GMT
etag: W/"63ac25be-2cbcc"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: gzip
X-Firefox-Spdy: h2
fex.net/403?file_id=4331645080
194.106.216.70200 OK 0 B URL HTTP/2 fex.net/403?file_id=4331645080
IP 194.106.216.70:0
GET /403?file_id=4331645080 HTTP/1.1
Host: fex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx/1.12.2
date: Tue, 17 Jan 2023 02:36:40 GMT
content-type: text/html
last-modified: Wed, 28 Dec 2022 11:17:18 GMT
etag: W/"63ac25be-1ec5"
content-encoding: gzip
X-Firefox-Spdy: h2