firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 11:04:17 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: p0lUW_JAeuJpGw_OdVHsfdwG_Goo88W95qsDDsSYhtMuGeIw1BgyRg==
Age: 269
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2218
Expires: Tue, 06 Sep 2022 11:45:44 GMT
Date: Tue, 06 Sep 2022 11:08:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PgL-9Qffxlr9qghA_lqET2653Sqb3Gt29WPrLc9nb02XtpiLBO_7mA==
age: 35609
X-Firefox-Spdy: h2
dirkwin.com/movstong.php?movie=tt13070038&sub=minion
195.179.236.15301 Moved Permanently 707 B URL HTTP/1.1 dirkwin.com/movstong.php?movie=tt13070038&sub=minion
IP 195.179.236.15:0
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /movstong.php?movie=tt13070038&sub=minion HTTP/1.1
Host: dirkwin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Tue, 06 Sep 2022 11:08:46 GMT
server: LiteSpeed
location: https://dirkwin.com/movstong.php?movie=tt13070038&sub=minion
content-security-policy: upgrade-insecure-requests
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 11:08:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 06 Sep 2022 10:38:18 GMT
Expires: Tue, 06 Sep 2022 11:34:52 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -HIX35g6NpBK_iFjjALj3o8fKKYvo1o8aOd37ZZUmDOALj4PG6RBLg==
Age: 1829
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e8952752ad4a452a575522a7eb737217
c5554fa2af05d7a7117032b0f99352de08988346
8c182bed7bbd843774a2136823b30a4cb707e2a5386f71d01640aa3558888bf7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3157
Cache-Control: max-age=165034
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:08:47 GMT
Etag: "6316ff94-1d7"
Expires: Thu, 08 Sep 2022 08:59:21 GMT
Last-Modified: Tue, 06 Sep 2022 08:06:44 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.148.77.40101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.77.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: T/jv3yKxBJPOGBxP0RK++g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bvitb26eGuWiXvdI4cvAulzxowY=
w.sharethis.com/button/buttons.js
54.230.111.56200 OK 26 kB URL HTTP/2 w.sharethis.com/button/buttons.js
IP 54.230.111.56:0
File type ASCII text, with very long lines (998)
Hash 1e9f2232bb57b7ff3572ae16e83f257b
a9c8dd03eb658dc27be9ce0c4b4e7554350a66ae
e6b3b7a72fc3d7a572cd1727f3bb2bd2a9bc52838cc60e70d510a657ef1b7119
GET /button/buttons.js HTTP/1.1
Host: w.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 26307
content-encoding: gzip
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
date: Tue, 06 Sep 2022 05:11:55 GMT
cache-control: max-age=259200
expires: Wed, 07 Sep 2022 04:43:38 GMT
etag: W/"62bdf23a-19615"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: i-HFCvVjAwSBCuJirpE4MWuzblqXWOUcP_4KMezIxiczrX-fw2I7IQ==
age: 195910
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w154/moogpu8rNkEjTgFyLXwhPghft5w.jpg
54.230.111.103200 OK 6.8 kB URL HTTP/2 image.tmdb.org/t/p/w154/moogpu8rNkEjTgFyLXwhPghft5w.jpg
IP 54.230.111.103:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 154x231, components 3\012- data
Hash 7acaa26ea063d4dce2315eb0077f8a26
5190dc1d8dbf35788d6a27e41c0bbde070e5ab83
b5b80b554effc48189ea130acd6634228e092db3224b7fb3a72b1cfcec478d0d
GET /t/p/w154/moogpu8rNkEjTgFyLXwhPghft5w.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 6839
date: Mon, 22 Aug 2022 17:43:41 GMT
server: openresty
last-modified: Mon, 22 Aug 2022 17:43:41 GMT
cache-control: max-age=31449600
etag: "9a0768e797860b35e02a32d76dd31c4a"
expires: Mon, 21 Aug 2023 17:43:41 GMT
x-rack-cache: fresh
x-content-digest: 5190dc1d8dbf35788d6a27e41c0bbde070e5ab83
accept-ranges: bytes
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: nh3g8mwtVsWbEU7vKcBvaYDkly4wVK7AAYiWJrTlRTyZ1pgylmKj9w==
age: 1272307
X-Firefox-Spdy: h2
dirkwin.com/movstong.php?movie=tt13070038&sub=minion
195.179.236.15200 OK 4.3 kB URL HTTP/2 dirkwin.com/movstong.php?movie=tt13070038&sub=minion
IP 195.179.236.15:0
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1513), with CRLF, LF line terminators
Hash cc4a3dcf99bd4de6ccbdf43cea9ba731
65eb937855565cc370837725265fa8efa1b2e4af
e3f92177798dc8ebc6909128e6a0611d4ce0f8db9efcf3c4a63181c55a53f3db
GET /movstong.php?movie=tt13070038&sub=minion HTTP/1.1
Host: dirkwin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.4.30
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Sep 2022 11:08:47 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
dirkwin.com/css/movie01_common.css
195.179.236.15200 OK 2.8 kB URL HTTP/2 dirkwin.com/css/movie01_common.css
IP 195.179.236.15:0
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (1333)
Hash c9cdebbe2f545cdf701982f39c7cbaef
7853456a026478d9d10a0468f99f9dc86efb94b8
de1b4818878cc494489657f347f84b01f19aca89fec99b03478d0ad16fb0cd81
GET /css/movie01_common.css HTTP/1.1
Host: dirkwin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dirkwin.com/movstong.php?movie=tt13070038&sub=minion
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 11:08:48 GMT
content-type: text/css
last-modified: Thu, 02 Jun 2022 08:58:45 GMT
etag: "3380-62987bc5-8586ac55ef7d6c6c;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2781
date: Tue, 06 Sep 2022 11:08:48 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
dirkwin.com/css/movie01v41.css
195.179.236.15200 OK 703 B URL HTTP/2 dirkwin.com/css/movie01v41.css
IP 195.179.236.15:0
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (1567), with CRLF line terminators
Hash 2283f7ddf728c123fa58b21dfd7c25cc
9a7bf3ac13a172dae015c068835fbc2f426590cb
0c0c76b84b41f7478ed22f4353ff4ed12b9dad70df54e8fcb1a221c1b991d0d1
GET /css/movie01v41.css HTTP/1.1
Host: dirkwin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dirkwin.com/movstong.php?movie=tt13070038&sub=minion
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 11:08:48 GMT
content-type: text/css
last-modified: Sun, 05 Jun 2022 15:35:34 GMT
etag: "b6c-629ccd46-c4e8a2b76fd6de64;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 703
date: Tue, 06 Sep 2022 11:08:48 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 7d998abb45a9ffa6fa1ae398b81cd905
8fc159c1fdd78f24aed2ba33f714ae970df74b9d
9a2c90c2eff0524e1f224174331ec78babf89f5516e35782ef0d5c5fb5cfba81
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 11:08:48 GMT
Last-Modified: Tue, 06 Sep 2022 10:16:49 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cMAfONMvzHpgysIUMgBmsjaU21_RJokPygyP_DKx69kuPGivalmtBA==
Age: 3119
dirkwin.com/css/jRating.jquery.css
195.179.236.15200 OK 328 B URL HTTP/2 dirkwin.com/css/jRating.jquery.css
IP 195.179.236.15:0
ASN #47583 Hostinger International Limited
Hash 8dfd97c4f0b8d27654c3b86b6d9ea663
3fba32197bdfa8cbc841baa102c26a03044f829a
c097300055b5f21a9f2e9350f266c829d6e4c64ac6c49b8a2ba052c74517cb18
GET /css/jRating.jquery.css HTTP/1.1
Host: dirkwin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dirkwin.com/movstong.php?movie=tt13070038&sub=minion
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 11:08:48 GMT
content-type: text/css
last-modified: Thu, 02 Jun 2022 08:58:44 GMT
etag: "322-62987bc4-67c2afb97695f702;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 328
date: Tue, 06 Sep 2022 11:08:48 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f41565238dc856269109dcc30c34c535
28517f51eb3b6cd08981afbf878446d635430741
9e314961a8fca836481ea022db365cc463bcef3b5003c63ccece611b8ff77fe6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:08:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f41565238dc856269109dcc30c34c535
28517f51eb3b6cd08981afbf878446d635430741
9e314961a8fca836481ea022db365cc463bcef3b5003c63ccece611b8ff77fe6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:08:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dirkwin.com/js/jquery.serializeobject.min.js
195.179.236.15200 OK 255 B URL HTTP/2 dirkwin.com/js/jquery.serializeobject.min.js
IP 195.179.236.15:0
ASN #47583 Hostinger International Limited
Hash 307115479e346eb6b129ed713f1b0647
6eb6226ddb318e0573e9f6433bb52f1408a3a4f2
c55dfe136a93b3839e373c3588b170fe85b80c47682ec4b0017a1cd6e5795c5d
GET /js/jquery.serializeobject.min.js HTTP/1.1
Host: dirkwin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dirkwin.com/movstong.php?movie=tt13070038&sub=minion
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 11:08:48 GMT
content-type: application/x-javascript
last-modified: Thu, 02 Jun 2022 08:59:45 GMT
etag: "ff-62987c01-a7a4f5d779195dd3;;;"
accept-ranges: bytes
content-length: 255
date: Tue, 06 Sep 2022 11:08:48 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
dirkwin.com/js/jquery.json.min.js
195.179.236.15200 OK 958 B URL HTTP/2 dirkwin.com/js/jquery.json.min.js
IP 195.179.236.15:0
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (433)
Hash f4789554c5f0e17fdffdfcf3ba5a3489
7b647d952d085b800d35dea02d8668c0b6fb35b2
1d342b03c59e7c8eb708c9c7556e18569c06619c505a66f330086773ccee7d71
GET /js/jquery.json.min.js HTTP/1.1
Host: dirkwin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dirkwin.com/movstong.php?movie=tt13070038&sub=minion
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 11:08:48 GMT
content-type: application/x-javascript
last-modified: Thu, 02 Jun 2022 08:59:41 GMT
etag: "895-62987bfd-cd81a090d89aeaaa;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 958
date: Tue, 06 Sep 2022 11:08:48 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
dirkwin.com/js/jquery.powertip.min.js
195.179.236.15200 OK 4.2 kB URL HTTP/2 dirkwin.com/js/jquery.powertip.min.js
IP 195.179.236.15:0
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (1354)
Hash 4e071b6d76d3f9d26b7a784862846ca6
be60d5bfd24ad42d409563c422df789c17db531a
484a278da27fc059e029da580f2138c3f2bcae0d2079d3ef5927725e92f5583d
GET /js/jquery.powertip.min.js HTTP/1.1
Host: dirkwin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dirkwin.com/movstong.php?movie=tt13070038&sub=minion
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 11:08:48 GMT
content-type: application/x-javascript
last-modified: Thu, 02 Jun 2022 08:59:44 GMT
etag: "4161-62987c00-fef8fb8ca00ecd87;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4211
date: Tue, 06 Sep 2022 11:08:48 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
dirkwin.com/js/underscore.min.js
195.179.236.15200 OK 5.5 kB URL HTTP/2 dirkwin.com/js/underscore.min.js
IP 195.179.236.15:0
ASN #47583 Hostinger International Limited
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (2185)
Hash 2578a7f3e291c4fe87a0f4e11ea3fb52
3652c931b5ed2a7a4434bacfa43de92caa5be263
1228ee1b8701508e96f9386bb6c9b6af51f227b08e2a96651fca23676d8deaec
GET /js/underscore.min.js HTTP/1.1
Host: dirkwin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dirkwin.com/movstong.php?movie=tt13070038&sub=minion
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 11:08:48 GMT
content-type: application/x-javascript
last-modified: Thu, 02 Jun 2022 08:59:48 GMT
etag: "4e6d-62987c04-44597eb7a8515b9b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5547
date: Tue, 06 Sep 2022 11:08:48 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
dirkwin.com/js/jquery.min.js
195.179.236.15200 OK 41 kB URL HTTP/2 dirkwin.com/js/jquery.min.js
IP 195.179.236.15:0
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (1308)
Hash 49cfd75379ea4e735477b290e590588f
0a5038c83081b722a8787d21b6fd1ac7da5c6852
8e21d0be537947a492a785878dc7da1a46d1cbb7e9ea8f4691ed236ebf07fe03
GET /js/jquery.min.js HTTP/1.1
Host: dirkwin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dirkwin.com/movstong.php?movie=tt13070038&sub=minion
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 11:08:48 GMT
content-type: application/x-javascript
last-modified: Thu, 02 Jun 2022 08:59:43 GMT
etag: "239d1-62987bff-31343205e6af3f1b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 40764
date: Tue, 06 Sep 2022 11:08:48 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
dirkwin.com/js/lp-script-1.js
195.179.236.15200 OK 789 B URL HTTP/2 dirkwin.com/js/lp-script-1.js
IP 195.179.236.15:0
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (928)
Hash d5e894216659ca1520ab1e1191fe3757
d83bc858322b63ef7c532c4b22f1f7155bb80fb3
4ba07e71d971e2e355b8c89dea16a18c4bd3ea1b9fd71b378d5370e257376d58
GET /js/lp-script-1.js HTTP/1.1
Host: dirkwin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dirkwin.com/movstong.php?movie=tt13070038&sub=minion
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 11:08:48 GMT
content-type: application/x-javascript
last-modified: Thu, 02 Jun 2022 08:59:47 GMT
etag: "92b-62987c03-deb05385fd517d89;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 789
date: Tue, 06 Sep 2022 11:08:48 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
dirkwin.com/css/jRating.jquery.js
195.179.236.15404 Not Found 912 B URL HTTP/2 dirkwin.com/css/jRating.jquery.js
IP 195.179.236.15:0
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (355)
Hash 8a204ca9bcb961b8eb0270d9f55b924b
16481e8337acf5b7bb8548d0e0da2e95fde325d3
759a05cc8383f275f7e32294ae2471f3c3a1571aa5d4d95e043cd9b4bfbf66ee
GET /css/jRating.jquery.js HTTP/1.1
Host: dirkwin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dirkwin.com/movstong.php?movie=tt13070038&sub=minion
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
last-modified: Mon, 28 Mar 2022 13:48:20 GMT
etag: "999-6241bca4-dfd29bee5117e228;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 912
date: Tue, 06 Sep 2022 11:08:48 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 10a133d383d9a857480922b51241d670
c4aa9ade1560531cd2d53c350ed8f498cf27781a
a5f2d275b0db6a83e115686b8711fe5f566d678c1a71f14a914e6c3be66fdfb7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A5F2D275B0DB6A83E115686B8711FE5F566D678C1A71F14A914E6C3BE66FDFB7"
Last-Modified: Sun, 04 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14900
Expires: Tue, 06 Sep 2022 15:17:08 GMT
Date: Tue, 06 Sep 2022 11:08:48 GMT
Connection: keep-alive
hd.sevak.xyz/img/dl-button.png
82.180.174.188200 OK 7.8 kB URL HTTP/2 hd.sevak.xyz/img/dl-button.png
IP 82.180.174.188:0
File type GIF image data, version 89a, 269 x 92\012- data
Hash 4bf43b62497a4f568f6dd34b598e2e04
23164bd37807b9cf96443edafaea8bc1c07515f6
38b9a4fd3386ff08ba39a0bcc39325d743798352fd5befe4f867dbce0e50e522
GET /img/dl-button.png HTTP/1.1
Host: hd.sevak.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dirkwin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 11:08:48 GMT
content-type: image/png
last-modified: Wed, 02 Feb 2022 05:31:43 GMT
etag: "1e67-61fa173f-b090bdcc7423c338;;;"
accept-ranges: bytes
content-length: 7783
date: Tue, 06 Sep 2022 11:08:48 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
witnesssimilarindoors.com/2dd52cd48bd84cc4e6d4131cc025918c/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 witnesssimilarindoors.com/2dd52cd48bd84cc4e6d4131cc025918c/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26953), with no line terminators
Hash 1e970604d6aeffed2b3273d1bd1d9eb9
649ad098d7f2ac537d1c3b71071d9658e07fa3ab
c10250ee76246b0795993f5c49fb531762262295ac0d0100bf225ed40a0a1833
GET /2dd52cd48bd84cc4e6d4131cc025918c/invoke.js HTTP/1.1
Host: witnesssimilarindoors.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dirkwin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 06 Sep 2022 11:08:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2165a06a3bddf81944243909da70134f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cd189bdf5fc0703efed76f9898c4d651
28274e250ddf9f5a3df1601c0d29d1d325f18179
f7ac147429d0add821c08b789926e138e3669e2025b24d4a9613104cccb7c056
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7AC147429D0ADD821C08B789926E138E3669E2025B24D4A9613104CCCB7C056"
Last-Modified: Sun, 04 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2506
Expires: Tue, 06 Sep 2022 11:50:34 GMT
Date: Tue, 06 Sep 2022 11:08:48 GMT
Connection: keep-alive
s10.histats.com/js15.js
46.105.201.240200 OK 4.2 kB IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11088), with no line terminators
Hash b6d296cf9da7653944a8125ae7837d4f
2731746edd88e58f0d673f063b4e02b2b5c0b239
d67feaaf613c6961d7eda0de54abe7aa39c4e20c545ee2617d13a64cf9cf6f17
GET /js15.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 11:06:45 GMT
etag: "980881274"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 658801208
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4214
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 7c15aaf9c736453f18ac0b48241edfec
64882e0185434278fff4122edca9db6e9d6f0a6d
44d6ce5abab83eee7f1738cfe79781d4dedac1315c636ea4ada3d6874b257cd6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 11:08:48 GMT
Last-Modified: Tue, 06 Sep 2022 09:59:44 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: INs272goTi5L_HVrn7weXoez5l2hffdWjVQp1YiJ3Ry0UIi-mo3QdQ==
Age: 4144
simplewebanalysis.com/stats
3.127.140.33200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.127.140.33:0
File type ASCII text, with no line terminators
Hash 1ce78f453e5369134e92ba898e8f20ec
c7fa3be213640c5f16f2e1ff7dcbd46ee96e3fd0
0db4d31c8ab1c4c6d1f4ca8badb936a31f74f44b6bf0ef81c2100089912ae51b
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dirkwin.com
Connection: keep-alive
Referer: https://dirkwin.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 11:08:49 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dirkwin.com
access-control-allow-credentials: true
set-cookie: uid_id2=f862ca2c-b58b-48ba-ab02-0520436fe13d:3:1; expires=Fri, 03 Sep 2032 11:08:49 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0b9528d0aa584b0e7b8b95f31ec1c4ed
79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:08:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0b9528d0aa584b0e7b8b95f31ec1c4ed
79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:08:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dirkwin.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:26:57 GMT
expires: Thu, 31 Aug 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 488512
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13052, version 1.0\012- data
Hash 7cf79fbd1df848510d7352274efc2401
5540b5a26cc7dfe25294c4eabe011e2c6cd60143
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dirkwin.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13052
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:26:57 GMT
expires: Thu, 31 Aug 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 488512
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0b9528d0aa584b0e7b8b95f31ec1c4ed
79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:08:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3262
Expires: Tue, 06 Sep 2022 12:03:11 GMT
Date: Tue, 06 Sep 2022 11:08:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3262
Expires: Tue, 06 Sep 2022 12:03:11 GMT
Date: Tue, 06 Sep 2022 11:08:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3262
Expires: Tue, 06 Sep 2022 12:03:11 GMT
Date: Tue, 06 Sep 2022 11:08:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3262
Expires: Tue, 06 Sep 2022 12:03:11 GMT
Date: Tue, 06 Sep 2022 11:08:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F875b1350-d6cb-484b-b34d-981135d4edad.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F875b1350-d6cb-484b-b34d-981135d4edad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1935776a22a3379977b4e2a3a6ad9079
2ee2724614ed7b510724651a68f54de6f29c3315
c123ea12ec946994c78755d0ad73f566c2c38ea43f2962456a25d671015a6e9e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F875b1350-d6cb-484b-b34d-981135d4edad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8450
x-amzn-requestid: 16b8fede-45cd-4b89-be24-b8d0717d43dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XnTZuGoWoAMFp9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c65d7-7b59149668a8f85e556bce7d;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 07:08:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lyc0MMfLMLtp6zvEkyxTwxREfRRbAu7IMA7v-cPbM5HiNgxufm6aKw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:56:40 GMT
age: 47529
etag: "2ee2724614ed7b510724651a68f54de6f29c3315"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec466c0d472e43c11d36bf6fce068205
720d3624a76d060b8e2699e9aa7a320e3efd4878
5553fc24713aae808f5ab81671551b0ae719435f3ced9f25df97d8edf6bfe86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12683
x-amzn-requestid: 6127e5b6-72f6-40df-b400-41a1f147f6da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8XmEe0IAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117430-2b27a2683d2d320172cef32e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mj_IT5g7hGu2AunKK7mvierv5BQ8cAxhnbGaUNsL6hRNu6MRAzIBDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 04:36:52 GMT
age: 23517
etag: "720d3624a76d060b8e2699e9aa7a320e3efd4878"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31f372dd-03b1-4e12-91bc-08ff7d47b9ff.png
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31f372dd-03b1-4e12-91bc-08ff7d47b9ff.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f9d13dec6194417882e71afdc1bd9b9a
156bafa4c7c089cf26639feacc9a25db6ef3870e
7e4f2932cd41776d120ac1e14b322c3b94c07449adc7904f222f46ed35570fd0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31f372dd-03b1-4e12-91bc-08ff7d47b9ff.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10985
x-amzn-requestid: 97f3ea4d-135f-4e76-a2db-05bad96e01eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAWsgHMdIAMFbXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166b1c-1a8b9af405cd8e6b1e3c0e1d;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:33:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: wjawu8nRjwWvl-Eldm4No6GY6gKO-PFbJNkv9FkpOCSDW14Mfx67Sg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:02:16 GMT
etag: "156bafa4c7c089cf26639feacc9a25db6ef3870e"
content-type: image/jpeg
age: 47193
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F228f042c-3a57-45c7-84c2-4aaaa1dd2f07.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F228f042c-3a57-45c7-84c2-4aaaa1dd2f07.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 19b452d6541a6028e7d3f90529477077
1c16eb50bc2490b4ebff6775ef611fdcb282f9f9
f4763a0f464067991c2c484c384df4fe791d7df6e3d6ad15650a954db537249f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F228f042c-3a57-45c7-84c2-4aaaa1dd2f07.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10694
x-amzn-requestid: c3d2f71c-927d-41f6-93ab-bf041374a9f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAWsgHQOIAMFvSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166b1c-5d2efd595cdf300972f4fb79;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:33:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eikhT8BkN5e163S6QriQybdyPNTKDTf3BCsHifNwfBJfrWv7LqgL8Q==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:02:23 GMT
etag: "1c16eb50bc2490b4ebff6775ef611fdcb282f9f9"
content-type: image/jpeg
age: 47186
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc784000-5c7c-4aa9-8318-e4d0319d1a09.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc784000-5c7c-4aa9-8318-e4d0319d1a09.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0d404793e430ea237e75be9cb1e2bce4
059b34d1809abedd223f7beec75e7831673878be
f180b1cdeb9a794ba3211348673783508d021aeaed419d782374be1a92a4c8dc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc784000-5c7c-4aa9-8318-e4d0319d1a09.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9300
x-amzn-requestid: dc833608-6b16-4baa-af21-d3885043556c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAWshHVxIAMFlGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166b1c-1710086818614ab247bcaf58;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:33:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: sPkksSz3FIV3WcWpoY8E8UYKmUTE8LJ2lr5WO2JVNCGIuAvpPwYMYg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:01:20 GMT
age: 47249
etag: "059b34d1809abedd223f7beec75e7831673878be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5540d72831e7e7b9fc287f92c48d9f5e
ec19429fa76d9ad47a0578734b011b530b79ebbf
bc27a44853fd17cf51d6bba0db58a755c75a309d9b0cbcd454dfc9d62785f72f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8134
x-amzn-requestid: 5f6027e8-842f-476a-85e5-cc8b848e4567
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FlpEoVIAMFuiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144fbd-7095c29a04d2f5310b1b84c4;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Gf6IGDeM-y_nDO1C3m9xeyAJdkYRe2CN87Pi986A7B1qsjq5p9VkQw==
via: 1.1 d7782b26e589b8e1397d352f4daf0d58.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 07:41:25 GMT
age: 12444
etag: "ec19429fa76d9ad47a0578734b011b530b79ebbf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ws.sharethis.com/button/async-buttons.js
54.230.111.56200 OK 19 kB URL HTTP/2 ws.sharethis.com/button/async-buttons.js
IP 54.230.111.56:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0b3b7d06f8df8276ede0facec198706e
3e42fc6cacb95a5fa1b56c5b3984e8269752fbbe
342ffe242184c80ddf304e21db8b256ccb8aecb1f4bd9363802dcf2f36053837
GET /button/async-buttons.js HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dirkwin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 18813
content-encoding: gzip
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
date: Tue, 06 Sep 2022 05:11:57 GMT
cache-control: max-age=259200
expires: Thu, 08 Sep 2022 22:38:58 GMT
etag: W/"62bdf287-16245"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: X3bpdU6QE2XZoEjayvWER2zUNGR_s1DdAu7-7P_FDccYuKb9Ttz3hA==
age: 44990
X-Firefox-Spdy: h2
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dirkwin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 11:05:57 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 717980060
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
ws.sharethis.com/button/css/buttons-secure.css
54.230.111.56200 OK 3.9 kB URL HTTP/2 ws.sharethis.com/button/css/buttons-secure.css
IP 54.230.111.56:0
File type ASCII text, with very long lines (23158), with no line terminators
Hash 61da924a747e08c5f54a6cb31c724a48
8e49d971d6a667c3888a481b742e05cafcf72a43
54302324d4b6aa780466c869b9932504d0b1eaa7ef1df6c5481b35fb0625343a
GET /button/css/buttons-secure.css HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dirkwin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 3851
content-encoding: gzip
last-modified: Thu, 30 Jun 2022 18:59:19 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
date: Tue, 06 Sep 2022 02:51:05 GMT
etag: W/"62bdf287-5a76"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JVoXhAHpuCaQTUstyu9pnCl2zAveLdVITyewjT3YrDQu0AoIrjnW9Q==
age: 29863
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 80f29cbbe260408ee1418a6fbce5a537
96cfe52bcf90cfdba5cba7907d49a91f44adc032
de264b42b7c59bdadf606387adaca04af680705a947096d048f288c3e5be8517
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:08:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/c16db54a/www-player.css
142.250.74.174200 OK 49 kB URL HTTP/2 www.youtube.com/s/player/c16db54a/www-player.css
IP 142.250.74.174:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 666388d9ac2c812d3d9b0e511b1cfea0
4dfa524e6558a4aaf676578dd3275f544cb36625
a1532094c979ab2823b5baf7e5843d731e1c64765a8b8495f89bb56b7f7df117
GET /s/player/c16db54a/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/?fs=1&hl=en_US&rel=0&start=7&autoplay=1&loop=1&modestbranding=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49081
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 20:42:16 GMT
expires: Sat, 02 Sep 2023 20:42:16 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
content-type: text/css
age: 311193
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 80f29cbbe260408ee1418a6fbce5a537
96cfe52bcf90cfdba5cba7907d49a91f44adc032
de264b42b7c59bdadf606387adaca04af680705a947096d048f288c3e5be8517
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:08:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ws.sharethis.com/images/2017/sharethis_32.png
54.230.111.56200 OK 1.3 kB URL HTTP/2 ws.sharethis.com/images/2017/sharethis_32.png
IP 54.230.111.56:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 6fd48ae2af1b522742b3663cc3a37262
5834dce591a3d2f2ac5a61a59532e6fcc433edd3
1af0e0ca290a13faeabef7d1bde7ca8d96bb83b876f5d42e32c4b6095a5b0afb
GET /images/2017/sharethis_32.png HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dirkwin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1337
accept-ranges: bytes
cache-control: max-age=31536000
date: Wed, 06 Jul 2022 01:05:22 GMT
etag: "62bdf239-539"
expires: Thu, 06 Jul 2023 01:05:22 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: d0gknmrPszhBScD0uatR2RhZDZLoi9XDazoVKx-qyBiKIuIiCusAOA==
age: 5393007
X-Firefox-Spdy: h2
www.youtube.com/s/player/c16db54a/www-embed-player.vflset/www-embed-player.js
142.250.74.174200 OK 98 kB URL HTTP/2 www.youtube.com/s/player/c16db54a/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (592)
Hash 26b6e79984361d593bcf000927f559db
36dc3faef99c68636ed7d8a2d46783ccfc3be7ff
2795564d0f494ec4aed32d6708062dd699c22324d3df26588d5e2e2c2a956b36
GET /s/player/c16db54a/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/?fs=1&hl=en_US&rel=0&start=7&autoplay=1&loop=1&modestbranding=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97590
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 20:42:16 GMT
expires: Sat, 02 Sep 2023 20:42:16 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
content-type: text/javascript
age: 311193
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ws.sharethis.com/images/2017/facebook_32.png
54.230.111.56200 OK 1.2 kB URL HTTP/2 ws.sharethis.com/images/2017/facebook_32.png
IP 54.230.111.56:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 3754f037ec790209832c2adbdc35d6ce
152e4b15a48367112da47ec7f2db28b4d7ef937b
732d3038cffc852adde57cc51509924b478a45c898cefbb6e46b04448feff7e5
GET /images/2017/facebook_32.png HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dirkwin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1175
accept-ranges: bytes
cache-control: max-age=31536000
date: Tue, 23 Aug 2022 01:52:24 GMT
etag: "62bdf239-497"
expires: Wed, 23 Aug 2023 01:52:24 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JU-ICzDYIDU3l94A3xqpzN_qLq_RlLXUHbYEVYVqN-b4WOdaC32o7w==
age: 1242985
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash fd9710f50fa11ccaaa0358a225420fb3
651183548dbc03788cb462a48508ca8d1532c0e9
559e2fcf6137567c3af62a77bf01534c3e6e8b9cb0c02c8bcb5d9eae776052db
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 11:08:49 GMT
Last-Modified: Tue, 06 Sep 2022 10:35:52 GMT
Server: ECS (nyb/1D18)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hkPGrC0-Jf-mxf3LeNzrmDpCbX831vvxvLzfidX7FVq3xwuqeYkn9A==
Age: 1977
www.youtube.com/s/player/c16db54a/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.174200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/c16db54a/fetch-polyfill.vflset/fetch-polyfill.js
IP 142.250.74.174:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/c16db54a/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/?fs=1&hl=en_US&rel=0&start=7&autoplay=1&loop=1&modestbranding=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 20:42:16 GMT
expires: Sat, 02 Sep 2023 20:42:16 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
content-type: text/javascript
age: 311193
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ws.sharethis.com/images/2017/twitter_32.png
54.230.111.56200 OK 1.3 kB URL HTTP/2 ws.sharethis.com/images/2017/twitter_32.png
IP 54.230.111.56:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 2447594934b71bf36bb49cf33411f52a
7579d92f17a10fd76ab76648c1e364399e9d2956
39446b399dd1911651e5517b059c649de4a58c3d89ddafa594a6867a9b201564
GET /images/2017/twitter_32.png HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dirkwin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1338
accept-ranges: bytes
cache-control: max-age=31536000
date: Thu, 30 Jun 2022 19:31:03 GMT
etag: "62bdf239-53a"
expires: Fri, 30 Jun 2023 19:31:03 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AyKMZtU1RYid7bKwOae6IM-fiCN5_GGmNbM3MwLb2XfFlGWSSSGgJg==
age: 5845066
X-Firefox-Spdy: h2
ws.sharethis.com/images/2017/linkedin_32.png
54.230.111.56200 OK 1.2 kB URL HTTP/2 ws.sharethis.com/images/2017/linkedin_32.png
IP 54.230.111.56:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash d285c094b084aa24ddd202afe524a17b
ed57aa21b672116638962b9e959623a7fb09b96c
e083ca305fe5020595b52c04499258219f69c8cb83ec0ffc1eb0f22815f5c60f
GET /images/2017/linkedin_32.png HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dirkwin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1225
accept-ranges: bytes
cache-control: max-age=31536000
date: Sat, 20 Aug 2022 03:29:43 GMT
etag: "62bdf239-4c9"
expires: Sun, 20 Aug 2023 03:29:43 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5PS3aPgqVkxwgwcgrG0MNqM7s9AUrcS0na2PBBzyFUAdowmy83eC5g==
age: 1496346
X-Firefox-Spdy: h2
s10.histats.com/counters/cc_511.js
46.105.201.240200 OK 6.0 kB URL HTTP/2 s10.histats.com/counters/cc_511.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (14926), with no line terminators
Hash e0963faf9f8d4dd4683c649033bfe3e6
8b8365dac8c2d50836e19456f025370ee782598f
80ac8877a54d16e397e9518ce7221d0abad87a39ffd0221a99227540eeb8b2a8
GET /counters/cc_511.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dirkwin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 11:03:30 GMT
etag: "1364484781"
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-request-id: 604833487
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 5984
X-Firefox-Spdy: h2
ws.sharethis.com/images/2017/pinterest_32.png
54.230.111.56200 OK 1.4 kB URL HTTP/2 ws.sharethis.com/images/2017/pinterest_32.png
IP 54.230.111.56:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 82640347cab9db6f9b2c37a980b92789
3900e8c1a378aa0960e753dbbf7d7570853b1c3f
03f4f72d7090e82fbaf35259ac9dfea880d4874bf694cd6cbfc54a62a0023c4d
GET /images/2017/pinterest_32.png HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dirkwin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1435
accept-ranges: bytes
cache-control: max-age=31536000
date: Sat, 13 Aug 2022 09:13:56 GMT
etag: "62bdf239-59b"
expires: Sun, 13 Aug 2023 09:13:56 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CRgSYHTdQOOuqAMbEj_J3nCHsVA1H4qHKrmoBfIj9sKoN9Mbyv1EBg==
age: 2080494
X-Firefox-Spdy: h2
ws.sharethis.com/images/2017/email_32.png
54.230.111.56200 OK 1.4 kB URL HTTP/2 ws.sharethis.com/images/2017/email_32.png
IP 54.230.111.56:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 60d894cc12ff32ee589520744b3bccdf
acfe3682e578c41097df54b84e9a630a942ea9c7
c3a537ae5d8020c10896418cb8658af444cbb3f89d3543c7db596b624e38690d
GET /images/2017/email_32.png HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dirkwin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1382
cache-control: max-age=31536000
date: Sun, 17 Jul 2022 14:55:34 GMT
etag: "62bdf239-566"
expires: Mon, 17 Jul 2023 14:55:34 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6ULbpjcIN3GF92ldiDY2hMjED3DoASvZgm6ABqiRyQgJdYRm2_N6SA==
age: 4392795
X-Firefox-Spdy: h2
l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1662462523562.86044&hostname=dirkwin.com&location=%2Fmovstong.php&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fdirkwin.com%2Fmovstong.php%3Fmovie%3Dtt13070038%26sub%3Dminion&title=Watch%20After%20Ever%20Happy%20Full%20Movie%20Streaming&sop=false&description=%20Movie%20Streaming%20Online%20-%20
3.123.212.130204 No Content 0 B URL HTTP/1.1 l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1662462523562.86044&hostname=dirkwin.com&location=%2Fmovstong.php&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fdirkwin.com%2Fmovstong.php%3Fmovie%3Dtt13070038%26sub%3Dminion&title=Watch%20After%20Ever%20Happy%20Full%20Movie%20Streaming&sop=false&description=%20Movie%20Streaming%20Online%20-%20
IP 3.123.212.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pview?event=pview&version=buttons.js&lang=en&sessionID=1662462523562.86044&hostname=dirkwin.com&location=%2Fmovstong.php&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fdirkwin.com%2Fmovstong.php%3Fmovie%3Dtt13070038%26sub%3Dminion&title=Watch%20After%20Ever%20Happy%20Full%20Movie%20Streaming&sop=false&description=%20Movie%20Streaming%20Online%20-%20 HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dirkwin.com
Connection: keep-alive
Referer: https://dirkwin.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: https://dirkwin.com
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Tue, 06 Sep 2022 11:08:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8111723dc8ced7303e439f9941caffcd
5333468fa189daa1fef7d2f9c38bf7c93b59b54e
344e924674ddf2db585758888c419aace672672e9ad0abcb3de7a51233109d6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "344E924674DDF2DB585758888C419AACE672672E9AD0ABCB3DE7A51233109D6F"
Last-Modified: Mon, 05 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3315
Expires: Tue, 06 Sep 2022 12:04:04 GMT
Date: Tue, 06 Sep 2022 11:08:49 GMT
Connection: keep-alive
s4.histats.com/stats/0.php?3391670&@f16&@g1&@h1&@i1&@j1662462523520&@k0&@l1&@mWatch%20After%20Ever%20Happy%20Full%20Movie%20Streaming&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-92832722&@b3:1662462524&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdirkwin.com%2Fmovstong.php%3Fmovie%3Dtt13070038%26sub%3Dminion&@w
192.99.13.63200 OK 49 B URL HTTP/1.1 s4.histats.com/stats/0.php?3391670&@f16&@g1&@h1&@i1&@j1662462523520&@k0&@l1&@mWatch%20After%20Ever%20Happy%20Full%20Movie%20Streaming&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-92832722&@b3:1662462524&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdirkwin.com%2Fmovstong.php%3Fmovie%3Dtt13070038%26sub%3Dminion&@w
IP 192.99.13.63:0
File type ASCII text, with no line terminators
Hash f3f6621c42bbc44a9d288edb32daed0d
99340affd8332ccd97ea8a0d8bf3c5d620b8fc04
6464d96246ac5ded720c28557f63b8ff189306fbec72164508ddfb378aee8c50
GET /stats/0.php?3391670&@f16&@g1&@h1&@i1&@j1662462523520&@k0&@l1&@mWatch%20After%20Ever%20Happy%20Full%20Movie%20Streaming&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-92832722&@b3:1662462524&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdirkwin.com%2Fmovstong.php%3Fmovie%3Dtt13070038%26sub%3Dminion&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dirkwin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:08:49 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 49
Connection: close
l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1662462523562.86044&hostname=dirkwin.com&location=%2Fmovstong.php&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fdirkwin.com%2Fmovstong.php%3Fmovie%3Dtt13070038%26sub%3Dminion&title=Watch%20After%20Ever%20Happy%20Full%20Movie%20Streaming&sop=false&description=%20Movie%20Streaming%20Online%20-%20&description=%20Movie%20Streaming%20Online%20-%20&img_pview=true
3.123.212.130204 No Content 0 B URL HTTP/1.1 l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1662462523562.86044&hostname=dirkwin.com&location=%2Fmovstong.php&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fdirkwin.com%2Fmovstong.php%3Fmovie%3Dtt13070038%26sub%3Dminion&title=Watch%20After%20Ever%20Happy%20Full%20Movie%20Streaming&sop=false&description=%20Movie%20Streaming%20Online%20-%20&description=%20Movie%20Streaming%20Online%20-%20&img_pview=true
IP 3.123.212.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pview?event=pview&version=buttons.js&lang=en&sessionID=1662462523562.86044&hostname=dirkwin.com&location=%2Fmovstong.php&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fdirkwin.com%2Fmovstong.php%3Fmovie%3Dtt13070038%26sub%3Dminion&title=Watch%20After%20Ever%20Happy%20Full%20Movie%20Streaming&sop=false&description=%20Movie%20Streaming%20Online%20-%20&description=%20Movie%20Streaming%20Online%20-%20&img_pview=true HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dirkwin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Tue, 06 Sep 2022 11:08:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
reasonablelandmark.com/watch.1209517579722.js?key=2dd52cd48bd84cc4e6d4131cc025918c&kw=%5B%5D&refer=https%3A%2F%2Fdirkwin.com%2Fmovstong.php%3Fmovie%3Dtt13070038%26sub%3Dminion&tz=0&dev=r&res=12.31&uuid=f862ca2c-b58b-48ba-ab02-0520436fe13d%3A3%3A1
192.243.61.225307 Temporary Redirect 0 B URL HTTP/1.1 reasonablelandmark.com/watch.1209517579722.js?key=2dd52cd48bd84cc4e6d4131cc025918c&kw=%5B%5D&refer=https%3A%2F%2Fdirkwin.com%2Fmovstong.php%3Fmovie%3Dtt13070038%26sub%3Dminion&tz=0&dev=r&res=12.31&uuid=f862ca2c-b58b-48ba-ab02-0520436fe13d%3A3%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1209517579722.js?key=2dd52cd48bd84cc4e6d4131cc025918c&kw=%5B%5D&refer=https%3A%2F%2Fdirkwin.com%2Fmovstong.php%3Fmovie%3Dtt13070038%26sub%3Dminion&tz=0&dev=r&res=12.31&uuid=f862ca2c-b58b-48ba-ab02-0520436fe13d%3A3%3A1 HTTP/1.1
Host: reasonablelandmark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dirkwin.com
Connection: keep-alive
Referer: https://dirkwin.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Tue, 06 Sep 2022 11:08:49 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://dirkwin.com
Access-Control-Allow-Origin: https://dirkwin.com
Access-Control-Allow-Credentials: true
Location: https://reasonablelandmark.com/watch.1209517579722.js?key=2dd52cd48bd84cc4e6d4131cc025918c&kw=%5B%5D&refer=https%3A%2F%2Fdirkwin.com%2Fmovstong.php%3Fmovie%3Dtt13070038%26sub%3Dminion&tz=0&dev=r&res=12.31&uuid=f862ca2c-b58b-48ba-ab02-0520436fe13d%3A3%3A1&shu=8c2bf7a40b858f61c51fc7505325f8c713ee079bcedbcddf1a61bdb430dce0e3aa36bad04f4d2259548799e0fa30046c4d61694418dae4e60730b20884794a5cd1201a89f166f5fd728663ff1523dc801d5712025687a0799ccdece894e857&pst=1662462589&rmtc=t
Set-Cookie: u_pl=17064986; expires=Wed, 07 Sep 2022 11:08:49 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzA2NDk4NiwiayI6IjJkZDUyY2Q0OGJkODRjYzRlNmQ0MTMxY2MwMjU5MThjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODA2NzMxLCJwaWQiOjM4NTUyNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJoejdyZzM2MnRjIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2Rpcmt3aW4uY29tL21vdnN0b25nLnBocD9tb3ZpZT10dDEzMDcwMDM4XHUwMDI2c3ViPW1pbmlvbiJ9fQ.IhJbmfy89ar58EaPdd7dllO3tvWupqn1afQlUYOFQDc; expires=Tue, 06 Sep 2022 11:09:49 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ab80392261a29a74266acdff602438b1
Strict-Transport-Security: max-age=0; includeSubdomains
s4.histats.com/stats/0.php?4428915&@f16&@g1&@h1&@i1&@j1662462523918&@k0&@l1&@mWatch%20After%20Ever%20Happy%20Full%20Movie%20Streaming&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:-163401358&@b3:1662462524&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdirkwin.com%2Fmovstong.php%3Fmovie%3Dtt13070038%26sub%3Dminion&@w
192.99.13.63200 OK 47 B URL HTTP/1.1 s4.histats.com/stats/0.php?4428915&@f16&@g1&@h1&@i1&@j1662462523918&@k0&@l1&@mWatch%20After%20Ever%20Happy%20Full%20Movie%20Streaming&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:-163401358&@b3:1662462524&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdirkwin.com%2Fmovstong.php%3Fmovie%3Dtt13070038%26sub%3Dminion&@w
IP 192.99.13.63:0
File type ASCII text, with no line terminators
Hash 06b05ae9614bafae9b0b09cfbeed559e
9b087683529b7b89a117b2d5cbb35a93e7dcbaca
a60692031ce09be66be89784e8b0214c0f8b6f52cd8fd6a36129a635ffe41ad2
GET /stats/0.php?4428915&@f16&@g1&@h1&@i1&@j1662462523918&@k0&@l1&@mWatch%20After%20Ever%20Happy%20Full%20Movie%20Streaming&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:-163401358&@b3:1662462524&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdirkwin.com%2Fmovstong.php%3Fmovie%3Dtt13070038%26sub%3Dminion&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dirkwin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:08:49 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 47
Connection: close
reasonablelandmark.com/watch.1209517579722.js?key=2dd52cd48bd84cc4e6d4131cc025918c&kw=%5B%5D&refer=https%3A%2F%2Fdirkwin.com%2Fmovstong.php%3Fmovie%3Dtt13070038%26sub%3Dminion&tz=0&dev=r&res=12.31&uuid=f862ca2c-b58b-48ba-ab02-0520436fe13d%3A3%3A1&shu=8c2bf7a40b858f61c51fc7505325f8c713ee079bcedbcddf1a61bdb430dce0e3aa36bad04f4d2259548799e0fa30046c4d61694418dae4e60730b20884794a5cd1201a89f166f5fd728663ff1523dc801d5712025687a0799ccdece894e857&pst=1662462589&rmtc=t
192.243.61.225200 OK 2.0 kB URL HTTP/1.1 reasonablelandmark.com/watch.1209517579722.js?key=2dd52cd48bd84cc4e6d4131cc025918c&kw=%5B%5D&refer=https%3A%2F%2Fdirkwin.com%2Fmovstong.php%3Fmovie%3Dtt13070038%26sub%3Dminion&tz=0&dev=r&res=12.31&uuid=f862ca2c-b58b-48ba-ab02-0520436fe13d%3A3%3A1&shu=8c2bf7a40b858f61c51fc7505325f8c713ee079bcedbcddf1a61bdb430dce0e3aa36bad04f4d2259548799e0fa30046c4d61694418dae4e60730b20884794a5cd1201a89f166f5fd728663ff1523dc801d5712025687a0799ccdece894e857&pst=1662462589&rmtc=t
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2443)
Hash 674e837ce2956b2dfce58a54cc3e7d90
8625c017bb8b84f96d13791819a3420ff19b70c8
c27623e52b06c812c157fd1de051bb3ff43431cd281c452b7ad705546a8ba283
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1209517579722.js?key=2dd52cd48bd84cc4e6d4131cc025918c&kw=%5B%5D&refer=https%3A%2F%2Fdirkwin.com%2Fmovstong.php%3Fmovie%3Dtt13070038%26sub%3Dminion&tz=0&dev=r&res=12.31&uuid=f862ca2c-b58b-48ba-ab02-0520436fe13d%3A3%3A1&shu=8c2bf7a40b858f61c51fc7505325f8c713ee079bcedbcddf1a61bdb430dce0e3aa36bad04f4d2259548799e0fa30046c4d61694418dae4e60730b20884794a5cd1201a89f166f5fd728663ff1523dc801d5712025687a0799ccdece894e857&pst=1662462589&rmtc=t HTTP/1.1
Host: reasonablelandmark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dirkwin.com
Referer: https://dirkwin.com/
Connection: keep-alive
Cookie: u_pl=17064986; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzA2NDk4NiwiayI6IjJkZDUyY2Q0OGJkODRjYzRlNmQ0MTMxY2MwMjU5MThjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODA2NzMxLCJwaWQiOjM4NTUyNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJoejdyZzM2MnRjIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2Rpcmt3aW4uY29tL21vdnN0b25nLnBocD9tb3ZpZT10dDEzMDcwMDM4XHUwMDI2c3ViPW1pbmlvbiJ9fQ.IhJbmfy89ar58EaPdd7dllO3tvWupqn1afQlUYOFQDc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 06 Sep 2022 11:08:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://dirkwin.com
Access-Control-Allow-Origin: https://dirkwin.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=f862ca2c-b58b-48ba-ab02-0520436fe13d:3:1; expires=Tue, 13 Sep 2022 11:08:49 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 07 Sep 2022 11:08:50 GMT; secure; SameSite=None
uncs=1; expires=Wed, 07 Sep 2022 11:08:50 GMT; secure; SameSite=None
pdhtkv32=true; expires=Wed, 07 Sep 2022 11:08:50 GMT; secure; SameSite=None
uncs32=1; expires=Wed, 07 Sep 2022 11:08:50 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 63b0c5050283a278f4d3cc6ee0e4beb5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 31abc7fe976dbf9a68d45fb57e0c86c5
a1f6f5404850df3149a769dc685f5c795bc08435
0859eece0557d6b1b48ed8f04c2eb55bdc2ca3fb4633e52a193b206fdefbb5d3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:08:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 76c6ad39ad355f829170427e9076311a
26a82c7dd26986900a4964464e43d9837dfef1f8
40c6ca74d92e002befb684bce24ba4714c260ba30918cc4e9a4bb02ed4f809dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:08:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 10:59:23 GMT
expires: Tue, 06 Sep 2022 11:14:23 GMT
cache-control: public, max-age=900
age: 567
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.130302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Tue, 06 Sep 2022 11:08:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8b3fc7b78a1c498440023dbb6004e984
688d8686e183a4e84577e0f70550350622796e2e
ac1f7b3d1c5bfc1888f50aa3a8e0498c11f7cce672e6de5c048bf31d4d3370c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:08:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8b3fc7b78a1c498440023dbb6004e984
688d8686e183a4e84577e0f70550350622796e2e
ac1f7b3d1c5bfc1888f50aa3a8e0498c11f7cce672e6de5c048bf31d4d3370c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:08:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 12:31:58 GMT
expires: Sun, 03 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 254212
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 06 Sep 2022 11:08:50 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 31abc7fe976dbf9a68d45fb57e0c86c5
a1f6f5404850df3149a769dc685f5c795bc08435
0859eece0557d6b1b48ed8f04c2eb55bdc2ca3fb4633e52a193b206fdefbb5d3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:08:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 76c6ad39ad355f829170427e9076311a
26a82c7dd26986900a4964464e43d9837dfef1f8
40c6ca74d92e002befb684bce24ba4714c260ba30918cc4e9a4bb02ed4f809dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:08:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id?slf_rd=1
142.250.74.130200 OK 120 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id?slf_rd=1
IP 142.250.74.130:0
Hash c64679056b036f52f24bb2444b60ff43
0f6463fc592093e3362aaca9636e4ff9d8696de6
9a8c8cb01703e1a771f648a2438b42c5793b01f6effbe961e0a372653722ee0b
GET /pagead/id?slf_rd=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Referer: https://www.youtube.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
content-type: application/json; charset=UTF-8
date: Tue, 06 Sep 2022 11:08:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 120
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash a5951b1826e9777307768e053fada4d1
ce9fa739d3504c0734376eab501e72df1b594e94
d2cd53f2e3fecd9ffab3122efd46c31dc619c05a32043f4854a8cd5aa52660d1
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 06 Sep 2022 11:08:50 GMT
server: ESF
cache-control: private
content-length: 30707
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8b3fc7b78a1c498440023dbb6004e984
688d8686e183a4e84577e0f70550350622796e2e
ac1f7b3d1c5bfc1888f50aa3a8e0498c11f7cce672e6de5c048bf31d4d3370c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:08:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fdaa3919b9ba998d302973cf78060da7
be8697f38399f372352bad57131fd4e4812525c3
ee1cf02126c1311b6da7d80d30bd3a69d33f592fe6d11ec8ded804465d0eba7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE1CF02126C1311B6DA7D80D30BD3A69D33F592FE6D11EC8DED804465D0EBA7A"
Last-Modified: Sun, 04 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2322
Expires: Tue, 06 Sep 2022 11:47:32 GMT
Date: Tue, 06 Sep 2022 11:08:50 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/7f/17/5a/7f175ae83b480b2a0af0c355f8843c70/1627916108.png
45.133.44.9200 OK 20 kB URL HTTP/2 cdn.cloudimagesb.com/cti/7f/17/5a/7f175ae83b480b2a0af0c355f8843c70/1627916108.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 320 x 50, 8-bit/color RGB, non-interlaced\012- data
Hash 5f3ab32ca06df0759e895b9445c491a5
2b95dabc7bf6288fc1cce7383ec7183db0f504c4
f590884a93d3d362bef6712b73e9a725cca99b18f725b1e6a8b92bac60249dc5
GET /cti/7f/17/5a/7f175ae83b480b2a0af0c355f8843c70/1627916108.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 11:08:50 GMT
content-type: image/png
content-length: 19457
server: nginx/1.17.6
last-modified: Mon, 02 Aug 2021 14:55:18 GMT
etag: "61080756-4c01"
expires: Thu, 08 Sep 2022 11:08:50 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 06 Sep 2022 11:08:50 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 118 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 74b803bf55068b63595d526017172780
ff860a4c1c92cd5bc91d9c8e2298527340fcfed6
1130715f3aab4ba169600cc756becbcb80e160e866de2b071bfff490f4f2ca93
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1010
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 06 Sep 2022 11:08:50 GMT
server: ESF
cache-control: private
content-length: 118
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ws.sharethis.com/secure5x/index.html
54.230.111.56200 OK 4.1 kB URL HTTP/2 ws.sharethis.com/secure5x/index.html
IP 54.230.111.56:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (452)
Hash 31ce973e54fd23681663004805f6af0d
6d4d0d21db9157f00ab962f71ade92baa976d8d4
42029e5e26b7a4c4b821df37da305fb85bff240ae1f35fa68cfc5d4ba34297f2
GET /secure5x/index.html HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dirkwin.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 4082
content-encoding: gzip
last-modified: Thu, 30 Jun 2022 18:59:19 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
date: Tue, 06 Sep 2022 07:23:44 GMT
etag: W/"62bdf287-390f"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: W3Pr4spN_NSzbDk4JWAmSPo7gezROR89hzDuPPm9ZXee4vdos5FKUw==
age: 13507
X-Firefox-Spdy: h2
ws.sharethis.com/secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js
54.230.111.56200 OK 5.6 kB URL HTTP/2 ws.sharethis.com/secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js
IP 54.230.111.56:0
File type C source, ASCII text, with very long lines (16630), with no line terminators
Hash 94b39eb0a8fb0b06a11ad4d75b2e74b9
5d9f3beab6794398f43e43625b651cb16f6514ed
db64545fc1dedef33184fb39df6e927e83fb783555622cafe426dc83c87e17c1
GET /secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws.sharethis.com/secure5x/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 5630
cache-control: max-age=31536000
content-encoding: gzip
date: Thu, 25 Aug 2022 02:51:08 GMT
etag: W/"62bdf287-40f6"
expires: Fri, 25 Aug 2023 02:51:08 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PM2t-_YNvztE7NWADCZaqdjcz9rGhDuvk1gEGiUZBfOT0RvKS7_y9A==
age: 1066663
X-Firefox-Spdy: h2
www.youtube.com/s/player/c16db54a/player_ias.vflset/en_US/base.js
142.250.74.174200 OK 0 B URL HTTP/2 www.youtube.com/s/player/c16db54a/player_ias.vflset/en_US/base.js
IP 142.250.74.174:0
GET /s/player/c16db54a/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/?fs=1&hl=en_US&rel=0&start=7&autoplay=1&loop=1&modestbranding=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 586778
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 20:50:27 GMT
expires: Sat, 02 Sep 2023 20:50:27 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
content-type: text/javascript
age: 310702
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ws.sharethis.com/secure5x/js/st.a4ad98d3d01dab15545ac98c5dca2294.js
54.230.111.56200 OK 0 B URL HTTP/2 ws.sharethis.com/secure5x/js/st.a4ad98d3d01dab15545ac98c5dca2294.js
IP 54.230.111.56:0
GET /secure5x/js/st.a4ad98d3d01dab15545ac98c5dca2294.js HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws.sharethis.com/secure5x/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
cache-control: max-age=31536000
content-encoding: gzip
date: Thu, 14 Jul 2022 23:57:44 GMT
etag: W/"62bdf287-369be"
expires: Fri, 14 Jul 2023 23:57:44 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: R0VYEgzF-B6V1rFszjW5m87OSwZpY4gBUaG75sptq5z9I9DOrguinQ==
age: 4619467
X-Firefox-Spdy: h2
dirkwin.com/js/flowplayer.min.js
195.179.236.15200 OK 0 B URL HTTP/2 dirkwin.com/js/flowplayer.min.js
IP 195.179.236.15:0
ASN #47583 Hostinger International Limited
GET /js/flowplayer.min.js HTTP/1.1
Host: dirkwin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dirkwin.com/movstong.php?movie=tt13070038&sub=minion
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 11:08:48 GMT
content-type: application/x-javascript
last-modified: Thu, 02 Jun 2022 08:59:39 GMT
etag: "b7d8-62987bfb-edbd3ffe435eadcd;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15087
date: Tue, 06 Sep 2022 11:08:48 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Source+Sans+Pro:400,600&subset=latin,latin-ext
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro:400,600&subset=latin,latin-ext
IP 142.250.74.10:0
GET /css?family=Source+Sans+Pro:400,600&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dirkwin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 11:08:48 GMT
date: Tue, 06 Sep 2022 11:08:48 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/?fs=1&hl=en_US&rel=0&start=7&autoplay=1&loop=1&modestbranding=1
142.250.74.174200 OK 0 B URL HTTP/2 www.youtube.com/embed/?fs=1&hl=en_US&rel=0&start=7&autoplay=1&loop=1&modestbranding=1
IP 142.250.74.174:0
GET /embed/?fs=1&hl=en_US&rel=0&start=7&autoplay=1&loop=1&modestbranding=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: embed
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Sep 2022 11:08:49 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=A7Ra14H3j4k; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=i913s_VdJ5k; Domain=.youtube.com; Expires=Sun, 05-Mar-2023 11:08:49 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+639; expires=Thu, 05-Sep-2024 11:08:49 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
videoplay.me/play/favicon.png
3.64.163.50410 Gone 0 B URL HTTP/2 videoplay.me/play/favicon.png
IP 3.64.163.50:0
GET /play/favicon.png HTTP/1.1
Host: videoplay.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 410 Gone
server: openresty
date: Tue, 06 Sep 2022 11:08:49 GMT
content-type: image/png
X-Firefox-Spdy: h2