Report - fs1.app/videos/cawd-529/

Report Overview

Submitted URL
fs1.app/videos/cawd-529/
IP
172.67.208.183
ASN
#13335 CLOUDFLARENET
Submitted
2023-03-06 04:40:19
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	3.4 kB	192.229.221.95
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	58 kB	34.120.237.76
adservice.google.com	76	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	663 B	142.250.74.98
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.210.143.205
amuse-lefty.mushroomtrack.com	470514	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	1.8 MB	45.35.65.138
syndication.exosrv.com	20827	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	424 B	3.7 kB	95.211.229.248
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	964 B	172.64.155.188
a.labadena.com	296554	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	936 B	135.181.208.216
imasdk.googleapis.com	11661	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	123 kB	216.58.207.234
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	49 kB	142.250.74.35
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	8.0 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	375 B	79 kB	142.250.74.40
cdn.ggsfq.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	500 kB	172.67.164.16
s3t3d2y8.afcdn.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	910 B	29 kB	185.76.9.21
adserve.work	139208	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.8 kB	104.21.54.4
img.strpst.com	12993	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	389 B	39 kB	104.18.63.124
cdn.tapioni.com	167297	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	355 B	564 B	143.204.55.80
fs1.app	187561	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	808 B	1.7 kB	172.67.208.183
video.ktkjmp.com	23778	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	379 B	1.2 kB	104.18.62.235
syndication.realsrv.com	9112	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.5 kB	7.6 kB	95.211.229.248
go.admjmp.com	369709	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	930 B	104.18.51.106
a.realsrv.com	10080	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	1.0 kB	185.76.9.19
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.5 kB	9.1 kB	142.250.74.131
assets-cdn.jable.tv	201619	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	813 B	511 kB	15.235.9.226
cloudlogobox.com	136307	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	411 B	366 B	195.123.209.175
csi.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	858 B	142.250.195.99
cdn.plyr.io	14223	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	1.2 kB	104.27.194.88
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
pagead2.googlesyndication.com	101	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	388 B	14 kB	142.250.74.162
s0.2mdn.net	263	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	363 B	17 kB	172.217.21.166

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-06 04:40:08	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .work TLD
2023-03-06 04:40:08	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .work TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (29)

	URL	Size	First Seen	Last Seen
	a.realsrv.com/nativeads-v2.js	61 kB	2023-03-13	2023-05-03
Pretty URL a.realsrv.com/nativeads-v2.js IP 185.76.9.19 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:10:59 Last Seen2023-05-03 15:56:34 Times Seen212 Hash 16ac675aca0eca4960f7f430fabef329 1e16d6ff16b145ea5560344a5069decb64cf8bf4 630128fd494a3f222996b1631f5e9b721629e9424deb98a2fb8678ecf3594279 Loading...

	a.labadena.com/api/spots/220808?p=1&s1=%subid1%&kw=	1.2 kB	2023-03-14	2023-03-14
Pretty URL a.labadena.com/api/spots/220808?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 19:05:34 Last Seen2023-03-14 19:05:34 Times Seen1 Hash c2b058315fd7acbd8e51f46bf87a88c0 15dbef9ebc0d06d21bdcc2a6a14c39bdb922804b b585f3e395f001f39c94c9cc5e953d4962ace9c8cbfc6b7322c8f10cb107017c Loading...

	fs1.app/videos/cawd-529/	542 B	2023-03-07	2023-10-14
Pretty URL fs1.app/videos/cawd-529/ IP 172.67.208.183 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:29 Last Seen2023-10-14 03:55:58 Times Seen182 Hash 4260fa3e21992d6c606cb1f1bf3d2ff8 1904901f13b59cff253ea6a73deb322b1994c7a3 4d3fa6a2f8132a2fa1cb9cbe462bf817a52d915d24103c06a277b5b394f011c7 Loading...

	imasdk.googleapis.com/js/sdkloader/ima3.js	366 kB	2023-03-14	2023-03-14
Pretty URL imasdk.googleapis.com/js/sdkloader/ima3.js IP 216.58.207.234 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 16:44:04 Last Seen2023-03-14 19:49:08 Times Seen1 Hash 62e4d51755e11173016dc5541e75ff5f 48d21f7f969bb20388e500705025dffbf933c1cf c089ffa9c5f92974ce4da0c9dfb30d0733fce5c7159795f833151a6588c15ff2 Loading...

	fs1.app/videos/cawd-529/	163 B	2023-03-09	2024-04-25
Pretty URL fs1.app/videos/cawd-529/ IP 172.67.208.183 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:00:38 Last Seen2024-04-25 17:57:07 Times Seen17 Hash 2139f2687515f56592bb03499a281663 d4cf2f6ca5da10f4032bb8e2b9116e05d0c65f24 07599485b22e95419d53752dcd5285bedbd262e96f2a5830ad91aa76f5aace40 Loading...

	assets.fs1.app/assets/js/site.js?date=20190501	398 kB	2023-03-09	2024-04-25
Pretty URL assets.fs1.app/assets/js/site.js?date=20190501 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:00:38 Last Seen2024-04-25 17:57:09 Times Seen28 Hash f60affb2495c7b46219ba6fcd010775e 06f054a5298645a8877d5fee838cb55875baf7bd 78e60bb029a9bd66332fb7d8c86a067252f72a3ce5c1051ddc3968bcebdd6e77 Loading...

	creative.admjmp.com/widgets/Spot/lib.js	280 kB	2023-03-14	2023-03-29
Pretty URL creative.admjmp.com/widgets/Spot/lib.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 18:15:32 Last Seen2023-03-29 22:36:47 Times Seen8 Hash 641e530c11969e41b305efd037e3e1c9 242d54ec79b23ded3866df358b82ce005fbaa68e d7123912648d101e706704caf1e7f5af33ad74ce71029dc6d534d2113fa7970c Loading...

	cdn.tapioni.com/asg_embed.js	176 kB	2023-03-13	2023-03-26
Pretty URL cdn.tapioni.com/asg_embed.js IP 143.204.55.80 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 22:34:02 Last Seen2023-03-26 01:11:35 Times Seen12 Hash a0818e1715ff2ad66523fe336d894ac4 1b79f1c3cd877cba81a7a15d8656b195bfabc7ef 89498b73345eeb0acca52f28fd062b77efa63820b5b3f44186703df24e74a1df Loading...

	pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js	38 kB	2023-03-08	2023-03-26
Pretty URL pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:21 Last Seen2023-03-26 06:19:16 Times Seen48 Hash b054b2c9ee05d78b97e39d165e92b22d 3508ac777ab66bc558a7f66680b86ac182bd1cbc 49731245d7b2d723f5cb1dbec312f5853ae81729f0b8c3128c4051ab586a94e6 Loading...

	creative.admjmp.com/widgets/Spot/core.8279fceb3a9052568651.js	2.8 kB	2023-03-08	2023-03-29
Pretty URL creative.admjmp.com/widgets/Spot/core.8279fceb3a9052568651.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:55 Last Seen2023-03-29 22:36:47 Times Seen10 Hash 359b2afbdaf130c58ef26d4b5d79af6b 3f32573c560f6d3092dfaca0b2c67e47039ffb61 5b296fcc39a5a66d7b9e1865e47cbda9b5a90bf8d4f45f30ae034a1827f1396c Loading...

	adservice.google.com/adsid/integrator.js?domain=fs1.app	107 B	2023-03-07	2024-02-03
Pretty URL adservice.google.com/adsid/integrator.js?domain=fs1.app IP 142.250.74.98 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-02-03 18:43:04 Times Seen27539 Hash d9c47f48660b656705d0ff86fc850de8 bceb9478f69cdfc2eb87ae6b80e95dbaac8b6769 a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Loading...

	fs1.app/videos/cawd-529/	317 B	2023-03-14	2023-03-14
Pretty URL fs1.app/videos/cawd-529/ IP 172.67.208.183 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 19:05:34 Last Seen2023-03-14 19:05:34 Times Seen1 Hash 5ee93f6a3184e4cd4e69371b7f19a519 5b616c89529d5db306f2e093a71ec531c5466aad 76173e4acda38dd2c7384b08e688ad91abd94054ff130fbdada4ea69e890d7e9 Loading...

	a.labadena.com/api/spots/262182?host=fs1.app&ev=205&wh=898&ww=1280&uuid=&kw=%E7%94%B7%E5%8F%8B%E8%A6%96%E8%A7%92%2C%E8%A7%92%E8%89%B2%E5%8A%87%E6%83%85%2C%E5%88%B6%E6%9C%8D%E8%AA%98%E6%83%91%2C%E5%B0%91%E5%A5%B3%2C%E4%B8%AD%E5%87%BA%2C3P%2C%E7%97%B4%E5%A5%B3%2C%E6%A0%A1%E6%9C%8D%2C%E6%BC%81%E7%B6%B2%2C%E6%B1%BD%E8%BB%8A%2C%E5%85%94%E5%A5%B3%E9%83%8E%2C%E7%9C%BC%E9%8F%A1%E5%A8%98%2C%E6%9E%A2%E6%9C%A8%E3%81%82%E3%81%8A%E3%81%84%2C%E5%86%86%E4%BA%95%E8%90%8C%E8%8F%AF&s1=%25subid1%25	837 B	2023-03-14	2023-03-14
Pretty URL a.labadena.com/api/spots/262182?host=fs1.app&ev=205&wh=898&ww=1280&uuid=&kw=%E7%94%B7%E5%8F%8B%E8%A6%96%E8%A7%92%2C%E8%A7%92%E8%89%B2%E5%8A%87%E6%83%85%2C%E5%88%B6%E6%9C%8D%E8%AA%98%E6%83%91%2C%E5%B0%91%E5%A5%B3%2C%E4%B8%AD%E5%87%BA%2C3P%2C%E7%97%B4%E5%A5%B3%2C%E6%A0%A1%E6%9C%8D%2C%E6%BC%81%E7%B6%B2%2C%E6%B1%BD%E8%BB%8A%2C%E5%85%94%E5%A5%B3%E9%83%8E%2C%E7%9C%BC%E9%8F%A1%E5%A8%98%2C%E6%9E%A2%E6%9C%A8%E3%81%82%E3%81%8A%E3%81%84%2C%E5%86%86%E4%BA%95%E8%90%8C%E8%8F%AF&s1=%25subid1%25 IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 19:05:34 Last Seen2023-03-14 19:05:34 Times Seen1 Hash 5b323054dcd431ccf4ad1dbc297ff502 52a80da63446f0f3ff2fcd110c282852a4b0ecfe 38b7804485666fa15e0936934d4964ca69ce6767064c4036a7b2f5254e5cf405 Loading...

	www.googletagmanager.com/gtag/js?id=G-1DTX7D4FHE	222 kB	2023-03-14	2023-03-14
Pretty URL www.googletagmanager.com/gtag/js?id=G-1DTX7D4FHE IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 19:05:34 Last Seen2023-03-14 19:05:34 Times Seen1 Hash 3e231bae54520316f1d520fbffbd9c2e 0c028df7f2c7a2782999eb4ad8d4c8758174c8ac a970349a12eae2b1ceb61db7d50af67c424d47ca3d612c752169c406ec0f5311 Loading...

	fs1.app/videos/cawd-529/	892 B	2023-03-14	2023-03-14
Pretty URL fs1.app/videos/cawd-529/ IP 172.67.208.183 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 19:05:34 Last Seen2023-03-14 19:05:34 Times Seen1 Hash b6876a74cd76209ed859815051a6b6c0 c062e9d0111e6ca655e04c3351c3509fb2db6364 a75e3eaebcd1f5fbc14447c627a9903b1faed8b6d4cc79b8be30e3b47133044b Loading...

	a.labadena.com/api/spots/220808?p=1&s1=%subid1%&kw=	59 B	2023-03-07	2024-04-26
Pretty URL a.labadena.com/api/spots/220808?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-04-26 05:59:59 Times Seen3631 Hash de7507ad26c6c904109c87dd5dfac288 952cae1ce6ce1e74b010b31b4357424c12a5960c 09f81a5c463b570b389ce0b118a29bf489353d0ae7d47eefee9b9e7b703e0e02 Loading...

	a.realsrv.com/ad-provider.js	81 kB	2023-03-14	2023-03-26
Pretty URL a.realsrv.com/ad-provider.js IP 185.76.9.19 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 07:59:54 Last Seen2023-03-26 05:49:57 Times Seen105 Hash 679a3c481bb093773e1e566fe53ea95f b370a6087166092931ea2d574b0c1a02aef5cec7 02f9195df1894e6029d73d10098f895ec7a11c247aeef3b4cacbb465393d7f0d Loading...

	imasdk.googleapis.com/js/core/bridge3.559.1_en.html#goog_1760026060	352 B	2023-03-07	2024-04-26
Pretty URL imasdk.googleapis.com/js/core/bridge3.559.1_en.html#goog_1760026060 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-04-26 01:04:42 Times Seen3767 Hash ed714902dd4f1ac0547ae6a96924f09c d3bce72c128b0764bf3e719fa03be31d3f072467 140fb280504a3242f767176791c1cfbe8c7cef3bb489c20b851d926ba401e29e Loading...

	fs1.app/videos/cawd-529/	329 B	2023-03-14	2023-03-14
Pretty URL fs1.app/videos/cawd-529/ IP 172.67.208.183 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 19:05:34 Last Seen2023-03-14 19:05:34 Times Seen1 Hash ce175cb6bbb03b5438bde4d21b08738c bf3ca80983cdd903e47e116a8813c09b9e97ca3c eb0052a03cb4ffa44476971982ef5512965b651fd4d8c2f5e446abddb0db3c9b Loading...

	assets.fs1.app/assets/js/player.js	424 kB	2023-03-09	2023-04-18
Pretty URL assets.fs1.app/assets/js/player.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:05:28 Last Seen2023-04-18 08:31:17 Times Seen8 Hash abdf1acf54e0ecb3d27d7644fcd99fa0 f1d5707a70c133d60ddde203163e96739082254e e058110d4daf20b3b28bc2b4ccc130e7ab3061154638edd70600795520013eab Loading...

	fs1.app/videos/cawd-529/	1.2 kB	2023-03-09	2023-07-29
Pretty URL fs1.app/videos/cawd-529/ IP 172.67.208.183 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:00:38 Last Seen2023-07-29 14:18:19 Times Seen11 Hash 22e062671ee64888ab3483706a9071ed 5f3d3b041b5b37b8bd59715429eb06d3c4cb90a9 03fa6fe04a9b18434fcd9fb7e69e8fb73ba45563ecffab60cd213e508fd4269b Loading...

	a.labadena.com/api/spots/220808?p=1&s1=%subid1%&kw=	312 B	2023-03-09	2023-07-29
Pretty URL a.labadena.com/api/spots/220808?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:00:38 Last Seen2023-07-29 14:18:19 Times Seen8 Hash 343787d3375948478c2a17f3c7e182c4 89312f932149bcd71e6a71318c3eed84aa6280ae 1d990ca7ffe98cf6746e3357be655f38b09ef5eff1eb45bc4f1c007e51f85cc5 Loading...

	a.labadena.com/api/spots/220808?p=1&s1=%subid1%&kw=	993 B	2023-03-07	2023-11-21
Pretty URL a.labadena.com/api/spots/220808?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2023-11-21 01:22:39 Times Seen1071 Hash 02ebf860493181f6a40c089a99a9314d 34ba6d5eeb1106efda796d1f2c9545569c080141 9a9c68ef482c59f82d285a44bd678fd6f068716fb1cbd80bd43d2493bc805f73 Loading...

	a.labadena.com/api/spots/220808?p=1&s1=%subid1%&kw=	951 B	2023-03-14	2023-03-14
Pretty URL a.labadena.com/api/spots/220808?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 19:05:34 Last Seen2023-03-14 19:05:34 Times Seen1 Hash eeaeb620056da4b1ccebb4949098a698 e5a2dc054e255b394058422248af8f44a1d2739e e236b9ce520e3ea166cd5600e39fa71356cdaa3cbbfee5a2c10a96b78d7fb014 Loading...

	imasdk.googleapis.com/js/core/bridge3.559.1_en.html#goog_1760026060	659 kB	2023-03-14	2023-03-14
Pretty URL imasdk.googleapis.com/js/core/bridge3.559.1_en.html#goog_1760026060 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 16:44:04 Last Seen2023-03-14 19:49:08 Times Seen1 Hash 5adcb4d80ddba41e91abc02bced5c36a dd17a087c5642edec90910491918acb00c77a80d c620e76c7958f32314c7f57d66cd7e4445ca5f71aee3a7119db69ea806046b3f Loading...

	s0.2mdn.net/instream/video/client.js	45 kB	2023-03-07	2024-04-16
Pretty URL s0.2mdn.net/instream/video/client.js IP 172.217.21.166 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:07 Last Seen2024-04-16 17:57:15 Times Seen1108 Hash 6583128f6d84d81bfd8cbbf3f2d13fc8 47db6dc2fb779dea41436f1aef6b38b90588774b d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 628631f07321b22d8c176c200c855e1b	3 B	2023-03-07	2024-04-23
Pretty Observations First Seen2023-03-07 01:06:52 Last Seen2024-04-23 19:14:37 Times Seen431 Hash 628631f07321b22d8c176c200c855e1b 088fb1a4ab057f4fcf7d487006499060c7fe5773 0aad7da77d2ed59c396c99a74e49f3a4524dcdbcb5163251b1433d640247aeb4 Loading...

		Size	First Seen	Last Seen
	#1 Write - 91940429d6f15be8bb68c77c2dd22914	247 B	2023-03-09	2023-07-29
Pretty Observations First Seen2023-03-09 22:00:38 Last Seen2023-07-29 14:18:19 Times Seen8 Hash 91940429d6f15be8bb68c77c2dd22914 c4a54ad155968ccb4234991492993412634ec34a f45d1cf1a383e67d4b76edeb067dcfbd347d085c5f87bd9ab7d8453e27d6b173 Loading...

	#2 Write - f2e81c7d15b8e4a92e64a726564796f5	437 B	2023-03-14	2023-03-14
Pretty Observations First Seen2023-03-14 19:05:34 Last Seen2023-03-14 19:05:34 Times Seen1 Hash f2e81c7d15b8e4a92e64a726564796f5 aee61c2e79bf1dbf7b33437ffbe3a2d5948ba99f b849d795576d2e4389f1f3a8edb4efed8c711c8ae705b0727c6e7f8c2bbde65f Loading...

HTTP Transactions (81)

	URL	IP	Response	Size
	fs1.app/videos/cawd-529/	172.67.208.183	301 Moved Permanently	166 B
URL HTTP/1.1 fs1.app/videos/cawd-529/ IP 172.67.208.183:0 ASN #13335 CLOUDFLARENET File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 166 B (166 bytes) Hash 3ea1c8d079b38532a6e01a96216ba5e2 598d3ff91d3e252f1e13df8cf0348b270ff2da3f 87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691 HTTP Headers `GET /videos/cawd-529/ HTTP/1.1 Host: fs1.app User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 301 Moved Permanently Date: Mon, 06 Mar 2023 04:40:07 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive Location: https://fs1.app/videos/cawd-529/ Strict-Transport-Security: max-age=15768000 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3cK1N%2FQwzhshEwAWpS%2FjOPLAsR28KAx5Q7P2HZb8PFzasUiUeBV%2Fg7%2BW427TjnV6fK%2Fby%2BSXxGDgHAvBCYWGppYxff0%2BRwr2fieE7WAiBOk2gK15X0C2mjP"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7a37eb32c8ecb50f-OSL alt-svc: h2=":443"; ma=60

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash cf14baed0842431a08367ed54f2346ca d943be8835b7e4470e3d6fbe09ac39c5464be434 a45fbc8cdddc9f43c0c3c7d73cbb2cdf3cf4c4cd2df20802925b795da5048aa4 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A45FBC8CDDDC9F43C0C3C7D73CBB2CDF3CF4C4CD2DF20802925B795DA5048AA4" Last-Modified: Sun, 05 Mar 2023 02:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14543 Expires: Mon, 06 Mar 2023 08:42:30 GMT Date: Mon, 06 Mar 2023 04:40:07 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash edf4102b9efce8261382541ecd721da5 23a30610ea113c9f93b0ce302ce3df010bd56f05 88c132ab9697f01e979e74208e0ae12ec410c26b7a79f0cead4f9c8f86d12fda HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "88C132AB9697F01E979E74208E0AE12EC410C26B7A79F0CEAD4F9C8F86D12FDA" Last-Modified: Sat, 04 Mar 2023 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13968 Expires: Mon, 06 Mar 2023 08:32:55 GMT Date: Mon, 06 Mar 2023 04:40:07 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 84db75194692d4afe13196bda6f22da8 4c1f49bc973a4917f146d93c8d598344edc021f6 a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Alert, Content-Length, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Mon, 06 Mar 2023 04:13:20 GMT content-type: application/json age: 1607 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 5034bcceb9691ad6244be6045742ab53 51e77cdc92833432cd26b13f28875791a187c63c 540637d0d69c1201dcb2dd813b40e64cd07c5bd7685d46a7bad4d437a4e7aeea HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "540637D0D69C1201DCB2DD813B40E64CD07C5BD7685D46A7BAD4D437A4E7AEEA" Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3516 Expires: Mon, 06 Mar 2023 05:38:43 GMT Date: Mon, 06 Mar 2023 04:40:07 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash b5ba6334e73496995e3e3a9ecd0eb323 ad80d3b7718c28364e8c2004fb38a13a1747e462 aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: cmu0BZ9dqVYyDbGdTYzHLXjpY6d7Dq0GDt214tlJyKr8nYaXGbubuMrbqODevwKIkD7g+xNsLLk= x-amz-request-id: 63B6SRTN9QE30KQN x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Mon, 06 Mar 2023 04:16:59 GMT age: 1388 last-modified: Sat, 18 Feb 2023 20:28:27 GMT etag: "b5ba6334e73496995e3e3a9ecd0eb323" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Mon, 06 Mar 2023 04:40:07 GMT content-type: application/json content-length: 12 access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash fed02b60cdde629ed9682f466ed27c05 ca8a522c9deb45527119e5d243ddb316a0e22a44 0d653eca33ea40a8bcaf632dd27528d1ff4f3dfeb6497952edd530241f1cf69e HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 06 Mar 2023 04:40:07 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 1dfdbbe528416d7653788c31a945540d ce7e4b0cc913dcf90dcb43ca51706e2ff0677eaf 872f2081ef126a0358e196338a21f095c376652feaa7cb9b2bfd6f3149838f60 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "872F2081EF126A0358E196338A21F095C376652FEAA7CB9B2BFD6F3149838F60" Last-Modified: Sat, 04 Mar 2023 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3004 Expires: Mon, 06 Mar 2023 05:30:11 GMT Date: Mon, 06 Mar 2023 04:40:07 GMT Connection: keep-alive`

	www.googletagmanager.com/gtag/js?id=G-1DTX7D4FHE	142.250.74.40	200 OK	78 kB
URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-1DTX7D4FHE IP 142.250.74.40:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (19467) Size 78 kB (78160 bytes) Hash 15c99d0e692481ee4f44dc078c4b37cf 069ff6880a239d8b51cabc580e58e4fe9c6d1689 67e307947c171c6ffc7ae8b0b1a762db491e2918b7e7f7a14f0aa01d963d6d31 HTTP Headers `GET /gtag/js?id=G-1DTX7D4FHE HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fs1.app/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Mon, 06 Mar 2023 04:40:07 GMT expires: Mon, 06 Mar 2023 04:40:07 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 78160 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: ETag, Cache-Control, Expires, Alert, Content-Type, Pragma, Retry-After, Last-Modified, Backoff, Content-Length content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Mon, 06 Mar 2023 04:12:30 GMT age: 1657 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.sectigo.com/	172.64.155.188	200 OK	472 B
URL HTTP/1.1 ocsp.sectigo.com/ IP 172.64.155.188:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash b9ad24178aa344ed7c9f7b717215be5b 6ece7555284a4c8b16bf5875c4dc355dd5238ae8 33544b52dff75731b2f31cc3e3b864917852aba04bf8600c78d8f2a49b8baa15 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Mon, 06 Mar 2023 04:40:07 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Fri, 03 Mar 2023 22:07:03 GMT Expires: Fri, 10 Mar 2023 22:07:02 GMT Etag: "6ece7555284a4c8b16bf5875c4dc355dd5238ae8" Cache-Control: max-age=407814,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb6 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7a37eb395dcab50b-OSL`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash fed02b60cdde629ed9682f466ed27c05 ca8a522c9deb45527119e5d243ddb316a0e22a44 0d653eca33ea40a8bcaf632dd27528d1ff4f3dfeb6497952edd530241f1cf69e HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 06 Mar 2023 04:40:07 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.digicert.com/	192.229.221.95	200 OK	278 B
URL HTTP/1.1 ocsp.digicert.com/ IP 192.229.221.95:0 ASN #15133 EDGECAST File type data Size 278 B (278 bytes) Hash c3bedafa7f10c2daaf00ebf5cd8baa42 c36d67e6cd7b27bdfa107c670e5fff7977e4d7ad c07c1bb4de21b08d4530fdd569f58037b87810f7296d008694fc06e949c7624d HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 76329 Cache-Control: max-age=155344 Content-Type: application/ocsp-response Date: Mon, 06 Mar 2023 04:40:08 GMT Etag: "6404004f-116" Expires: Tue, 07 Mar 2023 23:49:12 GMT Last-Modified: Sun, 05 Mar 2023 02:37:03 GMT Server: ECAcc (ska/F776) X-Cache: HIT Content-Length: 278`

	ocsp.digicert.com/	192.229.221.95	200 OK	277 B
URL HTTP/1.1 ocsp.digicert.com/ IP 192.229.221.95:0 ASN #15133 EDGECAST File type data Size 277 B (277 bytes) Hash 1a72b20df39fde105d4e21888065791f 1d5902f86adb6db3930b1a4d211d088f6c9de403 56e3bf10716e4ab4290913ec738672c3a5f8c186c07190bbf3110e84d563bbf8 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 7370 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Mon, 06 Mar 2023 04:40:08 GMT Last-Modified: Mon, 06 Mar 2023 02:37:18 GMT Server: ECAcc (ska/F775) X-Cache: HIT Content-Length: 277`

	video.ktkjmp.com/adsbygoogle.js	104.18.62.235	200 OK	16 B
URL HTTP/2 video.ktkjmp.com/adsbygoogle.js IP 104.18.62.235:0 ASN #13335 CLOUDFLARENET File type ASCII text Size 16 B (16 bytes) Hash 3d7f7a60216d40dea48e495fef6903c9 fecdb5184f55cf012563d78940eb97b10b9cc99b 96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f HTTP Headers `GET /adsbygoogle.js HTTP/1.1 Host: video.ktkjmp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://fs1.app/ Origin: https://fs1.app Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Mon, 06 Mar 2023 04:40:08 GMT content-type: application/javascript content-length: 16 x-amz-id-2: 7iIyc7Ag8eM1PmQKkZUs1U8x0f2SmDI2Ad62JbfPgYZ5ZX/ff7tNmM7D6ZcqqzMdy889OzJ5o2M= x-amz-request-id: P4QE4WF5DHQRSN3T last-modified: Thu, 10 Mar 2022 13:52:07 GMT etag: "3d7f7a60216d40dea48e495fef6903c9" x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG access-control-allow-origin: https://fs1.app access-control-allow-credentials: true access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with cf-cache-status: HIT expires: Mon, 06 Mar 2023 08:40:08 GMT cache-control: public, max-age=14400 accept-ranges: bytes set-cookie: __cflb=02DiuDfsBaY2bRYJiCg3Rc4wrBy1LXpo889L9iZTnb2zQ; SameSite=None; Secure; path=/; expires=Tue, 07-Mar-23 03:40:08 GMT; HttpOnly vary: Accept-Encoding server: cloudflare cf-ray: 7a37eb3a4b1efabc-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	assets-cdn.jable.tv/assets/images/placeholder-md.jpg	15.235.9.226	200 OK	15 kB
URL HTTP/2 assets-cdn.jable.tv/assets/images/placeholder-md.jpg IP 15.235.9.226:0 ASN #16276 OVH SAS File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5.1 Windows, datetime=2019:03:31 18:12:59], progressive, precision 8, 336x188, components 3\012- data Size 15 kB (14601 bytes) Hash ac9ea1a555198470671238d214b2e489 4a22f147e57e2781e0b302ac2c156d1999793cdb 58be1d54819c76bc997fee25de298613a1565c7f6c8ef01629511315422b7468 HTTP Headers `GET /assets/images/placeholder-md.jpg HTTP/1.1 Host: assets-cdn.jable.tv User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fs1.app/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: openresty date: Mon, 06 Mar 2023 04:40:08 GMT content-type: image/jpeg content-length: 14601 last-modified: Sun, 31 Mar 2019 10:13:04 GMT etag: "5ca092b0-3909" strict-transport-security: max-age=15768000 expires: Wed, 05 Apr 2023 04:40:08 GMT cache-control: max-age=2592000 accept-ranges: bytes X-Firefox-Spdy: h2`

	ocsp.digicert.com/	192.229.221.95	200 OK	277 B
URL HTTP/1.1 ocsp.digicert.com/ IP 192.229.221.95:0 ASN #15133 EDGECAST File type data Size 277 B (277 bytes) Hash 1a72b20df39fde105d4e21888065791f 1d5902f86adb6db3930b1a4d211d088f6c9de403 56e3bf10716e4ab4290913ec738672c3a5f8c186c07190bbf3110e84d563bbf8 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 7370 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Mon, 06 Mar 2023 04:40:08 GMT Last-Modified: Mon, 06 Mar 2023 02:37:18 GMT Server: ECAcc (ska/F775) X-Cache: HIT Content-Length: 277`

	ocsp.digicert.com/	192.229.221.95	200 OK	278 B
URL HTTP/1.1 ocsp.digicert.com/ IP 192.229.221.95:0 ASN #15133 EDGECAST File type data Size 278 B (278 bytes) Hash 813f832037c3bf085976b70037abdcc7 ef6d33e32de1883de64732ed5c7cf6c0c75115c0 9080b8bf87550293c2c6aee38758b52d618dc989ddc400cf5a7075114c80eb4d HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 4755 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Mon, 06 Mar 2023 04:40:08 GMT Etag: "6402aecc-116" Last-Modified: Mon, 06 Mar 2023 03:20:53 GMT Server: ECAcc (amb/6AD1) X-Cache: HIT Content-Length: 278`

	push.services.mozilla.com/	34.210.143.205	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 34.210.143.205:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: xBhUSMC1kNMCcw/YsMXGgQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: a7z9YoGV4aZTIJ78hinF1YmtlCY=`

	ocsp.digicert.com/	192.229.221.95	200 OK	280 B
URL HTTP/1.1 ocsp.digicert.com/ IP 192.229.221.95:0 ASN #15133 EDGECAST File type data Size 280 B (280 bytes) Hash 1b413dd4e5027059c64870af0b27400d d38cc26fa1c79ce94e48184f5b39b92a9c075329 add859317f524c4939cc434b0972d730db9e60c5f832423a31298bce3218092f HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 67574 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Mon, 06 Mar 2023 04:40:08 GMT Last-Modified: Sun, 05 Mar 2023 09:53:54 GMT Server: ECAcc (ska/F6D2) X-Cache: HIT Content-Length: 280`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 0b2a6c80075ac612fdd0c0db8ecc7508 816bcd2a7acf9dbf93e52adbe3549a2945d4cbfb f5b916b912ad2c776304ec956a0d8c6e383551ae5f4c9c15bdf82b2db499d02b HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 06 Mar 2023 04:40:08 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2	142.250.74.35	200 OK	15 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP 142.250.74.35:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data Size 15 kB (15344 bytes) Hash 5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc HTTP Headers `GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://fs1.app Connection: keep-alive Referer: https://assets.fs1.app/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15344 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 02 Mar 2023 21:48:03 GMT expires: Fri, 01 Mar 2024 21:48:03 GMT cache-control: public, max-age=31536000 age: 283925 last-modified: Mon, 16 Oct 2017 17:32:55 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 0b2a6c80075ac612fdd0c0db8ecc7508 816bcd2a7acf9dbf93e52adbe3549a2945d4cbfb f5b916b912ad2c776304ec956a0d8c6e383551ae5f4c9c15bdf82b2db499d02b HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 06 Mar 2023 04:40:08 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2	142.250.74.35	200 OK	16 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP 142.250.74.35:0 ASN #15169 GOOGLE File type data Size 16 kB (15467 bytes) Hash c575e672e9f626492bf0bbb478de1549 7a105950a60ae2e4ee59dac9171512a06461e51e 95f0dd6c6e5d28169197dbbd6b5c56d41cbe7968f0e8a243a9524d25e95897cb HTTP Headers `GET /s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://fs1.app Connection: keep-alive Referer: https://assets.fs1.app/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15436 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 28 Feb 2023 18:48:55 GMT expires: Wed, 28 Feb 2024 18:48:55 GMT cache-control: public, max-age=31536000 age: 467473 last-modified: Mon, 16 Oct 2017 17:33:12 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2	142.250.74.35	200 OK	16 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP 142.250.74.35:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data Size 16 kB (15552 bytes) Hash 285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 HTTP Headers `GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://fs1.app Connection: keep-alive Referer: https://assets.fs1.app/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15552 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 02 Mar 2023 17:56:42 GMT expires: Fri, 01 Mar 2024 17:56:42 GMT cache-control: public, max-age=31536000 age: 297806 last-modified: Mon, 16 Oct 2017 17:33:02 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 0b2a6c80075ac612fdd0c0db8ecc7508 816bcd2a7acf9dbf93e52adbe3549a2945d4cbfb f5b916b912ad2c776304ec956a0d8c6e383551ae5f4c9c15bdf82b2db499d02b HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 06 Mar 2023 04:40:08 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	syndication.realsrv.com/splash.php?native-settings=1&idzone=3377859&cookieconsent=true&&p=https%3A%2F%2Ffs1.app%2Fvideos%2Fcawd-529%2F	95.211.229.248	200 OK	1.8 kB
URL HTTP/1.1 syndication.realsrv.com/splash.php?native-settings=1&idzone=3377859&cookieconsent=true&&p=https%3A%2F%2Ffs1.app%2Fvideos%2Fcawd-529%2F IP 95.211.229.248:0 ASN #60781 LeaseWeb Netherlands B.V. File type JSON data\012- , ASCII text, with very long lines (3437), with no line terminators Size 1.8 kB (1830 bytes) Hash 38a4ed21cac1a0b8d2a8fa2e560838e9 8eef2c860c631b0eeec4af3ddcb4f0368e72748d d41d32582ca43a5c4af9d5793e264ab507e9636c7a3ad2e37c1062b3e4641cf0 HTTP Headers `GET /splash.php?native-settings=1&idzone=3377859&cookieconsent=true&&p=https%3A%2F%2Ffs1.app%2Fvideos%2Fcawd-529%2F HTTP/1.1 Host: syndication.realsrv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://fs1.app Connection: keep-alive Referer: https://fs1.app/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Server: nginx Date: Mon, 06 Mar 2023 04:40:08 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: https://fs1.app Access-Control-Allow-Credentials: true Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2264056ea8436b88.71043300536494041%22%3B%7D; expires=Wed, 05 Mar 2025 04:40:08 GMT; path=; domain=.realsrv.com; Secure; SameSite=none impressions=cxbmsbocnxgxambemxebageimlxbaxbcnxgxammsoscaageicxbmsbcenxgxammcbembcgeioslmrxbmnxgxammlsorobgeimcclsoeonxgxamaosaeosgeioslmrxbrnxgxambemebbogeimlxbaxbanxgxambemxebageioslmroemnxgxammmarbbxgeimcclsxlonxgxambecbclageimcclossbnxgxammcoeebmgeimlxbaxlonxgxammmrmcemgeicxbmsboenxgxammbscexbgeimlxbaxlcnxgxamaalxboageicxbmsbxcnxgxammmarbbxgeimlxbaxlenxgxambecbclageimlxbaxbonxgxammccroaogeialbserxonxgxamaboseaogeioslmrxlsnxgxammalxolxgeimlxbaxbbnxgxammcoxbbegeimlxbaxlanxgxammcxmlergeimccloscanxgxammmarbbxgeialbsereanxgxammesrlxegeimlxbaxbenxgxammscrrcogeialbserecnxgxammcocxcrgeimcclsxcanxgxammcxescmgeimcclsxlcnxgxambemebbogeirbabxabbnxgxammcoeebmgeimcclsxxonxgxammcoeebmgeimcclsxlbnxgxammcoeebmgeicmmsxaeenxgxammcoeebmgeimcclsxacnxgxammccaeeageimcclsxsbnxgxammcoeebmgeicaocmrmanxgxammcocxcrgeicaxsscmbnxgxammcocxcrgeislsaroornxgxambemxebageimbsblroanxrgxambeoaoxegxcceimlbxcrlbnogxambeoaoxegxcceimxlbmxlcnogxambecrmosgxcceimsacexoonxgxambecrmosgxcceimxeoxsacnagxambecrmosgxcceimrmbbraenxgxambecmasagxcceimrmbbrcanogxambecmasagxcceimlasxxcanxgxambecmbregxcceimlaseelenxgxambecmbregxcceimemlxmcbnxgxambecmbmagxcceimclxlloanxgxambecmbmagxcceibeersbrcnrgxambecmbmagxcceimmlamcecnxgxambecmbmagxcceimsleoaronxgxambecmbmagxcceixaoosscrnxgxambecmbmagxcceixaoossalnxgxambecmbmagxcceibeeblbcbnxgxambecmbmagxcceimlrcamabnogxambecmbmagxcceimxlbmoscnogxambecmbmagxcceimlbxcrlanogxambecmbmagxcceimxlbmosonogxambecmbmagxcceimxlbmosanogxambecmbmagxcceimmraexoenxgxambecboecgxcceimmraexsenxgxambecboecgxcceimmraexoonxgxambecboecgxcceimxxerrxenxgxambecbsemgxcceimrmbbrrcnxgxambecleolgxcceimlalarbcnxgxambereeaxgxcceialrexexbnxgxamberxblbgxcceialrexeoonxgxamberxblbgxcceimasbmxconxgxambersaecgxcceimlalacobnxgxambersmasgxcceimxlbalscnogxambersmasgxcceimlasxoconxgxambersmacgxcceiaaxcambbnxgxambercmbmgxcceicloaxxaanxgxambercbrogxcceimlclemsonxgxambercbrogxcceimllslrsanxgxambercbrogxcceibeersbronxgxamberasxxgcbeimxxrecsanxgxamberlbbcgxcceimllrabmanxgxamberlbbrgxcceimllrabmonxgxamberlbbrgxcceimllrabbcnxgxamberlbbrgxcceimmroseconsgxambeaecllgxcceicloaxxacnxgxambeaecllgxcceimlmbrsaenxgxambeaxeslgxcceircmbbroanxgxambeaxboogxcceimclsaoxbnogxambeascocgxcceimbbcemobnxgxambeascocgxcceimoobcomanxgxambeascocgxcceiccblrxrbnxgxambeascocgxcceimlbemecanxgxambeaslmrgcbeimlaxeemenxgxambeacbelgxcceimlrcamaonogxambeacbxegxcceimllslrsonsgxambealelagxcceimlslsbsanxgxambealelagxcceimllslrsenxgxambealelagxcceimxxerrecnxgxambemxebagxcceimbbcemoanogxambemxebagxcceimrxccosonxgxambemxebagxcceimxlbmxbbnxgxambemxebmgxcceimxxerreonxgxambemxebmgxcceicloaxxmenxgxambemrssogxcceimxlbalcenxgxambemmaebgxcce; expires=Tue, 07 Mar 2023 04:40:08 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C3377859%7C71986940%7C100644%7C%7C99%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Ca8b2c1b202f0007b1263a9cac3ef982f%7C0%7Cfs1.app%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Tue, 07 Mar 2023 04:40:08 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip

	a.labadena.com/api/click/12127387160658219095?c=90	135.181.208.216	200 OK	0 B
URL HTTP/2 a.labadena.com/api/click/12127387160658219095?c=90 IP 135.181.208.216:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /api/click/12127387160658219095?c=90 HTTP/1.1 Host: a.labadena.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://a.labadena.com/api/spots/220808?p=1&s1=%subid1%&kw= Cookie: nauid=Xix7c8qbv0VybLDZFmVC Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Mon, 06 Mar 2023 04:40:08 GMT content-length: 0 access-control-allow-credentials: true access-control-allow-origin: * cache-control: private X-Firefox-Spdy: h2`

	amuse-lefty.mushroomtrack.com/hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/thumbvtt.ts	45.35.65.138	200 OK	8.3 kB
URL HTTP/2 amuse-lefty.mushroomtrack.com/hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/thumbvtt.ts IP 45.35.65.138:0 ASN #40676 AS40676 File type ASCII text Size 8.3 kB (8305 bytes) Hash ef4edd73518f517e496c674e3238d585 cecf658669a65a77ef57aef204c1dbd204d6c12e 74f44f54306c2f2f7ea15803e849f18d212ada48dff444695836995cec94ecb8 HTTP Headers `GET /hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/thumbvtt.ts HTTP/1.1 Host: amuse-lefty.mushroomtrack.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://fs1.app Connection: keep-alive Referer: https://fs1.app/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: openresty date: Mon, 06 Mar 2023 04:40:08 GMT content-type: video/mp2t content-length: 8305 last-modified: Sat, 04 Mar 2023 05:09:25 GMT etag: "6402d285-2071" expires: Tue, 07 Mar 2023 04:40:08 GMT cache-control: max-age=86400 access-control-allow-origin: https://fs1.app accept-ranges: bytes X-Firefox-Spdy: h2`

	syndication.realsrv.com/v1/api.php	95.211.229.248	200 OK	1.3 kB
URL HTTP/1.1 syndication.realsrv.com/v1/api.php IP 95.211.229.248:0 ASN #60781 LeaseWeb Netherlands B.V. File type JSON data\012- , ASCII text, with very long lines (1706), with no line terminators Size 1.3 kB (1272 bytes) Hash e2437529430667f579b8533a2bc38637 909d9a56c710ef28659a54798b6261b750e04727 5943d173efc559d2d2546e61c295ddd27f93130d69e2eec676327a948055e0bc HTTP Headers POST /v1/api.php HTTP/1.1 Host: syndication.realsrv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 323 Origin: https://a.labadena.com Connection: keep-alive Referer: https://a.labadena.com/ Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2264056ea8436b88.71043300536494041%22%3B%7D; impressions=cxbmsbocnxgxambemxebageimlxbaxbcnxgxammsoscaageicxbmsbcenxgxammcbembcgeioslmrxbmnxgxammlsorobgeimcclsoeonxgxamaosaeosgeioslmrxbrnxgxambemebbogeimlxbaxbanxgxambemxebageioslmroemnxgxammmarbbxgeimcclsxlonxgxambecbclageimcclossbnxgxammcoeebmgeimlxbaxlonxgxammmrmcemgeicxbmsboenxgxammbscexbgeimlxbaxlcnxgxamaalxboageicxbmsbxcnxgxammmarbbxgeimlxbaxlenxgxambecbclageimlxbaxbonxgxammccroaogeialbserxonxgxamaboseaogeioslmrxlsnxgxammalxolxgeimlxbaxbbnxgxammcoxbbegeimlxbaxlanxgxammcxmlergeimccloscanxgxammmarbbxgeialbsereanxgxammesrlxegeimlxbaxbenxgxammscrrcogeialbserecnxgxammcocxcrgeimcclsxcanxgxammcxescmgeimcclsxlcnxgxambemebbogeirbabxabbnxgxammcoeebmgeimcclsxxonxgxammcoeebmgeimcclsxlbnxgxammcoeebmgeicmmsxaeenxgxammcoeebmgeimcclsxacnxgxammccaeeageimcclsxsbnxgxammcoeebmgeicaocmrmanxgxammcocxcrgeicaxsscmbnxgxammcocxcrgeislsaroornxgxambemxebageimbsblroanxrgxambeoaoxegxcceimlbxcrlbnogxambeoaoxegxcceimxlbmxlcnogxambecrmosgxcceimsacexoonxgxambecrmosgxcceimxeoxsacnagxambecrmosgxcceimrmbbraenxgxambecmasagxcceimrmbbrcanogxambecmasagxcceimlasxxcanxgxambecmbregxcceimlaseelenxgxambecmbregxcceimemlxmcbnxgxambecmbmagxcceimclxlloanxgxambecmbmagxcceibeersbrcnrgxambecmbmagxcceimmlamcecnxgxambecmbmagxcceimsleoaronxgxambecmbmagxcceixaoosscrnxgxambecmbmagxcceixaoossalnxgxambecmbmagxcceibeeblbcbnxgxambecmbmagxcceimlrcamabnogxambecmbmagxcceimxlbmoscnogxambecmbmagxcceimlbxcrlanogxambecmbmagxcceimxlbmosonogxambecmbmagxcceimxlbmosanogxambecmbmagxcceimmraexoenxgxambecboecgxcceimmraexsenxgxambecboecgxcceimmraexoonxgxambecboecgxcceimxxerrxenxgxambecbsemgxcceimrmbbrrcnxgxambecleolgxcceimlalarbcnxgxambereeaxgxcceialrexexbnxgxamberxblbgxcceialrexeoonxgxamberxblbgxcceimasbmxconxgxambersaecgxcceimlalacobnxgxambersmasgxcceimxlbalscnogxambersmasgxcceimlasxoconxgxambersmacgxcceiaaxcambbnxgxambercmbmgxcceicloaxxaanxgxambercbrogxcceimlclemsonxgxambercbrogxcceimllslrsanxgxambercbrogxcceibeersbronxgxamberasxxgcbeimxxrecsanxgxamberlbbcgxcceimllrabmanxgxamberlbbrgxcceimllrabmonxgxamberlbbrgxcceimllrabbcnxgxamberlbbrgxcceimmroseconsgxambeaecllgxcceicloaxxacnxgxambeaecllgxcceimlmbrsaenxgxambeaxeslgxcceircmbbroanxgxambeaxboogxcceimclsaoxbnogxambeascocgxcceimbbcemobnxgxambeascocgxcceimoobcomanxgxambeascocgxcceiccblrxrbnxgxambeascocgxcceimlbemecanxgxambeaslmrgcbeimlaxeemenxgxambeacbelgxcceimlrcamaonogxambeacbxegxcceimllslrsonsgxambealelagxcceimlslsbsanxgxambealelagxcceimllslrsenxgxambealelagxcceimxxerrecnxgxambemxebagxcceimbbcemoanogxambemxebagxcceimrxccosonxgxambemxebagxcceimxlbmxbbnxgxambemxebmgxcceimxxerreonxgxambemxebmgxcceicloaxxmenxgxambemrssogxcceimxlbalcenxgxambemmaebgxcce; c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C3377859%7C71986940%7C100644%7C%7C99%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Ca8b2c1b202f0007b1263a9cac3ef982f%7C0%7Cfs1.app%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site `HTTP/1.1 200 OK Server: nginx Date: Mon, 06 Mar 2023 04:40:08 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: https://a.labadena.com Access-Control-Allow-Headers: Authorization, Content-Type Access-Control-Request-Method: POST Access-Control-Allow-Credentials: true X-Robots-Tag: noindex, follow Content-Encoding: gzip`

	amuse-lefty.mushroomtrack.com/hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/6025df39112b8b81.ts	45.35.65.138	200 OK	16 B
URL HTTP/2 amuse-lefty.mushroomtrack.com/hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/6025df39112b8b81.ts IP 45.35.65.138:0 ASN #40676 AS40676 File type data Size 16 B (16 bytes) Hash 814f87d06a9a7a45e6426c39d769ae3d a6f961ed12a5c5351fe49621be5485def63fa775 468b6417623f3b7e6b3876c4e7ea9bc5310f58f2fa76999e5844d4c0cf985910 HTTP Headers `GET /hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/6025df39112b8b81.ts HTTP/1.1 Host: amuse-lefty.mushroomtrack.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://fs1.app Connection: keep-alive Referer: https://fs1.app/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK server: openresty date: Mon, 06 Mar 2023 04:40:08 GMT content-type: video/mp2t content-length: 16 last-modified: Sat, 04 Mar 2023 05:09:24 GMT etag: "6402d284-10" expires: Tue, 07 Mar 2023 04:40:08 GMT cache-control: max-age=86400 access-control-allow-origin: https://fs1.app accept-ranges: bytes X-Firefox-Spdy: h2`

	cdn.ggsfq.xyz/creative/20230214_Jable_(300x250)_F_TC_gif.gif	172.67.164.16	200 OK	499 kB
URL HTTP/2 cdn.ggsfq.xyz/creative/20230214_Jable_(300x250)_F_TC_gif.gif IP 172.67.164.16:0 ASN #13335 CLOUDFLARENET File type GIF image data, version 89a, 300 x 250\012- data Size 499 kB (498775 bytes) Hash a6728e53934e97c6a8f431ca8716a413 70f26e76c52edefa2342460cb2e561fbc2b97860 6b15b25c06762ae676c0158b995f728c41a0b3353f2c6902b11318ec54979f33 HTTP Headers `GET /creative/20230214_Jable_(300x250)_F_TC_gif.gif HTTP/1.1 Host: cdn.ggsfq.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://adserve.work/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Mon, 06 Mar 2023 04:40:08 GMT content-type: image/gif content-length: 498775 etag: "a6728e53934e97c6a8f431ca8716a413" last-modified: Tue, 14 Feb 2023 07:27:40 GMT x-amz-id-2: lKZF2nJGC4gOaKsNr8zmSN3yi+zR1UAxQab33DATzFlevTF8MNLH0jLhnQpfsjpLb3LIS3/ox/sk x-amz-request-id: 01F05973B0A2DD53 cache-control: max-age=14400 cf-cache-status: HIT age: 511 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqGjONv%2Bv1af9H9W9cEAM9GEa1O%2BQJwQCGtLIIay1y7n4sNVuX4pb6Nm%2B1bZISOoZwrfdjmBAjQK3QeO%2BwPIHPrKC%2FnXpQMG7qTOuVU4R0M7%2BtCJs%2F4MkfKaCUba6wA5"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7a37eb3f4a2eb529-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.digicert.com/	192.229.221.95	200 OK	278 B
URL HTTP/1.1 ocsp.digicert.com/ IP 192.229.221.95:0 ASN #15133 EDGECAST File type data Size 278 B (278 bytes) Hash a65f7aab1761daf56bf593e653571320 f3dbc1859917103b5dabbaad6092cb9887f0ff2c c7ddb181ab06fc47d897f2659703011f4224017a32de1a6dcbf6ca2c0bea5135 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 25376 Cache-Control: max-age=171011 Content-Type: application/ocsp-response Date: Mon, 06 Mar 2023 04:40:08 GMT Etag: "6405048b-116" Expires: Wed, 08 Mar 2023 04:10:19 GMT Last-Modified: Sun, 05 Mar 2023 21:07:23 GMT Server: ECAcc (amb/6B04) X-Cache: HIT Content-Length: 278`

	assets-cdn.jable.tv/assets/images/252/427-240-3.gif	15.235.9.226	200 OK	495 kB
URL HTTP/2 assets-cdn.jable.tv/assets/images/252/427-240-3.gif IP 15.235.9.226:0 ASN #16276 OVH SAS File type GIF image data, version 89a, 427 x 240\012- data Size 495 kB (495284 bytes) Hash 49a3ab4bb1a3b7ca1c17013d50e8ebd8 449d0fc24fe665307e6e62656acd74ce053feaea f149232ed8aaca10ffa20561b95ef86bc5e739a9501b8d57abdbc2747d9d0ba8 HTTP Headers `GET /assets/images/252/427-240-3.gif HTTP/1.1 Host: assets-cdn.jable.tv User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fs1.app/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK server: openresty date: Mon, 06 Mar 2023 04:40:08 GMT content-type: image/gif content-length: 495284 last-modified: Thu, 23 Jul 2020 07:47:53 GMT etag: "5f1940a9-78eb4" strict-transport-security: max-age=15768000 expires: Wed, 05 Apr 2023 04:40:08 GMT cache-control: max-age=2592000 accept-ranges: bytes X-Firefox-Spdy: h2`

	s3t3d2y8.afcdn.net/library/676799/668a15a067a69eed70a6572b59d942a51fdf020b.webp	185.76.9.21	200 OK	9.3 kB
URL HTTP/2 s3t3d2y8.afcdn.net/library/676799/668a15a067a69eed70a6572b59d942a51fdf020b.webp IP 185.76.9.21:0 ASN #60068 Datacamp Limited File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 9.3 kB (9274 bytes) Hash 4ff7c4443b9dc9269cfb1ffa458fddc1 668a15a067a69eed70a6572b59d942a51fdf020b 1048f4dccd8db1bda50a6c7060551ed00252df4b483238458408e35e14a0e268 HTTP Headers `GET /library/676799/668a15a067a69eed70a6572b59d942a51fdf020b.webp HTTP/1.1 Host: s3t3d2y8.afcdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fs1.app/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Mon, 06 Mar 2023 04:40:09 GMT content-type: image/webp content-length: 9274 last-modified: Thu, 04 Nov 2021 09:51:20 GMT etag: "6183ad18-243a" expires: Fri, 30 Jun 2023 11:21:48 GMT cache-control: max-age=31536000 access-control-allow-origin: * x-cache-op: HIT x-accel-expires: @1688195411 server: CDN77-Turbo x-robots-tag: noindex, follow x-77-nzt: AblMCRTkQ8z/1tBGAQ x-77-nzt-ray: af585630edf03133a96e0564684c2f00 x-cache: HIT x-age: 21418198 x-77-pop: stockholmSE x-77-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2

	adserve.work/www/serve/lg.php?bannerid=1658&campaignid=2&zoneid=4&loc=https%3A%2F%2Ffs1.app%2F&cb=17b0d18d53	104.21.54.4	200 OK	43 B
URL HTTP/2 adserve.work/www/serve/lg.php?bannerid=1658&campaignid=2&zoneid=4&loc=https%3A%2F%2Ffs1.app%2F&cb=17b0d18d53 IP 104.21.54.4:0 ASN #13335 CLOUDFLARENET File type GIF image data, version 89a, 1 x 1\012- data Size 43 B (43 bytes) Hash b4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 HTTP Headers GET /www/serve/lg.php?bannerid=1658&campaignid=2&zoneid=4&loc=https%3A%2F%2Ffs1.app%2F&cb=17b0d18d53 HTTP/1.1 Host: adserve.work User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://adserve.work/www/serve/afr.php?zoneid=4&cb=INSERT_RANDOM_NUMBER_HERE Cookie: OAID=01000111010001000101000001010010 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK date: Mon, 06 Mar 2023 04:40:09 GMT content-type: image/gif x-powered-by: PHP/7.4.11 pragma: no-cache cache-control: no-cache, no-store, must-revalidate expires: 0 access-control-allow-origin: * p3p: CP="CUR ADM OUR NOR STA NID" set-cookie: OAID=01000111010001000101000001010010; expires=Tue, 05-Mar-2024 04:40:08 GMT; Max-Age=31536000; path=/; secure; SameSite=none cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FpWKz4VIJ6afaL59YAiqGUuk0VIbO26lmfmfaJnZ0vDUXfhhQLwNtcjXnT3NDyuYX4xDsbG%2BOa02T4XWpyfJf8Zbd9KOI4zmsjC2bpN6rdV7IujyKnkJ%2B6YlUSrCAzY%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7a37eb3f2913b506-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	s3t3d2y8.afcdn.net/library/140058/defdee1f238f01447a564bb65bc78fb6e09d9e8b.mp4	185.76.9.21	206 Partial Content	19 kB
URL HTTP/2 s3t3d2y8.afcdn.net/library/140058/defdee1f238f01447a564bb65bc78fb6e09d9e8b.mp4 IP 185.76.9.21:0 ASN #60068 Datacamp Limited File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data Size 19 kB (18759 bytes) Hash b7218c556915f3680f044234f0f139f9 defdee1f238f01447a564bb65bc78fb6e09d9e8b ea7ce093f47119441c389f6dc03971063d2602dbc3ca03fc8cb40cf936f94a7b HTTP Headers `GET /library/140058/defdee1f238f01447a564bb65bc78fb6e09d9e8b.mp4 HTTP/1.1 Host: s3t3d2y8.afcdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- Connection: keep-alive Referer: https://a.labadena.com/ Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 206 Partial Content date: Mon, 06 Mar 2023 04:40:09 GMT content-type: video/mp4 content-length: 18759 last-modified: Thu, 26 Mar 2020 22:23:57 GMT etag: "5e7d2b7d-4947" expires: Fri, 30 Jun 2023 11:20:56 GMT cache-control: max-age=31536000 access-control-allow-origin: * x-cache-op: HIT x-accel-expires: @1688195437 server: CDN77-Turbo x-robots-tag: noindex, follow x-77-nzt: AblMCRRck/j/vNBGAQ x-77-nzt-ray: af585630edf03133a96e056425ed850d x-cache: HIT x-age: 21418172 x-77-pop: stockholmSE x-77-cache: HIT content-range: bytes 0-18758/18759 X-Firefox-Spdy: h2

	syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02QS05DMQxFt8IGGl3/EqdjxiCBWIDfb4BKGTBpJS+evFcJkePI15J/CYPlhGH2xHJWnOHZqXQU5UKm+fL6lkoZl8sS988yf38lKWCelVyIsrkrJKVJM2vZe6pQhdbUzpWoeipSEgM2Ud1VASjd8+P9+bg04Gzst44h96HJSB0aN2RVWF3DVerkXhpBRcYSUrUrxnrzDI5OFBO2znCOTTtVXm2zEdneJ6NcYoplvcbxDDwoo/VjPP440eHGQR4qfu7XOfNfyo4dRaNYdXcJ9bWrObaNeOJpmbZuy/iZNZotHL80OO+2bQEAAA==	95.211.229.248	200 OK	20 B
URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02QS05DMQxFt8IGGl3/EqdjxiCBWIDfb4BKGTBpJS+evFcJkePI15J/CYPlhGH2xHJWnOHZqXQU5UKm+fL6lkoZl8sS988yf38lKWCelVyIsrkrJKVJM2vZe6pQhdbUzpWoeipSEgM2Ud1VASjd8+P9+bg04Gzst44h96HJSB0aN2RVWF3DVerkXhpBRcYSUrUrxnrzDI5OFBO2znCOTTtVXm2zEdneJ6NcYoplvcbxDDwoo/VjPP440eHGQR4qfu7XOfNfyo4dRaNYdXcJ9bWrObaNeOJpmbZuy/iZNZotHL80OO+2bQEAAA== IP 95.211.229.248:0 ASN #60781 LeaseWeb Netherlands B.V. File type data Size 20 B (20 bytes) Hash a4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf HTTP Headers GET /cimp.php?t=api&data=H4sIAAAAAAAAA02QS05DMQxFt8IGGl3/EqdjxiCBWIDfb4BKGTBpJS+evFcJkePI15J/CYPlhGH2xHJWnOHZqXQU5UKm+fL6lkoZl8sS988yf38lKWCelVyIsrkrJKVJM2vZe6pQhdbUzpWoeipSEgM2Ud1VASjd8+P9+bg04Gzst44h96HJSB0aN2RVWF3DVerkXhpBRcYSUrUrxnrzDI5OFBO2znCOTTtVXm2zEdneJ6NcYoplvcbxDDwoo/VjPP440eHGQR4qfu7XOfNfyo4dRaNYdXcJ9bWrObaNeOJpmbZuy/iZNZotHL80OO+2bQEAAA== HTTP/1.1 Host: syndication.realsrv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://a.labadena.com Connection: keep-alive Referer: https://a.labadena.com/ Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2264056ea8436b88.71043300536494041%22%3B%7D; impressions=cxbmsbocnxgxambemxebageimlxbaxbcnxgxammsoscaageicxbmsbcenxgxammcbembcgeioslmrxbmnxgxammlsorobgeimcclsoeonxgxamaosaeosgeioslmrxbrnxgxambemebbogeimlxbaxbanxgxambemxebageioslmroemnxgxammmarbbxgeimcclsxlonxgxambecbclageimcclossbnxgxammcoeebmgeimlxbaxlonxgxammmrmcemgeicxbmsboenxgxammbscexbgeimlxbaxlcnxgxamaalxboageicxbmsbxcnxgxammmarbbxgeimlxbaxlenxgxambecbclageimlxbaxbonxgxammccroaogeialbserxonxgxamaboseaogeioslmrxlsnxgxammalxolxgeimlxbaxbbnxgxammcoxbbegeimlxbaxlanxgxammcxmlergeimccloscanxgxammmarbbxgeialbsereanxgxammesrlxegeimlxbaxbenxgxammscrrcogeialbserecnxgxammcocxcrgeimcclsxcanxgxammcxescmgeimcclsxlcnxgxambemebbogeirbabxabbnxgxammcoeebmgeimcclsxxonxgxammcoeebmgeimcclsxlbnxgxammcoeebmgeicmmsxaeenxgxammcoeebmgeimcclsxacnxgxammccaeeageimcclsxsbnxgxammcoeebmgeicaocmrmanxgxammcocxcrgeicaxsscmbnxgxammcocxcrgeislsaroornxgxambemxebageimbsblroanxrgxambeoaoxegxcceimlbxcrlbnogxambeoaoxegxcceimxlbmxlcnogxambecrmosgxcceimsacexoonxgxambecrmosgxcceimxeoxsacnagxambecrmosgxcceimrmbbraenxgxambecmasagxcceimrmbbrcanogxambecmasagxcceimlasxxcanxgxambecmbregxcceimlaseelenxgxambecmbregxcceimemlxmcbnxgxambecmbmagxcceimclxlloanxgxambecmbmagxcceibeersbrcnrgxambecmbmagxcceimmlamcecnxgxambecmbmagxcceimsleoaronxgxambecmbmagxcceixaoosscrnxgxambecmbmagxcceixaoossalnxgxambecmbmagxcceibeeblbcbnxgxambecmbmagxcceimlrcamabnogxambecmbmagxcceimxlbmoscnogxambecmbmagxcceimlbxcrlanogxambecmbmagxcceimxlbmosonogxambecmbmagxcceimxlbmosanogxambecmbmagxcceimmraexoenxgxambecboecgxcceimmraexsenxgxambecboecgxcceimmraexoonxgxambecboecgxcceimxxerrxenxgxambecbsemgxcceimrmbbrrcnxgxambecleolgxcceimlalarbcnxgxambereeaxgxcceialrexexbnxgxamberxblbgxcceialrexeoonxgxamberxblbgxcceimasbmxconxgxambersaecgxcceimlalacobnxgxambersmasgxcceimxlbalscnogxambersmasgxcceimlasxoconxgxambersmacgxcceiaaxcambbnxgxambercmbmgxcceicloaxxaanxgxambercbrogxcceimlclemsonxgxambercbrogxcceimllslrsanxgxambercbrogxcceibeersbronxgxamberasxxgcbeimxxrecsanxgxamberlbbcgxcceimllrabmanxgxamberlbbrgxcceimllrabmonxgxamberlbbrgxcceimllrabbcnxgxamberlbbrgxcceimmroseconsgxambeaecllgxcceicloaxxacnxgxambeaecllgxcceimlmbrsaenxgxambeaxeslgxcceircmbbroanxgxambeaxboogxcceimclsaoxbnogxambeascocgxcceimbbcemobnxgxambeascocgxcceimoobcomanxgxambeascocgxcceiccblrxrbnxgxambeascocgxcceimlbemecanxgxambeaslmrgcbeimlaxeemenxgxambeacbelgxcceimlrcamaonogxambeacbxegxcceimllslrsonsgxambealelagxcceimlslsbsanxgxambealelagxcceimllslrsenxgxambealelagxcceimxxerrecnxgxambemxebagxcceimbbcemoanogxambemxebagxcceimrxccosonxgxambemxebagxcceimxlbmxbbnxgxambemxebmgxcceimxxerreonxgxambemxebmgxcceicloaxxmenxgxambemrssogxcceimxlbalcenxgxambemmaebgxcce; c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C3377859%7C71986940%7C100644%7C%7C99%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Ca8b2c1b202f0007b1263a9cac3ef982f%7C0%7Cfs1.app%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/1.1 200 OK Server: nginx Date: Mon, 06 Mar 2023 04:40:09 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: https://a.labadena.com Access-Control-Allow-Credentials: true Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%2264056ea8436b88.71043300536494041%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%2299.0199%22%7D; expires=Wed, 05 Mar 2025 04:40:09 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip

	img.strpst.com/thumbs/1678077481/92739437	104.18.63.124	200 OK	38 kB
URL HTTP/2 img.strpst.com/thumbs/1678077481/92739437 IP 104.18.63.124:0 ASN #13335 CLOUDFLARENET File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data Size 38 kB (38073 bytes) Hash 03a2a3104550d9040a226df47d5512e9 470a951b9aa63ddd523ad95eb1eefb821aec4f7f f7e2057c325369e1e4f6415ec140f7d1c8ba8351cefb56e92b7b0346c9f48b81 HTTP Headers `GET /thumbs/1678077481/92739437 HTTP/1.1 Host: img.strpst.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fs1.app/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Mon, 06 Mar 2023 04:40:09 GMT content-type: image/jpeg content-length: 38073 access-control-allow-credentials: true access-control-allow-headers: * access-control-allow-methods: GET access-control-allow-origin: * cache-control: public, max-age=1800, s-maxage=1800, stale-while-revalidate=1, max-stale=1, stale-if-error=1 cf-bgj: imgq:100,h2pri cf-polished: origSize=39330, status=webp_bigger etag: "fd2f6e41916dea32983925ea7d496947" last-modified: Mon, 06 Mar 2023 04:37:43 GMT cf-cache-status: HIT age: 99 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7a37eb41fbaab511-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	cloudlogobox.com/rtbfeed.php?001e67e03bf5	195.123.209.175	200 OK	106 B
URL HTTP/1.1 cloudlogobox.com/rtbfeed.php?001e67e03bf5 IP 195.123.209.175:0 ASN #50979 ITL LLC File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data Size 106 B (106 bytes) Hash 45519216be3b413c13c1bd623990d1b8 f374f2578e498a536085b57c41d3d2299fa84f5e 4742175aa9e5530bd227e6d0ca2e5d2be4aa5b46ec7ee4a7c8f81c74d7d7884c HTTP Headers `GET /rtbfeed.php?001e67e03bf5 HTTP/1.1 Host: cloudlogobox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://fs1.app Connection: keep-alive Referer: https://fs1.app/ Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/1.1 200 OK Server: nginx Date: Mon, 06 Mar 2023 04:40:09 GMT Content-Type: image/png Content-Length: 106 Last-Modified: Wed, 10 Feb 2021 11:05:43 GMT Connection: keep-alive ETag: "6023be07-6a" Access-Control-Allow-Origin: * Accept-Ranges: bytes`

	amuse-lefty.mushroomtrack.com/hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/310150.ts	45.35.65.138	200 OK	387 kB
URL HTTP/2 amuse-lefty.mushroomtrack.com/hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/310150.ts IP 45.35.65.138:0 ASN #40676 AS40676 File type data Size 387 kB (386720 bytes) Hash f8ac9377279c420f42dab51164540a7f 0ce8b690801f48b5abf01c8678340b4d7f255bc5 83a039289aee322ac2b2c46bf939bf1d85025bb803ea480aff582602c8406d36 HTTP Headers `GET /hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/310150.ts HTTP/1.1 Host: amuse-lefty.mushroomtrack.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://fs1.app Connection: keep-alive Referer: https://fs1.app/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK server: openresty date: Mon, 06 Mar 2023 04:40:08 GMT content-type: video/mp2t content-length: 386720 last-modified: Sat, 04 Mar 2023 04:49:33 GMT etag: "6402cddd-5e6a0" expires: Tue, 07 Mar 2023 04:40:08 GMT cache-control: max-age=86400 access-control-allow-origin: https://fs1.app accept-ranges: bytes X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 798f3637325523bddef4e627e66b0bb1 f3258713f39d4e7448590dee010917ed14320ec4 e5805f2922506bd022a7fe734d1022156241e88653ea5d16d5a698ac7067828b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E5805F2922506BD022A7FE734D1022156241E88653EA5D16D5A698AC7067828B" Last-Modified: Sat, 04 Mar 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2711 Expires: Mon, 06 Mar 2023 05:25:20 GMT Date: Mon, 06 Mar 2023 04:40:09 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 798f3637325523bddef4e627e66b0bb1 f3258713f39d4e7448590dee010917ed14320ec4 e5805f2922506bd022a7fe734d1022156241e88653ea5d16d5a698ac7067828b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E5805F2922506BD022A7FE734D1022156241E88653EA5D16D5A698AC7067828B" Last-Modified: Sat, 04 Mar 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2711 Expires: Mon, 06 Mar 2023 05:25:20 GMT Date: Mon, 06 Mar 2023 04:40:09 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 798f3637325523bddef4e627e66b0bb1 f3258713f39d4e7448590dee010917ed14320ec4 e5805f2922506bd022a7fe734d1022156241e88653ea5d16d5a698ac7067828b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E5805F2922506BD022A7FE734D1022156241E88653EA5D16D5A698AC7067828B" Last-Modified: Sat, 04 Mar 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2711 Expires: Mon, 06 Mar 2023 05:25:20 GMT Date: Mon, 06 Mar 2023 04:40:09 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 798f3637325523bddef4e627e66b0bb1 f3258713f39d4e7448590dee010917ed14320ec4 e5805f2922506bd022a7fe734d1022156241e88653ea5d16d5a698ac7067828b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E5805F2922506BD022A7FE734D1022156241E88653EA5D16D5A698AC7067828B" Last-Modified: Sat, 04 Mar 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2711 Expires: Mon, 06 Mar 2023 05:25:20 GMT Date: Mon, 06 Mar 2023 04:40:09 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa2b475e-4071-4174-af6a-286b69af1fa0.webp	34.120.237.76	200 OK	8.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa2b475e-4071-4174-af6a-286b69af1fa0.webp IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.8 kB (8810 bytes) Hash 91e93599691303c0f90c1b5fdec389f9 b78cb4e2ce740446141d216285673a3811c4d8d9 21b72ba56fcb346a2777cb269494d207247b065ab53eecee3a313bae32499b9e HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa2b475e-4071-4174-af6a-286b69af1fa0.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8810 x-amzn-requestid: 4764ec81-7678-4545-85ec-ebccfa567b4e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: BU6kVHASIAMFhEA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64050ae8-1e12af4a44685d911145e790;Sampled=0 x-amzn-remapped-date: Sun, 05 Mar 2023 21:34:32 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: 8qunr5enL6mqqrdEdBxRAm7r8MUpwMPVWFMTrYQ2QKC2UCibO81woQ== via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 b2d3922a177f6cecf9222a78a0a1ad32.cloudfront.net (CloudFront), 1.1 google date: Sun, 05 Mar 2023 21:43:24 GMT age: 25005 etag: "b78cb4e2ce740446141d216285673a3811c4d8d9" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 798f3637325523bddef4e627e66b0bb1 f3258713f39d4e7448590dee010917ed14320ec4 e5805f2922506bd022a7fe734d1022156241e88653ea5d16d5a698ac7067828b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E5805F2922506BD022A7FE734D1022156241E88653EA5D16D5A698AC7067828B" Last-Modified: Sat, 04 Mar 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2711 Expires: Mon, 06 Mar 2023 05:25:20 GMT Date: Mon, 06 Mar 2023 04:40:09 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg	34.120.237.76	200 OK	3.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 3.4 kB (3381 bytes) Hash 4726917eabc29a977873ad26e264e70d 4619a0418ee08d6618ead537f31823c98f355b5a d3c6b43d46ccff30f0003a063b6c4c78d4a782262bfdeb138e6c015555ce2dcb HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 3381 x-amzn-requestid: 8b89e7ab-b8b3-45cd-af3a-cc419e61f1fc x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: A-PNPFynoAMFn8Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63fbf8ba-616bedc230d1c2b13a09beae;Sampled=0 x-amzn-remapped-date: Mon, 27 Feb 2023 00:26:34 GMT x-amz-cf-pop: SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: Qd5FIKUZwnnKiIzEnrA7ZcC_yWa9_iP1r7xUaCP4f6I7m_z3ChB-2A== via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 85ee490c179dc0af42b771f11421073e.cloudfront.net (CloudFront), 1.1 google date: Sun, 05 Mar 2023 09:32:00 GMT age: 68889 etag: "4619a0418ee08d6618ead537f31823c98f355b5a" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa169d27-d4e2-4120-996d-3e708709465a.jpeg	34.120.237.76	200 OK	9.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa169d27-d4e2-4120-996d-3e708709465a.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.9 kB (9916 bytes) Hash 71c25a364e8787b187bb8678670dec28 0c31c92a548f4181a72ddd9bd0b2ee56e31b76f3 41063e64c3e5d29e2eea021ed09244fbae7cdda30c5fa31405d6e68146540c59 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa169d27-d4e2-4120-996d-3e708709465a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9916 x-amzn-requestid: e1fcb47d-2282-470d-8ec1-0f7e9cf4ab03 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: BU6QPG2QIAMF9Jw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64050a67-2f079e4a1caffe1d74498de3;Sampled=0 x-amzn-remapped-date: Sun, 05 Mar 2023 21:32:23 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: DpGQngzzXEuBwv3lI2hSQAazBGVGchRMUSA2KsgytnYaZ0buP34Ieg== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 8cb7de37a1655236518810d0aabb8656.cloudfront.net (CloudFront), 1.1 google date: Sun, 05 Mar 2023 21:41:22 GMT age: 25127 etag: "0c31c92a548f4181a72ddd9bd0b2ee56e31b76f3" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b5b749e-03a2-4b91-8a3a-2a2448cf1f75.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b5b749e-03a2-4b91-8a3a-2a2448cf1f75.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10530 bytes) Hash bd8a05f3a50e33cdf59e034bcbfaf586 5e3c0a687d9e68f3b518250a3505eecb08196ceb 9f7933d503b4ab47de2aab79b58513299ea9d5cb5f43d9cb0d8909b68ac9f333 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b5b749e-03a2-4b91-8a3a-2a2448cf1f75.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10530 x-amzn-requestid: d7b18ce6-94a3-4c2d-b311-726236167b5f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: BU6QPGvPIAMF-Fw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64050a67-1cbdf57f5ae8d137312a8a1b;Sampled=0 x-amzn-remapped-date: Sun, 05 Mar 2023 21:32:23 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: BYoEAVhpqCJThj9eCwBlNreO14QMXanBKJAgpzuEC00K3nZ4_hvHdw== via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google date: Sun, 05 Mar 2023 21:42:52 GMT age: 25037 etag: "5e3c0a687d9e68f3b518250a3505eecb08196ceb" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5642d287-8c21-49d9-9a11-2bfa6ee1a2f2.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5642d287-8c21-49d9-9a11-2bfa6ee1a2f2.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10332 bytes) Hash 9ab3964124c43755909f9891e162d3c7 c912f5fcb7985842877c76686c6bcd356b5977ff 34627773ad1d710b054986c725eb8e8a4c7d8fbac31e6724e83217dc06cfaaad HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5642d287-8c21-49d9-9a11-2bfa6ee1a2f2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10332 x-amzn-requestid: bcb59433-4093-4bb3-b6d3-69f5489d5ef9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: BU6iVE07oAMF28A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64050adb-757a083b7be05f886d8d6edc;Sampled=0 x-amzn-remapped-date: Sun, 05 Mar 2023 21:34:19 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: 034zEZAbWUmixhooZf4KqxdabRAyWiMDzsMzTkNX29m1SZjQqiWywQ== via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 google date: Sun, 05 Mar 2023 22:07:33 GMT age: 23556 etag: "c912f5fcb7985842877c76686c6bcd356b5977ff" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdccd2ce9-584e-47ab-93bf-abf8287b821e.jpeg	34.120.237.76	200 OK	8.2 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdccd2ce9-584e-47ab-93bf-abf8287b821e.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.2 kB (8161 bytes) Hash 69536c57b14c2419255e2386dd07e825 dbae31696a00f5f6c8495de0983ff8a08e77f970 7e09f086bc5f848e3ff503a2ab61392a57a0149af47f20415e5adeb2408e02e5 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdccd2ce9-584e-47ab-93bf-abf8287b821e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8161 x-amzn-requestid: c9201eea-8216-4a14-803c-b947465f327c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: BU6k1GA4oAMFpkA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64050aeb-4c2595df7964fd650a9de81f;Sampled=0 x-amzn-remapped-date: Sun, 05 Mar 2023 21:34:35 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: QmcXVosHU7BBbvg9sgjmx-h4g8OCN024Oj-VkOUc0GdMgaF0WesCJg== via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google date: Sun, 05 Mar 2023 22:21:04 GMT age: 22745 etag: "dbae31696a00f5f6c8495de0983ff8a08e77f970" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	amuse-lefty.mushroomtrack.com/hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/thumb.ts	45.35.65.138	200 OK	1.4 MB
URL HTTP/2 amuse-lefty.mushroomtrack.com/hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/thumb.ts IP 45.35.65.138:0 ASN #40676 AS40676 File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 95", baseline, precision 8, 2130x1680, components 3\012- data Size 1.4 MB (1447705 bytes) Hash 6046934c0372a0c359c1f1d65a7e2871 7954060f8f8c3203a562a5470c1de7673d96fb9d 71d12752987f448ebbe53bb631bf3c19f896c0c3efa2dca3560a59ad05231471 HTTP Headers `GET /hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/thumb.ts HTTP/1.1 Host: amuse-lefty.mushroomtrack.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fs1.app/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK server: openresty date: Mon, 06 Mar 2023 04:40:09 GMT content-type: video/mp2t content-length: 1447705 last-modified: Sat, 04 Mar 2023 05:09:25 GMT etag: "6402d285-161719" expires: Tue, 07 Mar 2023 04:40:09 GMT cache-control: max-age=86400, public accept-ranges: bytes X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 70b7bd4f159732db2d96e0d06e721a13 ea416c05c031417da1ddecb4da35dfac8bf5cbc7 9c2e5acfe6bbd5d12087e28cb3a6b88a28f9d35b67eb4bc54e3a88fb46965379 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 06 Mar 2023 04:40:09 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	imasdk.googleapis.com/js/sdkloader/ima3.js	216.58.207.234	200 OK	122 kB
URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js IP 216.58.207.234:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (2723) Size 122 kB (122289 bytes) Hash 0b872df43f4302f3ba0d0ae335d73b8e 8eefb7562eae92270610d48c5c7b751a7e848438 22716e02654b6c7fbc16d54bc9790fc9c17be9d64803973d134a751dbb9ef3c5 HTTP Headers `GET /js/sdkloader/ima3.js HTTP/1.1 Host: imasdk.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fs1.app/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip content-type: text/javascript cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static" report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-length: 122289 date: Mon, 06 Mar 2023 04:40:09 GMT expires: Mon, 06 Mar 2023 04:40:09 GMT cache-control: private, max-age=900, stale-while-revalidate=3600 x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 70b7bd4f159732db2d96e0d06e721a13 ea416c05c031417da1ddecb4da35dfac8bf5cbc7 9c2e5acfe6bbd5d12087e28cb3a6b88a28f9d35b67eb4bc54e3a88fb46965379 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 06 Mar 2023 04:40:09 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 21bc7d19b85212954bd97a826883dde6 6e26f565b84766c41d45dd9fc9d89f5206ccc9ba e34750e6e2434f3659b67c93c2106fe6205a66c38186bcf6aaa0142e48f92324 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 06 Mar 2023 04:40:10 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js	142.250.74.162	200 OK	13 kB
URL HTTP/2 pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js IP 142.250.74.162:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (1493) Size 13 kB (13109 bytes) Hash 0dece4b354fc41d0430994be26247a47 1063c9471665bb53cc9a4e89c4cf0f1e9f695f8d 71a1c1d814cc6c713b3513212be779f944e9b4002e1fb89ac36e438a1a04e4a0 HTTP Headers `GET /omsdk/releases/live/omweb-v1.js HTTP/1.1 Host: pagead2.googlesyndication.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fs1.app/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy" report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]} content-length: 13109 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 06 Mar 2023 04:03:32 GMT expires: Mon, 06 Mar 2023 05:03:32 GMT cache-control: public, max-age=3600 age: 2198 last-modified: Mon, 31 Oct 2022 17:24:37 GMT content-type: text/javascript vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 88cbc6aea2d9cf4e31579e42cf911fd0 6d3ce6aff3dc9454118cfacdc7f422f3fed83ee7 437586bc85d574c31c56a0ab07b2d44a5299512fdd04cc3ec64abb3b184d485d HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 06 Mar 2023 04:40:10 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	adservice.google.com/adsid/integrator.js?domain=fs1.app	142.250.74.98	200 OK	100 B
URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=fs1.app IP 142.250.74.98:0 ASN #15169 GOOGLE File type ASCII text, with no line terminators Size 100 B (100 bytes) Hash 917951a58be8c6c6f3680159550ba3c2 21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4 cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac HTTP Headers `GET /adsid/integrator.js?domain=fs1.app HTTP/1.1 Host: adservice.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fs1.app/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." timing-allow-origin: * cross-origin-resource-policy: cross-origin cache-control: private, no-cache, no-store content-type: application/javascript; charset=UTF-8 x-content-type-options: nosniff content-disposition: attachment; filename="f.txt" content-encoding: gzip date: Mon, 06 Mar 2023 04:40:10 GMT server: cafe content-length: 100 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 21bc7d19b85212954bd97a826883dde6 6e26f565b84766c41d45dd9fc9d89f5206ccc9ba e34750e6e2434f3659b67c93c2106fe6205a66c38186bcf6aaa0142e48f92324 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 06 Mar 2023 04:40:10 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 88cbc6aea2d9cf4e31579e42cf911fd0 6d3ce6aff3dc9454118cfacdc7f422f3fed83ee7 437586bc85d574c31c56a0ab07b2d44a5299512fdd04cc3ec64abb3b184d485d HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 06 Mar 2023 04:40:10 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	syndication.exosrv.com/splash.php?idzone=3377419	95.211.229.248	200 OK	2.7 kB
URL HTTP/1.1 syndication.exosrv.com/splash.php?idzone=3377419 IP 95.211.229.248:0 ASN #60781 LeaseWeb Netherlands B.V. File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (1525) Size 2.7 kB (2654 bytes) Hash f89c8580c62f912ab3f8d1294d3e7692 6ae7a57b5e99f3f0715c783bd043062944f49147 fecf2b25323271b6c45d4e1b3cb9bfe0d62667efa28117e55e708057cd32c8a9 HTTP Headers `GET /splash.php?idzone=3377419 HTTP/1.1 Host: syndication.exosrv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://imasdk.googleapis.com Connection: keep-alive Referer: https://imasdk.googleapis.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Server: nginx Date: Mon, 06 Mar 2023 04:40:10 GMT Content-Type: text/xml;charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2264056eaaad2322.797309154100539145%22%3B%7D; expires=Wed, 05 Mar 2025 04:40:10 GMT; path=; domain=.exosrv.com; Secure; SameSite=none c-tag=%7B%22tag-video%22%3A%22v3%7C%7CNOR%7C3377419%7C80090514%7C0%7C%7C99%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7Cimasdk.googleapis.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Tue, 07 Mar 2023 04:40:10 GMT; path=/; domain=.exosrv.com; Secure; SameSite=none zone-cap-3377419=1; expires=Mon, 06 Mar 2023 10:40:10 GMT; path=/; domain=.exosrv.com; Secure; SameSite=none Cache-Control: no-store P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: https://imasdk.googleapis.com Access-Control-Allow-Credentials: true X-Robots-Tag: noindex, follow Content-Encoding: gzip

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash bdd9a83a6c3b246a6445ae1980620fbe 50d8d58e9e201b9777a8e8fa72e8143c9c1b7301 e10f5315a17a64fe431df9099b6387f4b9b7cef07a21edda76ff265a6c431a99 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 06 Mar 2023 04:40:10 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	s0.2mdn.net/instream/video/client.js	172.217.21.166	200 OK	17 kB
URL HTTP/2 s0.2mdn.net/instream/video/client.js IP 172.217.21.166:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (2156) Size 17 kB (16746 bytes) Hash 49295de6ccd23cf80b6418a2d209868f 42a955b4560bb22cb9b5b39577f7a691ea345018 d5a29c73c6200af2ed6918a61106e649b92098ecd476830d725ed4d2ea5a8efa HTTP Headers `GET /instream/video/client.js HTTP/1.1 Host: s0.2mdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fs1.app/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip content-type: text/javascript cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media" report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-length: 16746 date: Mon, 06 Mar 2023 04:40:10 GMT expires: Mon, 06 Mar 2023 04:40:10 GMT cache-control: private, max-age=900 x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash bdd9a83a6c3b246a6445ae1980620fbe 50d8d58e9e201b9777a8e8fa72e8143c9c1b7301 e10f5315a17a64fe431df9099b6387f4b9b7cef07a21edda76ff265a6c431a99 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 06 Mar 2023 04:40:10 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	csi.gstatic.com/csi?v=2&s=ima&puid=1~lewc2yus&c=6320374832864&slotId=3160187416432&eee=missing-element&bi=missing-id&vast_v=3.0&vmfc=1&vhc=0&icc=1&icrh=0&icri=0&icrs=0&icru=0&icdi=nsxns&lima_p_ich=0&lima_p_icu=0	142.250.195.99	204 No Content	0 B
URL HTTP/2 csi.gstatic.com/csi?v=2&s=ima&puid=1~lewc2yus&c=6320374832864&slotId=3160187416432&eee=missing-element&bi=missing-id&vast_v=3.0&vmfc=1&vhc=0&icc=1&icrh=0&icri=0&icrs=0&icru=0&icdi=nsxns&lima_p_ich=0&lima_p_icu=0 IP 142.250.195.99:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /csi?v=2&s=ima&puid=1~lewc2yus&c=6320374832864&slotId=3160187416432&eee=missing-element&bi=missing-id&vast_v=3.0&vmfc=1&vhc=0&icc=1&icrh=0&icri=0&icrs=0&icru=0&icdi=nsxns&lima_p_ich=0&lima_p_icu=0 HTTP/1.1 Host: csi.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://imasdk.googleapis.com Connection: keep-alive Referer: https://imasdk.googleapis.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0 `HTTP/2 204 No Content access-control-allow-origin: * date: Mon, 06 Mar 2023 04:40:12 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Wed, 21 Jan 2004 19:51:30 GMT content-type: image/gif cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	csi.gstatic.com/csi?v=2&s=ima&puid=2~lewc2zap&c=6320374832864&slotId=3160187416432&ghmsh_eids=44748969%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991	142.250.195.99	204 No Content	0 B
URL HTTP/2 csi.gstatic.com/csi?v=2&s=ima&puid=2~lewc2zap&c=6320374832864&slotId=3160187416432&ghmsh_eids=44748969%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991 IP 142.250.195.99:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /csi?v=2&s=ima&puid=2~lewc2zap&c=6320374832864&slotId=3160187416432&ghmsh_eids=44748969%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991 HTTP/1.1 Host: csi.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://imasdk.googleapis.com Connection: keep-alive Referer: https://imasdk.googleapis.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0 `HTTP/2 204 No Content access-control-allow-origin: * date: Mon, 06 Mar 2023 04:40:12 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Wed, 21 Jan 2004 19:51:30 GMT content-type: image/gif cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	a.labadena.com/api/spots/220808?p=1&s1=%subid1%&kw=	135.181.208.216	200 OK	0 B
URL HTTP/2 a.labadena.com/api/spots/220808?p=1&s1=%subid1%&kw= IP 135.181.208.216:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash HTTP Headers `GET /api/spots/220808?p=1&s1=%subid1%&kw= HTTP/1.1 Host: a.labadena.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fs1.app/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Mon, 06 Mar 2023 04:40:08 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding set-cookie: nauid=Xix7c8qbv0VybLDZFmVC; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None cache-control: private content-encoding: gzip X-Firefox-Spdy: h2`

	go.admjmp.com/thumbs/view	104.18.51.106	200 OK	0 B
URL HTTP/2 go.admjmp.com/thumbs/view IP 104.18.51.106:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `POST /thumbs/view HTTP/1.1 Host: go.admjmp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://fs1.app/ Content-Type: text/plain;charset=UTF-8 Origin: https://fs1.app Content-Length: 81 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Mon, 06 Mar 2023 04:40:09 GMT content-type: application/json access-control-allow-origin: * cf-cache-status: DYNAMIC set-cookie: __cflb=02DiuDfsBaY2bRYJiCeSF4mw3pyDiW7pxF5qduW6VKyn4; SameSite=None; Secure; path=/; expires=Tue, 07-Mar-23 03:40:09 GMT; HttpOnly server: cloudflare cf-ray: 7a37eb428cee0b65-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2`

	adserve.work/www/serve/afr.php?zoneid=4&cb=INSERT_RANDOM_NUMBER_HERE	104.21.54.4	200 OK	0 B
URL HTTP/2 adserve.work/www/serve/afr.php?zoneid=4&cb=INSERT_RANDOM_NUMBER_HERE IP 104.21.54.4:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /www/serve/afr.php?zoneid=4&cb=INSERT_RANDOM_NUMBER_HERE HTTP/1.1 Host: adserve.work User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fs1.app/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Mon, 06 Mar 2023 04:40:08 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding x-powered-by: PHP/7.4.11 pragma: no-cache cache-control: no-cache, no-store, must-revalidate expires: 0 access-control-allow-origin: * p3p: CP="CUR ADM OUR NOR STA NID" set-cookie: OAID=01000111010001000101000001010010; expires=Tue, 05-Mar-2024 04:40:08 GMT; Max-Age=31536000; path=/; secure; SameSite=none cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAWOPQeFVI8%2BGzFq4pSPKiQvYL8tPfchzPTiL742JKw%2FqRqIa9BXBxdNIzozuXIY5HkU%2FT7PfvsaHZw7onbJUQjrNoLOd%2B5n3MvrcGR5pLcdTivTnAzcjYAov%2B%2Bv4MM%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7a37eb3baf3db506-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	a.labadena.com/api/spots/262182?host=fs1.app&ev=205&wh=898&ww=1280&uuid=&kw=%E7%94%B7%E5%8F%8B%E8%A6%96%E8%A7%92%2C%E8%A7%92%E8%89%B2%E5%8A%87%E6%83%85%2C%E5%88%B6%E6%9C%8D%E8%AA%98%E6%83%91%2C%E5%B0%91%E5%A5%B3%2C%E4%B8%AD%E5%87%BA%2C3P%2C%E7%97%B4%E5%A5%B3%2C%E6%A0%A1%E6%9C%8D%2C%E6%BC%81%E7%B6%B2%2C%E6%B1%BD%E8%BB%8A%2C%E5%85%94%E5%A5%B3%E9%83%8E%2C%E7%9C%BC%E9%8F%A1%E5%A8%98%2C%E6%9E%A2%E6%9C%A8%E3%81%82%E3%81%8A%E3%81%84%2C%E5%86%86%E4%BA%95%E8%90%8C%E8%8F%AF&s1=%25subid1%25	135.181.208.216	200 OK	0 B
URL HTTP/2 a.labadena.com/api/spots/262182?host=fs1.app&ev=205&wh=898&ww=1280&uuid=&kw=%E7%94%B7%E5%8F%8B%E8%A6%96%E8%A7%92%2C%E8%A7%92%E8%89%B2%E5%8A%87%E6%83%85%2C%E5%88%B6%E6%9C%8D%E8%AA%98%E6%83%91%2C%E5%B0%91%E5%A5%B3%2C%E4%B8%AD%E5%87%BA%2C3P%2C%E7%97%B4%E5%A5%B3%2C%E6%A0%A1%E6%9C%8D%2C%E6%BC%81%E7%B6%B2%2C%E6%B1%BD%E8%BB%8A%2C%E5%85%94%E5%A5%B3%E9%83%8E%2C%E7%9C%BC%E9%8F%A1%E5%A8%98%2C%E6%9E%A2%E6%9C%A8%E3%81%82%E3%81%8A%E3%81%84%2C%E5%86%86%E4%BA%95%E8%90%8C%E8%8F%AF&s1=%25subid1%25 IP 135.181.208.216:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash HTTP Headers GET /api/spots/262182?host=fs1.app&ev=205&wh=898&ww=1280&uuid=&kw=%E7%94%B7%E5%8F%8B%E8%A6%96%E8%A7%92%2C%E8%A7%92%E8%89%B2%E5%8A%87%E6%83%85%2C%E5%88%B6%E6%9C%8D%E8%AA%98%E6%83%91%2C%E5%B0%91%E5%A5%B3%2C%E4%B8%AD%E5%87%BA%2C3P%2C%E7%97%B4%E5%A5%B3%2C%E6%A0%A1%E6%9C%8D%2C%E6%BC%81%E7%B6%B2%2C%E6%B1%BD%E8%BB%8A%2C%E5%85%94%E5%A5%B3%E9%83%8E%2C%E7%9C%BC%E9%8F%A1%E5%A8%98%2C%E6%9E%A2%E6%9C%A8%E3%81%82%E3%81%8A%E3%81%84%2C%E5%86%86%E4%BA%95%E8%90%8C%E8%8F%AF&s1=%25subid1%25 HTTP/1.1 Host: a.labadena.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fs1.app/ Cookie: nauid=Xix7c8qbv0VybLDZFmVC Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers `HTTP/2 200 OK server: nginx date: Mon, 06 Mar 2023 04:40:10 GMT content-type: text/javascript; charset=utf-8 vary: Accept-Encoding cache-control: private content-encoding: gzip X-Firefox-Spdy: h2`

	a.labadena.com/api/settings/262182	135.181.208.216	200 OK	0 B
URL HTTP/2 a.labadena.com/api/settings/262182 IP 135.181.208.216:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash HTTP Headers `GET /api/settings/262182 HTTP/1.1 Host: a.labadena.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://fs1.app/ Origin: https://fs1.app Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Mon, 06 Mar 2023 04:40:08 GMT content-type: application/json vary: Accept-Encoding access-control-allow-origin: * cache-control: private content-encoding: gzip X-Firefox-Spdy: h2`

	go.admjmp.com/config?url=https%3A%2F%2Fcreative.admjmp.com%2Fwidgets%2FSpot%2Flib.js%3Fautoplay%3Dall%26userId%3D4c25683baa7e541ee7ce0014496c85471ee87c5671f43cd3d2de65eaed1cbb98%26campaignId%3Dbottomslider%26tag%3Dgirls%252Fchinese%26showModal%3Dsignup%26hideButton%3D1%26autoclose%3D0%26closeButtonDelay%3D0	104.18.51.106	200 OK	0 B
URL HTTP/2 go.admjmp.com/config?url=https%3A%2F%2Fcreative.admjmp.com%2Fwidgets%2FSpot%2Flib.js%3Fautoplay%3Dall%26userId%3D4c25683baa7e541ee7ce0014496c85471ee87c5671f43cd3d2de65eaed1cbb98%26campaignId%3Dbottomslider%26tag%3Dgirls%252Fchinese%26showModal%3Dsignup%26hideButton%3D1%26autoclose%3D0%26closeButtonDelay%3D0 IP 104.18.51.106:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /config?url=https%3A%2F%2Fcreative.admjmp.com%2Fwidgets%2FSpot%2Flib.js%3Fautoplay%3Dall%26userId%3D4c25683baa7e541ee7ce0014496c85471ee87c5671f43cd3d2de65eaed1cbb98%26campaignId%3Dbottomslider%26tag%3Dgirls%252Fchinese%26showModal%3Dsignup%26hideButton%3D1%26autoclose%3D0%26closeButtonDelay%3D0 HTTP/1.1 Host: go.admjmp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://fs1.app/ Origin: https://fs1.app Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site `HTTP/2 200 OK date: Mon, 06 Mar 2023 04:40:08 GMT content-type: application/json access-control-allow-origin: * last-modified: Mon, 06 Mar 2023 04:40:08 GMT cf-cache-status: MISS set-cookie: __cflb=02DiuDfsBaY2bRYJiCdcdyuoKGiEHEbzXFofktbxn2RKz; SameSite=None; Secure; path=/; expires=Tue, 07-Mar-23 03:40:08 GMT; HttpOnly vary: Accept-Encoding server: cloudflare cf-ray: 7a37eb3a4a5d0b65-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2`

	a.realsrv.com/nativeads-v2.js	185.76.9.19	200 OK	0 B
URL HTTP/2 a.realsrv.com/nativeads-v2.js IP 185.76.9.19:0 ASN #60068 Datacamp Limited File type Size 0 B (0 bytes) Hash HTTP Headers `GET /nativeads-v2.js HTTP/1.1 Host: a.realsrv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fs1.app/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Mon, 06 Mar 2023 04:40:07 GMT content-type: application/javascript vary: Accept-Encoding etag: W/"1e16d6ff16b145ea5560344a506" expires: Thu, 02 Mar 2023 13:44:54 GMT cache-control: max-age=10800 access-control-allow-origin: * x-cache-op: HIT x-accel-expires: @1678078222 server: CDN77-Turbo x-77-nzt: AblMCQ154d7/yScAAA x-77-nzt-ray: c0a4cc280368debca76e0564c2153f32 x-cache: HIT x-age: 10185 x-77-pop: stockholmSE x-77-cache: HIT content-encoding: gzip X-Firefox-Spdy: h2`

	cdn.plyr.io/3.5.4/plyr.svg	104.27.194.88	200 OK	0 B
URL HTTP/2 cdn.plyr.io/3.5.4/plyr.svg IP 104.27.194.88:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /3.5.4/plyr.svg HTTP/1.1 Host: cdn.plyr.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://fs1.app Connection: keep-alive Referer: https://fs1.app/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Mon, 06 Mar 2023 04:40:08 GMT content-type: image/svg+xml x-amz-id-2: i5JHjcg9zSMXfLTSkg2bJuXLWkrrEYzjVmQpS3ykwaV+aKnxN44SplDMsowODlB1QZL7tCPqsuQ= x-amz-request-id: M70EQ9E2HNGDXZS1 last-modified: Thu, 25 Apr 2019 02:13:31 GMT etag: W/"d1f4356635795f17eaa9bd377d172997" cache-control: max-age=31536000 via: 1.1 varnish, 1.1 varnish x-served-by: cache-iad-kcgs7200042-IAD, cache-yyz4545-YYZ x-cache: HIT, HIT x-cache-hits: 39, 291 x-timer: S1675907206.958398,VS0,VE0 vary: Accept-Encoding access-control-allow-origin: * access-control-allow-methods: GET, POST, OPTIONS access-control-expose-headers: Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept cf-cache-status: HIT age: 2065630 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9rGfaTxwEYfCLVUd5SInfDr4vttIyv164FfY8%2BJ25%2F0WS30rVyjai2rdzcfzoA%2FkxwGwtclbHMYauNMj89OGryOrvxM7m6gbUqdesq1ILts7hiHq%2BAYggMb4uoD"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7a37eb3ac9490b06-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	a.realsrv.com/ad-provider.js	185.76.9.19	200 OK	0 B
URL HTTP/2 a.realsrv.com/ad-provider.js IP 185.76.9.19:0 ASN #60068 Datacamp Limited File type Size 0 B (0 bytes) Hash HTTP Headers GET /ad-provider.js HTTP/1.1 Host: a.realsrv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://a.labadena.com/ Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2264056ea8436b88.71043300536494041%22%3B%7D; impressions=cxbmsbocnxgxambemxebageimlxbaxbcnxgxammsoscaageicxbmsbcenxgxammcbembcgeioslmrxbmnxgxammlsorobgeimcclsoeonxgxamaosaeosgeioslmrxbrnxgxambemebbogeimlxbaxbanxgxambemxebageioslmroemnxgxammmarbbxgeimcclsxlonxgxambecbclageimcclossbnxgxammcoeebmgeimlxbaxlonxgxammmrmcemgeicxbmsboenxgxammbscexbgeimlxbaxlcnxgxamaalxboageicxbmsbxcnxgxammmarbbxgeimlxbaxlenxgxambecbclageimlxbaxbonxgxammccroaogeialbserxonxgxamaboseaogeioslmrxlsnxgxammalxolxgeimlxbaxbbnxgxammcoxbbegeimlxbaxlanxgxammcxmlergeimccloscanxgxammmarbbxgeialbsereanxgxammesrlxegeimlxbaxbenxgxammscrrcogeialbserecnxgxammcocxcrgeimcclsxcanxgxammcxescmgeimcclsxlcnxgxambemebbogeirbabxabbnxgxammcoeebmgeimcclsxxonxgxammcoeebmgeimcclsxlbnxgxammcoeebmgeicmmsxaeenxgxammcoeebmgeimcclsxacnxgxammccaeeageimcclsxsbnxgxammcoeebmgeicaocmrmanxgxammcocxcrgeicaxsscmbnxgxammcocxcrgeislsaroornxgxambemxebageimbsblroanxrgxambeoaoxegxcceimlbxcrlbnogxambeoaoxegxcceimxlbmxlcnogxambecrmosgxcceimsacexoonxgxambecrmosgxcceimxeoxsacnagxambecrmosgxcceimrmbbraenxgxambecmasagxcceimrmbbrcanogxambecmasagxcceimlasxxcanxgxambecmbregxcceimlaseelenxgxambecmbregxcceimemlxmcbnxgxambecmbmagxcceimclxlloanxgxambecmbmagxcceibeersbrcnrgxambecmbmagxcceimmlamcecnxgxambecmbmagxcceimsleoaronxgxambecmbmagxcceixaoosscrnxgxambecmbmagxcceixaoossalnxgxambecmbmagxcceibeeblbcbnxgxambecmbmagxcceimlrcamabnogxambecmbmagxcceimxlbmoscnogxambecmbmagxcceimlbxcrlanogxambecmbmagxcceimxlbmosonogxambecmbmagxcceimxlbmosanogxambecmbmagxcceimmraexoenxgxambecboecgxcceimmraexsenxgxambecboecgxcceimmraexoonxgxambecboecgxcceimxxerrxenxgxambecbsemgxcceimrmbbrrcnxgxambecleolgxcceimlalarbcnxgxambereeaxgxcceialrexexbnxgxamberxblbgxcceialrexeoonxgxamberxblbgxcceimasbmxconxgxambersaecgxcceimlalacobnxgxambersmasgxcceimxlbalscnogxambersmasgxcceimlasxoconxgxambersmacgxcceiaaxcambbnxgxambercmbmgxcceicloaxxaanxgxambercbrogxcceimlclemsonxgxambercbrogxcceimllslrsanxgxambercbrogxcceibeersbronxgxamberasxxgcbeimxxrecsanxgxamberlbbcgxcceimllrabmanxgxamberlbbrgxcceimllrabmonxgxamberlbbrgxcceimllrabbcnxgxamberlbbrgxcceimmroseconsgxambeaecllgxcceicloaxxacnxgxambeaecllgxcceimlmbrsaenxgxambeaxeslgxcceircmbbroanxgxambeaxboogxcceimclsaoxbnogxambeascocgxcceimbbcemobnxgxambeascocgxcceimoobcomanxgxambeascocgxcceiccblrxrbnxgxambeascocgxcceimlbemecanxgxambeaslmrgcbeimlaxeemenxgxambeacbelgxcceimlrcamaonogxambeacbxegxcceimllslrsonsgxambealelagxcceimlslsbsanxgxambealelagxcceimllslrsenxgxambealelagxcceimxxerrecnxgxambemxebagxcceimbbcemoanogxambemxebagxcceimrxccosonxgxambemxebagxcceimxlbmxbbnxgxambemxebmgxcceimxxerreonxgxambemxebmgxcceicloaxxmenxgxambemrssogxcceimxlbalcenxgxambemmaebgxcce; c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C3377859%7C71986940%7C100644%7C%7C99%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Ca8b2c1b202f0007b1263a9cac3ef982f%7C0%7Cfs1.app%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers `HTTP/2 200 OK date: Mon, 06 Mar 2023 04:40:08 GMT content-type: application/javascript vary: Accept-Encoding etag: W/"b370a6087166092931ea2d574b0" expires: Thu, 02 Mar 2023 13:44:55 GMT cache-control: max-age=10800 access-control-allow-origin: * x-cache-op: HIT x-accel-expires: @1678078222 server: CDN77-Turbo x-77-nzt: AblMCQ2QyJb/yicAAA x-77-nzt-ray: c0a4cc280368debca86e05647e6dd417 x-cache: HIT x-age: 10186 x-77-pop: stockholmSE x-77-cache: HIT content-encoding: gzip X-Firefox-Spdy: h2`

	amuse-lefty.mushroomtrack.com/hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/31015.m3u8	45.35.65.138	200 OK	0 B
URL HTTP/2 amuse-lefty.mushroomtrack.com/hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/31015.m3u8 IP 45.35.65.138:0 ASN #40676 AS40676 File type Size 0 B (0 bytes) Hash HTTP Headers `GET /hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/31015.m3u8 HTTP/1.1 Host: amuse-lefty.mushroomtrack.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://fs1.app Connection: keep-alive Referer: https://fs1.app/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: openresty date: Mon, 06 Mar 2023 04:40:08 GMT content-type: application/vnd.apple.mpegurl last-modified: Sat, 04 Mar 2023 04:49:33 GMT vary: Accept-Encoding etag: W/"6402cddd-f0f8" expires: Tue, 07 Mar 2023 04:40:08 GMT cache-control: max-age=86400 access-control-allow-origin: https://fs1.app content-encoding: gzip X-Firefox-Spdy: h2`

	fs1.app/videos/cawd-529/	104.21.69.131	200 OK	0 B
URL HTTP/2 fs1.app/videos/cawd-529/ IP 104.21.69.131:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /videos/cawd-529/ HTTP/1.1 Host: fs1.app User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` HTTP/2 200 OK date: Mon, 06 Mar 2023 04:40:07 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding set-cookie: PHPSESSID=34o4pdr0fdufuqlmv821meqr4u; path=/; domain=.fs1.app kt_ips=91.90.42.154; expires=Tue, 07-Mar-2023 04:40:07 GMT; Max-Age=86400; path=/; domain=.fs1.app expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache strict-transport-security: max-age=15768000 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pV660uAXfpeExVBba6l1ojsP0vUYuTx2IOr1K69ebkyFyohgKDAUaSVauUGVhqYkZUj4160eCKXLtX7cW9AnQeg2l6e6nDFTZErkMJKIcaj28fos9F4m5Whf"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7a37eb34ea6dfabc-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	cdn.tapioni.com/asg_embed.js	143.204.55.80	200 OK	0 B
URL HTTP/2 cdn.tapioni.com/asg_embed.js IP 143.204.55.80:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers `GET /asg_embed.js HTTP/1.1 Host: cdn.tapioni.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fs1.app/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript server: nginx date: Mon, 13 Feb 2023 14:35:56 GMT last-modified: Mon, 13 Feb 2023 14:35:24 GMT etag: W/"63ea4aac-2af61" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public content-encoding: br vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: g11eCvl_smr6XR1c6s19Hk5C_CmHfh6mMie1NkQyKz66HHuLFyBz2A== age: 1778651 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (29)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML