| fs1.app/videos/cawd-529/ | 172.67.208.183 | 301 Moved Permanently | 166 B |
IP172.67.208.183:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash3ea1c8d079b38532a6e01a96216ba5e2 598d3ff91d3e252f1e13df8cf0348b270ff2da3f 87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /videos/cawd-529/ HTTP/1.1
Host: fs1.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 06 Mar 2023 04:40:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://fs1.app/videos/cawd-529/
Strict-Transport-Security: max-age=15768000
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3cK1N%2FQwzhshEwAWpS%2FjOPLAsR28KAx5Q7P2HZb8PFzasUiUeBV%2Fg7%2BW427TjnV6fK%2Fby%2BSXxGDgHAvBCYWGppYxff0%2BRwr2fieE7WAiBOk2gK15X0C2mjP"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a37eb32c8ecb50f-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashcf14baed0842431a08367ed54f2346ca d943be8835b7e4470e3d6fbe09ac39c5464be434 a45fbc8cdddc9f43c0c3c7d73cbb2cdf3cf4c4cd2df20802925b795da5048aa4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A45FBC8CDDDC9F43C0C3C7D73CBB2CDF3CF4C4CD2DF20802925B795DA5048AA4"
Last-Modified: Sun, 05 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14543
Expires: Mon, 06 Mar 2023 08:42:30 GMT
Date: Mon, 06 Mar 2023 04:40:07 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashedf4102b9efce8261382541ecd721da5 23a30610ea113c9f93b0ce302ce3df010bd56f05 88c132ab9697f01e979e74208e0ae12ec410c26b7a79f0cead4f9c8f86d12fda
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88C132AB9697F01E979E74208E0AE12EC410C26B7A79F0CEAD4F9C8F86D12FDA"
Last-Modified: Sat, 04 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13968
Expires: Mon, 06 Mar 2023 08:32:55 GMT
Date: Mon, 06 Mar 2023 04:40:07 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash84db75194692d4afe13196bda6f22da8 4c1f49bc973a4917f146d93c8d598344edc021f6 a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Mar 2023 04:13:20 GMT
content-type: application/json
age: 1607
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash5034bcceb9691ad6244be6045742ab53 51e77cdc92833432cd26b13f28875791a187c63c 540637d0d69c1201dcb2dd813b40e64cd07c5bd7685d46a7bad4d437a4e7aeea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "540637D0D69C1201DCB2DD813B40E64CD07C5BD7685D46A7BAD4D437A4E7AEEA"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3516
Expires: Mon, 06 Mar 2023 05:38:43 GMT
Date: Mon, 06 Mar 2023 04:40:07 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashb5ba6334e73496995e3e3a9ecd0eb323 ad80d3b7718c28364e8c2004fb38a13a1747e462 aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: cmu0BZ9dqVYyDbGdTYzHLXjpY6d7Dq0GDt214tlJyKr8nYaXGbubuMrbqODevwKIkD7g+xNsLLk=
x-amz-request-id: 63B6SRTN9QE30KQN
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Mar 2023 04:16:59 GMT
age: 1388
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 04:40:07 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashfed02b60cdde629ed9682f466ed27c05 ca8a522c9deb45527119e5d243ddb316a0e22a44 0d653eca33ea40a8bcaf632dd27528d1ff4f3dfeb6497952edd530241f1cf69e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 04:40:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash1dfdbbe528416d7653788c31a945540d ce7e4b0cc913dcf90dcb43ca51706e2ff0677eaf 872f2081ef126a0358e196338a21f095c376652feaa7cb9b2bfd6f3149838f60
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "872F2081EF126A0358E196338A21F095C376652FEAA7CB9B2BFD6F3149838F60"
Last-Modified: Sat, 04 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3004
Expires: Mon, 06 Mar 2023 05:30:11 GMT
Date: Mon, 06 Mar 2023 04:40:07 GMT
Connection: keep-alive
|
|
| www.googletagmanager.com/gtag/js?id=G-1DTX7D4FHE | 142.250.74.40 | 200 OK | 78 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=G-1DTX7D4FHE IP142.250.74.40:0
File typeASCII text, with very long lines (19467) Hash15c99d0e692481ee4f44dc078c4b37cf 069ff6880a239d8b51cabc580e58e4fe9c6d1689 67e307947c171c6ffc7ae8b0b1a762db491e2918b7e7f7a14f0aa01d963d6d31
GET /gtag/js?id=G-1DTX7D4FHE HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 06 Mar 2023 04:40:07 GMT
expires: Mon, 06 Mar 2023 04:40:07 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78160
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Cache-Control, Expires, Alert, Content-Type, Pragma, Retry-After, Last-Modified, Backoff, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Mar 2023 04:12:30 GMT
age: 1657
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 472 B |
IP172.64.155.188:0
Hashb9ad24178aa344ed7c9f7b717215be5b 6ece7555284a4c8b16bf5875c4dc355dd5238ae8 33544b52dff75731b2f31cc3e3b864917852aba04bf8600c78d8f2a49b8baa15
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Mar 2023 04:40:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 03 Mar 2023 22:07:03 GMT
Expires: Fri, 10 Mar 2023 22:07:02 GMT
Etag: "6ece7555284a4c8b16bf5875c4dc355dd5238ae8"
Cache-Control: max-age=407814,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a37eb395dcab50b-OSL
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashfed02b60cdde629ed9682f466ed27c05 ca8a522c9deb45527119e5d243ddb316a0e22a44 0d653eca33ea40a8bcaf632dd27528d1ff4f3dfeb6497952edd530241f1cf69e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 04:40:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 192.229.221.95 | 200 OK | 278 B |
IP192.229.221.95:0
Hashc3bedafa7f10c2daaf00ebf5cd8baa42 c36d67e6cd7b27bdfa107c670e5fff7977e4d7ad c07c1bb4de21b08d4530fdd569f58037b87810f7296d008694fc06e949c7624d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 76329
Cache-Control: max-age=155344
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 04:40:08 GMT
Etag: "6404004f-116"
Expires: Tue, 07 Mar 2023 23:49:12 GMT
Last-Modified: Sun, 05 Mar 2023 02:37:03 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 278
|
|
| ocsp.digicert.com/ | 192.229.221.95 | 200 OK | 277 B |
IP192.229.221.95:0
Hash1a72b20df39fde105d4e21888065791f 1d5902f86adb6db3930b1a4d211d088f6c9de403 56e3bf10716e4ab4290913ec738672c3a5f8c186c07190bbf3110e84d563bbf8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 7370
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 04:40:08 GMT
Last-Modified: Mon, 06 Mar 2023 02:37:18 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 277
|
|
| video.ktkjmp.com/adsbygoogle.js | 104.18.62.235 | 200 OK | 16 B |
URL HTTP/2video.ktkjmp.com/adsbygoogle.js IP104.18.62.235:0
Hash3d7f7a60216d40dea48e495fef6903c9 fecdb5184f55cf012563d78940eb97b10b9cc99b 96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
GET /adsbygoogle.js HTTP/1.1
Host: video.ktkjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fs1.app/
Origin: https://fs1.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Mar 2023 04:40:08 GMT
content-type: application/javascript
content-length: 16
x-amz-id-2: 7iIyc7Ag8eM1PmQKkZUs1U8x0f2SmDI2Ad62JbfPgYZ5ZX/ff7tNmM7D6ZcqqzMdy889OzJ5o2M=
x-amz-request-id: P4QE4WF5DHQRSN3T
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://fs1.app
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
expires: Mon, 06 Mar 2023 08:40:08 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cflb=02DiuDfsBaY2bRYJiCg3Rc4wrBy1LXpo889L9iZTnb2zQ; SameSite=None; Secure; path=/; expires=Tue, 07-Mar-23 03:40:08 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a37eb3a4b1efabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| assets-cdn.jable.tv/assets/images/placeholder-md.jpg | 15.235.9.226 | 200 OK | 15 kB |
URL HTTP/2assets-cdn.jable.tv/assets/images/placeholder-md.jpg IP15.235.9.226:0
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5.1 Windows, datetime=2019:03:31 18:12:59], progressive, precision 8, 336x188, components 3\012- data Hashac9ea1a555198470671238d214b2e489 4a22f147e57e2781e0b302ac2c156d1999793cdb 58be1d54819c76bc997fee25de298613a1565c7f6c8ef01629511315422b7468
GET /assets/images/placeholder-md.jpg HTTP/1.1
Host: assets-cdn.jable.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Mon, 06 Mar 2023 04:40:08 GMT
content-type: image/jpeg
content-length: 14601
last-modified: Sun, 31 Mar 2019 10:13:04 GMT
etag: "5ca092b0-3909"
strict-transport-security: max-age=15768000
expires: Wed, 05 Apr 2023 04:40:08 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 192.229.221.95 | 200 OK | 277 B |
IP192.229.221.95:0
Hash1a72b20df39fde105d4e21888065791f 1d5902f86adb6db3930b1a4d211d088f6c9de403 56e3bf10716e4ab4290913ec738672c3a5f8c186c07190bbf3110e84d563bbf8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 7370
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 04:40:08 GMT
Last-Modified: Mon, 06 Mar 2023 02:37:18 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 277
|
|
| ocsp.digicert.com/ | 192.229.221.95 | 200 OK | 278 B |
IP192.229.221.95:0
Hash813f832037c3bf085976b70037abdcc7 ef6d33e32de1883de64732ed5c7cf6c0c75115c0 9080b8bf87550293c2c6aee38758b52d618dc989ddc400cf5a7075114c80eb4d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4755
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 04:40:08 GMT
Etag: "6402aecc-116"
Last-Modified: Mon, 06 Mar 2023 03:20:53 GMT
Server: ECAcc (amb/6AD1)
X-Cache: HIT
Content-Length: 278
|
|
| push.services.mozilla.com/ | 34.210.143.205 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP34.210.143.205:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xBhUSMC1kNMCcw/YsMXGgQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: a7z9YoGV4aZTIJ78hinF1YmtlCY=
|
|
| ocsp.digicert.com/ | 192.229.221.95 | 200 OK | 280 B |
IP192.229.221.95:0
Hash1b413dd4e5027059c64870af0b27400d d38cc26fa1c79ce94e48184f5b39b92a9c075329 add859317f524c4939cc434b0972d730db9e60c5f832423a31298bce3218092f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 67574
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 04:40:08 GMT
Last-Modified: Sun, 05 Mar 2023 09:53:54 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 280
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash0b2a6c80075ac612fdd0c0db8ecc7508 816bcd2a7acf9dbf93e52adbe3549a2945d4cbfb f5b916b912ad2c776304ec956a0d8c6e383551ae5f4c9c15bdf82b2db499d02b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 04:40:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.35 | 200 OK | 15 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fs1.app
Connection: keep-alive
Referer: https://assets.fs1.app/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Mar 2023 21:48:03 GMT
expires: Fri, 01 Mar 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 283925
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash0b2a6c80075ac612fdd0c0db8ecc7508 816bcd2a7acf9dbf93e52adbe3549a2945d4cbfb f5b916b912ad2c776304ec956a0d8c6e383551ae5f4c9c15bdf82b2db499d02b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 04:40:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.35 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.35:0
Hashc575e672e9f626492bf0bbb478de1549 7a105950a60ae2e4ee59dac9171512a06461e51e 95f0dd6c6e5d28169197dbbd6b5c56d41cbe7968f0e8a243a9524d25e95897cb
GET /s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fs1.app
Connection: keep-alive
Referer: https://assets.fs1.app/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15436
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Feb 2023 18:48:55 GMT
expires: Wed, 28 Feb 2024 18:48:55 GMT
cache-control: public, max-age=31536000
age: 467473
last-modified: Mon, 16 Oct 2017 17:33:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.35 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fs1.app
Connection: keep-alive
Referer: https://assets.fs1.app/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Mar 2023 17:56:42 GMT
expires: Fri, 01 Mar 2024 17:56:42 GMT
cache-control: public, max-age=31536000
age: 297806
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash0b2a6c80075ac612fdd0c0db8ecc7508 816bcd2a7acf9dbf93e52adbe3549a2945d4cbfb f5b916b912ad2c776304ec956a0d8c6e383551ae5f4c9c15bdf82b2db499d02b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 04:40:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| syndication.realsrv.com/splash.php?native-settings=1&idzone=3377859&cookieconsent=true&&p=https%3A%2F%2Ffs1.app%2Fvideos%2Fcawd-529%2F | 95.211.229.248 | 200 OK | 1.8 kB |
URL HTTP/1.1syndication.realsrv.com/splash.php?native-settings=1&idzone=3377859&cookieconsent=true&&p=https%3A%2F%2Ffs1.app%2Fvideos%2Fcawd-529%2F IP95.211.229.248:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeJSON data\012- , ASCII text, with very long lines (3437), with no line terminators Hash38a4ed21cac1a0b8d2a8fa2e560838e9 8eef2c860c631b0eeec4af3ddcb4f0368e72748d d41d32582ca43a5c4af9d5793e264ab507e9636c7a3ad2e37c1062b3e4641cf0
GET /splash.php?native-settings=1&idzone=3377859&cookieconsent=true&&p=https%3A%2F%2Ffs1.app%2Fvideos%2Fcawd-529%2F HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fs1.app
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Mar 2023 04:40:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://fs1.app
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2264056ea8436b88.71043300536494041%22%3B%7D; expires=Wed, 05 Mar 2025 04:40:08 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
impressions=cxbmsbocnxgxambemxebageimlxbaxbcnxgxammsoscaageicxbmsbcenxgxammcbembcgeioslmrxbmnxgxammlsorobgeimcclsoeonxgxamaosaeosgeioslmrxbrnxgxambemebbogeimlxbaxbanxgxambemxebageioslmroemnxgxammmarbbxgeimcclsxlonxgxambecbclageimcclossbnxgxammcoeebmgeimlxbaxlonxgxammmrmcemgeicxbmsboenxgxammbscexbgeimlxbaxlcnxgxamaalxboageicxbmsbxcnxgxammmarbbxgeimlxbaxlenxgxambecbclageimlxbaxbonxgxammccroaogeialbserxonxgxamaboseaogeioslmrxlsnxgxammalxolxgeimlxbaxbbnxgxammcoxbbegeimlxbaxlanxgxammcxmlergeimccloscanxgxammmarbbxgeialbsereanxgxammesrlxegeimlxbaxbenxgxammscrrcogeialbserecnxgxammcocxcrgeimcclsxcanxgxammcxescmgeimcclsxlcnxgxambemebbogeirbabxabbnxgxammcoeebmgeimcclsxxonxgxammcoeebmgeimcclsxlbnxgxammcoeebmgeicmmsxaeenxgxammcoeebmgeimcclsxacnxgxammccaeeageimcclsxsbnxgxammcoeebmgeicaocmrmanxgxammcocxcrgeicaxsscmbnxgxammcocxcrgeislsaroornxgxambemxebageimbsblroanxrgxambeoaoxegxcceimlbxcrlbnogxambeoaoxegxcceimxlbmxlcnogxambecrmosgxcceimsacexoonxgxambecrmosgxcceimxeoxsacnagxambecrmosgxcceimrmbbraenxgxambecmasagxcceimrmbbrcanogxambecmasagxcceimlasxxcanxgxambecmbregxcceimlaseelenxgxambecmbregxcceimemlxmcbnxgxambecmbmagxcceimclxlloanxgxambecmbmagxcceibeersbrcnrgxambecmbmagxcceimmlamcecnxgxambecmbmagxcceimsleoaronxgxambecmbmagxcceixaoosscrnxgxambecmbmagxcceixaoossalnxgxambecmbmagxcceibeeblbcbnxgxambecmbmagxcceimlrcamabnogxambecmbmagxcceimxlbmoscnogxambecmbmagxcceimlbxcrlanogxambecmbmagxcceimxlbmosonogxambecmbmagxcceimxlbmosanogxambecmbmagxcceimmraexoenxgxambecboecgxcceimmraexsenxgxambecboecgxcceimmraexoonxgxambecboecgxcceimxxerrxenxgxambecbsemgxcceimrmbbrrcnxgxambecleolgxcceimlalarbcnxgxambereeaxgxcceialrexexbnxgxamberxblbgxcceialrexeoonxgxamberxblbgxcceimasbmxconxgxambersaecgxcceimlalacobnxgxambersmasgxcceimxlbalscnogxambersmasgxcceimlasxoconxgxambersmacgxcceiaaxcambbnxgxambercmbmgxcceicloaxxaanxgxambercbrogxcceimlclemsonxgxambercbrogxcceimllslrsanxgxambercbrogxcceibeersbronxgxamberasxxgcbeimxxrecsanxgxamberlbbcgxcceimllrabmanxgxamberlbbrgxcceimllrabmonxgxamberlbbrgxcceimllrabbcnxgxamberlbbrgxcceimmroseconsgxambeaecllgxcceicloaxxacnxgxambeaecllgxcceimlmbrsaenxgxambeaxeslgxcceircmbbroanxgxambeaxboogxcceimclsaoxbnogxambeascocgxcceimbbcemobnxgxambeascocgxcceimoobcomanxgxambeascocgxcceiccblrxrbnxgxambeascocgxcceimlbemecanxgxambeaslmrgcbeimlaxeemenxgxambeacbelgxcceimlrcamaonogxambeacbxegxcceimllslrsonsgxambealelagxcceimlslsbsanxgxambealelagxcceimllslrsenxgxambealelagxcceimxxerrecnxgxambemxebagxcceimbbcemoanogxambemxebagxcceimrxccosonxgxambemxebagxcceimxlbmxbbnxgxambemxebmgxcceimxxerreonxgxambemxebmgxcceicloaxxmenxgxambemrssogxcceimxlbalcenxgxambemmaebgxcce; expires=Tue, 07 Mar 2023 04:40:08 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C3377859%7C71986940%7C100644%7C%7C99%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Ca8b2c1b202f0007b1263a9cac3ef982f%7C0%7Cfs1.app%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Tue, 07 Mar 2023 04:40:08 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| a.labadena.com/api/click/12127387160658219095?c=90 | 135.181.208.216 | 200 OK | 0 B |
URL HTTP/2a.labadena.com/api/click/12127387160658219095?c=90 IP135.181.208.216:0 ASN#24940 Hetzner Online GmbH
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/12127387160658219095?c=90 HTTP/1.1
Host: a.labadena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.labadena.com/api/spots/220808?p=1&s1=%subid1%&kw=
Cookie: nauid=Xix7c8qbv0VybLDZFmVC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 04:40:08 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private
X-Firefox-Spdy: h2
|
|
| amuse-lefty.mushroomtrack.com/hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/thumbvtt.ts | 45.35.65.138 | 200 OK | 8.3 kB |
URL HTTP/2amuse-lefty.mushroomtrack.com/hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/thumbvtt.ts IP45.35.65.138:0
Hashef4edd73518f517e496c674e3238d585 cecf658669a65a77ef57aef204c1dbd204d6c12e 74f44f54306c2f2f7ea15803e849f18d212ada48dff444695836995cec94ecb8
GET /hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/thumbvtt.ts HTTP/1.1
Host: amuse-lefty.mushroomtrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fs1.app
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Mon, 06 Mar 2023 04:40:08 GMT
content-type: video/mp2t
content-length: 8305
last-modified: Sat, 04 Mar 2023 05:09:25 GMT
etag: "6402d285-2071"
expires: Tue, 07 Mar 2023 04:40:08 GMT
cache-control: max-age=86400
access-control-allow-origin: https://fs1.app
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| syndication.realsrv.com/v1/api.php | 95.211.229.248 | 200 OK | 1.3 kB |
URL HTTP/1.1syndication.realsrv.com/v1/api.php IP95.211.229.248:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeJSON data\012- , ASCII text, with very long lines (1706), with no line terminators Hashe2437529430667f579b8533a2bc38637 909d9a56c710ef28659a54798b6261b750e04727 5943d173efc559d2d2546e61c295ddd27f93130d69e2eec676327a948055e0bc
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 323
Origin: https://a.labadena.com
Connection: keep-alive
Referer: https://a.labadena.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2264056ea8436b88.71043300536494041%22%3B%7D; impressions=cxbmsbocnxgxambemxebageimlxbaxbcnxgxammsoscaageicxbmsbcenxgxammcbembcgeioslmrxbmnxgxammlsorobgeimcclsoeonxgxamaosaeosgeioslmrxbrnxgxambemebbogeimlxbaxbanxgxambemxebageioslmroemnxgxammmarbbxgeimcclsxlonxgxambecbclageimcclossbnxgxammcoeebmgeimlxbaxlonxgxammmrmcemgeicxbmsboenxgxammbscexbgeimlxbaxlcnxgxamaalxboageicxbmsbxcnxgxammmarbbxgeimlxbaxlenxgxambecbclageimlxbaxbonxgxammccroaogeialbserxonxgxamaboseaogeioslmrxlsnxgxammalxolxgeimlxbaxbbnxgxammcoxbbegeimlxbaxlanxgxammcxmlergeimccloscanxgxammmarbbxgeialbsereanxgxammesrlxegeimlxbaxbenxgxammscrrcogeialbserecnxgxammcocxcrgeimcclsxcanxgxammcxescmgeimcclsxlcnxgxambemebbogeirbabxabbnxgxammcoeebmgeimcclsxxonxgxammcoeebmgeimcclsxlbnxgxammcoeebmgeicmmsxaeenxgxammcoeebmgeimcclsxacnxgxammccaeeageimcclsxsbnxgxammcoeebmgeicaocmrmanxgxammcocxcrgeicaxsscmbnxgxammcocxcrgeislsaroornxgxambemxebageimbsblroanxrgxambeoaoxegxcceimlbxcrlbnogxambeoaoxegxcceimxlbmxlcnogxambecrmosgxcceimsacexoonxgxambecrmosgxcceimxeoxsacnagxambecrmosgxcceimrmbbraenxgxambecmasagxcceimrmbbrcanogxambecmasagxcceimlasxxcanxgxambecmbregxcceimlaseelenxgxambecmbregxcceimemlxmcbnxgxambecmbmagxcceimclxlloanxgxambecmbmagxcceibeersbrcnrgxambecmbmagxcceimmlamcecnxgxambecmbmagxcceimsleoaronxgxambecmbmagxcceixaoosscrnxgxambecmbmagxcceixaoossalnxgxambecmbmagxcceibeeblbcbnxgxambecmbmagxcceimlrcamabnogxambecmbmagxcceimxlbmoscnogxambecmbmagxcceimlbxcrlanogxambecmbmagxcceimxlbmosonogxambecmbmagxcceimxlbmosanogxambecmbmagxcceimmraexoenxgxambecboecgxcceimmraexsenxgxambecboecgxcceimmraexoonxgxambecboecgxcceimxxerrxenxgxambecbsemgxcceimrmbbrrcnxgxambecleolgxcceimlalarbcnxgxambereeaxgxcceialrexexbnxgxamberxblbgxcceialrexeoonxgxamberxblbgxcceimasbmxconxgxambersaecgxcceimlalacobnxgxambersmasgxcceimxlbalscnogxambersmasgxcceimlasxoconxgxambersmacgxcceiaaxcambbnxgxambercmbmgxcceicloaxxaanxgxambercbrogxcceimlclemsonxgxambercbrogxcceimllslrsanxgxambercbrogxcceibeersbronxgxamberasxxgcbeimxxrecsanxgxamberlbbcgxcceimllrabmanxgxamberlbbrgxcceimllrabmonxgxamberlbbrgxcceimllrabbcnxgxamberlbbrgxcceimmroseconsgxambeaecllgxcceicloaxxacnxgxambeaecllgxcceimlmbrsaenxgxambeaxeslgxcceircmbbroanxgxambeaxboogxcceimclsaoxbnogxambeascocgxcceimbbcemobnxgxambeascocgxcceimoobcomanxgxambeascocgxcceiccblrxrbnxgxambeascocgxcceimlbemecanxgxambeaslmrgcbeimlaxeemenxgxambeacbelgxcceimlrcamaonogxambeacbxegxcceimllslrsonsgxambealelagxcceimlslsbsanxgxambealelagxcceimllslrsenxgxambealelagxcceimxxerrecnxgxambemxebagxcceimbbcemoanogxambemxebagxcceimrxccosonxgxambemxebagxcceimxlbmxbbnxgxambemxebmgxcceimxxerreonxgxambemxebmgxcceicloaxxmenxgxambemrssogxcceimxlbalcenxgxambemmaebgxcce; c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C3377859%7C71986940%7C100644%7C%7C99%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Ca8b2c1b202f0007b1263a9cac3ef982f%7C0%7Cfs1.app%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Mar 2023 04:40:08 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.labadena.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| amuse-lefty.mushroomtrack.com/hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/6025df39112b8b81.ts | 45.35.65.138 | 200 OK | 16 B |
URL HTTP/2amuse-lefty.mushroomtrack.com/hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/6025df39112b8b81.ts IP45.35.65.138:0
Hash814f87d06a9a7a45e6426c39d769ae3d a6f961ed12a5c5351fe49621be5485def63fa775 468b6417623f3b7e6b3876c4e7ea9bc5310f58f2fa76999e5844d4c0cf985910
GET /hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/6025df39112b8b81.ts HTTP/1.1
Host: amuse-lefty.mushroomtrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fs1.app
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 06 Mar 2023 04:40:08 GMT
content-type: video/mp2t
content-length: 16
last-modified: Sat, 04 Mar 2023 05:09:24 GMT
etag: "6402d284-10"
expires: Tue, 07 Mar 2023 04:40:08 GMT
cache-control: max-age=86400
access-control-allow-origin: https://fs1.app
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.ggsfq.xyz/creative/20230214_Jable_(300x250)_F_TC_gif.gif | 172.67.164.16 | 200 OK | 499 kB |
URL HTTP/2cdn.ggsfq.xyz/creative/20230214_Jable_(300x250)_F_TC_gif.gif IP172.67.164.16:0
File typeGIF image data, version 89a, 300 x 250\012- data Size499 kB (498775 bytes) Hasha6728e53934e97c6a8f431ca8716a413 70f26e76c52edefa2342460cb2e561fbc2b97860 6b15b25c06762ae676c0158b995f728c41a0b3353f2c6902b11318ec54979f33
GET /creative/20230214_Jable_(300x250)_F_TC_gif.gif HTTP/1.1
Host: cdn.ggsfq.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adserve.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Mar 2023 04:40:08 GMT
content-type: image/gif
content-length: 498775
etag: "a6728e53934e97c6a8f431ca8716a413"
last-modified: Tue, 14 Feb 2023 07:27:40 GMT
x-amz-id-2: lKZF2nJGC4gOaKsNr8zmSN3yi+zR1UAxQab33DATzFlevTF8MNLH0jLhnQpfsjpLb3LIS3/ox/sk
x-amz-request-id: 01F05973B0A2DD53
cache-control: max-age=14400
cf-cache-status: HIT
age: 511
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqGjONv%2Bv1af9H9W9cEAM9GEa1O%2BQJwQCGtLIIay1y7n4sNVuX4pb6Nm%2B1bZISOoZwrfdjmBAjQK3QeO%2BwPIHPrKC%2FnXpQMG7qTOuVU4R0M7%2BtCJs%2F4MkfKaCUba6wA5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a37eb3f4a2eb529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 192.229.221.95 | 200 OK | 278 B |
IP192.229.221.95:0
Hasha65f7aab1761daf56bf593e653571320 f3dbc1859917103b5dabbaad6092cb9887f0ff2c c7ddb181ab06fc47d897f2659703011f4224017a32de1a6dcbf6ca2c0bea5135
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 25376
Cache-Control: max-age=171011
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 04:40:08 GMT
Etag: "6405048b-116"
Expires: Wed, 08 Mar 2023 04:10:19 GMT
Last-Modified: Sun, 05 Mar 2023 21:07:23 GMT
Server: ECAcc (amb/6B04)
X-Cache: HIT
Content-Length: 278
|
|
| assets-cdn.jable.tv/assets/images/252/427-240-3.gif | 15.235.9.226 | 200 OK | 495 kB |
URL HTTP/2assets-cdn.jable.tv/assets/images/252/427-240-3.gif IP15.235.9.226:0
File typeGIF image data, version 89a, 427 x 240\012- data Size495 kB (495284 bytes) Hash49a3ab4bb1a3b7ca1c17013d50e8ebd8 449d0fc24fe665307e6e62656acd74ce053feaea f149232ed8aaca10ffa20561b95ef86bc5e739a9501b8d57abdbc2747d9d0ba8
GET /assets/images/252/427-240-3.gif HTTP/1.1
Host: assets-cdn.jable.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 06 Mar 2023 04:40:08 GMT
content-type: image/gif
content-length: 495284
last-modified: Thu, 23 Jul 2020 07:47:53 GMT
etag: "5f1940a9-78eb4"
strict-transport-security: max-age=15768000
expires: Wed, 05 Apr 2023 04:40:08 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| s3t3d2y8.afcdn.net/library/676799/668a15a067a69eed70a6572b59d942a51fdf020b.webp | 185.76.9.21 | 200 OK | 9.3 kB |
URL HTTP/2s3t3d2y8.afcdn.net/library/676799/668a15a067a69eed70a6572b59d942a51fdf020b.webp IP185.76.9.21:0 ASN#60068 Datacamp Limited
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Hash4ff7c4443b9dc9269cfb1ffa458fddc1 668a15a067a69eed70a6572b59d942a51fdf020b 1048f4dccd8db1bda50a6c7060551ed00252df4b483238458408e35e14a0e268
GET /library/676799/668a15a067a69eed70a6572b59d942a51fdf020b.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Mar 2023 04:40:09 GMT
content-type: image/webp
content-length: 9274
last-modified: Thu, 04 Nov 2021 09:51:20 GMT
etag: "6183ad18-243a"
expires: Fri, 30 Jun 2023 11:21:48 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195411
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCRTkQ8z/1tBGAQ
x-77-nzt-ray: af585630edf03133a96e0564684c2f00
x-cache: HIT
x-age: 21418198
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| adserve.work/www/serve/lg.php?bannerid=1658&campaignid=2&zoneid=4&loc=https%3A%2F%2Ffs1.app%2F&cb=17b0d18d53 | 104.21.54.4 | 200 OK | 43 B |
URL HTTP/2adserve.work/www/serve/lg.php?bannerid=1658&campaignid=2&zoneid=4&loc=https%3A%2F%2Ffs1.app%2F&cb=17b0d18d53 IP104.21.54.4:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /www/serve/lg.php?bannerid=1658&campaignid=2&zoneid=4&loc=https%3A%2F%2Ffs1.app%2F&cb=17b0d18d53 HTTP/1.1
Host: adserve.work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adserve.work/www/serve/afr.php?zoneid=4&cb=INSERT_RANDOM_NUMBER_HERE
Cookie: OAID=01000111010001000101000001010010
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Mar 2023 04:40:09 GMT
content-type: image/gif
x-powered-by: PHP/7.4.11
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
set-cookie: OAID=01000111010001000101000001010010; expires=Tue, 05-Mar-2024 04:40:08 GMT; Max-Age=31536000; path=/; secure; SameSite=none
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FpWKz4VIJ6afaL59YAiqGUuk0VIbO26lmfmfaJnZ0vDUXfhhQLwNtcjXnT3NDyuYX4xDsbG%2BOa02T4XWpyfJf8Zbd9KOI4zmsjC2bpN6rdV7IujyKnkJ%2B6YlUSrCAzY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a37eb3f2913b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| s3t3d2y8.afcdn.net/library/140058/defdee1f238f01447a564bb65bc78fb6e09d9e8b.mp4 | 185.76.9.21 | 206 Partial Content | 19 kB |
URL HTTP/2s3t3d2y8.afcdn.net/library/140058/defdee1f238f01447a564bb65bc78fb6e09d9e8b.mp4 IP185.76.9.21:0 ASN#60068 Datacamp Limited
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data Hashb7218c556915f3680f044234f0f139f9 defdee1f238f01447a564bb65bc78fb6e09d9e8b ea7ce093f47119441c389f6dc03971063d2602dbc3ca03fc8cb40cf936f94a7b
GET /library/140058/defdee1f238f01447a564bb65bc78fb6e09d9e8b.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://a.labadena.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Mon, 06 Mar 2023 04:40:09 GMT
content-type: video/mp4
content-length: 18759
last-modified: Thu, 26 Mar 2020 22:23:57 GMT
etag: "5e7d2b7d-4947"
expires: Fri, 30 Jun 2023 11:20:56 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195437
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCRRck/j/vNBGAQ
x-77-nzt-ray: af585630edf03133a96e056425ed850d
x-cache: HIT
x-age: 21418172
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-18758/18759
X-Firefox-Spdy: h2
|
|
| syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02QS05DMQxFt8IGGl3/EqdjxiCBWIDfb4BKGTBpJS+evFcJkePI15J/CYPlhGH2xHJWnOHZqXQU5UKm+fL6lkoZl8sS988yf38lKWCelVyIsrkrJKVJM2vZe6pQhdbUzpWoeipSEgM2Ud1VASjd8+P9+bg04Gzst44h96HJSB0aN2RVWF3DVerkXhpBRcYSUrUrxnrzDI5OFBO2znCOTTtVXm2zEdneJ6NcYoplvcbxDDwoo/VjPP440eHGQR4qfu7XOfNfyo4dRaNYdXcJ9bWrObaNeOJpmbZuy/iZNZotHL80OO+2bQEAAA== | 95.211.229.248 | 200 OK | 20 B |
URL HTTP/1.1syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02QS05DMQxFt8IGGl3/EqdjxiCBWIDfb4BKGTBpJS+evFcJkePI15J/CYPlhGH2xHJWnOHZqXQU5UKm+fL6lkoZl8sS988yf38lKWCelVyIsrkrJKVJM2vZe6pQhdbUzpWoeipSEgM2Ud1VASjd8+P9+bg04Gzst44h96HJSB0aN2RVWF3DVerkXhpBRcYSUrUrxnrzDI5OFBO2znCOTTtVXm2zEdneJ6NcYoplvcbxDDwoo/VjPP440eHGQR4qfu7XOfNfyo4dRaNYdXcJ9bWrObaNeOJpmbZuy/iZNZotHL80OO+2bQEAAA== IP95.211.229.248:0 ASN#60781 LeaseWeb Netherlands B.V.
Hasha4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA02QS05DMQxFt8IGGl3/EqdjxiCBWIDfb4BKGTBpJS+evFcJkePI15J/CYPlhGH2xHJWnOHZqXQU5UKm+fL6lkoZl8sS988yf38lKWCelVyIsrkrJKVJM2vZe6pQhdbUzpWoeipSEgM2Ud1VASjd8+P9+bg04Gzst44h96HJSB0aN2RVWF3DVerkXhpBRcYSUrUrxnrzDI5OFBO2znCOTTtVXm2zEdneJ6NcYoplvcbxDDwoo/VjPP440eHGQR4qfu7XOfNfyo4dRaNYdXcJ9bWrObaNeOJpmbZuy/iZNZotHL80OO+2bQEAAA== HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.labadena.com
Connection: keep-alive
Referer: https://a.labadena.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2264056ea8436b88.71043300536494041%22%3B%7D; impressions=cxbmsbocnxgxambemxebageimlxbaxbcnxgxammsoscaageicxbmsbcenxgxammcbembcgeioslmrxbmnxgxammlsorobgeimcclsoeonxgxamaosaeosgeioslmrxbrnxgxambemebbogeimlxbaxbanxgxambemxebageioslmroemnxgxammmarbbxgeimcclsxlonxgxambecbclageimcclossbnxgxammcoeebmgeimlxbaxlonxgxammmrmcemgeicxbmsboenxgxammbscexbgeimlxbaxlcnxgxamaalxboageicxbmsbxcnxgxammmarbbxgeimlxbaxlenxgxambecbclageimlxbaxbonxgxammccroaogeialbserxonxgxamaboseaogeioslmrxlsnxgxammalxolxgeimlxbaxbbnxgxammcoxbbegeimlxbaxlanxgxammcxmlergeimccloscanxgxammmarbbxgeialbsereanxgxammesrlxegeimlxbaxbenxgxammscrrcogeialbserecnxgxammcocxcrgeimcclsxcanxgxammcxescmgeimcclsxlcnxgxambemebbogeirbabxabbnxgxammcoeebmgeimcclsxxonxgxammcoeebmgeimcclsxlbnxgxammcoeebmgeicmmsxaeenxgxammcoeebmgeimcclsxacnxgxammccaeeageimcclsxsbnxgxammcoeebmgeicaocmrmanxgxammcocxcrgeicaxsscmbnxgxammcocxcrgeislsaroornxgxambemxebageimbsblroanxrgxambeoaoxegxcceimlbxcrlbnogxambeoaoxegxcceimxlbmxlcnogxambecrmosgxcceimsacexoonxgxambecrmosgxcceimxeoxsacnagxambecrmosgxcceimrmbbraenxgxambecmasagxcceimrmbbrcanogxambecmasagxcceimlasxxcanxgxambecmbregxcceimlaseelenxgxambecmbregxcceimemlxmcbnxgxambecmbmagxcceimclxlloanxgxambecmbmagxcceibeersbrcnrgxambecmbmagxcceimmlamcecnxgxambecmbmagxcceimsleoaronxgxambecmbmagxcceixaoosscrnxgxambecmbmagxcceixaoossalnxgxambecmbmagxcceibeeblbcbnxgxambecmbmagxcceimlrcamabnogxambecmbmagxcceimxlbmoscnogxambecmbmagxcceimlbxcrlanogxambecmbmagxcceimxlbmosonogxambecmbmagxcceimxlbmosanogxambecmbmagxcceimmraexoenxgxambecboecgxcceimmraexsenxgxambecboecgxcceimmraexoonxgxambecboecgxcceimxxerrxenxgxambecbsemgxcceimrmbbrrcnxgxambecleolgxcceimlalarbcnxgxambereeaxgxcceialrexexbnxgxamberxblbgxcceialrexeoonxgxamberxblbgxcceimasbmxconxgxambersaecgxcceimlalacobnxgxambersmasgxcceimxlbalscnogxambersmasgxcceimlasxoconxgxambersmacgxcceiaaxcambbnxgxambercmbmgxcceicloaxxaanxgxambercbrogxcceimlclemsonxgxambercbrogxcceimllslrsanxgxambercbrogxcceibeersbronxgxamberasxxgcbeimxxrecsanxgxamberlbbcgxcceimllrabmanxgxamberlbbrgxcceimllrabmonxgxamberlbbrgxcceimllrabbcnxgxamberlbbrgxcceimmroseconsgxambeaecllgxcceicloaxxacnxgxambeaecllgxcceimlmbrsaenxgxambeaxeslgxcceircmbbroanxgxambeaxboogxcceimclsaoxbnogxambeascocgxcceimbbcemobnxgxambeascocgxcceimoobcomanxgxambeascocgxcceiccblrxrbnxgxambeascocgxcceimlbemecanxgxambeaslmrgcbeimlaxeemenxgxambeacbelgxcceimlrcamaonogxambeacbxegxcceimllslrsonsgxambealelagxcceimlslsbsanxgxambealelagxcceimllslrsenxgxambealelagxcceimxxerrecnxgxambemxebagxcceimbbcemoanogxambemxebagxcceimrxccosonxgxambemxebagxcceimxlbmxbbnxgxambemxebmgxcceimxxerreonxgxambemxebmgxcceicloaxxmenxgxambemrssogxcceimxlbalcenxgxambemmaebgxcce; c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C3377859%7C71986940%7C100644%7C%7C99%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Ca8b2c1b202f0007b1263a9cac3ef982f%7C0%7Cfs1.app%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Mar 2023 04:40:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.labadena.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%2264056ea8436b88.71043300536494041%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%2299.0199%22%7D; expires=Wed, 05 Mar 2025 04:40:09 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| img.strpst.com/thumbs/1678077481/92739437 | 104.18.63.124 | 200 OK | 38 kB |
URL HTTP/2img.strpst.com/thumbs/1678077481/92739437 IP104.18.63.124:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data Hash03a2a3104550d9040a226df47d5512e9 470a951b9aa63ddd523ad95eb1eefb821aec4f7f f7e2057c325369e1e4f6415ec140f7d1c8ba8351cefb56e92b7b0346c9f48b81
GET /thumbs/1678077481/92739437 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Mar 2023 04:40:09 GMT
content-type: image/jpeg
content-length: 38073
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=1800, s-maxage=1800, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-bgj: imgq:100,h2pri
cf-polished: origSize=39330, status=webp_bigger
etag: "fd2f6e41916dea32983925ea7d496947"
last-modified: Mon, 06 Mar 2023 04:37:43 GMT
cf-cache-status: HIT
age: 99
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a37eb41fbaab511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cloudlogobox.com/rtbfeed.php?001e67e03bf5 | 195.123.209.175 | 200 OK | 106 B |
URL HTTP/1.1cloudlogobox.com/rtbfeed.php?001e67e03bf5 IP195.123.209.175:0
File typePNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data Hash45519216be3b413c13c1bd623990d1b8 f374f2578e498a536085b57c41d3d2299fa84f5e 4742175aa9e5530bd227e6d0ca2e5d2be4aa5b46ec7ee4a7c8f81c74d7d7884c
GET /rtbfeed.php?001e67e03bf5 HTTP/1.1
Host: cloudlogobox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fs1.app
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Mar 2023 04:40:09 GMT
Content-Type: image/png
Content-Length: 106
Last-Modified: Wed, 10 Feb 2021 11:05:43 GMT
Connection: keep-alive
ETag: "6023be07-6a"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| amuse-lefty.mushroomtrack.com/hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/310150.ts | 45.35.65.138 | 200 OK | 387 kB |
URL HTTP/2amuse-lefty.mushroomtrack.com/hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/310150.ts IP45.35.65.138:0
Size387 kB (386720 bytes) Hashf8ac9377279c420f42dab51164540a7f 0ce8b690801f48b5abf01c8678340b4d7f255bc5 83a039289aee322ac2b2c46bf939bf1d85025bb803ea480aff582602c8406d36
GET /hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/310150.ts HTTP/1.1
Host: amuse-lefty.mushroomtrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fs1.app
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 06 Mar 2023 04:40:08 GMT
content-type: video/mp2t
content-length: 386720
last-modified: Sat, 04 Mar 2023 04:49:33 GMT
etag: "6402cddd-5e6a0"
expires: Tue, 07 Mar 2023 04:40:08 GMT
cache-control: max-age=86400
access-control-allow-origin: https://fs1.app
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash798f3637325523bddef4e627e66b0bb1 f3258713f39d4e7448590dee010917ed14320ec4 e5805f2922506bd022a7fe734d1022156241e88653ea5d16d5a698ac7067828b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E5805F2922506BD022A7FE734D1022156241E88653EA5D16D5A698AC7067828B"
Last-Modified: Sat, 04 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2711
Expires: Mon, 06 Mar 2023 05:25:20 GMT
Date: Mon, 06 Mar 2023 04:40:09 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash798f3637325523bddef4e627e66b0bb1 f3258713f39d4e7448590dee010917ed14320ec4 e5805f2922506bd022a7fe734d1022156241e88653ea5d16d5a698ac7067828b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E5805F2922506BD022A7FE734D1022156241E88653EA5D16D5A698AC7067828B"
Last-Modified: Sat, 04 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2711
Expires: Mon, 06 Mar 2023 05:25:20 GMT
Date: Mon, 06 Mar 2023 04:40:09 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash798f3637325523bddef4e627e66b0bb1 f3258713f39d4e7448590dee010917ed14320ec4 e5805f2922506bd022a7fe734d1022156241e88653ea5d16d5a698ac7067828b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E5805F2922506BD022A7FE734D1022156241E88653EA5D16D5A698AC7067828B"
Last-Modified: Sat, 04 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2711
Expires: Mon, 06 Mar 2023 05:25:20 GMT
Date: Mon, 06 Mar 2023 04:40:09 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash798f3637325523bddef4e627e66b0bb1 f3258713f39d4e7448590dee010917ed14320ec4 e5805f2922506bd022a7fe734d1022156241e88653ea5d16d5a698ac7067828b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E5805F2922506BD022A7FE734D1022156241E88653EA5D16D5A698AC7067828B"
Last-Modified: Sat, 04 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2711
Expires: Mon, 06 Mar 2023 05:25:20 GMT
Date: Mon, 06 Mar 2023 04:40:09 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa2b475e-4071-4174-af6a-286b69af1fa0.webp | 34.120.237.76 | 200 OK | 8.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa2b475e-4071-4174-af6a-286b69af1fa0.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash91e93599691303c0f90c1b5fdec389f9 b78cb4e2ce740446141d216285673a3811c4d8d9 21b72ba56fcb346a2777cb269494d207247b065ab53eecee3a313bae32499b9e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa2b475e-4071-4174-af6a-286b69af1fa0.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8810
x-amzn-requestid: 4764ec81-7678-4545-85ec-ebccfa567b4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BU6kVHASIAMFhEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64050ae8-1e12af4a44685d911145e790;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 21:34:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 8qunr5enL6mqqrdEdBxRAm7r8MUpwMPVWFMTrYQ2QKC2UCibO81woQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 b2d3922a177f6cecf9222a78a0a1ad32.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 21:43:24 GMT
age: 25005
etag: "b78cb4e2ce740446141d216285673a3811c4d8d9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash798f3637325523bddef4e627e66b0bb1 f3258713f39d4e7448590dee010917ed14320ec4 e5805f2922506bd022a7fe734d1022156241e88653ea5d16d5a698ac7067828b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E5805F2922506BD022A7FE734D1022156241E88653EA5D16D5A698AC7067828B"
Last-Modified: Sat, 04 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2711
Expires: Mon, 06 Mar 2023 05:25:20 GMT
Date: Mon, 06 Mar 2023 04:40:09 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg | 34.120.237.76 | 200 OK | 3.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4726917eabc29a977873ad26e264e70d 4619a0418ee08d6618ead537f31823c98f355b5a d3c6b43d46ccff30f0003a063b6c4c78d4a782262bfdeb138e6c015555ce2dcb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3381
x-amzn-requestid: 8b89e7ab-b8b3-45cd-af3a-cc419e61f1fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A-PNPFynoAMFn8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fbf8ba-616bedc230d1c2b13a09beae;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 00:26:34 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Qd5FIKUZwnnKiIzEnrA7ZcC_yWa9_iP1r7xUaCP4f6I7m_z3ChB-2A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 85ee490c179dc0af42b771f11421073e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 09:32:00 GMT
age: 68889
etag: "4619a0418ee08d6618ead537f31823c98f355b5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa169d27-d4e2-4120-996d-3e708709465a.jpeg | 34.120.237.76 | 200 OK | 9.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa169d27-d4e2-4120-996d-3e708709465a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash71c25a364e8787b187bb8678670dec28 0c31c92a548f4181a72ddd9bd0b2ee56e31b76f3 41063e64c3e5d29e2eea021ed09244fbae7cdda30c5fa31405d6e68146540c59
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa169d27-d4e2-4120-996d-3e708709465a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9916
x-amzn-requestid: e1fcb47d-2282-470d-8ec1-0f7e9cf4ab03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BU6QPG2QIAMF9Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64050a67-2f079e4a1caffe1d74498de3;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: DpGQngzzXEuBwv3lI2hSQAazBGVGchRMUSA2KsgytnYaZ0buP34Ieg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 8cb7de37a1655236518810d0aabb8656.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 21:41:22 GMT
age: 25127
etag: "0c31c92a548f4181a72ddd9bd0b2ee56e31b76f3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b5b749e-03a2-4b91-8a3a-2a2448cf1f75.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b5b749e-03a2-4b91-8a3a-2a2448cf1f75.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashbd8a05f3a50e33cdf59e034bcbfaf586 5e3c0a687d9e68f3b518250a3505eecb08196ceb 9f7933d503b4ab47de2aab79b58513299ea9d5cb5f43d9cb0d8909b68ac9f333
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b5b749e-03a2-4b91-8a3a-2a2448cf1f75.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10530
x-amzn-requestid: d7b18ce6-94a3-4c2d-b311-726236167b5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BU6QPGvPIAMF-Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64050a67-1cbdf57f5ae8d137312a8a1b;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: BYoEAVhpqCJThj9eCwBlNreO14QMXanBKJAgpzuEC00K3nZ4_hvHdw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 21:42:52 GMT
age: 25037
etag: "5e3c0a687d9e68f3b518250a3505eecb08196ceb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5642d287-8c21-49d9-9a11-2bfa6ee1a2f2.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5642d287-8c21-49d9-9a11-2bfa6ee1a2f2.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash9ab3964124c43755909f9891e162d3c7 c912f5fcb7985842877c76686c6bcd356b5977ff 34627773ad1d710b054986c725eb8e8a4c7d8fbac31e6724e83217dc06cfaaad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5642d287-8c21-49d9-9a11-2bfa6ee1a2f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10332
x-amzn-requestid: bcb59433-4093-4bb3-b6d3-69f5489d5ef9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BU6iVE07oAMF28A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64050adb-757a083b7be05f886d8d6edc;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 21:34:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 034zEZAbWUmixhooZf4KqxdabRAyWiMDzsMzTkNX29m1SZjQqiWywQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 22:07:33 GMT
age: 23556
etag: "c912f5fcb7985842877c76686c6bcd356b5977ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdccd2ce9-584e-47ab-93bf-abf8287b821e.jpeg | 34.120.237.76 | 200 OK | 8.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdccd2ce9-584e-47ab-93bf-abf8287b821e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash69536c57b14c2419255e2386dd07e825 dbae31696a00f5f6c8495de0983ff8a08e77f970 7e09f086bc5f848e3ff503a2ab61392a57a0149af47f20415e5adeb2408e02e5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdccd2ce9-584e-47ab-93bf-abf8287b821e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8161
x-amzn-requestid: c9201eea-8216-4a14-803c-b947465f327c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BU6k1GA4oAMFpkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64050aeb-4c2595df7964fd650a9de81f;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 21:34:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: QmcXVosHU7BBbvg9sgjmx-h4g8OCN024Oj-VkOUc0GdMgaF0WesCJg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 22:21:04 GMT
age: 22745
etag: "dbae31696a00f5f6c8495de0983ff8a08e77f970"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| amuse-lefty.mushroomtrack.com/hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/thumb.ts | 45.35.65.138 | 200 OK | 1.4 MB |
URL HTTP/2amuse-lefty.mushroomtrack.com/hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/thumb.ts IP45.35.65.138:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 95", baseline, precision 8, 2130x1680, components 3\012- data Size1.4 MB (1447705 bytes) Hash6046934c0372a0c359c1f1d65a7e2871 7954060f8f8c3203a562a5470c1de7673d96fb9d 71d12752987f448ebbe53bb631bf3c19f896c0c3efa2dca3560a59ad05231471
GET /hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/thumb.ts HTTP/1.1
Host: amuse-lefty.mushroomtrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 06 Mar 2023 04:40:09 GMT
content-type: video/mp2t
content-length: 1447705
last-modified: Sat, 04 Mar 2023 05:09:25 GMT
etag: "6402d285-161719"
expires: Tue, 07 Mar 2023 04:40:09 GMT
cache-control: max-age=86400, public
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash70b7bd4f159732db2d96e0d06e721a13 ea416c05c031417da1ddecb4da35dfac8bf5cbc7 9c2e5acfe6bbd5d12087e28cb3a6b88a28f9d35b67eb4bc54e3a88fb46965379
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 04:40:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| imasdk.googleapis.com/js/sdkloader/ima3.js | 216.58.207.234 | 200 OK | 122 kB |
URL HTTP/2imasdk.googleapis.com/js/sdkloader/ima3.js IP216.58.207.234:0
File typeASCII text, with very long lines (2723) Size122 kB (122289 bytes) Hash0b872df43f4302f3ba0d0ae335d73b8e 8eefb7562eae92270610d48c5c7b751a7e848438 22716e02654b6c7fbc16d54bc9790fc9c17be9d64803973d134a751dbb9ef3c5
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 122289
date: Mon, 06 Mar 2023 04:40:09 GMT
expires: Mon, 06 Mar 2023 04:40:09 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash70b7bd4f159732db2d96e0d06e721a13 ea416c05c031417da1ddecb4da35dfac8bf5cbc7 9c2e5acfe6bbd5d12087e28cb3a6b88a28f9d35b67eb4bc54e3a88fb46965379
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 04:40:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash21bc7d19b85212954bd97a826883dde6 6e26f565b84766c41d45dd9fc9d89f5206ccc9ba e34750e6e2434f3659b67c93c2106fe6205a66c38186bcf6aaa0142e48f92324
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 04:40:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js | 142.250.74.162 | 200 OK | 13 kB |
URL HTTP/2pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js IP142.250.74.162:0
File typeASCII text, with very long lines (1493) Hash0dece4b354fc41d0430994be26247a47 1063c9471665bb53cc9a4e89c4cf0f1e9f695f8d 71a1c1d814cc6c713b3513212be779f944e9b4002e1fb89ac36e438a1a04e4a0
GET /omsdk/releases/live/omweb-v1.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-length: 13109
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Mar 2023 04:03:32 GMT
expires: Mon, 06 Mar 2023 05:03:32 GMT
cache-control: public, max-age=3600
age: 2198
last-modified: Mon, 31 Oct 2022 17:24:37 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash88cbc6aea2d9cf4e31579e42cf911fd0 6d3ce6aff3dc9454118cfacdc7f422f3fed83ee7 437586bc85d574c31c56a0ab07b2d44a5299512fdd04cc3ec64abb3b184d485d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 04:40:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| adservice.google.com/adsid/integrator.js?domain=fs1.app | 142.250.74.98 | 200 OK | 100 B |
URL HTTP/2adservice.google.com/adsid/integrator.js?domain=fs1.app IP142.250.74.98:0
File typeASCII text, with no line terminators Hash917951a58be8c6c6f3680159550ba3c2 21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4 cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=fs1.app HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 06 Mar 2023 04:40:10 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash21bc7d19b85212954bd97a826883dde6 6e26f565b84766c41d45dd9fc9d89f5206ccc9ba e34750e6e2434f3659b67c93c2106fe6205a66c38186bcf6aaa0142e48f92324
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 04:40:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash88cbc6aea2d9cf4e31579e42cf911fd0 6d3ce6aff3dc9454118cfacdc7f422f3fed83ee7 437586bc85d574c31c56a0ab07b2d44a5299512fdd04cc3ec64abb3b184d485d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 04:40:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| syndication.exosrv.com/splash.php?idzone=3377419 | 95.211.229.248 | 200 OK | 2.7 kB |
URL HTTP/1.1syndication.exosrv.com/splash.php?idzone=3377419 IP95.211.229.248:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeXML 1.0 document text\012- XML document, ASCII text, with very long lines (1525) Hashf89c8580c62f912ab3f8d1294d3e7692 6ae7a57b5e99f3f0715c783bd043062944f49147 fecf2b25323271b6c45d4e1b3cb9bfe0d62667efa28117e55e708057cd32c8a9
GET /splash.php?idzone=3377419 HTTP/1.1
Host: syndication.exosrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Mar 2023 04:40:10 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2264056eaaad2322.797309154100539145%22%3B%7D; expires=Wed, 05 Mar 2025 04:40:10 GMT; path=; domain=.exosrv.com; Secure; SameSite=none
c-tag=%7B%22tag-video%22%3A%22v3%7C%7CNOR%7C3377419%7C80090514%7C0%7C%7C99%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7Cimasdk.googleapis.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Tue, 07 Mar 2023 04:40:10 GMT; path=/; domain=.exosrv.com; Secure; SameSite=none
zone-cap-3377419=1; expires=Mon, 06 Mar 2023 10:40:10 GMT; path=/; domain=.exosrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashbdd9a83a6c3b246a6445ae1980620fbe 50d8d58e9e201b9777a8e8fa72e8143c9c1b7301 e10f5315a17a64fe431df9099b6387f4b9b7cef07a21edda76ff265a6c431a99
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 04:40:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| s0.2mdn.net/instream/video/client.js | 172.217.21.166 | 200 OK | 17 kB |
URL HTTP/2s0.2mdn.net/instream/video/client.js IP172.217.21.166:0
File typeASCII text, with very long lines (2156) Hash49295de6ccd23cf80b6418a2d209868f 42a955b4560bb22cb9b5b39577f7a691ea345018 d5a29c73c6200af2ed6918a61106e649b92098ecd476830d725ed4d2ea5a8efa
GET /instream/video/client.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 16746
date: Mon, 06 Mar 2023 04:40:10 GMT
expires: Mon, 06 Mar 2023 04:40:10 GMT
cache-control: private, max-age=900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashbdd9a83a6c3b246a6445ae1980620fbe 50d8d58e9e201b9777a8e8fa72e8143c9c1b7301 e10f5315a17a64fe431df9099b6387f4b9b7cef07a21edda76ff265a6c431a99
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 04:40:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| csi.gstatic.com/csi?v=2&s=ima&puid=1~lewc2yus&c=6320374832864&slotId=3160187416432&eee=missing-element&bi=missing-id&vast_v=3.0&vmfc=1&vhc=0&icc=1&icrh=0&icri=0&icrs=0&icru=0&icdi=nsxns&lima_p_ich=0&lima_p_icu=0 | 142.250.195.99 | 204 No Content | 0 B |
URL HTTP/2csi.gstatic.com/csi?v=2&s=ima&puid=1~lewc2yus&c=6320374832864&slotId=3160187416432&eee=missing-element&bi=missing-id&vast_v=3.0&vmfc=1&vhc=0&icc=1&icrh=0&icri=0&icrs=0&icru=0&icdi=nsxns&lima_p_ich=0&lima_p_icu=0 IP142.250.195.99:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=1~lewc2yus&c=6320374832864&slotId=3160187416432&eee=missing-element&bi=missing-id&vast_v=3.0&vmfc=1&vhc=0&icc=1&icrh=0&icri=0&icrs=0&icru=0&icdi=nsxns&lima_p_ich=0&lima_p_icu=0 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: *
date: Mon, 06 Mar 2023 04:40:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| csi.gstatic.com/csi?v=2&s=ima&puid=2~lewc2zap&c=6320374832864&slotId=3160187416432&ghmsh_eids=44748969%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991 | 142.250.195.99 | 204 No Content | 0 B |
URL HTTP/2csi.gstatic.com/csi?v=2&s=ima&puid=2~lewc2zap&c=6320374832864&slotId=3160187416432&ghmsh_eids=44748969%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991 IP142.250.195.99:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=2~lewc2zap&c=6320374832864&slotId=3160187416432&ghmsh_eids=44748969%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: *
date: Mon, 06 Mar 2023 04:40:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| a.labadena.com/api/spots/220808?p=1&s1=%subid1%&kw= | 135.181.208.216 | 200 OK | 0 B |
URL HTTP/2a.labadena.com/api/spots/220808?p=1&s1=%subid1%&kw= IP135.181.208.216:0 ASN#24940 Hetzner Online GmbH
GET /api/spots/220808?p=1&s1=%subid1%&kw= HTTP/1.1
Host: a.labadena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 04:40:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: nauid=Xix7c8qbv0VybLDZFmVC; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| go.admjmp.com/thumbs/view | 104.18.51.106 | 200 OK | 0 B |
URL HTTP/2go.admjmp.com/thumbs/view IP104.18.51.106:0
POST /thumbs/view HTTP/1.1
Host: go.admjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fs1.app/
Content-Type: text/plain;charset=UTF-8
Origin: https://fs1.app
Content-Length: 81
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Mar 2023 04:40:09 GMT
content-type: application/json
access-control-allow-origin: *
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDfsBaY2bRYJiCeSF4mw3pyDiW7pxF5qduW6VKyn4; SameSite=None; Secure; path=/; expires=Tue, 07-Mar-23 03:40:09 GMT; HttpOnly
server: cloudflare
cf-ray: 7a37eb428cee0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| adserve.work/www/serve/afr.php?zoneid=4&cb=INSERT_RANDOM_NUMBER_HERE | 104.21.54.4 | 200 OK | 0 B |
URL HTTP/2adserve.work/www/serve/afr.php?zoneid=4&cb=INSERT_RANDOM_NUMBER_HERE IP104.21.54.4:0
GET /www/serve/afr.php?zoneid=4&cb=INSERT_RANDOM_NUMBER_HERE HTTP/1.1
Host: adserve.work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Mar 2023 04:40:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.11
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
set-cookie: OAID=01000111010001000101000001010010; expires=Tue, 05-Mar-2024 04:40:08 GMT; Max-Age=31536000; path=/; secure; SameSite=none
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAWOPQeFVI8%2BGzFq4pSPKiQvYL8tPfchzPTiL742JKw%2FqRqIa9BXBxdNIzozuXIY5HkU%2FT7PfvsaHZw7onbJUQjrNoLOd%2B5n3MvrcGR5pLcdTivTnAzcjYAov%2B%2Bv4MM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a37eb3baf3db506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| a.labadena.com/api/spots/262182?host=fs1.app&ev=205&wh=898&ww=1280&uuid=&kw=%E7%94%B7%E5%8F%8B%E8%A6%96%E8%A7%92%2C%E8%A7%92%E8%89%B2%E5%8A%87%E6%83%85%2C%E5%88%B6%E6%9C%8D%E8%AA%98%E6%83%91%2C%E5%B0%91%E5%A5%B3%2C%E4%B8%AD%E5%87%BA%2C3P%2C%E7%97%B4%E5%A5%B3%2C%E6%A0%A1%E6%9C%8D%2C%E6%BC%81%E7%B6%B2%2C%E6%B1%BD%E8%BB%8A%2C%E5%85%94%E5%A5%B3%E9%83%8E%2C%E7%9C%BC%E9%8F%A1%E5%A8%98%2C%E6%9E%A2%E6%9C%A8%E3%81%82%E3%81%8A%E3%81%84%2C%E5%86%86%E4%BA%95%E8%90%8C%E8%8F%AF&s1=%25subid1%25 | 135.181.208.216 | 200 OK | 0 B |
URL HTTP/2a.labadena.com/api/spots/262182?host=fs1.app&ev=205&wh=898&ww=1280&uuid=&kw=%E7%94%B7%E5%8F%8B%E8%A6%96%E8%A7%92%2C%E8%A7%92%E8%89%B2%E5%8A%87%E6%83%85%2C%E5%88%B6%E6%9C%8D%E8%AA%98%E6%83%91%2C%E5%B0%91%E5%A5%B3%2C%E4%B8%AD%E5%87%BA%2C3P%2C%E7%97%B4%E5%A5%B3%2C%E6%A0%A1%E6%9C%8D%2C%E6%BC%81%E7%B6%B2%2C%E6%B1%BD%E8%BB%8A%2C%E5%85%94%E5%A5%B3%E9%83%8E%2C%E7%9C%BC%E9%8F%A1%E5%A8%98%2C%E6%9E%A2%E6%9C%A8%E3%81%82%E3%81%8A%E3%81%84%2C%E5%86%86%E4%BA%95%E8%90%8C%E8%8F%AF&s1=%25subid1%25 IP135.181.208.216:0 ASN#24940 Hetzner Online GmbH
GET /api/spots/262182?host=fs1.app&ev=205&wh=898&ww=1280&uuid=&kw=%E7%94%B7%E5%8F%8B%E8%A6%96%E8%A7%92%2C%E8%A7%92%E8%89%B2%E5%8A%87%E6%83%85%2C%E5%88%B6%E6%9C%8D%E8%AA%98%E6%83%91%2C%E5%B0%91%E5%A5%B3%2C%E4%B8%AD%E5%87%BA%2C3P%2C%E7%97%B4%E5%A5%B3%2C%E6%A0%A1%E6%9C%8D%2C%E6%BC%81%E7%B6%B2%2C%E6%B1%BD%E8%BB%8A%2C%E5%85%94%E5%A5%B3%E9%83%8E%2C%E7%9C%BC%E9%8F%A1%E5%A8%98%2C%E6%9E%A2%E6%9C%A8%E3%81%82%E3%81%8A%E3%81%84%2C%E5%86%86%E4%BA%95%E8%90%8C%E8%8F%AF&s1=%25subid1%25 HTTP/1.1
Host: a.labadena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Cookie: nauid=Xix7c8qbv0VybLDZFmVC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 04:40:10 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| a.labadena.com/api/settings/262182 | 135.181.208.216 | 200 OK | 0 B |
URL HTTP/2a.labadena.com/api/settings/262182 IP135.181.208.216:0 ASN#24940 Hetzner Online GmbH
GET /api/settings/262182 HTTP/1.1
Host: a.labadena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fs1.app/
Origin: https://fs1.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 04:40:08 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| go.admjmp.com/config?url=https%3A%2F%2Fcreative.admjmp.com%2Fwidgets%2FSpot%2Flib.js%3Fautoplay%3Dall%26userId%3D4c25683baa7e541ee7ce0014496c85471ee87c5671f43cd3d2de65eaed1cbb98%26campaignId%3Dbottomslider%26tag%3Dgirls%252Fchinese%26showModal%3Dsignup%26hideButton%3D1%26autoclose%3D0%26closeButtonDelay%3D0 | 104.18.51.106 | 200 OK | 0 B |
URL HTTP/2go.admjmp.com/config?url=https%3A%2F%2Fcreative.admjmp.com%2Fwidgets%2FSpot%2Flib.js%3Fautoplay%3Dall%26userId%3D4c25683baa7e541ee7ce0014496c85471ee87c5671f43cd3d2de65eaed1cbb98%26campaignId%3Dbottomslider%26tag%3Dgirls%252Fchinese%26showModal%3Dsignup%26hideButton%3D1%26autoclose%3D0%26closeButtonDelay%3D0 IP104.18.51.106:0
GET /config?url=https%3A%2F%2Fcreative.admjmp.com%2Fwidgets%2FSpot%2Flib.js%3Fautoplay%3Dall%26userId%3D4c25683baa7e541ee7ce0014496c85471ee87c5671f43cd3d2de65eaed1cbb98%26campaignId%3Dbottomslider%26tag%3Dgirls%252Fchinese%26showModal%3Dsignup%26hideButton%3D1%26autoclose%3D0%26closeButtonDelay%3D0 HTTP/1.1
Host: go.admjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fs1.app/
Origin: https://fs1.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Mar 2023 04:40:08 GMT
content-type: application/json
access-control-allow-origin: *
last-modified: Mon, 06 Mar 2023 04:40:08 GMT
cf-cache-status: MISS
set-cookie: __cflb=02DiuDfsBaY2bRYJiCdcdyuoKGiEHEbzXFofktbxn2RKz; SameSite=None; Secure; path=/; expires=Tue, 07-Mar-23 03:40:08 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a37eb3a4a5d0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| a.realsrv.com/nativeads-v2.js | 185.76.9.19 | 200 OK | 0 B |
URL HTTP/2a.realsrv.com/nativeads-v2.js IP185.76.9.19:0 ASN#60068 Datacamp Limited
GET /nativeads-v2.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Mar 2023 04:40:07 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"1e16d6ff16b145ea5560344a506"
expires: Thu, 02 Mar 2023 13:44:54 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1678078222
server: CDN77-Turbo
x-77-nzt: AblMCQ154d7/yScAAA
x-77-nzt-ray: c0a4cc280368debca76e0564c2153f32
x-cache: HIT
x-age: 10185
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.plyr.io/3.5.4/plyr.svg | 104.27.194.88 | 200 OK | 0 B |
URL HTTP/2cdn.plyr.io/3.5.4/plyr.svg IP104.27.194.88:0
GET /3.5.4/plyr.svg HTTP/1.1
Host: cdn.plyr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fs1.app
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Mar 2023 04:40:08 GMT
content-type: image/svg+xml
x-amz-id-2: i5JHjcg9zSMXfLTSkg2bJuXLWkrrEYzjVmQpS3ykwaV+aKnxN44SplDMsowODlB1QZL7tCPqsuQ=
x-amz-request-id: M70EQ9E2HNGDXZS1
last-modified: Thu, 25 Apr 2019 02:13:31 GMT
etag: W/"d1f4356635795f17eaa9bd377d172997"
cache-control: max-age=31536000
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-iad-kcgs7200042-IAD, cache-yyz4545-YYZ
x-cache: HIT, HIT
x-cache-hits: 39, 291
x-timer: S1675907206.958398,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cf-cache-status: HIT
age: 2065630
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9rGfaTxwEYfCLVUd5SInfDr4vttIyv164FfY8%2BJ25%2F0WS30rVyjai2rdzcfzoA%2FkxwGwtclbHMYauNMj89OGryOrvxM7m6gbUqdesq1ILts7hiHq%2BAYggMb4uoD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a37eb3ac9490b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| a.realsrv.com/ad-provider.js | 185.76.9.19 | 200 OK | 0 B |
URL HTTP/2a.realsrv.com/ad-provider.js IP185.76.9.19:0 ASN#60068 Datacamp Limited
GET /ad-provider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.labadena.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2264056ea8436b88.71043300536494041%22%3B%7D; impressions=cxbmsbocnxgxambemxebageimlxbaxbcnxgxammsoscaageicxbmsbcenxgxammcbembcgeioslmrxbmnxgxammlsorobgeimcclsoeonxgxamaosaeosgeioslmrxbrnxgxambemebbogeimlxbaxbanxgxambemxebageioslmroemnxgxammmarbbxgeimcclsxlonxgxambecbclageimcclossbnxgxammcoeebmgeimlxbaxlonxgxammmrmcemgeicxbmsboenxgxammbscexbgeimlxbaxlcnxgxamaalxboageicxbmsbxcnxgxammmarbbxgeimlxbaxlenxgxambecbclageimlxbaxbonxgxammccroaogeialbserxonxgxamaboseaogeioslmrxlsnxgxammalxolxgeimlxbaxbbnxgxammcoxbbegeimlxbaxlanxgxammcxmlergeimccloscanxgxammmarbbxgeialbsereanxgxammesrlxegeimlxbaxbenxgxammscrrcogeialbserecnxgxammcocxcrgeimcclsxcanxgxammcxescmgeimcclsxlcnxgxambemebbogeirbabxabbnxgxammcoeebmgeimcclsxxonxgxammcoeebmgeimcclsxlbnxgxammcoeebmgeicmmsxaeenxgxammcoeebmgeimcclsxacnxgxammccaeeageimcclsxsbnxgxammcoeebmgeicaocmrmanxgxammcocxcrgeicaxsscmbnxgxammcocxcrgeislsaroornxgxambemxebageimbsblroanxrgxambeoaoxegxcceimlbxcrlbnogxambeoaoxegxcceimxlbmxlcnogxambecrmosgxcceimsacexoonxgxambecrmosgxcceimxeoxsacnagxambecrmosgxcceimrmbbraenxgxambecmasagxcceimrmbbrcanogxambecmasagxcceimlasxxcanxgxambecmbregxcceimlaseelenxgxambecmbregxcceimemlxmcbnxgxambecmbmagxcceimclxlloanxgxambecmbmagxcceibeersbrcnrgxambecmbmagxcceimmlamcecnxgxambecmbmagxcceimsleoaronxgxambecmbmagxcceixaoosscrnxgxambecmbmagxcceixaoossalnxgxambecmbmagxcceibeeblbcbnxgxambecmbmagxcceimlrcamabnogxambecmbmagxcceimxlbmoscnogxambecmbmagxcceimlbxcrlanogxambecmbmagxcceimxlbmosonogxambecmbmagxcceimxlbmosanogxambecmbmagxcceimmraexoenxgxambecboecgxcceimmraexsenxgxambecboecgxcceimmraexoonxgxambecboecgxcceimxxerrxenxgxambecbsemgxcceimrmbbrrcnxgxambecleolgxcceimlalarbcnxgxambereeaxgxcceialrexexbnxgxamberxblbgxcceialrexeoonxgxamberxblbgxcceimasbmxconxgxambersaecgxcceimlalacobnxgxambersmasgxcceimxlbalscnogxambersmasgxcceimlasxoconxgxambersmacgxcceiaaxcambbnxgxambercmbmgxcceicloaxxaanxgxambercbrogxcceimlclemsonxgxambercbrogxcceimllslrsanxgxambercbrogxcceibeersbronxgxamberasxxgcbeimxxrecsanxgxamberlbbcgxcceimllrabmanxgxamberlbbrgxcceimllrabmonxgxamberlbbrgxcceimllrabbcnxgxamberlbbrgxcceimmroseconsgxambeaecllgxcceicloaxxacnxgxambeaecllgxcceimlmbrsaenxgxambeaxeslgxcceircmbbroanxgxambeaxboogxcceimclsaoxbnogxambeascocgxcceimbbcemobnxgxambeascocgxcceimoobcomanxgxambeascocgxcceiccblrxrbnxgxambeascocgxcceimlbemecanxgxambeaslmrgcbeimlaxeemenxgxambeacbelgxcceimlrcamaonogxambeacbxegxcceimllslrsonsgxambealelagxcceimlslsbsanxgxambealelagxcceimllslrsenxgxambealelagxcceimxxerrecnxgxambemxebagxcceimbbcemoanogxambemxebagxcceimrxccosonxgxambemxebagxcceimxlbmxbbnxgxambemxebmgxcceimxxerreonxgxambemxebmgxcceicloaxxmenxgxambemrssogxcceimxlbalcenxgxambemmaebgxcce; c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C3377859%7C71986940%7C100644%7C%7C99%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Ca8b2c1b202f0007b1263a9cac3ef982f%7C0%7Cfs1.app%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Mar 2023 04:40:08 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"b370a6087166092931ea2d574b0"
expires: Thu, 02 Mar 2023 13:44:55 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1678078222
server: CDN77-Turbo
x-77-nzt: AblMCQ2QyJb/yicAAA
x-77-nzt-ray: c0a4cc280368debca86e05647e6dd417
x-cache: HIT
x-age: 10186
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| amuse-lefty.mushroomtrack.com/hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/31015.m3u8 | 45.35.65.138 | 200 OK | 0 B |
URL HTTP/2amuse-lefty.mushroomtrack.com/hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/31015.m3u8 IP45.35.65.138:0
GET /hls/azT7bjV4IlYlw6H4c878GA/1678088283/31000/31015/31015.m3u8 HTTP/1.1
Host: amuse-lefty.mushroomtrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fs1.app
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Mon, 06 Mar 2023 04:40:08 GMT
content-type: application/vnd.apple.mpegurl
last-modified: Sat, 04 Mar 2023 04:49:33 GMT
vary: Accept-Encoding
etag: W/"6402cddd-f0f8"
expires: Tue, 07 Mar 2023 04:40:08 GMT
cache-control: max-age=86400
access-control-allow-origin: https://fs1.app
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fs1.app/videos/cawd-529/ | 104.21.69.131 | 200 OK | 0 B |
IP104.21.69.131:0
GET /videos/cawd-529/ HTTP/1.1
Host: fs1.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 06 Mar 2023 04:40:07 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=34o4pdr0fdufuqlmv821meqr4u; path=/; domain=.fs1.app
kt_ips=91.90.42.154; expires=Tue, 07-Mar-2023 04:40:07 GMT; Max-Age=86400; path=/; domain=.fs1.app
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pV660uAXfpeExVBba6l1ojsP0vUYuTx2IOr1K69ebkyFyohgKDAUaSVauUGVhqYkZUj4160eCKXLtX7cW9AnQeg2l6e6nDFTZErkMJKIcaj28fos9F4m5Whf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a37eb34ea6dfabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.tapioni.com/asg_embed.js | 143.204.55.80 | 200 OK | 0 B |
URL HTTP/2cdn.tapioni.com/asg_embed.js IP143.204.55.80:0
GET /asg_embed.js HTTP/1.1
Host: cdn.tapioni.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Mon, 13 Feb 2023 14:35:56 GMT
last-modified: Mon, 13 Feb 2023 14:35:24 GMT
etag: W/"63ea4aac-2af61"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: g11eCvl_smr6XR1c6s19Hk5C_CmHfh6mMie1NkQyKz66HHuLFyBz2A==
age: 1778651
X-Firefox-Spdy: h2
|
|