POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
 23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2244
Expires: Mon, 27 Mar 2023 17:28:59 GMT
Date: Mon, 27 Mar 2023 16:51:35 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13029
Expires: Mon, 27 Mar 2023 20:28:44 GMT
Date: Mon, 27 Mar 2023 16:51:35 GMT
Connection: keep-alive
|
GET /videos/ipx-890/ HTTP/1.1
Host: fs1.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
|
 104.21.69.131
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Date: Mon, 27 Mar 2023 16:51:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://fs1.app/videos/ipx-890/
Strict-Transport-Security: max-age=15768000
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=664OLQMLTBZxCG1wdO69y6wWA25EuYdk7kXaeDVPaCX2O0iXVM4DGkC6wRhuwkPXpE9PC1peC%2BQg9v0bbrBUK6mPXajKBBLZbIst4xNPZp9zaO5V0eZ9P8Li"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ae9239368ddb500-OSL
alt-svc: h2=":443"; ma=60
|
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
 35.241.9.150
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 27 Mar 2023 16:27:58 GMT
age: 1417
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "704FA284035B4C9AA487331B516F5F11C324E204756AE2503BAD2606ED34F25E"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7621
Expires: Mon, 27 Mar 2023 18:58:36 GMT
Date: Mon, 27 Mar 2023 16:51:35 GMT
Connection: keep-alive
|
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
x-amz-id-2: B61bWQe+eMQJUDUxLxzaAmLQPHxApup2Uh9hNxHA5xpefkoKTHDal+IAXr8FX9kgj7Nyun+fVfA=
x-amz-request-id: F5K5GWVRR84709W2
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 27 Mar 2023 16:01:42 GMT
age: 2993
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
34.117.237.239
HTTP/2 200 OK
content-type: application/json
server: nginx
date: Mon, 27 Mar 2023 16:51:35 GMT
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
35.241.9.150
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 27 Mar 2023 16:17:24 GMT
age: 2052
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "E76DE476654125A06994065D66E30C6FB6C354D0F67FD4E31A3F78679E2BFDCB"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3750
Expires: Mon, 27 Mar 2023 17:54:06 GMT
Date: Mon, 27 Mar 2023 16:51:36 GMT
Connection: keep-alive
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 16:51:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /asg_embed.js HTTP/1.1
Host: cdn.tapioni.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
104.22.39.71
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 27 Mar 2023 16:51:36 GMT
content-length: 53388
last-modified: Fri, 10 Mar 2023 13:42:03 GMT
vary: Accept-Encoding
etag: "640b33ab-d08c"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
server: cloudflare
cf-ray: 7ae923990d362e13-ARN
X-Firefox-Spdy: h2
|
GET /gtag/js?id=G-1DTX7D4FHE HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
142.250.74.40
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 27 Mar 2023 16:51:36 GMT
expires: Mon, 27 Mar 2023 16:51:36 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78215
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 16:51:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /adsbygoogle.js HTTP/1.1
Host: video.ktkjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fs1.app/
Origin: https://fs1.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
104.18.62.235
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 27 Mar 2023 16:51:36 GMT
content-length: 16
x-amz-id-2: QUXnNy2w3SVgBBJ04JxjSn5YsvWZNpcO0WhRwsvO5enR4jmqtkkomAFVsVTSR4oLeLnl07S5f78=
x-amz-request-id: ZTWEE1QFDM4B3Q44
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://fs1.app
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
expires: Mon, 27 Mar 2023 20:51:36 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cflb=02DiuDfsBaY2bRYJiCdcpw6HAsAnTtdy8JNhFfjV1ihqW; SameSite=None; Secure; path=/; expires=Tue, 28-Mar-23 15:51:36 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ae9239a69160b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +6iRyS/R+8Ky8HzZ3Cy5qA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
|
54.68.216.212
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IA/27F8yZF3Hm5VGVU0ihiKf0Ng=
|
GET /assets/images/placeholder-md.jpg HTTP/1.1
Host: assets-cdn.jable.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
 15.235.9.226
HTTP/2 200 OK
content-type: image/jpeg
server: openresty
date: Mon, 27 Mar 2023 16:51:36 GMT
content-length: 14601
last-modified: Sun, 31 Mar 2019 10:13:04 GMT
etag: "5ca092b0-3909"
strict-transport-security: max-age=15768000
expires: Wed, 26 Apr 2023 16:51:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
--- Additional Info ---
Magic: JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5.1 Windows, datetime=2019:03:31 18:12:59], progressive, precision 8, 336x188, components 3\012- data
Size: 14601
Md5: ac9ea1a555198470671238d214b2e489
Sha1: 4a22f147e57e2781e0b302ac2c156d1999793cdb
Sha256: 58be1d54819c76bc997fee25de298613a1565c7f6c8ef01629511315422b7468
|
GET /hls/iR-HsDpRLM5Nke78Dsbg5Q/1679946686/25000/25223/25223.m3u8 HTTP/1.1
Host: yes-keep.mushroomtrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fs1.app
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
 65.109.37.218
HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
server: openresty
date: Mon, 27 Mar 2023 16:51:36 GMT
content-length: 54682
last-modified: Sun, 03 Jul 2022 16:58:36 GMT
etag: "62c1cabc-d59a"
expires: Tue, 28 Mar 2023 16:51:36 GMT
cache-control: max-age=86400
access-control-allow-origin: https://fs1.app
accept-ranges: bytes
X-Firefox-Spdy: h2
|
GET /hls/iR-HsDpRLM5Nke78Dsbg5Q/1679946686/25000/25223/thumbvtt.ts HTTP/1.1
Host: yes-keep.mushroomtrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fs1.app
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
65.109.37.218
HTTP/2 200 OK
content-type: video/mp2t
server: openresty
date: Mon, 27 Mar 2023 16:51:36 GMT
content-length: 7374
last-modified: Sun, 03 Jul 2022 16:58:58 GMT
etag: "62c1cad2-1cce"
expires: Tue, 28 Mar 2023 16:51:36 GMT
cache-control: max-age=86400
access-control-allow-origin: https://fs1.app
accept-ranges: bytes
X-Firefox-Spdy: h2
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 16:51:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 16:51:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fs1.app
Connection: keep-alive
Referer: https://assets.fs1.app/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:44 GMT
expires: Sat, 23 Mar 2024 10:26:44 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
age: 282292
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
GET /api/settings/262182 HTTP/1.1
Host: a.labadena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fs1.app/
Origin: https://fs1.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
 135.181.208.216
HTTP/2 200 OK
content-type: application/json
server: nginx
date: Mon, 27 Mar 2023 16:51:36 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
GET /splash.php?native-settings=1&idzone=3377859&cookieconsent=true&&p=https%3A%2F%2Ffs1.app%2Fvideos%2Fipx-890%2F HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fs1.app
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
 95.211.229.247
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: nginx
Date: Mon, 27 Mar 2023 16:51:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://fs1.app
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226421c998d9bb96.44123821935998914%22%3B%7D; expires=Wed, 26 Mar 2025 16:51:36 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C3377859%7C71986934%7C100644%7C%7C99%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C153e21e853896583287fdbec25a0f198%7C0%7Cfs1.app%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Tue, 28 Mar 2023 16:51:36 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 16:51:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /hls/iR-HsDpRLM5Nke78Dsbg5Q/1679946686/25000/25223/c2dcd34b6b6ba766.ts HTTP/1.1
Host: yes-keep.mushroomtrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fs1.app
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
65.109.37.218
HTTP/2 200 OK
content-type: video/mp2t
server: openresty
date: Mon, 27 Mar 2023 16:51:36 GMT
content-length: 16
last-modified: Sun, 03 Jul 2022 16:58:58 GMT
etag: "62c1cad2-10"
expires: Tue, 28 Mar 2023 16:51:36 GMT
cache-control: max-age=86400
access-control-allow-origin: https://fs1.app
accept-ranges: bytes
X-Firefox-Spdy: h2
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 16:51:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /3.5.4/plyr.svg HTTP/1.1
Host: cdn.plyr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fs1.app
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
104.27.195.88
HTTP/2 200 OK
content-type: image/svg+xml
date: Mon, 27 Mar 2023 16:51:36 GMT
x-amz-id-2: qUKWroGHdboZQophBPCLCPc7/bOhQIREG1U3ePu1g6HAfSL6YnyjWWTRHPZiEsClVxRXBgtBYQo=
x-amz-request-id: NKKM3JSZ5CW7GG61
last-modified: Thu, 25 Apr 2019 02:13:31 GMT
etag: W/"d1f4356635795f17eaa9bd377d172997"
cache-control: max-age=31536000
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-iad-kjyo7100172-IAD, cache-jnb7024-JNB
x-cache: HIT, HIT
x-cache-hits: 1, 5222
x-timer: S1668936166.136618,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cf-cache-status: HIT
age: 19573
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2BZM4QbBCf35DVcNehaxpOVYWH%2FnAoK55mWS86WxSyFTw88QMcnnp7oDKQDFtNrGHk%2FU2ONLVAvFgMQ6tvg87XJmYdhpT5E7t43iVAKTQBMcyK6%2F5ZkSnIbjUwp5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ae9239b2b0ffab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
GET /hls/iR-HsDpRLM5Nke78Dsbg5Q/1679946686/25000/25223/252230.ts HTTP/1.1
Host: yes-keep.mushroomtrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fs1.app
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
65.109.37.218
HTTP/2 200 OK
content-type: video/mp2t
server: openresty
date: Mon, 27 Mar 2023 16:51:37 GMT
content-length: 651616
last-modified: Sun, 03 Jul 2022 16:58:36 GMT
etag: "62c1cabc-9f160"
expires: Tue, 28 Mar 2023 16:51:37 GMT
cache-control: max-age=86400
access-control-allow-origin: https://fs1.app
accept-ranges: bytes
X-Firefox-Spdy: h2
|
GET /api/click/9984384981100971095?c=90 HTTP/1.1
Host: a.labadena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.labadena.com/api/spots/220808?p=1&s1=%subid1%&kw=
Cookie: nauid=E5lHMhcuKS1Tc9XOV0uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
135.181.208.216
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 16:51:37 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private
X-Firefox-Spdy: h2
|
GET /creative/20230309_Jable_(300x250)_C_TC_gif.gif HTTP/1.1
Host: cdn.ggsfq.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adserve.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
104.21.57.133
HTTP/2 200 OK
content-type: image/gif
date: Mon, 27 Mar 2023 16:51:37 GMT
content-length: 496423
etag: "ef74fa69ede512b64df8765f61f7baa6"
last-modified: Thu, 09 Mar 2023 03:02:45 GMT
x-amz-id-2: wZ6GeqXD8bgaQ2TFUf4GBJM1kG4DT//smDyHi9eHonebSoSavWBtINj8mGjWlmmb++tVdSOAlzaa
x-amz-request-id: 39F6DC50510AC725
cache-control: max-age=14400
cf-cache-status: HIT
age: 1812
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6YKOxqNj6ck66KT%2Btop6IOA9U8vnIIF4irlrpshjONln1lNz0OT8WswYP5WcEt5trqzyb2fMzPrb2XPfgUEhT9O%2FB3DerX2InLyyG5ymx6Jw2%2BZ%2BewIL3%2BDGP44QEhq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ae9239d7afa0b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 323
Origin: https://a.labadena.com
Connection: keep-alive
Referer: https://a.labadena.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226421c998d9bb96.44123821935998914%22%3B%7D; c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C3377859%7C71986934%7C100644%7C%7C99%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C153e21e853896583287fdbec25a0f198%7C0%7Cfs1.app%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
95.211.229.247
HTTP/1.1 200 OK
Content-Type: application/json
Server: nginx
Date: Mon, 27 Mar 2023 16:51:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.labadena.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
GET /ad-provider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.labadena.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226421c998d9bb96.44123821935998914%22%3B%7D; c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C3377859%7C71986934%7C100644%7C%7C99%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C153e21e853896583287fdbec25a0f198%7C0%7Cfs1.app%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
 185.76.9.26
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 27 Mar 2023 16:51:37 GMT
vary: Accept-Encoding
etag: W/"4a7886b0595c8711a5aae6eac4a"
expires: Mon, 27 Mar 2023 18:30:47 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: AblMCRTm9dD/gRIAAA
x-77-nzt-ray: af585630ad97895099c92164f3ac4207
x-accel-expires: @1679941960
x-cache: HIT
x-age: 4737
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5053
Expires: Mon, 27 Mar 2023 18:15:50 GMT
Date: Mon, 27 Mar 2023 16:51:37 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5053
Expires: Mon, 27 Mar 2023 18:15:50 GMT
Date: Mon, 27 Mar 2023 16:51:37 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5053
Expires: Mon, 27 Mar 2023 18:15:50 GMT
Date: Mon, 27 Mar 2023 16:51:37 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5053
Expires: Mon, 27 Mar 2023 18:15:50 GMT
Date: Mon, 27 Mar 2023 16:51:37 GMT
Connection: keep-alive
|
GET /assets/images/252/427-240-3.gif HTTP/1.1
Host: assets-cdn.jable.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
15.235.9.226
HTTP/2 200 OK
content-type: image/gif
server: openresty
date: Mon, 27 Mar 2023 16:51:37 GMT
content-length: 495284
last-modified: Thu, 23 Jul 2020 07:47:53 GMT
etag: "5f1940a9-78eb4"
strict-transport-security: max-age=15768000
expires: Wed, 26 Apr 2023 16:51:37 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
GET /www/serve/afr.php?zoneid=4&cb=INSERT_RANDOM_NUMBER_HERE HTTP/1.1
Host: adserve.work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
|
 188.114.96.1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Mon, 27 Mar 2023 16:51:37 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.11
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
set-cookie: OAID=01000111010001000101000001010010; expires=Tue, 26-Mar-2024 16:51:36 GMT; Max-Age=31536000; path=/; secure; SameSite=none
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTrhiqI1S8f579UXSHHHPGViDqf%2BiNSx83Q67L4buV0J8ZLmAuTs4Ko4IZU3nRojuOE9lqtr2VoYEryZdea8hIlO7wD1u8ns2TNu%2FqsDmN9Y2CN2Y1QSoaIpsWJiY1E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ae9239b6e031c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb0254d-5c75-4e14-a0c6-04283194ce5b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 10591
x-amzn-requestid: a55b3a74-b9f1-424b-8d53-3f49db443698
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CaIOwFW-oAMFgUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6420ba5e-6c3e550d1a899e80394262e6;Sampled=0
x-amzn-remapped-date: Sun, 26 Mar 2023 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: SwHfiMdDkV5eSPbXEVlcIs_k1icXGn7aaScjTgDLyG0Uo_o-K0jIqg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Mar 2023 21:57:30 GMT
age: 68047
etag: "242108539ff8694a3c557d07b2b000e764a77f24"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d7ce900-ce9b-481b-9205-9748eeded2e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 10405
x-amzn-requestid: 0b8dad7a-2ec1-4eed-9a2c-06079ed46662
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CRi69E9xoAMFiJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641d4b79-2f606ac041c5db24583c8d51;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 07:04:25 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: qbbEi0tXZLKo6qjrbJMtTHdhWziYrLrgzY1hzt_LrQJoeDDBbJnZBA==
via: 1.1 4b800f7fa2c3fbb9f4f3c505b0df315e.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 07:49:08 GMT
age: 32549
etag: "c5900fe2396e0ca371c4847af4e96149850c3577"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F217b24c4-6cf4-4be4-bdbf-764890bd9672.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 4775
x-amzn-requestid: 28d0e56d-ed03-4686-bd49-34f193f1c65a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CK96KF9coAMFvMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641aa9da-122cd32a6f23e8442a52464c;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 07:10:18 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: F03oSAwgUrcVqWUUt9uaapaCtWSDLrmDlz142D4DtYYctMpy5nA3qA==
via: 1.1 4e4278a2778e72cc34feef6db603088c.cloudfront.net (CloudFront), 1.1 d16c3f15bd14953a9d4109eaaa991de2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 16:05:44 GMT
age: 2753
etag: "557cc4827414912c41319ad961c14cce71ed4a18"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 3589
x-amzn-requestid: 9c09af43-79e8-4734-b28b-4194e0bb1e4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1uyE2joAMF50g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6991-7607d33f6301182b591c56e8;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:21 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: pjRA439kqSg5daR_Zuvsf2l45R4oqv3AMWNiMCGQ_C5o2KA8kEd3TQ==
via: 1.1 46673955829b59a6da0ab071e0b7fbea.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Mar 2023 21:53:16 GMT
age: 68301
etag: "bf61369962342cce85de8f48942b4b150fd2721e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 5556
x-amzn-requestid: 6b050645-14aa-47f7-b4a5-2e27abbe5115
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM69eHE3IAMF0Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b71ef-6ab2948e2bf2578f29798372;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:23:59 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: ZQcPeutl5BzzzysPzWEzrEY8WU-0F-0twvGPT7RAX-UjNOCk3NtmMQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 06:29:05 GMT
age: 37352
etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
POST /g/collect?v=2&tid=G-1DTX7D4FHE>m=45je33m0&_p=75063134&cid=1541930052.1679935916&ul=en-us&sr=1280x1024&_s=1&sid=1679935915&sct=1&seg=0&dl=https%3A%2F%2Ffs1.app%2Fvideos%2Fipx-890%2F&dt=IPX-890%20%E8%88%87%E8%B6%85%E7%B4%9A%E5%8E%AD%E6%83%A1%E7%9A%84%E4%B8%8A%E5%8F%B8%E5%9C%A8%E5%87%BA%E5%B7%AE%E5%9C%B0%E9%BB%9E%E7%9A%84%E6%BA%AB%E6%B3%89%E6%97%85%E9%A4%A8%E6%84%8F%E5%A4%96%E7%9A%84%E5%90%8C%E6%88%BF%E9%96%93%E2%80%A6%20%E8%A2%AB%E9%86%9C%E9%99%8B%E7%9A%84%E5%A4%A7%E5%8F%94%E5%B9%B9%E5%88%B0%E6%95%B8%E5%BA%A6%E9%AB%98%E6%BD%AE%E7%9A%84%E6%88%91%E3%80%82%20%E7%A8%BB%E6%A3%AE%E7%BE%8E%E6%86%82%20-%20Jable.TV%20%7C%20%E5%85%8D%E8%B2%BB%E9%AB%98%E6%B8%85AV%E5%9C%A8%E7%B7%9A%E7%9C%8B%20%7C%20J%E7%89%87%20AV%E7%9C%8B%E5%88%B0%E9%A3%BD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fs1.app
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
|
216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
access-control-allow-origin: https://fs1.app
date: Mon, 27 Mar 2023 16:51:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
GET /rtbfeed.php?001e67e03bf5 HTTP/1.1
Host: cloudlogobox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fs1.app
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
 195.123.209.175
HTTP/1.1 200 OK
Content-Type: image/png
Server: nginx
Date: Mon, 27 Mar 2023 16:51:38 GMT
Content-Length: 106
Last-Modified: Wed, 10 Feb 2021 11:05:43 GMT
Connection: keep-alive
ETag: "6023be07-6a"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
GET /hls/iR-HsDpRLM5Nke78Dsbg5Q/1679946686/25000/25223/thumb.ts HTTP/1.1
Host: yes-keep.mushroomtrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
65.109.37.218
HTTP/2 200 OK
content-type: video/mp2t
server: openresty
date: Mon, 27 Mar 2023 16:51:38 GMT
content-length: 1096640
last-modified: Sun, 03 Jul 2022 16:58:58 GMT
etag: "62c1cad2-10bbc0"
expires: Tue, 28 Mar 2023 16:51:38 GMT
cache-control: max-age=86400, public
accept-ranges: bytes
X-Firefox-Spdy: h2
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 16:51:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /library/676799/5bf61c22cf650dc4383111ca76fd6b6636afb8e0.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
185.76.9.22
HTTP/2 200 OK
content-type: image/webp
date: Mon, 27 Mar 2023 16:51:38 GMT
content-length: 9310
last-modified: Thu, 04 Nov 2021 10:09:14 GMT
etag: "6183b14a-245e"
expires: Fri, 30 Jun 2023 11:13:09 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCRR3K6L/bixjAQ
x-77-nzt-ray: af585630e98d086b9ac9216433ac1311
x-accel-expires: @1688195244
x-cache: HIT
x-age: 23276654
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
142.250.74.10
HTTP/2 200 OK
content-type: text/javascript
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 123080
date: Mon, 27 Mar 2023 16:51:38 GMT
expires: Mon, 27 Mar 2023 16:51:38 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
GET /cimp.php?t=api&data=H4sIAAAAAAAAA0VPu24EIQz8lfzAIo8fgK9OnUiJ8gEsu1tEl0txTU7yx4elSBiBx2DsGSaWhWTh8gS+GC5SwpGcknKCaby8voUi2vW6tcdn6t9fkUsu7pFRBYhSq5KEFClm47OHEZdcaxR4zS4aSiFBA2yierJEBEaMoo/357kxwBTjPCeeVAenH4qsjO5eN19Xz0kVLJXhYuPSodE7cXOgrXQ4U+V2qCPzboeNzM4+0dK1rW3bb216oDDOQgGifEpKYJsSps4TAhVWjgV/icZYFPO53R+3HvFfXmew2YEDOkxj+IDkvXLeet+07ig179Z1EFf1Y/8FG0YsjIABAAA= HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.labadena.com
Connection: keep-alive
Referer: https://a.labadena.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226421c998d9bb96.44123821935998914%22%3B%7D; c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C3377859%7C71986934%7C100644%7C%7C99%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C153e21e853896583287fdbec25a0f198%7C0%7Cfs1.app%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
95.211.229.247
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: nginx
Date: Mon, 27 Mar 2023 16:51:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.labadena.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%226421c998d9bb96.44123821935998914%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%2299.0199%22%7D; expires=Wed, 26 Mar 2025 16:51:38 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 16:51:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /library/676799/542218e69ec0de7608666679f760c4302973e50c.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.labadena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
185.76.9.22
HTTP/2 200 OK
content-type: image/jpeg
date: Mon, 27 Mar 2023 16:51:38 GMT
content-length: 28679
last-modified: Tue, 13 Apr 2021 14:37:08 GMT
etag: "6075ac94-7007"
expires: Fri, 30 Jun 2023 11:14:30 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCRTuDNz/cyxjAQ
x-77-nzt-ray: af585630e98d086b9ac921645cc29516
x-accel-expires: @1688195239
x-cache: HIT
x-age: 23276659
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
--- Additional Info ---
Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Size: 28679
Md5: abeaf95466a0bddeebe0eff9737a683f
Sha1: 542218e69ec0de7608666679f760c4302973e50c
Sha256: 5ee010e1b04115549238ee5d245b05e73d745ad85ee3b6cdb404d2be1da75d72
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 16:51:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 16:51:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 16:51:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /omsdk/releases/live/omweb-v1.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
142.250.74.162
HTTP/2 200 OK
content-type: text/javascript
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-length: 13208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Mar 2023 16:03:32 GMT
expires: Mon, 27 Mar 2023 17:03:32 GMT
cache-control: public, max-age=3600
age: 2886
last-modified: Tue, 14 Mar 2023 20:29:12 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
GET /adsid/integrator.js?domain=fs1.app HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
142.250.74.34
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 27 Mar 2023 16:51:38 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
GET /instream/video/client.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
142.250.74.70
HTTP/2 200 OK
content-type: text/javascript
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 16746
date: Mon, 27 Mar 2023 16:51:38 GMT
expires: Mon, 27 Mar 2023 16:51:38 GMT
cache-control: private, max-age=900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 16:51:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 16:51:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 16:51:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /thumbs/1679935800/92494096 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
104.18.63.132
HTTP/2 200 OK
content-type: image/jpeg
date: Mon, 27 Mar 2023 16:51:38 GMT
content-length: 40565
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=1800, s-maxage=1800, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-bgj: imgq:100,h2pri
cf-polished: origSize=42049, status=webp_bigger
etag: "49aa58e57492738df871feae10a0e528"
last-modified: Mon, 27 Mar 2023 16:49:42 GMT
cf-cache-status: HIT
age: 89
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ae923a75988b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
GET /splash.php?idzone=3377419 HTTP/1.1
Host: syndication.exosrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
95.211.229.247
HTTP/1.1 200 OK
Content-Type: text/xml;charset=UTF-8
Server: nginx
Date: Mon, 27 Mar 2023 16:51:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226421c99ac087c4.16826395305238098%22%3B%7D; expires=Wed, 26 Mar 2025 16:51:38 GMT; path=; domain=.exosrv.com; Secure; SameSite=none
c-tag=%7B%22tag-video%22%3A%22v3%7C%7CNOR%7C3377419%7C49055702%7C0%7C%7C99%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7Cimasdk.googleapis.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Tue, 28 Mar 2023 16:51:38 GMT; path=/; domain=.exosrv.com; Secure; SameSite=none
zone-cap-3377419=1; expires=Mon, 27 Mar 2023 22:51:38 GMT; path=/; domain=.exosrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
POST /csi?v=2&s=ima&puid=1~lfr2gxkb&c=2112942169681&slotId=1056471084840.5&eee=missing-element&bi=missing-id&vast_v=3.0&vmfc=1&vhc=0&icc=1&icrh=0&icri=0&icrs=0&icru=0&icdi=nsxns&lima_p_ich=0&lima_p_icu=0 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
|
142.250.186.163
HTTP/2 204 No Content
content-type: image/gif
access-control-allow-origin: *
date: Mon, 27 Mar 2023 16:51:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd81c2ee0-b0d8-4d53-8a73-a453a7669c92.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 6623
x-amzn-requestid: 5b246408-bf9c-488d-aee6-7d387115863e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: COQn4EHJoAMFl3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641bfafe-686e97b34f7c33862db51515;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 07:08:47 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Dc5ZpKbzuxe6YqNOtsNpeKShE02r5kg-YX_3gPgeEIgRADZRBL6b4w==
via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 16:37:44 GMT
age: 840
etag: "52c517a45e53a4ca5b5783d0364ac0e2606d6970"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /nativeads-v2.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
185.76.9.26
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 27 Mar 2023 16:51:36 GMT
vary: Accept-Encoding
etag: W/"1e16d6ff16b145ea5560344a506"
expires: Mon, 27 Mar 2023 18:30:49 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: AblMCRQoUof/gBIAAA
x-77-nzt-ray: af585630ad97895098c92164e4fab31f
x-accel-expires: @1679941960
x-cache: HIT
x-age: 4736
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
--- Additional Info ---
Magic:
Size: 0
Md5:
Sha1:
Sha256:
|
GET /widgets/Spot/lib.js HTTP/1.1
Host: creative.admjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
104.18.59.150
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 27 Mar 2023 16:51:36 GMT
last-modified: Mon, 27 Mar 2023 08:48:45 GMT
etag: W/"6421586d-44432"
expires: Mon, 27 Mar 2023 16:51:44 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
set-cookie: __cflb=0H28uukSkGJRy5UBr1u9iAwwBfboBLDGgT7BXwAurmz; SameSite=None; Secure; path=/; expires=Tue, 28-Mar-23 15:51:36 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ae92398f81eb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
--- Additional Info ---
Magic:
Size: 0
Md5:
Sha1:
Sha256:
|
GET /api/spots/262182?host=fs1.app&ev=205&wh=939&ww=1280&uuid=&kw=%E4%B8%AD%E6%96%87%E5%AD%97%E5%B9%95%2C%E5%88%B6%E6%9C%8D%E8%AA%98%E6%83%91%2C%E7%B5%B2%E8%A5%AA%E7%BE%8E%E8%85%BF%2C%E8%A7%92%E8%89%B2%E5%8A%87%E6%83%85%2C%E5%B0%91%E5%A5%B3%2C%E5%B7%A8%E4%B9%B3%2C%E9%A1%8F%E5%B0%84%2C%E7%B5%B2%E8%A5%AA%2C%E9%BB%91%E7%B5%B2%2C%E5%87%8C%E8%BE%B1%2COL%2C%E5%92%8C%E6%9C%8D%2C%E5%AA%9A%E8%97%A5%2C%E7%BE%8E%E8%85%BF%2C%E7%A8%B2%E6%A3%AE%E7%BE%8E%E6%86%82&s1=%25subid1%25 HTTP/1.1
Host: a.labadena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Cookie: nauid=E5lHMhcuKS1Tc9XOV0uc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
135.181.208.216
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
server: nginx
date: Mon, 27 Mar 2023 16:51:38 GMT
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
--- Additional Info ---
Magic:
Size: 0
Md5:
Sha1:
Sha256:
|
GET /config?url=https%3A%2F%2Fcreative.admjmp.com%2Fwidgets%2FSpot%2Flib.js%3Fautoplay%3Dall%26userId%3D4c25683baa7e541ee7ce0014496c85471ee87c5671f43cd3d2de65eaed1cbb98%26campaignId%3Dbottomslider%26tag%3Dgirls%252Fchinese%26showModal%3Dsignup%26hideButton%3D1%26autoclose%3D0%26closeButtonDelay%3D0 HTTP/1.1
Host: go.admjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fs1.app/
Origin: https://fs1.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
104.18.51.106
HTTP/2 200 OK
content-type: application/json
date: Mon, 27 Mar 2023 16:51:36 GMT
access-control-allow-origin: *
last-modified: Mon, 27 Mar 2023 16:51:36 GMT
cf-cache-status: MISS
set-cookie: __cflb=02DiuDfsBaY2bRYJiCdd1Ddb6YkKuSHYCDKeAwn4aWmme; SameSite=None; Secure; path=/; expires=Tue, 28-Mar-23 15:51:36 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ae9239a7dabb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
--- Additional Info ---
Magic:
Size: 0
Md5:
Sha1:
Sha256:
|
POST /thumbs/view HTTP/1.1
Host: go.admjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fs1.app/
Content-Type: text/plain;charset=UTF-8
Origin: https://fs1.app
Content-Length: 81
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
104.18.51.106
HTTP/2 200 OK
content-type: application/json
date: Mon, 27 Mar 2023 16:51:38 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28uukSkGJRy5UBr1AgJmhafgYhtGawS7M1w9eNPkQ; SameSite=None; Secure; path=/; expires=Tue, 28-Mar-23 15:51:38 GMT; HttpOnly
server: cloudflare
cf-ray: 7ae923a7ee4bb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
--- Additional Info ---
Magic:
Size: 0
Md5:
Sha1:
Sha256:
|
GET /videos/ipx-890/ HTTP/1.1
Host: fs1.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
|
172.67.208.183
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Mon, 27 Mar 2023 16:51:36 GMT
vary: Accept-Encoding
set-cookie: PHPSESSID=9me37r0cktthu2tc4d0nsib9l4; path=/; domain=.fs1.app
kt_ips=91.90.42.154; expires=Tue, 28-Mar-2023 16:51:36 GMT; Max-Age=86400; path=/; domain=.fs1.app
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCb1avG7NdwQgwPsIS%2BsNlOc%2FXp2VX%2BkWzye3FHqHox1ieSNmkz9eWzfQ%2FuOX8a4vXUNP1G6hb0pu8HbIuyw823ytwoW0svOeu2Pb30FwjY9ncDHmS0%2FUSmO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ae923951a4cb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
--- Additional Info ---
Magic:
Size: 0
Md5:
Sha1:
Sha256:
|
GET /api/spots/220808?p=1&s1=%subid1%&kw= HTTP/1.1
Host: a.labadena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fs1.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
|
135.181.208.216
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx
date: Mon, 27 Mar 2023 16:51:36 GMT
vary: Accept-Encoding
set-cookie: nauid=E5lHMhcuKS1Tc9XOV0uc; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
--- Additional Info ---
Magic:
Size: 0
Md5:
Sha1:
Sha256:
|