7r6.com/3BnJJGP9
104.21.46.65302 Found 6 B IP 104.21.46.65:0
File type ASCII text, with CRLF line terminators
Hash ed19ca99581136d44b35bbb2240a6bf6
d0ac1626cb4713dd5e6b3ff63d818efac90ab4b3
aea52d27230b89ca1b732866afbe137a98e65100049a56b3293def8d5fe7dda0
GET /3BnJJGP9 HTTP/1.1
Host: 7r6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Wed, 30 Nov 2022 18:38:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: lang=en_US; expires=Sat, 25-Nov-2023 18:38:03 GMT; Max-Age=31104000; path=/
AppSession=7bo5dpc0o3divbrnsfppvl5d6l; path=/; HttpOnly
ref3BnJJGP9=YmU0NDRkNzczZTRiYjE4MDM1NTE2NGNmMDBiZWI5NjBiMzNlZGQzYjgyMjk2ZGZlOTFkYzU2NDE4NTc2YTIxYvZTu1IcalNXK%2FBkJW94JBLGAuFRdyYDPO6KQq%2FGILr1; expires=Wed, 30-Nov-2022 18:43:03 GMT; Max-Age=300; path=/; HttpOnly
X-Frame-Options: SAMEORIGIN
Location: https://file-upload.in/11-forex-day-trading-tips-to-become-a-better-trader/?get=3BnJJGP9
X-XSS-Protection: 1; mode=block, 1; mode=block
X-Content-Type-Options: nosniff, nosniff
X-Cache: HIT from Backend
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rcmVoucshDyG%2Fa%2Biy12tSBTnjLHP1rb0ciC2KzaNdzSwJIYfMwd5tUs2sy4rs%2FIvZooHP7c3%2FwH0Whcr69YkzMIx4oooPhxMHWOAbnX0KtFOnlAvGwaqUo3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7725b2a89d06b51d-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5997
Expires: Wed, 30 Nov 2022 20:18:00 GMT
Date: Wed, 30 Nov 2022 18:38:03 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5161
Cache-Control: max-age=148757
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:38:03 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 11:57:20 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16989
Expires: Wed, 30 Nov 2022 23:21:12 GMT
Date: Wed, 30 Nov 2022 18:38:03 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 18:19:41 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1102
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 7F61fTWPjCP0m3PyZ9hu0J/SIBoz2J6JoFCi1LLFfye3AzKvAQP4QNzAIVf9jBaSUnsXb0hKoF4=
x-amz-request-id: MQK9TRYX5ZNZSYFC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 17:45:19 GMT
age: 3164
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:38:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 18:08:56 GMT
cache-control: public,max-age=3600
age: 1748
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5167
Cache-Control: max-age=143694
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:38:04 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 10:32:58 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 5c2944ea29f27f06aa4aa48cadabf137
ed3140c4e5acc80bcc84e977f6d98fb89349506d
21552902973bb4833e4762c915c1f1a7f41523e5442213f191c01635632d91b2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 18:38:04 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 05:36:55 GMT
Expires: Tue, 06 Dec 2022 05:36:54 GMT
Etag: "ed3140c4e5acc80bcc84e977f6d98fb89349506d"
Cache-Control: max-age=470929,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7725b2adfd671bfa-OSL
push.services.mozilla.com/
35.83.91.138101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.91.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Lp9ii+1GXjN24Iv0GtCLww==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: q46kS3Lma0yudv7OuuNwGDpapVM=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9c51835288f8285d94a4941e9e32f841
6dede43e1da82f8573e0bf1ca53347bcac15cb98
80fb15a56ab27d0c706c75d581c6fb57c663ab76bcac106226b7e32a866cfdb5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3976
Cache-Control: max-age=87431
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:38:05 GMT
Etag: "6386460c-117"
Expires: Thu, 01 Dec 2022 18:55:16 GMT
Last-Modified: Tue, 29 Nov 2022 17:49:00 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
142.250.74.106200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (32072)
Hash d38e2944bbc9ae54b8947a2bd0b9a932
782a825679b248d38979c2d7ecae257873344437
65a0917567cb7037612cf420629873f2f3594d2e741aaadf90d893d07d8f5fdd
GET /ajax/libs/jquery/1.10.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 32954
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 02:42:30 GMT
expires: Tue, 28 Nov 2023 02:42:30 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 230135
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-117099056-1
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-117099056-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash 2214c00abd6cc6816bef4ad82691ae12
9dedb834fb2c5734e97f7b5444e6db47333338c2
23262d03392450841422f1c7586c32df505a86478edbf10345a5634d9b9d6ae7
GET /gtag/js?id=UA-117099056-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 18:38:05 GMT
expires: Wed, 30 Nov 2022 18:38:05 GMT
cache-control: private, max-age=900
last-modified: Wed, 30 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43584
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
file-upload.in/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
66.29.132.14200 OK 12 kB URL HTTP/2 file-upload.in/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 66.29.132.14:0
File type ASCII text, with very long lines (47826)
Hash c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: file-upload.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/11-forex-day-trading-tips-to-become-a-better-trader/?get=3BnJJGP9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 18:38:05 GMT
content-type: text/css
last-modified: Tue, 15 Nov 2022 21:41:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Wed, 30 Nov 2022 18:38:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
file-upload.in/wp-includes/css/classic-themes.min.css?ver=1
66.29.132.14200 OK 217 B URL HTTP/2 file-upload.in/wp-includes/css/classic-themes.min.css?ver=1
IP 66.29.132.14:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: file-upload.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/11-forex-day-trading-tips-to-become-a-better-trader/?get=3BnJJGP9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 18:38:05 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 09:41:37 GMT
accept-ranges: bytes
content-length: 217
date: Wed, 30 Nov 2022 18:38:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9c51835288f8285d94a4941e9e32f841
6dede43e1da82f8573e0bf1ca53347bcac15cb98
80fb15a56ab27d0c706c75d581c6fb57c663ab76bcac106226b7e32a866cfdb5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3976
Cache-Control: max-age=87431
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:38:05 GMT
Etag: "6386460c-117"
Expires: Thu, 01 Dec 2022 18:55:16 GMT
Last-Modified: Tue, 29 Nov 2022 17:49:00 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
live.demand.supply/e/e.js?e=ll&d=225&cs=c&dsReferer=ZmlsZS11cGxvYWQuaW4vMTEtZm9yZXgtZGF5LXRyYWRpbmctdGlwcy10by1iZWNvbWUtYS1iZXR0ZXItdHJhZGVyLz9nZXQ9M0JuSkpHUDk=
104.16.133.22200 OK 0 B URL HTTP/2 live.demand.supply/e/e.js?e=ll&d=225&cs=c&dsReferer=ZmlsZS11cGxvYWQuaW4vMTEtZm9yZXgtZGF5LXRyYWRpbmctdGlwcy10by1iZWNvbWUtYS1iZXR0ZXItdHJhZGVyLz9nZXQ9M0JuSkpHUDk=
IP 104.16.133.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /e/e.js?e=ll&d=225&cs=c&dsReferer=ZmlsZS11cGxvYWQuaW4vMTEtZm9yZXgtZGF5LXRyYWRpbmctdGlwcy10by1iZWNvbWUtYS1iZXR0ZXItdHJhZGVyLz9nZXQ9M0JuSkpHUDk= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://file-upload.in
Connection: keep-alive
Referer: https://file-upload.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:38:05 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "8a9dc9c7d095d16caa762d82212746e7-ssl"
x-nf-request-id: 01GF1DQ6VC850D5A27W3YWHZMY
cf-cache-status: HIT
age: 1459959
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7725b2b2cd56b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
file-upload.in/wp-content/themes/shapebox/style.css?ver=6.1.1
66.29.132.14200 OK 15 kB URL HTTP/2 file-upload.in/wp-content/themes/shapebox/style.css?ver=6.1.1
IP 66.29.132.14:0
File type HTML document, ASCII text, with very long lines (411), with CRLF line terminators
Hash 1087d77e84ea10e1ec2a3fd73bc3e791
c131967b6a1a77479d57a5a866a7406b63fc0dc5
e9cabf7844b97254a4b4d468956137a7a40d8bcc905955a1e4b0937c1de7869e
GET /wp-content/themes/shapebox/style.css?ver=6.1.1 HTTP/1.1
Host: file-upload.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/11-forex-day-trading-tips-to-become-a-better-trader/?get=3BnJJGP9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 18:38:05 GMT
content-type: text/css
last-modified: Mon, 11 Jul 2022 18:19:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15254
date: Wed, 30 Nov 2022 18:38:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
file-upload.in/wp-content/themes/shapebox/responsive.css?ver=6.1.1
66.29.132.14200 OK 2.0 kB URL HTTP/2 file-upload.in/wp-content/themes/shapebox/responsive.css?ver=6.1.1
IP 66.29.132.14:0
File type ASCII text, with CRLF line terminators
Hash 2afde723a00afae35f30816e2ff00f85
f57fe88d74d27e3751c34669621d384cf4d2ac26
05b84bf3314cc21ce8d6f19300b4790945667d9c2a02153d9d4a067206d45bcd
GET /wp-content/themes/shapebox/responsive.css?ver=6.1.1 HTTP/1.1
Host: file-upload.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/11-forex-day-trading-tips-to-become-a-better-trader/?get=3BnJJGP9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 18:38:05 GMT
content-type: text/css
last-modified: Mon, 11 Jul 2022 18:19:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1950
date: Wed, 30 Nov 2022 18:38:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
file-upload.in/wp-content/themes/shapebox/fonts/all.min.css?ver=6.1.1
66.29.132.14200 OK 12 kB URL HTTP/2 file-upload.in/wp-content/themes/shapebox/fonts/all.min.css?ver=6.1.1
IP 66.29.132.14:0
File type ASCII text, with very long lines (58942), with CRLF line terminators
Hash acd92c8ed83b05b2397567666780e23c
6471c599b5c393bd9368c0d1bf30d5ec3cd9fa32
4ace79afed3a598728fddf06c29e5e32c02441b3924bb94b46e36caae1950f65
GET /wp-content/themes/shapebox/fonts/all.min.css?ver=6.1.1 HTTP/1.1
Host: file-upload.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/11-forex-day-trading-tips-to-become-a-better-trader/?get=3BnJJGP9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 18:38:05 GMT
content-type: text/css
last-modified: Tue, 29 Mar 2022 19:59:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12368
date: Wed, 30 Nov 2022 18:38:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
file-upload.in/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
66.29.132.14200 OK 30 kB URL HTTP/2 file-upload.in/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 66.29.132.14:0
File type ASCII text, with very long lines (65447)
Hash 3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: file-upload.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/11-forex-day-trading-tips-to-become-a-better-trader/?get=3BnJJGP9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 18:38:05 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 09:41:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Wed, 30 Nov 2022 18:38:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9098
Expires: Wed, 30 Nov 2022 21:09:43 GMT
Date: Wed, 30 Nov 2022 18:38:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9098
Expires: Wed, 30 Nov 2022 21:09:43 GMT
Date: Wed, 30 Nov 2022 18:38:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9098
Expires: Wed, 30 Nov 2022 21:09:43 GMT
Date: Wed, 30 Nov 2022 18:38:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9098
Expires: Wed, 30 Nov 2022 21:09:43 GMT
Date: Wed, 30 Nov 2022 18:38:05 GMT
Connection: keep-alive
file-upload.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
66.29.132.14200 OK 4.0 kB URL HTTP/2 file-upload.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 66.29.132.14:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: file-upload.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/11-forex-day-trading-tips-to-become-a-better-trader/?get=3BnJJGP9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 18:38:05 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Wed, 30 Nov 2022 18:38:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
file-upload.in/wp-content/themes/shapebox/js/slick.min.js?ver=6.1.1
66.29.132.14200 OK 11 kB URL HTTP/2 file-upload.in/wp-content/themes/shapebox/js/slick.min.js?ver=6.1.1
IP 66.29.132.14:0
File type ASCII text, with very long lines (32026), with CRLF line terminators
Hash fbfc9bfbd4a54fee619f9f620908e135
1eb0b25bb24e8b2465018d5b25e0d84b214b025b
d810d41700efbce6035bf213f30bce338f5f3a8bb56b84ae342da34cc2f5fd60
GET /wp-content/themes/shapebox/js/slick.min.js?ver=6.1.1 HTTP/1.1
Host: file-upload.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/11-forex-day-trading-tips-to-become-a-better-trader/?get=3BnJJGP9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 18:38:05 GMT
content-type: application/javascript
last-modified: Tue, 29 Mar 2022 19:59:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10662
date: Wed, 30 Nov 2022 18:38:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
file-upload.in/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
66.29.132.14200 OK 4.6 kB URL HTTP/2 file-upload.in/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 66.29.132.14:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: file-upload.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/11-forex-day-trading-tips-to-become-a-better-trader/?get=3BnJJGP9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 18:38:05 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 21:41:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Wed, 30 Nov 2022 18:38:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c269b8c-3d4d-44ba-8e91-4a2a42d194b9.png
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c269b8c-3d4d-44ba-8e91-4a2a42d194b9.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 89e1a735e16f55c78fa75ae434294029
6c56f4015305eff04a99cec9758cd40bf4e5f704
26e8b042c0bbef2c7f93f77451563cf6e12af282251ef864652574be2b2c5b15
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c269b8c-3d4d-44ba-8e91-4a2a42d194b9.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3711
x-amzn-requestid: 502d7eed-f24a-49e8-b14e-759778b717ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbWQSFNnIAMFpxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63879d9b-5eb88e757ff3eeaa26dd7de2;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 18:14:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hrGJk_aF0hgdEXNUAqj74wYkXby2ptGRqWKFi4sxlvs_QN9WhC6vOw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 18:23:04 GMT
age: 901
etag: "6c56f4015305eff04a99cec9758cd40bf4e5f704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
file-upload.in/wp-content/themes/shapebox/img/thumb-medium.png
66.29.132.14200 OK 3.6 kB URL HTTP/2 file-upload.in/wp-content/themes/shapebox/img/thumb-medium.png
IP 66.29.132.14:0
File type PNG image data, 520 x 293, 8-bit/color RGB, non-interlaced\012- data
Hash f4e6fcef619fc4e306ef4b11899f9e03
29e5f07012c8a6586d944fdc5bf589ce682eb70e
d4f9c8c06934124f42281992fadf4c2f207451330a24f9c7a88fd29f2c467d5f
GET /wp-content/themes/shapebox/img/thumb-medium.png HTTP/1.1
Host: file-upload.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/11-forex-day-trading-tips-to-become-a-better-trader/?get=3BnJJGP9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 18:38:05 GMT
content-type: image/png
last-modified: Tue, 29 Mar 2022 19:59:48 GMT
accept-ranges: bytes
content-length: 3589
date: Wed, 30 Nov 2022 18:38:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
file-upload.in/wp-content/themes/shapebox/js/jquery.fitvids.js?ver=6.1.1
66.29.132.14200 OK 1.1 kB URL HTTP/2 file-upload.in/wp-content/themes/shapebox/js/jquery.fitvids.js?ver=6.1.1
IP 66.29.132.14:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 75b849290c0751fc3676a3c2e6899854
75fc66f33c26377102984ab9dad1b3e06b39611f
c0ab8615b66892db40683910c4fb863350fcbbdc8dc10e2524ebc896053fb69d
GET /wp-content/themes/shapebox/js/jquery.fitvids.js?ver=6.1.1 HTTP/1.1
Host: file-upload.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/11-forex-day-trading-tips-to-become-a-better-trader/?get=3BnJJGP9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 18:38:05 GMT
content-type: application/javascript
last-modified: Tue, 29 Mar 2022 19:59:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1132
date: Wed, 30 Nov 2022 18:38:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
file-upload.in/wp-content/themes/shapebox/js/jq-sticky-anything.min.js?ver=6.1.1
66.29.132.14200 OK 1.3 kB URL HTTP/2 file-upload.in/wp-content/themes/shapebox/js/jq-sticky-anything.min.js?ver=6.1.1
IP 66.29.132.14:0
File type ASCII text, with very long lines (4741), with CRLF line terminators
Hash 0ff4c0fd534fa39c71eb170559910c55
6441d5d13118e13935f59abcc7070ec105971964
0084afe0b1587f612b76cf448ebdfeed2a728b24c3dc61895261cf8f7a105f91
GET /wp-content/themes/shapebox/js/jq-sticky-anything.min.js?ver=6.1.1 HTTP/1.1
Host: file-upload.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/11-forex-day-trading-tips-to-become-a-better-trader/?get=3BnJJGP9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 18:38:05 GMT
content-type: application/javascript
last-modified: Tue, 29 Mar 2022 19:59:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1335
date: Wed, 30 Nov 2022 18:38:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
file-upload.in/wp-content/themes/shapebox/js/scripts.js?ver=6.1.1
66.29.132.14200 OK 2.1 kB URL HTTP/2 file-upload.in/wp-content/themes/shapebox/js/scripts.js?ver=6.1.1
IP 66.29.132.14:0
File type ASCII text, with CRLF line terminators
Hash c2d7939566f80025ced30cb6fca059b6
f0308d0da5d77df7162da3659d1d9fd12eba4deb
82f383b5bbac3231a23a370a4d6e0148814a189b7a476671c4d6d403c2b7f0e0
GET /wp-content/themes/shapebox/js/scripts.js?ver=6.1.1 HTTP/1.1
Host: file-upload.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/11-forex-day-trading-tips-to-become-a-better-trader/?get=3BnJJGP9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 18:38:05 GMT
content-type: application/javascript
last-modified: Tue, 29 Mar 2022 19:59:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2090
date: Wed, 30 Nov 2022 18:38:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
file-upload.in/wp-includes/js/comment-reply.min.js?ver=6.1.1
66.29.132.14200 OK 1.2 kB URL HTTP/2 file-upload.in/wp-includes/js/comment-reply.min.js?ver=6.1.1
IP 66.29.132.14:0
File type ASCII text, with very long lines (2946)
Hash 7d8acf37582bf5212cbf4e31105de2ac
19581f31ceed66b11804eb6a2b3d00d43f73f071
d48d28cdb9d3dd8b812129663e5cc8b373b67629e2e65988d2b274960f7b847f
GET /wp-includes/js/comment-reply.min.js?ver=6.1.1 HTTP/1.1
Host: file-upload.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/11-forex-day-trading-tips-to-become-a-better-trader/?get=3BnJJGP9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 18:38:05 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 21:41:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1228
date: Wed, 30 Nov 2022 18:38:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
file-upload.in/wp-content/themes/shapebox/js/nav.js?ver=1648583988
66.29.132.14200 OK 2.2 kB URL HTTP/2 file-upload.in/wp-content/themes/shapebox/js/nav.js?ver=1648583988
IP 66.29.132.14:0
File type ASCII text, with CRLF line terminators
Hash 64b12aaefa2f8eb4686fe8d7fdfe602c
10444d891ec8ca5f2b582b7f8b05e00761c958db
a3f317cb4940afe8ff5f1d80f9d16307c42d33179d91fb073394dc55ba7e3676
GET /wp-content/themes/shapebox/js/nav.js?ver=1648583988 HTTP/1.1
Host: file-upload.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/11-forex-day-trading-tips-to-become-a-better-trader/?get=3BnJJGP9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 18:38:05 GMT
content-type: application/javascript
last-modified: Tue, 29 Mar 2022 19:59:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2213
date: Wed, 30 Nov 2022 18:38:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
live.demand.supply/impl.v16.2.0.js
104.16.133.22200 OK 35 kB URL HTTP/2 live.demand.supply/impl.v16.2.0.js
IP 104.16.133.22:0
File type ASCII text, with very long lines (26438)
Hash 07c48586fb7cd9eefb71c6b91afa5122
77e515e267361ab8e515c01b2cf5eae05eb64e37
918ccafa4aacaaaf48c642fb10bbcbac4f1225804638fba6ed6c05fbecf28e70
GET /impl.v16.2.0.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/
Cookie: demandSupplyTi=e17c0cf9-4040-46e8-a70b-98b11699be9a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:38:05 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=74789
etag: W/"0883d7589918dbb1805bd4e3b3643444-ssl-df"
timing-allow-origin: *
vary: Accept-Encoding
x-nf-request-id: 01GJNAF97HYE12C3GRZGKRC5R5
cf-cache-status: HIT
age: 523054
server: cloudflare
cf-ray: 7725b2b2bfeeb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
live.demand.supply/p4/v16-2-0/ZmlsZS11cGxvYWQuaW4vMTEtZm9yZXgtZGF5LXRyYWRpbmctdGlwcy10by1iZWNvbWUtYS1iZXR0ZXItdHJhZGVyLz9nZXQ9M0JuSkpHUDk=
104.16.133.22200 OK 6.2 kB URL HTTP/2 live.demand.supply/p4/v16-2-0/ZmlsZS11cGxvYWQuaW4vMTEtZm9yZXgtZGF5LXRyYWRpbmctdGlwcy10by1iZWNvbWUtYS1iZXR0ZXItdHJhZGVyLz9nZXQ9M0JuSkpHUDk=
IP 104.16.133.22:0
File type ASCII text, with very long lines (922), with no line terminators
Hash 6e0efbfbc53db758d6f32efd0a85e26e
fbc80c903c882ec635d06625d0efba58f50ca7a5
0daa89583fe9580f252cdc3ef482aefc70f70ec4205ac13c79a0e163658af464
GET /p4/v16-2-0/ZmlsZS11cGxvYWQuaW4vMTEtZm9yZXgtZGF5LXRyYWRpbmctdGlwcy10by1iZWNvbWUtYS1iZXR0ZXItdHJhZGVyLz9nZXQ9M0JuSkpHUDk= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/
Cookie: demandSupplyTi=e17c0cf9-4040-46e8-a70b-98b11699be9a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:38:05 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
vary: Accept-Encoding
server: cloudflare
cf-ray: 7725b2b2bff4b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e00769bd1391b8f4f5b8ab128a825355
e4ddf955e8ac1986045ed55880c43c69e588a021
81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7mRG070F4NZnewfowUhVhMerJaGjJd4G6O1tvTPiKyvTAzq-Y16-jw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:51 GMT
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
content-type: image/jpeg
age: 74474
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bbe350ea797a0fec5a19a450fc5de4b4
2f3a39a528d3b759060203931de33c12303592e1
4d661dac2e19e07ae15d0f8cf00bd268c6c2defb2f5e4de38fcb6e7031dfd605
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9330
x-amzn-requestid: 3fad352d-7664-43e0-9395-e840f671ca61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFQFIdoAMFSmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a21-5e9847852f8435231d401fe6;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mCEtSOenWKxay4vNy5mN9cexxXKXKt7TMuLaLw-M86tLKwQ2MwuxPg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:11:32 GMT
age: 73593
etag: "2f3a39a528d3b759060203931de33c12303592e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7LVxajVjJ1N2W-jxCmKpYHg1rS1MbrRnAVc15QmM0iH94CH1yJnR0w==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 04:53:01 GMT
age: 49504
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
live.demand.supply/x/e.js?ce=rl&dsReferer=ZmlsZS11cGxvYWQuaW4vMTEtZm9yZXgtZGF5LXRyYWRpbmctdGlwcy10by1iZWNvbWUtYS1iZXR0ZXItdHJhZGVyLz9nZXQ9M0JuSkpHUDk=
104.16.133.22200 OK 0 B URL HTTP/2 live.demand.supply/x/e.js?ce=rl&dsReferer=ZmlsZS11cGxvYWQuaW4vMTEtZm9yZXgtZGF5LXRyYWRpbmctdGlwcy10by1iZWNvbWUtYS1iZXR0ZXItdHJhZGVyLz9nZXQ9M0JuSkpHUDk=
IP 104.16.133.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /x/e.js?ce=rl&dsReferer=ZmlsZS11cGxvYWQuaW4vMTEtZm9yZXgtZGF5LXRyYWRpbmctdGlwcy10by1iZWNvbWUtYS1iZXR0ZXItdHJhZGVyLz9nZXQ9M0JuSkpHUDk= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://file-upload.in
Connection: keep-alive
Referer: https://file-upload.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:38:05 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "8a9dc9c7d095d16caa762d82212746e7-ssl"
x-nf-request-id: 01GHHMBZZE33TMRQAVW25QJ5X3
cf-cache-status: HIT
age: 615155
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7725b2b69b51b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
live.demand.supply/x/e.js?ce=rl&dsReferer=ZmlsZS11cGxvYWQuaW4vMTEtZm9yZXgtZGF5LXRyYWRpbmctdGlwcy10by1iZWNvbWUtYS1iZXR0ZXItdHJhZGVyLz9nZXQ9M0JuSkpHUDk=
104.16.133.22200 OK 0 B URL HTTP/2 live.demand.supply/x/e.js?ce=rl&dsReferer=ZmlsZS11cGxvYWQuaW4vMTEtZm9yZXgtZGF5LXRyYWRpbmctdGlwcy10by1iZWNvbWUtYS1iZXR0ZXItdHJhZGVyLz9nZXQ9M0JuSkpHUDk=
IP 104.16.133.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /x/e.js?ce=rl&dsReferer=ZmlsZS11cGxvYWQuaW4vMTEtZm9yZXgtZGF5LXRyYWRpbmctdGlwcy10by1iZWNvbWUtYS1iZXR0ZXItdHJhZGVyLz9nZXQ9M0JuSkpHUDk= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://file-upload.in
Connection: keep-alive
Referer: https://file-upload.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:38:05 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "8a9dc9c7d095d16caa762d82212746e7-ssl"
x-nf-request-id: 01GHHMBZZE33TMRQAVW25QJ5X3
cf-cache-status: HIT
age: 615155
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7725b2b6ab5bb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
live.demand.supply/x/e.js?ce=rl&dsReferer=ZmlsZS11cGxvYWQuaW4vMTEtZm9yZXgtZGF5LXRyYWRpbmctdGlwcy10by1iZWNvbWUtYS1iZXR0ZXItdHJhZGVyLz9nZXQ9M0JuSkpHUDk=
104.16.133.22200 OK 0 B URL HTTP/2 live.demand.supply/x/e.js?ce=rl&dsReferer=ZmlsZS11cGxvYWQuaW4vMTEtZm9yZXgtZGF5LXRyYWRpbmctdGlwcy10by1iZWNvbWUtYS1iZXR0ZXItdHJhZGVyLz9nZXQ9M0JuSkpHUDk=
IP 104.16.133.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /x/e.js?ce=rl&dsReferer=ZmlsZS11cGxvYWQuaW4vMTEtZm9yZXgtZGF5LXRyYWRpbmctdGlwcy10by1iZWNvbWUtYS1iZXR0ZXItdHJhZGVyLz9nZXQ9M0JuSkpHUDk= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://file-upload.in
Connection: keep-alive
Referer: https://file-upload.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:38:05 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "8a9dc9c7d095d16caa762d82212746e7-ssl"
x-nf-request-id: 01GHHMBZZE33TMRQAVW25QJ5X3
cf-cache-status: HIT
age: 615155
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7725b2b6ab63b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
live.demand.supply/x/e.js?ce=rl&dsReferer=ZmlsZS11cGxvYWQuaW4vMTEtZm9yZXgtZGF5LXRyYWRpbmctdGlwcy10by1iZWNvbWUtYS1iZXR0ZXItdHJhZGVyLz9nZXQ9M0JuSkpHUDk=
104.16.133.22304 Not Modified 0 B URL HTTP/2 live.demand.supply/x/e.js?ce=rl&dsReferer=ZmlsZS11cGxvYWQuaW4vMTEtZm9yZXgtZGF5LXRyYWRpbmctdGlwcy10by1iZWNvbWUtYS1iZXR0ZXItdHJhZGVyLz9nZXQ9M0JuSkpHUDk=
IP 104.16.133.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /x/e.js?ce=rl&dsReferer=ZmlsZS11cGxvYWQuaW4vMTEtZm9yZXgtZGF5LXRyYWRpbmctdGlwcy10by1iZWNvbWUtYS1iZXR0ZXItdHJhZGVyLz9nZXQ9M0JuSkpHUDk= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://file-upload.in
Connection: keep-alive
Referer: https://file-upload.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-None-Match: "8a9dc9c7d095d16caa762d82212746e7-ssl"
TE: trailers
HTTP/2 304 Not Modified
date: Wed, 30 Nov 2022 18:38:05 GMT
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "8a9dc9c7d095d16caa762d82212746e7-ssl"
x-nf-request-id: 01GHHMBZZE33TMRQAVW25QJ5X3
cf-cache-status: HIT
age: 615155
vary: Accept-Encoding
server: cloudflare
cf-ray: 7725b2b6bb6fb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
216.58.207.227200 OK 38 kB URL HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Hash e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://file-upload.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Nov 2022 01:47:01 GMT
expires: Mon, 27 Nov 2023 01:47:01 GMT
cache-control: public, max-age=31536000
age: 319864
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
file-upload.in/wp-content/uploads/2022/06/11-Forex-day-trading-tips-to-become-a-better-trader.jpeg
66.29.132.14200 OK 31 kB URL HTTP/2 file-upload.in/wp-content/uploads/2022/06/11-Forex-day-trading-tips-to-become-a-better-trader.jpeg
IP 66.29.132.14:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 850x478, components 3\012- data
Hash cb6767a994f6e6a933191e8ec312f93d
c01ad5267cb5195a1b88e28ab1808538aeab3cd0
3a6e73f3afdec3f1639314647bfbe2afe89e4a11965d82889e88933bd9613f37
GET /wp-content/uploads/2022/06/11-Forex-day-trading-tips-to-become-a-better-trader.jpeg HTTP/1.1
Host: file-upload.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/11-forex-day-trading-tips-to-become-a-better-trader/?get=3BnJJGP9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 18:38:05 GMT
content-type: image/jpeg
last-modified: Mon, 06 Jun 2022 00:25:43 GMT
accept-ranges: bytes
content-length: 30855
date: Wed, 30 Nov 2022 18:38:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
file-upload.in/wp-content/themes/shapebox/img/image-gradient.png
66.29.132.14200 OK 1.7 kB URL HTTP/2 file-upload.in/wp-content/themes/shapebox/img/image-gradient.png
IP 66.29.132.14:0
File type PNG image data, 80 x 720, 8-bit/color RGBA, non-interlaced\012- data
Hash a1d415a8b6c8bf15657d6bec80f80458
b83bc16a0ed3df9f4d09a88ee162ee83d29cb54c
4d6f9711e0b89931512ec47583e3b7014826651e1b9bb706634a712a1106439f
GET /wp-content/themes/shapebox/img/image-gradient.png HTTP/1.1
Host: file-upload.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/wp-content/themes/shapebox/style.css?ver=6.1.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 18:38:05 GMT
content-type: image/png
last-modified: Tue, 29 Mar 2022 19:59:48 GMT
accept-ranges: bytes
content-length: 1690
date: Wed, 30 Nov 2022 18:38:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
file-upload.in/wp-content/themes/shapebox/fonts/fa-solid-900.woff2
66.29.132.14200 OK 80 kB URL HTTP/2 file-upload.in/wp-content/themes/shapebox/fonts/fa-solid-900.woff2
IP 66.29.132.14:0
File type Web Open Font Format (Version 2), TrueType, length 80252, version 331.-31327\012- data
Hash 9ae050d1876ac1763eb6afe4264e6d5a
72344eab2e7431eec313caa21f266cbfda7caf60
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
GET /wp-content/themes/shapebox/fonts/fa-solid-900.woff2 HTTP/1.1
Host: file-upload.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://file-upload.in/wp-content/themes/shapebox/fonts/all.min.css?ver=6.1.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 18:38:05 GMT
content-type: font/woff2
last-modified: Tue, 29 Mar 2022 19:59:48 GMT
accept-ranges: bytes
content-length: 80252
date: Wed, 30 Nov 2022 18:38:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
file-upload.in/wp-content/themes/shapebox/fonts/fa-regular-400.woff2
66.29.132.14200 OK 14 kB URL HTTP/2 file-upload.in/wp-content/themes/shapebox/fonts/fa-regular-400.woff2
IP 66.29.132.14:0
File type Web Open Font Format (Version 2), TrueType, length 13588, version 331.-31327\012- data
Hash 847712aaabbeba674afdda86d31cab17
c07631a91ee71c0a1a84a3151db42b1f2d9a9692
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
GET /wp-content/themes/shapebox/fonts/fa-regular-400.woff2 HTTP/1.1
Host: file-upload.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://file-upload.in/wp-content/themes/shapebox/fonts/all.min.css?ver=6.1.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 18:38:05 GMT
content-type: font/woff2
last-modified: Tue, 29 Mar 2022 19:59:48 GMT
accept-ranges: bytes
content-length: 13588
date: Wed, 30 Nov 2022 18:38:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
216.58.207.206200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.58.207.206:0
Hash 23726c490bbe62e643ef2509ad88f721
0377b884a90b1efdd349706d1d6a206d82df2ed2
572d7b52017e552e1c61966ae2ffd447e13b2e12ca69f4a2b3cde6da4585aebc
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 30 Nov 2022 16:41:08 GMT
expires: Wed, 30 Nov 2022 18:41:08 GMT
cache-control: public, max-age=7200
age: 7018
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
secure.gravatar.com/avatar/dabef04b334e142f6af4ca7c36c09d17?s=64&d=mm&r=g
192.0.73.2200 OK 1.4 kB URL HTTP/2 secure.gravatar.com/avatar/dabef04b334e142f6af4ca7c36c09d17?s=64&d=mm&r=g
IP 192.0.73.2:0
Hash 28eb7eae3d35636b39eddf1865051426
5b36adc931cf1c69b94206b809a277270c1dc87e
c3ab589ffbe217f9c2ae5908f1f49bd2e0bddefa5454392ca6901318ef457397
GET /avatar/dabef04b334e142f6af4ca7c36c09d17?s=64&d=mm&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:38:06 GMT
content-type: image/jpeg
content-length: 1163
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://www.gravatar.com/avatar/dabef04b334e142f6af4ca7c36c09d17?s=64&d=mm&r=g>; rel="canonical"
access-control-allow-origin: *
content-disposition: inline; filename="dabef04b334e142f6af4ca7c36c09d17.png"
expires: Wed, 30 Nov 2022 18:43:06 GMT
cache-control: max-age=300
x-nc: HIT arn 3
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:38:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
securepubads.g.doubleclick.net/tag/js/gpt.js
142.250.74.130200 OK 28 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 142.250.74.130:0
Hash 1bf1b0eb85570cd8ef78004fe6ae9369
dbb81ffcee68f25bce5c016675c7ba3042a0e565
00592c613884fca0336252384618ff0528f423cae705de31da41e9754b7f5adc
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27288
date: Wed, 30 Nov 2022 18:38:06 GMT
expires: Wed, 30 Nov 2022 18:38:06 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1407 / 945 of 1000 / last-modified: 1669810420"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:38:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
142.250.74.130200 OK 132 kB URL HTTP/2 securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (65395)
Size 132 kB (132177 bytes)
Hash 3308ca8addf332f89a8f9ae5fada3b60
69a0af021add1aa44292528532ef632aff2ab1d0
7c1c9e093bf8e56cf2ba9af1d8cfc092f7a98c4b9472abc3257147aa97ec0ee3
GET /gpt/pubads_impl_2022111501.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 132177
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 13:29:34 GMT
expires: Wed, 29 Nov 2023 13:29:34 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
content-type: text/javascript
age: 104912
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/pagead/ppub_config?ippd=file-upload.in
142.250.74.130200 OK 85 B URL HTTP/2 securepubads.g.doubleclick.net/pagead/ppub_config?ippd=file-upload.in
IP 142.250.74.130:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 726fc45015d500786d75ef1771b5c042
f54449726fd432eccd936a94a3a14b890ff6e395
cc3ca3914d239bbe4f39c687f4b2751bb9a0ab93817e76e282cbb520d0e0d9dc
GET /pagead/ppub_config?ippd=file-upload.in HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://file-upload.in
Connection: keep-alive
Referer: https://file-upload.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
date: Wed, 30 Nov 2022 18:38:06 GMT
expires: Wed, 30 Nov 2022 18:38:06 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 30-Nov-2022 18:53:06 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd528f6c2c45e38c52095a73a9cd8c68
dca2df874a830edac932136d474453c18d933024
4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:38:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=file-upload.in
172.217.21.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=file-upload.in
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=file-upload.in HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 30 Nov 2022 18:38:06 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3402a11f28d369c1ad537c8e44ba5568
17c9fc852ca71dc4d46f786537adda4ee0e9a3ef
dd142866516f3293fab9f67f092d37b70c39fc58512734c8e88dab5c5faf7264
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:38:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=file-upload.in
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=file-upload.in
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=file-upload.in HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 30 Nov 2022 18:38:06 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd528f6c2c45e38c52095a73a9cd8c68
dca2df874a830edac932136d474453c18d933024
4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:38:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3402a11f28d369c1ad537c8e44ba5568
17c9fc852ca71dc4d46f786537adda4ee0e9a3ef
dd142866516f3293fab9f67f092d37b70c39fc58512734c8e88dab5c5faf7264
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:38:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
142.250.74.66200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
IP 142.250.74.66:0
File type JSON data\012- , ASCII text, with very long lines (14815), with no line terminators
Hash 4475be0633a37752c9a378fd06c3f152
01e98f38e3bdeaab57d4fa3d75e3a9a771019b14
fa11cbbc393db3218e426bcba45b18d82cf1fb566c8f96ea38557632c136b184
GET /getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://file-upload.in
Connection: keep-alive
Referer: https://file-upload.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Wed, 30 Nov 2022 18:38:06 GMT
server: cafe
content-length: 11185
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
8a7892587e217074d907d2d2944ac74f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
216.58.207.193200 OK 2.7 kB URL HTTP/2 8a7892587e217074d907d2d2944ac74f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 216.58.207.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: 8a7892587e217074d907d2d2944ac74f.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Wed, 30 Nov 2022 18:38:06 GMT
expires: Thu, 30 Nov 2023 18:38:06 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2.js
216.58.207.193200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 216.58.207.193:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Wed, 30 Nov 2022 18:38:06 GMT
expires: Wed, 30 Nov 2022 18:38:06 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 03687b58fa7e1174e7ea84b360637ffd
7c09ef060716a365b3300c8de24f507f66e9197c
4e971d51fc0862dbd41239b7df741429d308a1e323d8624af0a6cf80eab153e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:38:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f58cd30443a495eed3ec0d9827550c1
fd0f53d2acc63ae015b7b42155136ade5841ebc7
333a3cae36081ea37371e32dc9587faacfda5970daa476b3b36cd6f587ce1594
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:38:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.132200 OK 512 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash d011c21fbdf6fdd039012d2d5b883ff5
14485ba579a2858b496248b5ed799f1f38bf43a3
0748df50f3beb2beb9ea9137f2b0c9c7de18391f1355306028d5ef9ac99341d8
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 30 Nov 2022 18:38:06 GMT
date: Wed, 30 Nov 2022 18:38:06 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-T1AkiGbkboQTmWhD2H9ulA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2c7eb43228f70d786da402c15907bd61
dfe5c6e36a40c6a0a830245a3d55d6d87fed9d9e
c5496c34b42b371ccc7f0238c9b1208e4218ec14bf25057bfecfedc72749625e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5064
Cache-Control: max-age=156201
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:38:07 GMT
Etag: "63874e71-117"
Expires: Fri, 02 Dec 2022 14:01:28 GMT
Last-Modified: Wed, 30 Nov 2022 12:37:05 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
cdn.id5-sync.com/api/1.0/esp.js
104.22.52.86200 OK 17 kB URL HTTP/2 cdn.id5-sync.com/api/1.0/esp.js
IP 104.22.52.86:0
File type ASCII text, with very long lines (59374)
Hash 0439282a2fef6180eb6fcda7854f17fe
594f3b03235b94509259c53b2a7a508deafc7ebe
f06b11284968d6486120ae4e76a2cffe1913a0ecde5553727336b309633b1022
GET /api/1.0/esp.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:38:07 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: aYvx1CvZoW+jC0SWV8GDk58b+1v6FtaZO2lvKc6PNlRdteqgFNQlnkyjvJj+sWDx4Mlyoy6w6aw=
x-amz-request-id: 6QPMVSX1631H1C3W
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
etag: W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 3533
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7725b2c07929b517-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.98200 OK 48 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.98:0
File type ASCII text, with very long lines (3502)
Hash 297e24828abaf97fb29460fd75369140
e9e02d737f1bcf9874a55562edff5f795a1c170c
cdbe4e689ca060e94f00f0aa4c45a89efacddac90df42929ff42a3bff44a9d3e
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8a7892587e217074d907d2d2944ac74f.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 48265
date: Wed, 30 Nov 2022 18:38:07 GMT
expires: Wed, 30 Nov 2022 18:38:07 GMT
cache-control: private, max-age=3000
etag: "1668095300071091"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c98063a5875a4153829eaa80be458262
9522070e97907c1f147c44284e4d7d9591518fb5
ad8607d475238f00a7328e41f35d5f50595455bef11db64d45ead1a64bc261a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD8607D475238F00A7328E41F35D5F50595455BEF11DB64D45EAD1A64BC261A2"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16939
Expires: Wed, 30 Nov 2022 23:20:26 GMT
Date: Wed, 30 Nov 2022 18:38:07 GMT
Connection: keep-alive
id5-sync.com/api/esp/increment?counter=no-config
141.95.98.65204 0 B URL HTTP/1.1 id5-sync.com/api/esp/increment?counter=no-config
IP 141.95.98.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/esp/increment?counter=no-config HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://file-upload.in
Connection: keep-alive
Referer: https://file-upload.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://file-upload.in
access-control-allow-credentials: true
date: Wed, 30 Nov 2022 18:38:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4b470d898d2b9f278b6ec072b3f336cf
1570b2d97beb377b0a424044be2075ec0a262851
b73f51f344b0c221e7bcc239083809a5a1030f9893db5b9ddb7741df1bde495b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:38:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu62s-KCzgMGOoxERYvf7T7rgOBYuHwSZUxpEge_YTA3Z53t77ec3cVczSOwjVb-uIFmx5-FrMdp2_TxJZ8boii72_fMOaXNKcANhaZbMxJqOMj_xrI4ggL1tuBp5rYgikVfOFDeDUSx3RveOQnLMeDqAJP_YpMbmOhAWUB2RWEGbkjWCWhlspNyUZfcEKMXixjtaF8q2CxHaM2Q3l_ElvmGjWqwv1efCwVxd4qRRDFx4WX3I1L1H2JbHwixyhgwcWTvRzOJxsSil9HYnMbpA6Z4AasvbrbmBCWG_04FBM7kH_tyzeffvzOIt-Ixe4M6MYzmEwayKXzhRDc_fCHjul_0OdFX4xxz3B9UFqu-Oy2KmcEx0K05BxKHMrKjqJW2g0Mr8VOlnCoOauwZfIuE1CTU-UDC3UCqp9jUlLLBZkdHAMG8w_HPtUPPLRWhjd5UQ3BGlaQTIDt2syPeB7I5W9M0xwA0cd-ttYwAeZhv-VkcRORjNcqswnReGwxmsIcC87zef9nbVyllRx0L06J6iC8Au08oXAyf9E1gY3uiFUIyzr-ig0BVADBOx27Kspl6XK84tX8-qNoNcMLgN-udP_pkiA1zttDlMA8L_kszggC1H6xiyJ3YhndjWdpej003P-TLiYApVAQYF5yV96zjAVpvwH3neGSEbsuXKCghfjwpGUx1HllU5qcK4zi6odnGbgrIdPGSAuCT1iuCTRcAbdNbK5ZbVmXDTQd8DXpTsWbojRbEsugjX04eREknaxmJew1xiJpmkv9kRU3GQiUNOZ7OTTseo3FQO5FoPXiSKSrKHVIIxVcg5hVjhrj8OciO3NVXsNhSaKeev-mVehT__hqHlW2IdW7zEEYDg_Tlo7AsIiUg7rNxMVEjOnWJz2FsZ4M4V10-3geRrP2e46Q4WxIWGt6NpMgWibGtfcCE6Yf7H9wEpaDXskPJ9PqRrrCKxEKWz5zv0Nv4CHTVPyGzG4PaL3_gwiByJD61jVP6DwG43AK0p7peK4ObDai-JEUzQf3iYiOxW0YnR6k5eZqGSPhTqlPfPKeaFbfq9bC4qdcvYTiimO0vsd5C2mxYa6nZrk9IWLHJFhaA_GI5500xqJ9Bg0JUXRh5O2RmLOwhie5BMbwPQcfoq-do-SuWyn6yj5g1mxsJPkj3Su-OV_SJhlEVEL2aoHwHHHLcfsffUOlTppsaZQDjYL2LyjQ_1SG&sai=AMfl-YT_mlgl8IMdwkXySNvQbe1GYIEJZVQpIfq9ju9XYz3jg0104EIfWsTLZxFOzpF8CCRgOKexaGaoannTwvS4UljRmV9lio8t17OO9tmLhTPv9iIcsZgtNqa2WE58YU49IdWf4ql15QRkpZ1WEjsqSb40qR_P4K7SOlzni_sa5vR_uYrfVaSCzbG3MSZ8gQl1s_rddeEAnG8_y8azEhSwvNyG3t86aSIms4Osg8PCKFfIA_r4EQcDZyzoXlz0NDzdeAtUYh01n7i4NlYoKNI5gcPvbKFLQ0WLvCVzoJtjvqak0MCq&sig=Cg0ArKJSzGxwyBpPrsNFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221110.81688&arae=0&ftch=1&adurl=
216.58.211.2200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu62s-KCzgMGOoxERYvf7T7rgOBYuHwSZUxpEge_YTA3Z53t77ec3cVczSOwjVb-uIFmx5-FrMdp2_TxJZ8boii72_fMOaXNKcANhaZbMxJqOMj_xrI4ggL1tuBp5rYgikVfOFDeDUSx3RveOQnLMeDqAJP_YpMbmOhAWUB2RWEGbkjWCWhlspNyUZfcEKMXixjtaF8q2CxHaM2Q3l_ElvmGjWqwv1efCwVxd4qRRDFx4WX3I1L1H2JbHwixyhgwcWTvRzOJxsSil9HYnMbpA6Z4AasvbrbmBCWG_04FBM7kH_tyzeffvzOIt-Ixe4M6MYzmEwayKXzhRDc_fCHjul_0OdFX4xxz3B9UFqu-Oy2KmcEx0K05BxKHMrKjqJW2g0Mr8VOlnCoOauwZfIuE1CTU-UDC3UCqp9jUlLLBZkdHAMG8w_HPtUPPLRWhjd5UQ3BGlaQTIDt2syPeB7I5W9M0xwA0cd-ttYwAeZhv-VkcRORjNcqswnReGwxmsIcC87zef9nbVyllRx0L06J6iC8Au08oXAyf9E1gY3uiFUIyzr-ig0BVADBOx27Kspl6XK84tX8-qNoNcMLgN-udP_pkiA1zttDlMA8L_kszggC1H6xiyJ3YhndjWdpej003P-TLiYApVAQYF5yV96zjAVpvwH3neGSEbsuXKCghfjwpGUx1HllU5qcK4zi6odnGbgrIdPGSAuCT1iuCTRcAbdNbK5ZbVmXDTQd8DXpTsWbojRbEsugjX04eREknaxmJew1xiJpmkv9kRU3GQiUNOZ7OTTseo3FQO5FoPXiSKSrKHVIIxVcg5hVjhrj8OciO3NVXsNhSaKeev-mVehT__hqHlW2IdW7zEEYDg_Tlo7AsIiUg7rNxMVEjOnWJz2FsZ4M4V10-3geRrP2e46Q4WxIWGt6NpMgWibGtfcCE6Yf7H9wEpaDXskPJ9PqRrrCKxEKWz5zv0Nv4CHTVPyGzG4PaL3_gwiByJD61jVP6DwG43AK0p7peK4ObDai-JEUzQf3iYiOxW0YnR6k5eZqGSPhTqlPfPKeaFbfq9bC4qdcvYTiimO0vsd5C2mxYa6nZrk9IWLHJFhaA_GI5500xqJ9Bg0JUXRh5O2RmLOwhie5BMbwPQcfoq-do-SuWyn6yj5g1mxsJPkj3Su-OV_SJhlEVEL2aoHwHHHLcfsffUOlTppsaZQDjYL2LyjQ_1SG&sai=AMfl-YT_mlgl8IMdwkXySNvQbe1GYIEJZVQpIfq9ju9XYz3jg0104EIfWsTLZxFOzpF8CCRgOKexaGaoannTwvS4UljRmV9lio8t17OO9tmLhTPv9iIcsZgtNqa2WE58YU49IdWf4ql15QRkpZ1WEjsqSb40qR_P4K7SOlzni_sa5vR_uYrfVaSCzbG3MSZ8gQl1s_rddeEAnG8_y8azEhSwvNyG3t86aSIms4Osg8PCKFfIA_r4EQcDZyzoXlz0NDzdeAtUYh01n7i4NlYoKNI5gcPvbKFLQ0WLvCVzoJtjvqak0MCq&sig=Cg0ArKJSzGxwyBpPrsNFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221110.81688&arae=0&ftch=1&adurl=
IP 216.58.211.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsu62s-KCzgMGOoxERYvf7T7rgOBYuHwSZUxpEge_YTA3Z53t77ec3cVczSOwjVb-uIFmx5-FrMdp2_TxJZ8boii72_fMOaXNKcANhaZbMxJqOMj_xrI4ggL1tuBp5rYgikVfOFDeDUSx3RveOQnLMeDqAJP_YpMbmOhAWUB2RWEGbkjWCWhlspNyUZfcEKMXixjtaF8q2CxHaM2Q3l_ElvmGjWqwv1efCwVxd4qRRDFx4WX3I1L1H2JbHwixyhgwcWTvRzOJxsSil9HYnMbpA6Z4AasvbrbmBCWG_04FBM7kH_tyzeffvzOIt-Ixe4M6MYzmEwayKXzhRDc_fCHjul_0OdFX4xxz3B9UFqu-Oy2KmcEx0K05BxKHMrKjqJW2g0Mr8VOlnCoOauwZfIuE1CTU-UDC3UCqp9jUlLLBZkdHAMG8w_HPtUPPLRWhjd5UQ3BGlaQTIDt2syPeB7I5W9M0xwA0cd-ttYwAeZhv-VkcRORjNcqswnReGwxmsIcC87zef9nbVyllRx0L06J6iC8Au08oXAyf9E1gY3uiFUIyzr-ig0BVADBOx27Kspl6XK84tX8-qNoNcMLgN-udP_pkiA1zttDlMA8L_kszggC1H6xiyJ3YhndjWdpej003P-TLiYApVAQYF5yV96zjAVpvwH3neGSEbsuXKCghfjwpGUx1HllU5qcK4zi6odnGbgrIdPGSAuCT1iuCTRcAbdNbK5ZbVmXDTQd8DXpTsWbojRbEsugjX04eREknaxmJew1xiJpmkv9kRU3GQiUNOZ7OTTseo3FQO5FoPXiSKSrKHVIIxVcg5hVjhrj8OciO3NVXsNhSaKeev-mVehT__hqHlW2IdW7zEEYDg_Tlo7AsIiUg7rNxMVEjOnWJz2FsZ4M4V10-3geRrP2e46Q4WxIWGt6NpMgWibGtfcCE6Yf7H9wEpaDXskPJ9PqRrrCKxEKWz5zv0Nv4CHTVPyGzG4PaL3_gwiByJD61jVP6DwG43AK0p7peK4ObDai-JEUzQf3iYiOxW0YnR6k5eZqGSPhTqlPfPKeaFbfq9bC4qdcvYTiimO0vsd5C2mxYa6nZrk9IWLHJFhaA_GI5500xqJ9Bg0JUXRh5O2RmLOwhie5BMbwPQcfoq-do-SuWyn6yj5g1mxsJPkj3Su-OV_SJhlEVEL2aoHwHHHLcfsffUOlTppsaZQDjYL2LyjQ_1SG&sai=AMfl-YT_mlgl8IMdwkXySNvQbe1GYIEJZVQpIfq9ju9XYz3jg0104EIfWsTLZxFOzpF8CCRgOKexaGaoannTwvS4UljRmV9lio8t17OO9tmLhTPv9iIcsZgtNqa2WE58YU49IdWf4ql15QRkpZ1WEjsqSb40qR_P4K7SOlzni_sa5vR_uYrfVaSCzbG3MSZ8gQl1s_rddeEAnG8_y8azEhSwvNyG3t86aSIms4Osg8PCKFfIA_r4EQcDZyzoXlz0NDzdeAtUYh01n7i4NlYoKNI5gcPvbKFLQ0WLvCVzoJtjvqak0MCq&sig=Cg0ArKJSzGxwyBpPrsNFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221110.81688&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://8a7892587e217074d907d2d2944ac74f.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Wed, 30 Nov 2022 18:38:07 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 30-Nov-2022 18:53:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 30 Nov 2022 18:38:07 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4b470d898d2b9f278b6ec072b3f336cf
1570b2d97beb377b0a424044be2075ec0a262851
b73f51f344b0c221e7bcc239083809a5a1030f9893db5b9ddb7741df1bde495b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:38:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv9euisA_F_qXHgmpsTj6xSM3rlvDMPsRljDNrgS8Qu9AWts3Bz-LQOj82tKE1OlP6I4CMQOgmy1LsmCZNDSOP1SFvDuv6HusRgpd4ZbUNp6LheAt25wstkZb1hZZyOCXMLcItdtdLo7BeWZDyvAEFO_zQRLPh9z8VL_OhM495F91da3CRl1ere1Z5O46qAtsj5K7JbqXTSoi9sj_U5F5xobWXO9MjEiXj8jIKntm5gNC-DVCXUgwWjajhUY47Yr_apptrOsDAWV9nIF4C3QDGD7_ARY_k5D6Tye5-J4pAQSiLWkILHbOf0xox63CvMVbNabWZes72tVIXSuNopofEXw9gX-xHwPXC93fC2fCB1gWUrD69hp4Z8TYNmqH_Ejy09_meqglf4kr3iRcGZtCsfmzeWcqbSFiDdBa8YHN8pdn4gqyE2vbmQofdj1wyiQbs6GHrGzIp6VCMHOEDAcUPxEWImCverJ1CuetlGbWPcu1d3k7k4ETkQzrzPfpfc9xILecxOO4yqflaLT-NlSQITZZ-HTum47dTS8OOwRqtCD7YuuBBzbx8diBUSF4wxpLSkKnDGdP-J_CQ73OsW2UEjuPgNA_xfLyVNl-Jxed4XDeRpMS2cs2IR9XsfH2srQUjiFoCtaUuzNBWa4_XSS7-8Uo3RQfLBelCHUoeody_7n-3BCRh5dHsBVRG00QjV_KxQZjc7scgqWc249zE1YztoV7raqVj6tvf2BGPJTdAKdRw52tAUmVjY6WZVNVzD97DdNVG00q4RYIrX-M-lIaCyPGblzb0LTYIGXQO_5zgf3tTO9wNYSxUg9IQz01IBaZp8P5ymwll-fJnI-lARU0n-1ZmEM1usvWsKk8drb9cLq-zZnyXvDehS84ffgnyjsphGRKkAUb2K3fCualQbAUKByAju9anWTvORyscS-40MUv_mbeIWOzqs2WONI1KHr-XRtlM8W6E0DAR_dbEIg99GO8kaNLf16TOhb-Y2qlMF7fOS7rEZIswJUAZoYLQ1nvcj9RQsokOxkwc7TIL9Z-xkkqOdrqjRSi1zKnnuoBwMt-e9mvwHdybOsShktdGH0KdaT5FtOePKvHpFvMSar1eTmFF_WKqtCl0gHYZ2YE-1re6jRXAa0V5k9nU1N4l7KBfJ2TLDKtabBuJCW3HG62c-MpaTZsZMotYGPb6B2BxwLYQqPg&sai=AMfl-YTvGDPhzus2EZmHVD_g1OxSihhXGKFHDwBG1tpySJ5_eokYGKHVc7dHRzxPo8Whcu1EGvuNzTkSYMrPO3RZiuV_PsJEkPpCTXm3gCWk7Gg4v3mkbl01Z9CqHgYX_kbjeuF56xc8Wx0PfmgJE2GiLZwVEIFTNnS3z1XjfJgPxfW64EtTejcZjsLscZ_nylJoC0uQM0DGvBdna80dGmh6s96ICZzGl5H2qkOcvot6MhGvAjv7tDW_5Q9TZ6f-vfKsGNbQoAw32fAqL77gcTM9V8svsSdA8HljLMaDWQXO1j3fVPih&sig=Cg0ArKJSzCyQ-3Sx6NrdEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20221110.21097&arae=0&ftch=1&adurl=
216.58.211.2200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv9euisA_F_qXHgmpsTj6xSM3rlvDMPsRljDNrgS8Qu9AWts3Bz-LQOj82tKE1OlP6I4CMQOgmy1LsmCZNDSOP1SFvDuv6HusRgpd4ZbUNp6LheAt25wstkZb1hZZyOCXMLcItdtdLo7BeWZDyvAEFO_zQRLPh9z8VL_OhM495F91da3CRl1ere1Z5O46qAtsj5K7JbqXTSoi9sj_U5F5xobWXO9MjEiXj8jIKntm5gNC-DVCXUgwWjajhUY47Yr_apptrOsDAWV9nIF4C3QDGD7_ARY_k5D6Tye5-J4pAQSiLWkILHbOf0xox63CvMVbNabWZes72tVIXSuNopofEXw9gX-xHwPXC93fC2fCB1gWUrD69hp4Z8TYNmqH_Ejy09_meqglf4kr3iRcGZtCsfmzeWcqbSFiDdBa8YHN8pdn4gqyE2vbmQofdj1wyiQbs6GHrGzIp6VCMHOEDAcUPxEWImCverJ1CuetlGbWPcu1d3k7k4ETkQzrzPfpfc9xILecxOO4yqflaLT-NlSQITZZ-HTum47dTS8OOwRqtCD7YuuBBzbx8diBUSF4wxpLSkKnDGdP-J_CQ73OsW2UEjuPgNA_xfLyVNl-Jxed4XDeRpMS2cs2IR9XsfH2srQUjiFoCtaUuzNBWa4_XSS7-8Uo3RQfLBelCHUoeody_7n-3BCRh5dHsBVRG00QjV_KxQZjc7scgqWc249zE1YztoV7raqVj6tvf2BGPJTdAKdRw52tAUmVjY6WZVNVzD97DdNVG00q4RYIrX-M-lIaCyPGblzb0LTYIGXQO_5zgf3tTO9wNYSxUg9IQz01IBaZp8P5ymwll-fJnI-lARU0n-1ZmEM1usvWsKk8drb9cLq-zZnyXvDehS84ffgnyjsphGRKkAUb2K3fCualQbAUKByAju9anWTvORyscS-40MUv_mbeIWOzqs2WONI1KHr-XRtlM8W6E0DAR_dbEIg99GO8kaNLf16TOhb-Y2qlMF7fOS7rEZIswJUAZoYLQ1nvcj9RQsokOxkwc7TIL9Z-xkkqOdrqjRSi1zKnnuoBwMt-e9mvwHdybOsShktdGH0KdaT5FtOePKvHpFvMSar1eTmFF_WKqtCl0gHYZ2YE-1re6jRXAa0V5k9nU1N4l7KBfJ2TLDKtabBuJCW3HG62c-MpaTZsZMotYGPb6B2BxwLYQqPg&sai=AMfl-YTvGDPhzus2EZmHVD_g1OxSihhXGKFHDwBG1tpySJ5_eokYGKHVc7dHRzxPo8Whcu1EGvuNzTkSYMrPO3RZiuV_PsJEkPpCTXm3gCWk7Gg4v3mkbl01Z9CqHgYX_kbjeuF56xc8Wx0PfmgJE2GiLZwVEIFTNnS3z1XjfJgPxfW64EtTejcZjsLscZ_nylJoC0uQM0DGvBdna80dGmh6s96ICZzGl5H2qkOcvot6MhGvAjv7tDW_5Q9TZ6f-vfKsGNbQoAw32fAqL77gcTM9V8svsSdA8HljLMaDWQXO1j3fVPih&sig=Cg0ArKJSzCyQ-3Sx6NrdEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20221110.21097&arae=0&ftch=1&adurl=
IP 216.58.211.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsv9euisA_F_qXHgmpsTj6xSM3rlvDMPsRljDNrgS8Qu9AWts3Bz-LQOj82tKE1OlP6I4CMQOgmy1LsmCZNDSOP1SFvDuv6HusRgpd4ZbUNp6LheAt25wstkZb1hZZyOCXMLcItdtdLo7BeWZDyvAEFO_zQRLPh9z8VL_OhM495F91da3CRl1ere1Z5O46qAtsj5K7JbqXTSoi9sj_U5F5xobWXO9MjEiXj8jIKntm5gNC-DVCXUgwWjajhUY47Yr_apptrOsDAWV9nIF4C3QDGD7_ARY_k5D6Tye5-J4pAQSiLWkILHbOf0xox63CvMVbNabWZes72tVIXSuNopofEXw9gX-xHwPXC93fC2fCB1gWUrD69hp4Z8TYNmqH_Ejy09_meqglf4kr3iRcGZtCsfmzeWcqbSFiDdBa8YHN8pdn4gqyE2vbmQofdj1wyiQbs6GHrGzIp6VCMHOEDAcUPxEWImCverJ1CuetlGbWPcu1d3k7k4ETkQzrzPfpfc9xILecxOO4yqflaLT-NlSQITZZ-HTum47dTS8OOwRqtCD7YuuBBzbx8diBUSF4wxpLSkKnDGdP-J_CQ73OsW2UEjuPgNA_xfLyVNl-Jxed4XDeRpMS2cs2IR9XsfH2srQUjiFoCtaUuzNBWa4_XSS7-8Uo3RQfLBelCHUoeody_7n-3BCRh5dHsBVRG00QjV_KxQZjc7scgqWc249zE1YztoV7raqVj6tvf2BGPJTdAKdRw52tAUmVjY6WZVNVzD97DdNVG00q4RYIrX-M-lIaCyPGblzb0LTYIGXQO_5zgf3tTO9wNYSxUg9IQz01IBaZp8P5ymwll-fJnI-lARU0n-1ZmEM1usvWsKk8drb9cLq-zZnyXvDehS84ffgnyjsphGRKkAUb2K3fCualQbAUKByAju9anWTvORyscS-40MUv_mbeIWOzqs2WONI1KHr-XRtlM8W6E0DAR_dbEIg99GO8kaNLf16TOhb-Y2qlMF7fOS7rEZIswJUAZoYLQ1nvcj9RQsokOxkwc7TIL9Z-xkkqOdrqjRSi1zKnnuoBwMt-e9mvwHdybOsShktdGH0KdaT5FtOePKvHpFvMSar1eTmFF_WKqtCl0gHYZ2YE-1re6jRXAa0V5k9nU1N4l7KBfJ2TLDKtabBuJCW3HG62c-MpaTZsZMotYGPb6B2BxwLYQqPg&sai=AMfl-YTvGDPhzus2EZmHVD_g1OxSihhXGKFHDwBG1tpySJ5_eokYGKHVc7dHRzxPo8Whcu1EGvuNzTkSYMrPO3RZiuV_PsJEkPpCTXm3gCWk7Gg4v3mkbl01Z9CqHgYX_kbjeuF56xc8Wx0PfmgJE2GiLZwVEIFTNnS3z1XjfJgPxfW64EtTejcZjsLscZ_nylJoC0uQM0DGvBdna80dGmh6s96ICZzGl5H2qkOcvot6MhGvAjv7tDW_5Q9TZ6f-vfKsGNbQoAw32fAqL77gcTM9V8svsSdA8HljLMaDWQXO1j3fVPih&sig=Cg0ArKJSzCyQ-3Sx6NrdEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20221110.21097&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://8a7892587e217074d907d2d2944ac74f.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Wed, 30 Nov 2022 18:38:08 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 30-Nov-2022 18:53:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 30 Nov 2022 18:38:08 GMT
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu62s-KCzgMGOoxERYvf7T7rgOBYuHwSZUxpEge_YTA3Z53t77ec3cVczSOwjVb-uIFmx5-FrMdp2_TxJZ8boii72_fMOaXNKcANhaZbMxJqOMj_xrI4ggL1tuBp5rYgikVfOFDeDUSx3RveOQnLMeDqAJP_YpMbmOhAWUB2RWEGbkjWCWhlspNyUZfcEKMXixjtaF8q2CxHaM2Q3l_ElvmGjWqwv1efCwVxd4qRRDFx4WX3I1L1H2JbHwixyhgwcWTvRzOJxsSil9HYnMbpA6Z4AasvbrbmBCWG_04FBM7kH_tyzeffvzOIt-Ixe4M6MYzmEwayKXzhRDc_fCHjul_0OdFX4xxz3B9UFqu-Oy2KmcEx0K05BxKHMrKjqJW2g0Mr8VOlnCoOauwZfIuE1CTU-UDC3UCqp9jUlLLBZkdHAMG8w_HPtUPPLRWhjd5UQ3BGlaQTIDt2syPeB7I5W9M0xwA0cd-ttYwAeZhv-VkcRORjNcqswnReGwxmsIcC87zef9nbVyllRx0L06J6iC8Au08oXAyf9E1gY3uiFUIyzr-ig0BVADBOx27Kspl6XK84tX8-qNoNcMLgN-udP_pkiA1zttDlMA8L_kszggC1H6xiyJ3YhndjWdpej003P-TLiYApVAQYF5yV96zjAVpvwH3neGSEbsuXKCghfjwpGUx1HllU5qcK4zi6odnGbgrIdPGSAuCT1iuCTRcAbdNbK5ZbVmXDTQd8DXpTsWbojRbEsugjX04eREknaxmJew1xiJpmkv9kRU3GQiUNOZ7OTTseo3FQO5FoPXiSKSrKHVIIxVcg5hVjhrj8OciO3NVXsNhSaKeev-mVehT__hqHlW2IdW7zEEYDg_Tlo7AsIiUg7rNxMVEjOnWJz2FsZ4M4V10-3geRrP2e46Q4WxIWGt6NpMgWibGtfcCE6Yf7H9wEpaDXskPJ9PqRrrCKxEKWz5zv0Nv4CHTVPyGzG4PaL3_gwiByJD61jVP6DwG43AK0p7peK4ObDai-JEUzQf3iYiOxW0YnR6k5eZqGSPhTqlPfPKeaFbfq9bC4qdcvYTiimO0vsd5C2mxYa6nZrk9IWLHJFhaA_GI5500xqJ9Bg0JUXRh5O2RmLOwhie5BMbwPQcfoq-do-SuWyn6yj5g1mxsJPkj3Su-OV_SJhlEVEL2aoHwHHHLcfsffUOlTppsaZQDjYL2LyjQ_1SG&sai=AMfl-YT_mlgl8IMdwkXySNvQbe1GYIEJZVQpIfq9ju9XYz3jg0104EIfWsTLZxFOzpF8CCRgOKexaGaoannTwvS4UljRmV9lio8t17OO9tmLhTPv9iIcsZgtNqa2WE58YU49IdWf4ql15QRkpZ1WEjsqSb40qR_P4K7SOlzni_sa5vR_uYrfVaSCzbG3MSZ8gQl1s_rddeEAnG8_y8azEhSwvNyG3t86aSIms4Osg8PCKFfIA_r4EQcDZyzoXlz0NDzdeAtUYh01n7i4NlYoKNI5gcPvbKFLQ0WLvCVzoJtjvqak0MCq&sig=Cg0ArKJSzGxwyBpPrsNFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=447&vt=11&dtpt=446&dett=2&cstd=0&cisv=r20221110.81688&arae=0&ftch=1&adurl=
216.58.211.2200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu62s-KCzgMGOoxERYvf7T7rgOBYuHwSZUxpEge_YTA3Z53t77ec3cVczSOwjVb-uIFmx5-FrMdp2_TxJZ8boii72_fMOaXNKcANhaZbMxJqOMj_xrI4ggL1tuBp5rYgikVfOFDeDUSx3RveOQnLMeDqAJP_YpMbmOhAWUB2RWEGbkjWCWhlspNyUZfcEKMXixjtaF8q2CxHaM2Q3l_ElvmGjWqwv1efCwVxd4qRRDFx4WX3I1L1H2JbHwixyhgwcWTvRzOJxsSil9HYnMbpA6Z4AasvbrbmBCWG_04FBM7kH_tyzeffvzOIt-Ixe4M6MYzmEwayKXzhRDc_fCHjul_0OdFX4xxz3B9UFqu-Oy2KmcEx0K05BxKHMrKjqJW2g0Mr8VOlnCoOauwZfIuE1CTU-UDC3UCqp9jUlLLBZkdHAMG8w_HPtUPPLRWhjd5UQ3BGlaQTIDt2syPeB7I5W9M0xwA0cd-ttYwAeZhv-VkcRORjNcqswnReGwxmsIcC87zef9nbVyllRx0L06J6iC8Au08oXAyf9E1gY3uiFUIyzr-ig0BVADBOx27Kspl6XK84tX8-qNoNcMLgN-udP_pkiA1zttDlMA8L_kszggC1H6xiyJ3YhndjWdpej003P-TLiYApVAQYF5yV96zjAVpvwH3neGSEbsuXKCghfjwpGUx1HllU5qcK4zi6odnGbgrIdPGSAuCT1iuCTRcAbdNbK5ZbVmXDTQd8DXpTsWbojRbEsugjX04eREknaxmJew1xiJpmkv9kRU3GQiUNOZ7OTTseo3FQO5FoPXiSKSrKHVIIxVcg5hVjhrj8OciO3NVXsNhSaKeev-mVehT__hqHlW2IdW7zEEYDg_Tlo7AsIiUg7rNxMVEjOnWJz2FsZ4M4V10-3geRrP2e46Q4WxIWGt6NpMgWibGtfcCE6Yf7H9wEpaDXskPJ9PqRrrCKxEKWz5zv0Nv4CHTVPyGzG4PaL3_gwiByJD61jVP6DwG43AK0p7peK4ObDai-JEUzQf3iYiOxW0YnR6k5eZqGSPhTqlPfPKeaFbfq9bC4qdcvYTiimO0vsd5C2mxYa6nZrk9IWLHJFhaA_GI5500xqJ9Bg0JUXRh5O2RmLOwhie5BMbwPQcfoq-do-SuWyn6yj5g1mxsJPkj3Su-OV_SJhlEVEL2aoHwHHHLcfsffUOlTppsaZQDjYL2LyjQ_1SG&sai=AMfl-YT_mlgl8IMdwkXySNvQbe1GYIEJZVQpIfq9ju9XYz3jg0104EIfWsTLZxFOzpF8CCRgOKexaGaoannTwvS4UljRmV9lio8t17OO9tmLhTPv9iIcsZgtNqa2WE58YU49IdWf4ql15QRkpZ1WEjsqSb40qR_P4K7SOlzni_sa5vR_uYrfVaSCzbG3MSZ8gQl1s_rddeEAnG8_y8azEhSwvNyG3t86aSIms4Osg8PCKFfIA_r4EQcDZyzoXlz0NDzdeAtUYh01n7i4NlYoKNI5gcPvbKFLQ0WLvCVzoJtjvqak0MCq&sig=Cg0ArKJSzGxwyBpPrsNFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=447&vt=11&dtpt=446&dett=2&cstd=0&cisv=r20221110.81688&arae=0&ftch=1&adurl=
IP 216.58.211.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsu62s-KCzgMGOoxERYvf7T7rgOBYuHwSZUxpEge_YTA3Z53t77ec3cVczSOwjVb-uIFmx5-FrMdp2_TxJZ8boii72_fMOaXNKcANhaZbMxJqOMj_xrI4ggL1tuBp5rYgikVfOFDeDUSx3RveOQnLMeDqAJP_YpMbmOhAWUB2RWEGbkjWCWhlspNyUZfcEKMXixjtaF8q2CxHaM2Q3l_ElvmGjWqwv1efCwVxd4qRRDFx4WX3I1L1H2JbHwixyhgwcWTvRzOJxsSil9HYnMbpA6Z4AasvbrbmBCWG_04FBM7kH_tyzeffvzOIt-Ixe4M6MYzmEwayKXzhRDc_fCHjul_0OdFX4xxz3B9UFqu-Oy2KmcEx0K05BxKHMrKjqJW2g0Mr8VOlnCoOauwZfIuE1CTU-UDC3UCqp9jUlLLBZkdHAMG8w_HPtUPPLRWhjd5UQ3BGlaQTIDt2syPeB7I5W9M0xwA0cd-ttYwAeZhv-VkcRORjNcqswnReGwxmsIcC87zef9nbVyllRx0L06J6iC8Au08oXAyf9E1gY3uiFUIyzr-ig0BVADBOx27Kspl6XK84tX8-qNoNcMLgN-udP_pkiA1zttDlMA8L_kszggC1H6xiyJ3YhndjWdpej003P-TLiYApVAQYF5yV96zjAVpvwH3neGSEbsuXKCghfjwpGUx1HllU5qcK4zi6odnGbgrIdPGSAuCT1iuCTRcAbdNbK5ZbVmXDTQd8DXpTsWbojRbEsugjX04eREknaxmJew1xiJpmkv9kRU3GQiUNOZ7OTTseo3FQO5FoPXiSKSrKHVIIxVcg5hVjhrj8OciO3NVXsNhSaKeev-mVehT__hqHlW2IdW7zEEYDg_Tlo7AsIiUg7rNxMVEjOnWJz2FsZ4M4V10-3geRrP2e46Q4WxIWGt6NpMgWibGtfcCE6Yf7H9wEpaDXskPJ9PqRrrCKxEKWz5zv0Nv4CHTVPyGzG4PaL3_gwiByJD61jVP6DwG43AK0p7peK4ObDai-JEUzQf3iYiOxW0YnR6k5eZqGSPhTqlPfPKeaFbfq9bC4qdcvYTiimO0vsd5C2mxYa6nZrk9IWLHJFhaA_GI5500xqJ9Bg0JUXRh5O2RmLOwhie5BMbwPQcfoq-do-SuWyn6yj5g1mxsJPkj3Su-OV_SJhlEVEL2aoHwHHHLcfsffUOlTppsaZQDjYL2LyjQ_1SG&sai=AMfl-YT_mlgl8IMdwkXySNvQbe1GYIEJZVQpIfq9ju9XYz3jg0104EIfWsTLZxFOzpF8CCRgOKexaGaoannTwvS4UljRmV9lio8t17OO9tmLhTPv9iIcsZgtNqa2WE58YU49IdWf4ql15QRkpZ1WEjsqSb40qR_P4K7SOlzni_sa5vR_uYrfVaSCzbG3MSZ8gQl1s_rddeEAnG8_y8azEhSwvNyG3t86aSIms4Osg8PCKFfIA_r4EQcDZyzoXlz0NDzdeAtUYh01n7i4NlYoKNI5gcPvbKFLQ0WLvCVzoJtjvqak0MCq&sig=Cg0ArKJSzGxwyBpPrsNFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=447&vt=11&dtpt=446&dett=2&cstd=0&cisv=r20221110.81688&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://8a7892587e217074d907d2d2944ac74f.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Wed, 30 Nov 2022 18:38:08 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 30-Nov-2022 18:53:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 30 Nov 2022 18:38:08 GMT
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv9euisA_F_qXHgmpsTj6xSM3rlvDMPsRljDNrgS8Qu9AWts3Bz-LQOj82tKE1OlP6I4CMQOgmy1LsmCZNDSOP1SFvDuv6HusRgpd4ZbUNp6LheAt25wstkZb1hZZyOCXMLcItdtdLo7BeWZDyvAEFO_zQRLPh9z8VL_OhM495F91da3CRl1ere1Z5O46qAtsj5K7JbqXTSoi9sj_U5F5xobWXO9MjEiXj8jIKntm5gNC-DVCXUgwWjajhUY47Yr_apptrOsDAWV9nIF4C3QDGD7_ARY_k5D6Tye5-J4pAQSiLWkILHbOf0xox63CvMVbNabWZes72tVIXSuNopofEXw9gX-xHwPXC93fC2fCB1gWUrD69hp4Z8TYNmqH_Ejy09_meqglf4kr3iRcGZtCsfmzeWcqbSFiDdBa8YHN8pdn4gqyE2vbmQofdj1wyiQbs6GHrGzIp6VCMHOEDAcUPxEWImCverJ1CuetlGbWPcu1d3k7k4ETkQzrzPfpfc9xILecxOO4yqflaLT-NlSQITZZ-HTum47dTS8OOwRqtCD7YuuBBzbx8diBUSF4wxpLSkKnDGdP-J_CQ73OsW2UEjuPgNA_xfLyVNl-Jxed4XDeRpMS2cs2IR9XsfH2srQUjiFoCtaUuzNBWa4_XSS7-8Uo3RQfLBelCHUoeody_7n-3BCRh5dHsBVRG00QjV_KxQZjc7scgqWc249zE1YztoV7raqVj6tvf2BGPJTdAKdRw52tAUmVjY6WZVNVzD97DdNVG00q4RYIrX-M-lIaCyPGblzb0LTYIGXQO_5zgf3tTO9wNYSxUg9IQz01IBaZp8P5ymwll-fJnI-lARU0n-1ZmEM1usvWsKk8drb9cLq-zZnyXvDehS84ffgnyjsphGRKkAUb2K3fCualQbAUKByAju9anWTvORyscS-40MUv_mbeIWOzqs2WONI1KHr-XRtlM8W6E0DAR_dbEIg99GO8kaNLf16TOhb-Y2qlMF7fOS7rEZIswJUAZoYLQ1nvcj9RQsokOxkwc7TIL9Z-xkkqOdrqjRSi1zKnnuoBwMt-e9mvwHdybOsShktdGH0KdaT5FtOePKvHpFvMSar1eTmFF_WKqtCl0gHYZ2YE-1re6jRXAa0V5k9nU1N4l7KBfJ2TLDKtabBuJCW3HG62c-MpaTZsZMotYGPb6B2BxwLYQqPg&sai=AMfl-YTvGDPhzus2EZmHVD_g1OxSihhXGKFHDwBG1tpySJ5_eokYGKHVc7dHRzxPo8Whcu1EGvuNzTkSYMrPO3RZiuV_PsJEkPpCTXm3gCWk7Gg4v3mkbl01Z9CqHgYX_kbjeuF56xc8Wx0PfmgJE2GiLZwVEIFTNnS3z1XjfJgPxfW64EtTejcZjsLscZ_nylJoC0uQM0DGvBdna80dGmh6s96ICZzGl5H2qkOcvot6MhGvAjv7tDW_5Q9TZ6f-vfKsGNbQoAw32fAqL77gcTM9V8svsSdA8HljLMaDWQXO1j3fVPih&sig=Cg0ArKJSzCyQ-3Sx6NrdEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=290&vt=11&dtpt=290&dett=2&cstd=0&cisv=r20221110.21097&arae=0&ftch=1&adurl=
216.58.211.2200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv9euisA_F_qXHgmpsTj6xSM3rlvDMPsRljDNrgS8Qu9AWts3Bz-LQOj82tKE1OlP6I4CMQOgmy1LsmCZNDSOP1SFvDuv6HusRgpd4ZbUNp6LheAt25wstkZb1hZZyOCXMLcItdtdLo7BeWZDyvAEFO_zQRLPh9z8VL_OhM495F91da3CRl1ere1Z5O46qAtsj5K7JbqXTSoi9sj_U5F5xobWXO9MjEiXj8jIKntm5gNC-DVCXUgwWjajhUY47Yr_apptrOsDAWV9nIF4C3QDGD7_ARY_k5D6Tye5-J4pAQSiLWkILHbOf0xox63CvMVbNabWZes72tVIXSuNopofEXw9gX-xHwPXC93fC2fCB1gWUrD69hp4Z8TYNmqH_Ejy09_meqglf4kr3iRcGZtCsfmzeWcqbSFiDdBa8YHN8pdn4gqyE2vbmQofdj1wyiQbs6GHrGzIp6VCMHOEDAcUPxEWImCverJ1CuetlGbWPcu1d3k7k4ETkQzrzPfpfc9xILecxOO4yqflaLT-NlSQITZZ-HTum47dTS8OOwRqtCD7YuuBBzbx8diBUSF4wxpLSkKnDGdP-J_CQ73OsW2UEjuPgNA_xfLyVNl-Jxed4XDeRpMS2cs2IR9XsfH2srQUjiFoCtaUuzNBWa4_XSS7-8Uo3RQfLBelCHUoeody_7n-3BCRh5dHsBVRG00QjV_KxQZjc7scgqWc249zE1YztoV7raqVj6tvf2BGPJTdAKdRw52tAUmVjY6WZVNVzD97DdNVG00q4RYIrX-M-lIaCyPGblzb0LTYIGXQO_5zgf3tTO9wNYSxUg9IQz01IBaZp8P5ymwll-fJnI-lARU0n-1ZmEM1usvWsKk8drb9cLq-zZnyXvDehS84ffgnyjsphGRKkAUb2K3fCualQbAUKByAju9anWTvORyscS-40MUv_mbeIWOzqs2WONI1KHr-XRtlM8W6E0DAR_dbEIg99GO8kaNLf16TOhb-Y2qlMF7fOS7rEZIswJUAZoYLQ1nvcj9RQsokOxkwc7TIL9Z-xkkqOdrqjRSi1zKnnuoBwMt-e9mvwHdybOsShktdGH0KdaT5FtOePKvHpFvMSar1eTmFF_WKqtCl0gHYZ2YE-1re6jRXAa0V5k9nU1N4l7KBfJ2TLDKtabBuJCW3HG62c-MpaTZsZMotYGPb6B2BxwLYQqPg&sai=AMfl-YTvGDPhzus2EZmHVD_g1OxSihhXGKFHDwBG1tpySJ5_eokYGKHVc7dHRzxPo8Whcu1EGvuNzTkSYMrPO3RZiuV_PsJEkPpCTXm3gCWk7Gg4v3mkbl01Z9CqHgYX_kbjeuF56xc8Wx0PfmgJE2GiLZwVEIFTNnS3z1XjfJgPxfW64EtTejcZjsLscZ_nylJoC0uQM0DGvBdna80dGmh6s96ICZzGl5H2qkOcvot6MhGvAjv7tDW_5Q9TZ6f-vfKsGNbQoAw32fAqL77gcTM9V8svsSdA8HljLMaDWQXO1j3fVPih&sig=Cg0ArKJSzCyQ-3Sx6NrdEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=290&vt=11&dtpt=290&dett=2&cstd=0&cisv=r20221110.21097&arae=0&ftch=1&adurl=
IP 216.58.211.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsv9euisA_F_qXHgmpsTj6xSM3rlvDMPsRljDNrgS8Qu9AWts3Bz-LQOj82tKE1OlP6I4CMQOgmy1LsmCZNDSOP1SFvDuv6HusRgpd4ZbUNp6LheAt25wstkZb1hZZyOCXMLcItdtdLo7BeWZDyvAEFO_zQRLPh9z8VL_OhM495F91da3CRl1ere1Z5O46qAtsj5K7JbqXTSoi9sj_U5F5xobWXO9MjEiXj8jIKntm5gNC-DVCXUgwWjajhUY47Yr_apptrOsDAWV9nIF4C3QDGD7_ARY_k5D6Tye5-J4pAQSiLWkILHbOf0xox63CvMVbNabWZes72tVIXSuNopofEXw9gX-xHwPXC93fC2fCB1gWUrD69hp4Z8TYNmqH_Ejy09_meqglf4kr3iRcGZtCsfmzeWcqbSFiDdBa8YHN8pdn4gqyE2vbmQofdj1wyiQbs6GHrGzIp6VCMHOEDAcUPxEWImCverJ1CuetlGbWPcu1d3k7k4ETkQzrzPfpfc9xILecxOO4yqflaLT-NlSQITZZ-HTum47dTS8OOwRqtCD7YuuBBzbx8diBUSF4wxpLSkKnDGdP-J_CQ73OsW2UEjuPgNA_xfLyVNl-Jxed4XDeRpMS2cs2IR9XsfH2srQUjiFoCtaUuzNBWa4_XSS7-8Uo3RQfLBelCHUoeody_7n-3BCRh5dHsBVRG00QjV_KxQZjc7scgqWc249zE1YztoV7raqVj6tvf2BGPJTdAKdRw52tAUmVjY6WZVNVzD97DdNVG00q4RYIrX-M-lIaCyPGblzb0LTYIGXQO_5zgf3tTO9wNYSxUg9IQz01IBaZp8P5ymwll-fJnI-lARU0n-1ZmEM1usvWsKk8drb9cLq-zZnyXvDehS84ffgnyjsphGRKkAUb2K3fCualQbAUKByAju9anWTvORyscS-40MUv_mbeIWOzqs2WONI1KHr-XRtlM8W6E0DAR_dbEIg99GO8kaNLf16TOhb-Y2qlMF7fOS7rEZIswJUAZoYLQ1nvcj9RQsokOxkwc7TIL9Z-xkkqOdrqjRSi1zKnnuoBwMt-e9mvwHdybOsShktdGH0KdaT5FtOePKvHpFvMSar1eTmFF_WKqtCl0gHYZ2YE-1re6jRXAa0V5k9nU1N4l7KBfJ2TLDKtabBuJCW3HG62c-MpaTZsZMotYGPb6B2BxwLYQqPg&sai=AMfl-YTvGDPhzus2EZmHVD_g1OxSihhXGKFHDwBG1tpySJ5_eokYGKHVc7dHRzxPo8Whcu1EGvuNzTkSYMrPO3RZiuV_PsJEkPpCTXm3gCWk7Gg4v3mkbl01Z9CqHgYX_kbjeuF56xc8Wx0PfmgJE2GiLZwVEIFTNnS3z1XjfJgPxfW64EtTejcZjsLscZ_nylJoC0uQM0DGvBdna80dGmh6s96ICZzGl5H2qkOcvot6MhGvAjv7tDW_5Q9TZ6f-vfKsGNbQoAw32fAqL77gcTM9V8svsSdA8HljLMaDWQXO1j3fVPih&sig=Cg0ArKJSzCyQ-3Sx6NrdEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=290&vt=11&dtpt=290&dett=2&cstd=0&cisv=r20221110.21097&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://8a7892587e217074d907d2d2944ac74f.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Wed, 30 Nov 2022 18:38:08 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 30-Nov-2022 18:53:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 30 Nov 2022 18:38:08 GMT
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3N_9GnOZCOoMYCshNY1AO6jn3dlUbgaPRXc7M7xs4Eu4fUvY2tQx_mbCzB2juzxGpLEC1zyoqW_pQTmQ_-BXLZDBLwhS5Yc4VXR1lHDSrKO8fhec9m39wG4k1qsGLFr6I6tdn6qeN76QccnOLDsoabC7rf3lhmudsvxCCixZtW87-pC7t-jhf7MygK3zUCbLB1rmNwDeP-kTKP5yrI2cB4fZdcoaKXMOR5TXIZ6DoLQjuhqCxfgaMA84jXKWW2x43PzCeslPHtfV3iwwzz85ikTbx7d2Fn3wH46ZYQgSULY3EX5sAx9InkPxNzRc1sKBLizVz81TYwIMALgfDRN7Tggvqz_7AaRe7lNaW-FqNofRkqysDnBEFv04p7Mh3k-QhvW7QpCxtdyMQwcDMBH4HqJ8EQcAYfDp4sWvYmom4Q288geIrCyCw5XSvIjdioAeFP_NbVWeYxb1mvam-x58rLASg4AbzuMlMnuVQd3OEsTjqdksHEDmOk8Ho9NWDSqEUVnhVSf4VFxd3JQmOXiDMEl6Oh6f1lC2LXRTZ9BHeXAoyPxN1Em76D_oXaMXQ05J8UGoiQTPAbIGNk1yce0t5wUjEitTBCeRVzEX9x8oO6RTihI5BUDRjlnh6mO1vWTjhyqAXs6xrcuGrGfhtNSgF1osNl4CViVfC1OnEg14hdSpVK7GMTj3ffX7RGlm_PTzco7FVSRZQJskTdrHhvxRNR8HqdHqGfOBnNknpXfONyZUbGP5TQSfDgLcX4DrhE634M1xw9c-GE0uH3B7PCyVsD4bDCEdpIct5yjrIcGJB1uOWkdtZkdsY3keORJmixTRxoCV6f1KUR1yuDCwkXlZHJoltQjpga54Wv9dxnMguGWFqobXvmbs3cZWVFLesYfeHiXywteM2B6JquDTjTbyC5CHl6rnYG3gZTyo0bhxHZ4CqMtVwPz9glGd2HVOwiPicyLKPSAbGwy08Y-LchuUVGxPgkpKF_-UnQaVte7chZ31QdZ8_EVtLFT_qFhPxSpSV4LZg-lDMrBrftOWDSdJ--DRUscd5lbsx3iqplxVwNah2vDKsv_cFf2-C_1Sy8BH4PfHwFZz29XUcX0Xxy6ks3-B4cGAlJNR3NSlagmPXo0TRPVMI26nQ8vuIQZKEufszqg8NT0YZbKwYGuVPSDo6JN5DPWFDB2DJM7O5H8ANYw0-sNQ-758uiVwo1mwo&sai=AMfl-YRZBYbdoRUMyvxVcphPUKw2tuIaVqOq2tl9uVnsCDZMHBu2D3URuOXTq9DoseCmX1nfRSuuwgAAa1OFIxTDHZSE7kHJsjurRfTFZJAEh02CYebg04VGFOJH-rc0VCfVhp8ASzSnVqksetzDNnEPXl4W2arTEasetOJuT_s8j61NIbXbzsQV26TlJACzIcSaUO8eHvFDkIfpsnb-A49Y1G0P-gxz0TD3YzacWpce6R8P2frbadlRh5a4GXKlAwto--yU8WgyWVnTVefp1_xFG2RHPK_HYJGgg4KjsgpBmk4nm4hr&sig=Cg0ArKJSzKGWsgsXZLjOEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=2&dett=2&cstd=0&cisv=r20221110.38184&arae=0&ftch=1&adurl=
216.58.211.2200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3N_9GnOZCOoMYCshNY1AO6jn3dlUbgaPRXc7M7xs4Eu4fUvY2tQx_mbCzB2juzxGpLEC1zyoqW_pQTmQ_-BXLZDBLwhS5Yc4VXR1lHDSrKO8fhec9m39wG4k1qsGLFr6I6tdn6qeN76QccnOLDsoabC7rf3lhmudsvxCCixZtW87-pC7t-jhf7MygK3zUCbLB1rmNwDeP-kTKP5yrI2cB4fZdcoaKXMOR5TXIZ6DoLQjuhqCxfgaMA84jXKWW2x43PzCeslPHtfV3iwwzz85ikTbx7d2Fn3wH46ZYQgSULY3EX5sAx9InkPxNzRc1sKBLizVz81TYwIMALgfDRN7Tggvqz_7AaRe7lNaW-FqNofRkqysDnBEFv04p7Mh3k-QhvW7QpCxtdyMQwcDMBH4HqJ8EQcAYfDp4sWvYmom4Q288geIrCyCw5XSvIjdioAeFP_NbVWeYxb1mvam-x58rLASg4AbzuMlMnuVQd3OEsTjqdksHEDmOk8Ho9NWDSqEUVnhVSf4VFxd3JQmOXiDMEl6Oh6f1lC2LXRTZ9BHeXAoyPxN1Em76D_oXaMXQ05J8UGoiQTPAbIGNk1yce0t5wUjEitTBCeRVzEX9x8oO6RTihI5BUDRjlnh6mO1vWTjhyqAXs6xrcuGrGfhtNSgF1osNl4CViVfC1OnEg14hdSpVK7GMTj3ffX7RGlm_PTzco7FVSRZQJskTdrHhvxRNR8HqdHqGfOBnNknpXfONyZUbGP5TQSfDgLcX4DrhE634M1xw9c-GE0uH3B7PCyVsD4bDCEdpIct5yjrIcGJB1uOWkdtZkdsY3keORJmixTRxoCV6f1KUR1yuDCwkXlZHJoltQjpga54Wv9dxnMguGWFqobXvmbs3cZWVFLesYfeHiXywteM2B6JquDTjTbyC5CHl6rnYG3gZTyo0bhxHZ4CqMtVwPz9glGd2HVOwiPicyLKPSAbGwy08Y-LchuUVGxPgkpKF_-UnQaVte7chZ31QdZ8_EVtLFT_qFhPxSpSV4LZg-lDMrBrftOWDSdJ--DRUscd5lbsx3iqplxVwNah2vDKsv_cFf2-C_1Sy8BH4PfHwFZz29XUcX0Xxy6ks3-B4cGAlJNR3NSlagmPXo0TRPVMI26nQ8vuIQZKEufszqg8NT0YZbKwYGuVPSDo6JN5DPWFDB2DJM7O5H8ANYw0-sNQ-758uiVwo1mwo&sai=AMfl-YRZBYbdoRUMyvxVcphPUKw2tuIaVqOq2tl9uVnsCDZMHBu2D3URuOXTq9DoseCmX1nfRSuuwgAAa1OFIxTDHZSE7kHJsjurRfTFZJAEh02CYebg04VGFOJH-rc0VCfVhp8ASzSnVqksetzDNnEPXl4W2arTEasetOJuT_s8j61NIbXbzsQV26TlJACzIcSaUO8eHvFDkIfpsnb-A49Y1G0P-gxz0TD3YzacWpce6R8P2frbadlRh5a4GXKlAwto--yU8WgyWVnTVefp1_xFG2RHPK_HYJGgg4KjsgpBmk4nm4hr&sig=Cg0ArKJSzKGWsgsXZLjOEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=2&dett=2&cstd=0&cisv=r20221110.38184&arae=0&ftch=1&adurl=
IP 216.58.211.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsv3N_9GnOZCOoMYCshNY1AO6jn3dlUbgaPRXc7M7xs4Eu4fUvY2tQx_mbCzB2juzxGpLEC1zyoqW_pQTmQ_-BXLZDBLwhS5Yc4VXR1lHDSrKO8fhec9m39wG4k1qsGLFr6I6tdn6qeN76QccnOLDsoabC7rf3lhmudsvxCCixZtW87-pC7t-jhf7MygK3zUCbLB1rmNwDeP-kTKP5yrI2cB4fZdcoaKXMOR5TXIZ6DoLQjuhqCxfgaMA84jXKWW2x43PzCeslPHtfV3iwwzz85ikTbx7d2Fn3wH46ZYQgSULY3EX5sAx9InkPxNzRc1sKBLizVz81TYwIMALgfDRN7Tggvqz_7AaRe7lNaW-FqNofRkqysDnBEFv04p7Mh3k-QhvW7QpCxtdyMQwcDMBH4HqJ8EQcAYfDp4sWvYmom4Q288geIrCyCw5XSvIjdioAeFP_NbVWeYxb1mvam-x58rLASg4AbzuMlMnuVQd3OEsTjqdksHEDmOk8Ho9NWDSqEUVnhVSf4VFxd3JQmOXiDMEl6Oh6f1lC2LXRTZ9BHeXAoyPxN1Em76D_oXaMXQ05J8UGoiQTPAbIGNk1yce0t5wUjEitTBCeRVzEX9x8oO6RTihI5BUDRjlnh6mO1vWTjhyqAXs6xrcuGrGfhtNSgF1osNl4CViVfC1OnEg14hdSpVK7GMTj3ffX7RGlm_PTzco7FVSRZQJskTdrHhvxRNR8HqdHqGfOBnNknpXfONyZUbGP5TQSfDgLcX4DrhE634M1xw9c-GE0uH3B7PCyVsD4bDCEdpIct5yjrIcGJB1uOWkdtZkdsY3keORJmixTRxoCV6f1KUR1yuDCwkXlZHJoltQjpga54Wv9dxnMguGWFqobXvmbs3cZWVFLesYfeHiXywteM2B6JquDTjTbyC5CHl6rnYG3gZTyo0bhxHZ4CqMtVwPz9glGd2HVOwiPicyLKPSAbGwy08Y-LchuUVGxPgkpKF_-UnQaVte7chZ31QdZ8_EVtLFT_qFhPxSpSV4LZg-lDMrBrftOWDSdJ--DRUscd5lbsx3iqplxVwNah2vDKsv_cFf2-C_1Sy8BH4PfHwFZz29XUcX0Xxy6ks3-B4cGAlJNR3NSlagmPXo0TRPVMI26nQ8vuIQZKEufszqg8NT0YZbKwYGuVPSDo6JN5DPWFDB2DJM7O5H8ANYw0-sNQ-758uiVwo1mwo&sai=AMfl-YRZBYbdoRUMyvxVcphPUKw2tuIaVqOq2tl9uVnsCDZMHBu2D3URuOXTq9DoseCmX1nfRSuuwgAAa1OFIxTDHZSE7kHJsjurRfTFZJAEh02CYebg04VGFOJH-rc0VCfVhp8ASzSnVqksetzDNnEPXl4W2arTEasetOJuT_s8j61NIbXbzsQV26TlJACzIcSaUO8eHvFDkIfpsnb-A49Y1G0P-gxz0TD3YzacWpce6R8P2frbadlRh5a4GXKlAwto--yU8WgyWVnTVefp1_xFG2RHPK_HYJGgg4KjsgpBmk4nm4hr&sig=Cg0ArKJSzKGWsgsXZLjOEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=2&dett=2&cstd=0&cisv=r20221110.38184&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://8a7892587e217074d907d2d2944ac74f.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Wed, 30 Nov 2022 18:38:08 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 30-Nov-2022 18:53:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 30 Nov 2022 18:38:08 GMT
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUGc_HcbSwAQ7b_2Nb0FRzNQpuJMpTwdsxup5stwxxrCFnaWDASWpouQNYJutSe_pP0DapV5FiV4-RGMO0QGt5eR4F5uD4jwsUvG5QXhSUXrs3XnGfBYp-fLTW_6BP8E_xPxJf1Q&sai=AMfl-YQfRP43xFc3brA8-EMGQILgpudM1aeqmWuY0XtHQ78Bt6s9I7SccwKR40uYzerwr-FmX-UIB0pPs2rXgpg-8S8r_iDIMtO5gQ_XaR_Q-2Z9lGCMwTY8T-PLZsXkQjNaxXV2wv2KJgPBXpMdbYw&sig=Cg0ArKJSzKRtnA9-Oo5jEAE&cid=CAQSSwDq26N9W0eJjXXgwnU9Z3_V2GCiSqT6xAQZNWLNMrBQ68iBtFea8TEnNkJhfUjrRE7qFV7OelBT1odNdKNIVs6ONnbZvkg6rySTGBgBIBM&id=lidar2&mcvt=1001&p=486,124,576,852&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3670141160&rs=4&la=0&cr=0&vs=4&r=v&rst=1669833486210&rpt=587&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
142.250.74.66200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUGc_HcbSwAQ7b_2Nb0FRzNQpuJMpTwdsxup5stwxxrCFnaWDASWpouQNYJutSe_pP0DapV5FiV4-RGMO0QGt5eR4F5uD4jwsUvG5QXhSUXrs3XnGfBYp-fLTW_6BP8E_xPxJf1Q&sai=AMfl-YQfRP43xFc3brA8-EMGQILgpudM1aeqmWuY0XtHQ78Bt6s9I7SccwKR40uYzerwr-FmX-UIB0pPs2rXgpg-8S8r_iDIMtO5gQ_XaR_Q-2Z9lGCMwTY8T-PLZsXkQjNaxXV2wv2KJgPBXpMdbYw&sig=Cg0ArKJSzKRtnA9-Oo5jEAE&cid=CAQSSwDq26N9W0eJjXXgwnU9Z3_V2GCiSqT6xAQZNWLNMrBQ68iBtFea8TEnNkJhfUjrRE7qFV7OelBT1odNdKNIVs6ONnbZvkg6rySTGBgBIBM&id=lidar2&mcvt=1001&p=486,124,576,852&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3670141160&rs=4&la=0&cr=0&vs=4&r=v&rst=1669833486210&rpt=587&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
IP 142.250.74.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjstUGc_HcbSwAQ7b_2Nb0FRzNQpuJMpTwdsxup5stwxxrCFnaWDASWpouQNYJutSe_pP0DapV5FiV4-RGMO0QGt5eR4F5uD4jwsUvG5QXhSUXrs3XnGfBYp-fLTW_6BP8E_xPxJf1Q&sai=AMfl-YQfRP43xFc3brA8-EMGQILgpudM1aeqmWuY0XtHQ78Bt6s9I7SccwKR40uYzerwr-FmX-UIB0pPs2rXgpg-8S8r_iDIMtO5gQ_XaR_Q-2Z9lGCMwTY8T-PLZsXkQjNaxXV2wv2KJgPBXpMdbYw&sig=Cg0ArKJSzKRtnA9-Oo5jEAE&cid=CAQSSwDq26N9W0eJjXXgwnU9Z3_V2GCiSqT6xAQZNWLNMrBQ68iBtFea8TEnNkJhfUjrRE7qFV7OelBT1odNdKNIVs6ONnbZvkg6rySTGBgBIBM&id=lidar2&mcvt=1001&p=486,124,576,852&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3670141160&rs=4&la=0&cr=0&vs=4&r=v&rst=1669833486210&rpt=587&isd=0&lsd=0&met=ie&wmsd=0&pbe=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://8a7892587e217074d907d2d2944ac74f.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Wed, 30 Nov 2022 18:38:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsspcNFoeW5hm7ScgkW-koe9VbZZlPGiurLyW7AMDYbyBJMhatlOYOFDiUcUePbpe4VEuDKyGB7YTG2gRqMWYtrYW--HoV0d8DMFcgRlo5-WVO6esF7qpEjGtPk_DlGRCO-j7GSblQ&sai=AMfl-YR_W7qPs7BEyPm_2Z-fuH0T-yEx_eEpA69ypY5n3oiUAr6qzwDDgWSbAujfenM9qcnkLwhX2nAwlTVBZ4gEewlg1cKJ-ybbrgfp1RmQ7O-7WEomMtDGb8Y6w580gtkFP-MuProU5Wu71uH--qs&sig=Cg0ArKJSzCTrvGjqsgkYEAE&cid=CAQSSwDq26N9W8n32o5qy-VlygYWRB8W6Ao-PK30rYtVyfTKvKLJb7z03iAwNq5Payz7bsjwgv3PfLGPFiOYyafrVHgIsTxmouiC4_FOdxgBIBM&id=lidar2&mcvt=1001&p=849,270,939,998&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=843085581&rs=4&la=0&cr=0&vs=4&r=v&rst=1669833486267&rpt=543&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
142.250.74.66200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsspcNFoeW5hm7ScgkW-koe9VbZZlPGiurLyW7AMDYbyBJMhatlOYOFDiUcUePbpe4VEuDKyGB7YTG2gRqMWYtrYW--HoV0d8DMFcgRlo5-WVO6esF7qpEjGtPk_DlGRCO-j7GSblQ&sai=AMfl-YR_W7qPs7BEyPm_2Z-fuH0T-yEx_eEpA69ypY5n3oiUAr6qzwDDgWSbAujfenM9qcnkLwhX2nAwlTVBZ4gEewlg1cKJ-ybbrgfp1RmQ7O-7WEomMtDGb8Y6w580gtkFP-MuProU5Wu71uH--qs&sig=Cg0ArKJSzCTrvGjqsgkYEAE&cid=CAQSSwDq26N9W8n32o5qy-VlygYWRB8W6Ao-PK30rYtVyfTKvKLJb7z03iAwNq5Payz7bsjwgv3PfLGPFiOYyafrVHgIsTxmouiC4_FOdxgBIBM&id=lidar2&mcvt=1001&p=849,270,939,998&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=843085581&rs=4&la=0&cr=0&vs=4&r=v&rst=1669833486267&rpt=543&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
IP 142.250.74.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjsspcNFoeW5hm7ScgkW-koe9VbZZlPGiurLyW7AMDYbyBJMhatlOYOFDiUcUePbpe4VEuDKyGB7YTG2gRqMWYtrYW--HoV0d8DMFcgRlo5-WVO6esF7qpEjGtPk_DlGRCO-j7GSblQ&sai=AMfl-YR_W7qPs7BEyPm_2Z-fuH0T-yEx_eEpA69ypY5n3oiUAr6qzwDDgWSbAujfenM9qcnkLwhX2nAwlTVBZ4gEewlg1cKJ-ybbrgfp1RmQ7O-7WEomMtDGb8Y6w580gtkFP-MuProU5Wu71uH--qs&sig=Cg0ArKJSzCTrvGjqsgkYEAE&cid=CAQSSwDq26N9W8n32o5qy-VlygYWRB8W6Ao-PK30rYtVyfTKvKLJb7z03iAwNq5Payz7bsjwgv3PfLGPFiOYyafrVHgIsTxmouiC4_FOdxgBIBM&id=lidar2&mcvt=1001&p=849,270,939,998&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=843085581&rs=4&la=0&cr=0&vs=4&r=v&rst=1669833486267&rpt=543&isd=0&lsd=0&met=ie&wmsd=0&pbe=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://8a7892587e217074d907d2d2944ac74f.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Wed, 30 Nov 2022 18:38:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdJUxij0-_R-8uhquVals-0RakpEKp68wCdG9X5VK9ZdrXJ4X9oGK3fpPy_Q-YDHhrlcdTjKA1dQOm7NuG70FPLprT7NUR_SAihxeWLuMdlzFl7CNCyjBx0llq5mPbQ3YL1tD3nA&sai=AMfl-YQURXlQzn5q59Pg79JD9EDPMcnRjxPWxEjLNsfN4tJt3ydXU3uhkbyriK-QFcD40bTlBDw-0GGRfKY97DVYaPNPCRH5jybECspHVs81U7Y-FeRJihTv5TBusgcYF0YGfxYp-OCQZ6_-wv6bOTs&sig=Cg0ArKJSzLIq1J1miIemEAE&cid=CAQSSwDq26N90M737VTEDWmxtOMb8NquHwGuNWn9_VFr_hfBxhkkV7AY805_oodU3u1bI5h4oDi37O2i3pKNnQWpZGjGm5cq4sjRR094UhgBIBM&id=lidar2&mcvt=1001&p=122,124,212,852&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2719481280&rs=4&la=0&cr=0&vs=4&r=v&rst=1669833486709&rpt=281&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
142.250.74.66200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdJUxij0-_R-8uhquVals-0RakpEKp68wCdG9X5VK9ZdrXJ4X9oGK3fpPy_Q-YDHhrlcdTjKA1dQOm7NuG70FPLprT7NUR_SAihxeWLuMdlzFl7CNCyjBx0llq5mPbQ3YL1tD3nA&sai=AMfl-YQURXlQzn5q59Pg79JD9EDPMcnRjxPWxEjLNsfN4tJt3ydXU3uhkbyriK-QFcD40bTlBDw-0GGRfKY97DVYaPNPCRH5jybECspHVs81U7Y-FeRJihTv5TBusgcYF0YGfxYp-OCQZ6_-wv6bOTs&sig=Cg0ArKJSzLIq1J1miIemEAE&cid=CAQSSwDq26N90M737VTEDWmxtOMb8NquHwGuNWn9_VFr_hfBxhkkV7AY805_oodU3u1bI5h4oDi37O2i3pKNnQWpZGjGm5cq4sjRR094UhgBIBM&id=lidar2&mcvt=1001&p=122,124,212,852&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2719481280&rs=4&la=0&cr=0&vs=4&r=v&rst=1669833486709&rpt=281&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
IP 142.250.74.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjsvdJUxij0-_R-8uhquVals-0RakpEKp68wCdG9X5VK9ZdrXJ4X9oGK3fpPy_Q-YDHhrlcdTjKA1dQOm7NuG70FPLprT7NUR_SAihxeWLuMdlzFl7CNCyjBx0llq5mPbQ3YL1tD3nA&sai=AMfl-YQURXlQzn5q59Pg79JD9EDPMcnRjxPWxEjLNsfN4tJt3ydXU3uhkbyriK-QFcD40bTlBDw-0GGRfKY97DVYaPNPCRH5jybECspHVs81U7Y-FeRJihTv5TBusgcYF0YGfxYp-OCQZ6_-wv6bOTs&sig=Cg0ArKJSzLIq1J1miIemEAE&cid=CAQSSwDq26N90M737VTEDWmxtOMb8NquHwGuNWn9_VFr_hfBxhkkV7AY805_oodU3u1bI5h4oDi37O2i3pKNnQWpZGjGm5cq4sjRR094UhgBIBM&id=lidar2&mcvt=1001&p=122,124,212,852&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2719481280&rs=4&la=0&cr=0&vs=4&r=v&rst=1669833486709&rpt=281&isd=0&lsd=0&met=ie&wmsd=0&pbe=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://8a7892587e217074d907d2d2944ac74f.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Wed, 30 Nov 2022 18:38:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qftF-GQkcjKTs30KMGCTDymw2SVSXeAYKGNWUnaMfvIb8HjtfHUx8A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:46 GMT
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
age: 75206
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
live.demand.supply/ds.2.html
104.16.133.22200 OK 0 B URL HTTP/2 live.demand.supply/ds.2.html
IP 104.16.133.22:0
GET /ds.2.html HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://file-upload.in
Connection: keep-alive
Referer: https://file-upload.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:38:05 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
x-nf-request-id: 01GEJJMQHA5ZSQRAK69HK6CCXJ
cf-cache-status: HIT
age: 1590720
vary: Accept-Encoding
server: cloudflare
cf-ray: 7725b2b2bff7b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
file-upload.in/11-forex-day-trading-tips-to-become-a-better-trader/?get=3BnJJGP9
66.29.132.14200 OK 0 B URL HTTP/2 file-upload.in/11-forex-day-trading-tips-to-become-a-better-trader/?get=3BnJJGP9
IP 66.29.132.14:0
GET /11-forex-day-trading-tips-to-become-a-better-trader/?get=3BnJJGP9 HTTP/1.1
Host: file-upload.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
x-pingback: https://file-upload.in/xmlrpc.php
link: <https://file-upload.in/wp-json/>; rel="https://api.w.org/", <https://file-upload.in/wp-json/wp/v2/posts/156>; rel="alternate"; type="application/json", <https://file-upload.in/?p=156>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 18:38:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Inter%3A400%2C300%2C600%2C800&ver=6.1.1
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Inter%3A400%2C300%2C600%2C800&ver=6.1.1
IP 142.250.74.106:0
GET /css?family=Inter%3A400%2C300%2C600%2C800&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 18:38:05 GMT
date: Wed, 30 Nov 2022 18:38:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
live.demand.supply/up.js
104.16.133.22200 OK 0 B IP 104.16.133.22:0
GET /up.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://file-upload.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:38:05 GMT
content-type: application/javascript; charset=UTF-8
cf-ray: 7725b2b1de9fb51b-OSL
age: 280
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
etag: W/"42ed71e239cf5fa5936b3b6ee3955f83-ssl-df"
link: <https://live.demand.supply/impl.v16.2.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/ZmlsZS11cGxvYWQuaW4v>; rel=preload; as=script
set-cookie: demandSupplyTi=e17c0cf9-4040-46e8-a70b-98b11699be9a; demandSupplyTc = null; demandSupplyTcI = null; SameSite=None; Secure; Max-Age=63072000
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-polished: origSize=3910
timing-allow-origin: *
x-nf-request-id: 01GJNAF92DWXVXGFHTM9T78H2Q
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s0.2mdn.net/simgad/15063443208863087305
172.217.21.166200 OK 0 B URL HTTP/2 s0.2mdn.net/simgad/15063443208863087305
IP 172.217.21.166:0
GET /simgad/15063443208863087305 HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8a7892587e217074d907d2d2944ac74f.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 2320916
x-content-type-options: nosniff
x-dns-prefetch-control: off
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 13:01:59 GMT
expires: Wed, 29 Nov 2023 13:01:59 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 06 Oct 2022 12:54:12 GMT
content-type: image/gif
age: 106568
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2