Report - ipfs.fleek.co/ipfs/bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44

Report Overview

Submitted URL
ipfs.fleek.co/ipfs/bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44
IP
104.17.96.13
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-16 13:10:42
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.godaddy.com	698	2012-05-20T21:28:57Z	2023-03-10T05:13:22Z	680 B	4.6 kB	192.124.249.23
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	4.1 kB	8.4 kB	142.250.74.3
collector.brandmetrics.com	4202	2018-03-06T09:51:46Z	2023-03-11T10:07:05Z	441 B	136 B	20.50.2.28
public.profitwell.com	6695	2020-08-20T20:28:44Z	2023-03-10T07:38:01Z	409 B	9.8 kB	54.230.111.5
code.jquery.com	634	2012-05-21T19:28:02Z	2023-03-10T05:11:37Z	401 B	24 kB	69.16.175.42
www.redditstatic.com	1440	2012-06-30T14:33:28Z	2023-03-10T11:40:01Z	366 B	8.5 kB	151.101.85.140
ipfs.fleek.co	unknown	2020-04-22T00:10:54Z	2023-03-10T11:06:06Z	717 B	1.3 kB	104.17.64.14
e-10220.adzerk.net	23978	2019-03-22T08:17:33Z	2023-03-11T10:02:43Z	1.1 kB	871 B	34.199.140.62
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-10T15:05:48Z	389 B	31 kB	142.250.74.74
cm.g.doubleclick.net	202	2012-05-22T11:58:28Z	2023-03-10T15:09:43Z	1.0 kB	2.3 kB	142.250.74.34
sync.go.sonobi.com	986	2014-02-11T20:13:27Z	2023-03-10T10:51:13Z	467 B	771 B	69.166.1.10
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	1.1 kB	3.0 kB	18.165.196.217
bat.bing.com	387	2014-04-08T11:23:16Z	2023-03-10T09:34:35Z	718 B	13 kB	13.107.21.200
sync.mathtag.com	427	2012-05-22T07:36:42Z	2023-03-10T14:25:37Z	508 B	682 B	185.29.132.241
match.adsrvr.org	349	2012-05-21T10:27:04Z	2023-03-10T08:45:36Z	467 B	352 B	15.197.193.217
sync.1rx.io	528	2015-12-17T23:59:40Z	2023-03-10T14:56:48Z	1.1 kB	992 B	213.19.147.45
cdn.brandmetrics.com	3726	2018-03-28T16:38:57Z	2023-03-10T18:20:57Z	857 B	15 kB	104.26.7.155
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-10T05:11:21Z	361 B	1.9 kB	104.18.21.226
www.google.com	7	2015-05-10T13:11:19Z	2023-03-10T12:19:40Z	1.2 kB	17 kB	142.250.74.164
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.4 kB	6.2 kB	23.36.76.249
static.ads-twitter.com	614	2018-06-24T00:08:39Z	2023-03-10T09:31:28Z	362 B	16 kB	151.101.84.157
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	2.7 kB	46 kB	34.120.237.76
image2.pubmatic.com	873	2012-05-21T15:21:02Z	2023-03-10T08:50:52Z	1.0 kB	869 B	185.64.189.110
bh.contextweb.com	557	2012-05-22T07:45:01Z	2023-03-09T20:41:40Z	491 B	679 B	198.148.27.140
ag.gbc.criteo.com	5925	2018-12-17T14:17:41Z	2023-03-10T12:50:04Z	386 B	493 B	185.235.84.3
stackpath.bootstrapcdn.com	2467	2018-06-15T22:36:43Z	2023-03-10T09:31:27Z	395 B	917 B	104.18.10.207
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-10T08:04:05Z	426 B	7.2 kB	104.17.24.14
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-10T13:03:15Z	391 B	94 kB	142.250.74.168
secure.adnxs.com	396	2012-05-22T18:37:37Z	2023-03-10T05:19:42Z	976 B	1.8 kB	185.89.211.132
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-10T13:35:34Z	1.1 kB	24 kB	142.250.74.174
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	720 B	349 B	31.13.72.36
www.clarity.ms	1404	2018-08-22T09:41:57Z	2023-03-10T09:34:37Z	364 B	337 B	13.107.213.53
maxcdn.bootstrapcdn.com	724	2014-06-18T02:37:31Z	2023-03-10T13:32:40Z	420 B	961 B	104.18.11.207
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
analytics.tiktok.com	1182	2020-02-29T14:09:05Z	2023-03-10T11:39:58Z	1.2 kB	34 kB	23.36.79.32
ad.360yield.com	657	2012-11-28T12:30:25Z	2023-03-10T08:50:51Z	1.1 kB	922 B	52.59.57.234
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	782 B	2.4 kB	34.102.187.140
prod-cdn.wetransfer.net	25787	2018-10-23T10:53:42Z	2023-03-10T14:36:30Z	4.4 kB	154 kB	52.84.93.109
ocsp.r2m02.amazontrust.com	unknown	2022-10-12T16:01:39Z	2023-03-10T13:35:53Z	350 B	1.0 kB	143.204.72.5
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	5.8 kB	12 kB	93.184.220.29
ids.ad.gt	4355	2016-10-18T11:16:35Z	2023-03-09T18:12:49Z	3.6 kB	12 kB	44.224.40.30
px.ads.linkedin.com	522	2018-06-15T13:29:56Z	2023-03-10T11:11:31Z	517 B	824 B	13.107.42.14
dnacdn.net	3760	2019-09-02T17:07:45Z	2023-03-10T09:31:29Z	884 B	1.3 kB	178.250.0.157
gum.criteo.com	381	2015-01-22T11:58:57Z	2023-03-10T15:35:42Z	505 B	546 B	178.250.0.157
gem.gbc.criteo.com	6039	2019-01-31T11:05:09Z	2023-03-10T12:50:04Z	387 B	492 B	178.250.6.128
p.ad.gt	5338	2017-02-12T17:26:57Z	2023-03-09T18:12:49Z	367 B	434 B	104.22.5.69
getpocket.cdn.mozilla.net	1369	2018-08-28T15:15:36Z	2023-03-10T06:40:10Z	435 B	39 kB	34.120.5.221
backgrounds.wetransfer.net	20593	2017-02-03T17:07:17Z	2023-03-10T17:30:14Z	1.3 kB	138 kB	108.156.46.112
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-10T14:35:32Z	340 B	964 B	172.64.155.188
static.criteo.net	652	2012-05-22T19:01:05Z	2023-03-10T11:15:09Z	362 B	446 B	178.250.2.130
nolan.wetransfer.net	unknown	2022-03-22T18:21:50Z	2023-03-10T13:06:10Z	820 B	652 B	108.138.217.46
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	52.41.253.170
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-10T05:15:22Z	1.6 kB	32 kB	31.13.72.12
resources.xg4ken.com	4678	2018-08-04T15:08:43Z	2023-03-10T18:59:13Z	384 B	3.9 kB	52.30.11.209
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-10T16:21:16Z	833 B	1.9 kB	142.250.74.2
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-10T07:09:08Z	844 B	757 B	142.250.74.3
a.ad.gt	4743	2016-10-18T11:16:34Z	2023-03-10T12:51:46Z	869 B	8.5 kB	100.22.4.13

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-11-15	medium	ipfs.fleek.co/ipfs/bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44	WeTransfer

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-16	medium	ipfs.fleek.co/ipfs/bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (38)

	URL	Size	First Seen	Last Seen
	gum.criteo.com/syncframe?topUrl=ipfs.fleek.co&origin=onetag#%7B%22bundle%22:%7B%22origin%22:0,%22value%22:null%7D,%22cw%22:true,%22optout%22:%7B%22origin%22:0,%22value%22:null%7D,%22origin%22:%22onetag%22,%22pm%22:0,%22sid%22:%7B%22origin%22:0,%22value%22:null%7D,%22tld%22:%22fleek.co%22,%22topUrl%22:%22ipfs.fleek.co%22,%22version%22:%225_12_3%22,%22ifa%22:%7B%22origin%22:0,%22value%22:null%7D,%22lsw%22:true%7D	14 kB	2023-03-07	2023-05-06
Pretty URL gum.criteo.com/syncframe?topUrl=ipfs.fleek.co&origin=onetag#%7B%22bundle%22:%7B%22origin%22:0,%22value%22:null%7D,%22cw%22:true,%22optout%22:%7B%22origin%22:0,%22value%22:null%7D,%22origin%22:%22onetag%22,%22pm%22:0,%22sid%22:%7B%22origin%22:0,%22value%22:null%7D,%22tld%22:%22fleek.co%22,%22topUrl%22:%22ipfs.fleek.co%22,%22version%22:%225_12_3%22,%22ifa%22:%7B%22origin%22:0,%22value%22:null%7D,%22lsw%22:true%7D IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:51:36 Last Seen2023-05-06 00:14:31 Times Seen2035 Hash 49e65b540d43d40997ce3844d41b2dd0 b7331c5edc086ee2c7731b1b36e937e7c44450a7 f185c1b78d87a007d9492a85c6ce64c06cc851ef9f13ca3caf8aaafe243b0ac2 Loading...

	prod-cdn.wetransfer.net/packs/esm/71-2ff63878306f2c4473fc.es6.js	397 B	2023-03-08	2023-03-11
Pretty URL prod-cdn.wetransfer.net/packs/esm/71-2ff63878306f2c4473fc.es6.js IP 52.84.93.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:57:17 Last Seen2023-03-11 12:45:04 Times Seen1 Hash 0ad4fcc2f503e98d836d3866925ebfa1 338854449bdbdc95f0f87cc10661d9164c27e75b 98a31fa8bc6612b753bf15b4c6fd22259186c158fd156c29724e4f90b3bc3dc8 Loading...

	www.google-analytics.com/plugins/ua/ec.js	2.8 kB	2023-03-07	2024-04-06
Pretty URL www.google-analytics.com/plugins/ua/ec.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-06 23:01:22 Times Seen1641 Hash 7b430c6350a59a7cf22b9adeccba327b b48d3c289bcb6809bb52fffd8f013055ed6bcd65 058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c Loading...

	resources.xg4ken.com/js/v2/ktag.js?tid=KT-N2780-3FE	9.2 kB	2023-03-08	2023-05-02
Pretty URL resources.xg4ken.com/js/v2/ktag.js?tid=KT-N2780-3FE IP 52.30.11.209 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:54:10 Last Seen2023-05-02 15:04:44 Times Seen62 Hash 87c9ac6b694237fe735f2da6c0242446 9732251c83c88402ee5300cb868e3c0abcc885ff 6269bafb85bd4d4fed6589655f7e0b8b612397226168098f95d3507848075f6d Loading...

	analytics.tiktok.com/i18n/pixel/identify.js	117 kB	2023-03-09	2023-04-01
Pretty URL analytics.tiktok.com/i18n/pixel/identify.js IP 23.36.79.32 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 03:22:59 Last Seen2023-04-01 11:21:50 Times Seen2 Hash e263120a249f3fa3845e85eb53194c28 2e40a73119701509d5ecd9d38203cb630d621e44 83cf8149ef742c4af7261b8fb4029470a341d867454da9f8fc145042cc1e5c52 Loading...

	prod-cdn.wetransfer.net/packs/js/wallpaper-api-v2.js	10 kB	2023-03-08	2024-04-17
Pretty URL prod-cdn.wetransfer.net/packs/js/wallpaper-api-v2.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:57:17 Last Seen2024-04-17 19:49:20 Times Seen529 Hash 4b0b7d731b18d770c7c8e83ccbb777f8 964049d22cdca011868eb2c04bc0ccb00a618b1c d9d514698510ce26a6ee97639d1e85562b24f6d2decbcb0671c4b8bbc0d60fb8 Loading...

	www.google-analytics.com/plugins/ua/ecommerce.js	1.4 kB	2023-03-07	2024-03-29
Pretty URL www.google-analytics.com/plugins/ua/ecommerce.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:11 Last Seen2024-03-29 17:20:31 Times Seen107 Hash fd02edf106d5501f7e87d17452887750 500f64b65cf47e7a10b720648054c208f61f4719 8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	49 kB	2023-03-07	2024-04-18
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-18 07:05:06 Times Seen134708 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	analytics.tiktok.com/i18n/pixel/config.js?sdkid=C81T07NV9S6QTNQPBO0G&hostname=wetransfer.com	884 B	2023-03-11	2023-03-11
Pretty URL analytics.tiktok.com/i18n/pixel/config.js?sdkid=C81T07NV9S6QTNQPBO0G&hostname=wetransfer.com IP 23.36.79.32 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:38:18 Last Seen2023-03-11 12:45:04 Times Seen1 Hash bd2538523eac99856b7adb2cdb02c1de 7a235c01c007d0a672898fe301c8b860ac8123a1 19496882d603abd6e02de583a188e20eced15abaae9b0269fcc61c6332c3611a Loading...

	static.ads-twitter.com/uwt.js	58 kB	2023-03-08	2024-04-16
Pretty URL static.ads-twitter.com/uwt.js IP 151.101.84.157 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:46 Last Seen2024-04-16 19:18:01 Times Seen4327 Hash 32ad004436155ec972bc50e6238b5b67 9b2cdb645c2fa5b98a9d05dcdca521fed4a17b7b cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee Loading...

	connect.facebook.net/signals/plugins/identity.js?v=2.9.62	64 kB	2023-03-09	2023-03-11
Pretty URL connect.facebook.net/signals/plugins/identity.js?v=2.9.62 IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:59:50 Last Seen2023-03-11 12:45:04 Times Seen1 Hash f33d45b7869346d45c4dc101349aa2bd 288f0662c2900a20f6bb57ef143da750f65d5c20 1ac371664eced271d1defdee9780936c8c94336b8e5b4ec438659e8627649a57 Loading...

	ipfs.fleek.co/ipfs/bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44	2.1 kB	2023-03-08	2023-03-11
Pretty URL ipfs.fleek.co/ipfs/bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44 IP 104.17.64.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:57:17 Last Seen2023-03-11 12:45:04 Times Seen1 Hash db54f5ae6156f2f3ac761abbb6d8a4ee 594058497476affc21b9cdee4d64e99d70bcdbac 946be7a50eb01ec545b7aa1ca98e26466307b8df917f6b8c7b4aa156c092786e Loading...

	backgrounds.wetransfer.net/creator/wetransfer/2206-ideas-report-survey/evergreen/1_Nx2JGt/b/bundle.97a69a71fca9ac47f890.js	281 kB	2023-03-08	2023-03-11
Pretty URL backgrounds.wetransfer.net/creator/wetransfer/2206-ideas-report-survey/evergreen/1_Nx2JGt/b/bundle.97a69a71fca9ac47f890.js IP 108.156.46.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:57:17 Last Seen2023-03-11 12:45:04 Times Seen1 Hash 6acf1fb3e818355b8f1026a7260e0c68 f8b801d49f395b08ce38d8b013d16d162a542e27 e1efccbf162f99293d4292d756f45337014d3179f3241e2ac44afd790251bd75 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/778938880/?random=1656083256772&cv=9&fst=1656083256772&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2&gtm=2wg6m0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&hn=www.google.com&async=1&rfmt=3&fmt=4	2.4 kB	2023-03-11	2023-03-11
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/778938880/?random=1656083256772&cv=9&fst=1656083256772&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2&gtm=2wg6m0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&hn=www.google.com&async=1&rfmt=3&fmt=4 IP 142.250.74.2 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:45:04 Last Seen2023-03-11 12:45:04 Times Seen1 Hash 3d7f8f5c3b8dae5a3c112802f93f8825 f7da0213d0d7357b2fbf8d0498e62b328e19940c d5845297b630c71c55fc6443738a232653a7c4086498ec00b19421c82edb14cf Loading...

	www.google.com/pagead/conversion_async.js	42 kB	2023-03-11	2023-03-11
Pretty URL www.google.com/pagead/conversion_async.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:12:54 Last Seen2023-03-11 12:45:04 Times Seen1 Hash fd06a52a33e835fc51c80b65b9b59360 2e7b7e5b0c52d6bf728e3d0fb1eed14e89837700 9bbf270591a69039cc6bb3475ece7232be18a20ecda92e0abca19c11c5f406af Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	19 kB	2023-03-07	2024-04-18
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-18 07:05:06 Times Seen109337 Hash 70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js	51 kB	2023-03-07	2024-04-18
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-18 06:59:26 Times Seen240752 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	86 kB	2023-03-07	2024-04-18
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-18 07:02:24 Times Seen379381 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	prod-cdn.wetransfer.net/packs/esm/runtime~application-4a7dc9dbc7889b72739b.es6.js	7.4 kB	2023-03-08	2023-03-11
Pretty URL prod-cdn.wetransfer.net/packs/esm/runtime~application-4a7dc9dbc7889b72739b.es6.js IP 52.84.93.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:57:17 Last Seen2023-03-11 12:45:04 Times Seen1 Hash 8d373cd7fdf9ee87968bebe558d05365 c8d22eba4ee9e3e666a22b942bf22ef45dc15ba5 d4fdfd25aa6a80a9cc70a871e9e222cf1090b4532ba13f6286540c594835906a Loading...

	cdn.hadronid.net/hadron.js?partner_id=367&sync=1&url=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44	56 kB	2023-03-10	2023-03-11
Pretty URL cdn.hadronid.net/hadron.js?partner_id=367&sync=1&url=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 19:28:17 Last Seen2023-03-11 12:45:04 Times Seen1 Hash fb50e72b4a95082c176cafe0a37bead5 97c08d854213e5da4df6db701aee3e5ceebc54b7 20b58597bca65c6846164be8e723ea2c817b31b04f6f351f42cb28ad6fa612b2 Loading...

	connect.facebook.net/signals/config/1904796869803472?v=2.9.62&r=stable	295 kB	2023-03-11	2023-03-11
Pretty URL connect.facebook.net/signals/config/1904796869803472?v=2.9.62&r=stable IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:45:04 Last Seen2023-03-11 12:45:04 Times Seen1 Hash db74f7f3ecadd97a5c16dfdf2da25228 a03ad2dd126bcc533f40fe012ec6cce0f57035c9 9d46bac0447c87e4219ec8c1fcb8f01cbdd3157acf0c1b6172aeaadcd804d9e0 Loading...

	cdn.brandmetrics.com/tag/a79d0565d5244a0f813e40f2c4832d09/wetransfer.js	4.6 kB	2023-03-08	2023-03-11
Pretty URL cdn.brandmetrics.com/tag/a79d0565d5244a0f813e40f2c4832d09/wetransfer.js IP 104.26.7.155 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:57:17 Last Seen2023-03-11 12:45:05 Times Seen1 Hash 6e50d18c887c2edb140bdc0707e9677f 979f83824390e3c861fcf4ba788e8ee425457603 3353d489cb13c1d68289a44fe464c4c22854b8d83e2ffef5a7edc700f471b23f Loading...

	a.ad.gt/api/v1/u/matches/367?url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F	11 kB	2023-03-11	2023-03-11
Pretty URL a.ad.gt/api/v1/u/matches/367?url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F IP 100.22.4.13 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:45:05 Last Seen2023-03-11 12:45:05 Times Seen1 Hash 93cbc2846f7e2b7d2dc5077a1553d4be 300c2e2e8df5fe1eda2ba2dc23d4d367471683df c16550ecdbea8f6676f672edb33af8a6dbc2818e3ff08a31db240aeece50d11c Loading...

	cdn.brandmetrics.com/scripts/bundle/65568.js?sid=7f2d78d4-f913-42d1-8d60-7c59cb6b6daf&toploc=ipfs.fleek.co	44 kB	2023-03-11	2023-03-11
Pretty URL cdn.brandmetrics.com/scripts/bundle/65568.js?sid=7f2d78d4-f913-42d1-8d60-7c59cb6b6daf&toploc=ipfs.fleek.co IP 104.26.7.155 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:38:18 Last Seen2023-03-11 12:45:05 Times Seen1 Hash 8dd1606996f9ba9ad443be3f0c627258 af023b9753d791a2057f5033781d6282f60fe3b4 b2322659c7660974351dc10ccea42835e4a3a1da16e1d956ab4131fc5d57b1e2 Loading...

	bat.bing.com/bat.js	39 kB	2023-03-08	2023-12-01
Pretty URL bat.bing.com/bat.js IP 13.107.21.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:44 Last Seen2023-12-01 19:12:11 Times Seen33 Hash 4ffa93c7b72214cba0395e236738648c 89a3b99eebfa5ebcea11ba92e0e3e63f0007b6f9 492f3de5b6bff06f8b26f61d37e2e565f8f31e00315600c73d9caa85713e8c29 Loading...

	snap.licdn.com/li.lms-analytics/insight.min.js	13 kB	2023-03-08	2023-03-13
Pretty URL snap.licdn.com/li.lms-analytics/insight.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:42 Last Seen2023-03-13 04:47:26 Times Seen1 Hash ccebe282ded746fbb6ea21ac6a200a36 75bb7beb33754f5a6fc3bee95674aef319613501 9549e9deeeab6d3a9f6ab1347e1b859fd5791cec82ff1a4175757c28b3df78e7 Loading...

	public.profitwell.com/js/profitwell.js?auth=1a33eb12b20b92f6b89c398e023e2ca1	36 kB	2023-03-07	2023-11-10
Pretty URL public.profitwell.com/js/profitwell.js?auth=1a33eb12b20b92f6b89c398e023e2ca1 IP 54.230.111.5 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:34 Last Seen2023-11-10 00:02:35 Times Seen1368 Hash f3710cf44008e9509cf9d74fde8cff1f e351f7543b4a715231c742c0a4110b5d905ac60f 94793e651d33131640f21098c7a9ee7155892c1a0be754c80e8e38c3ec5a81d2 Loading...

	unknown	0 B	2023-03-07	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-18 07:06:40 Times Seen36929659 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ipfs.fleek.co/ipfs/bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44	81 B	2023-03-07	2024-04-16
Pretty URL ipfs.fleek.co/ipfs/bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44 IP 104.17.64.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:00:29 Last Seen2024-04-16 17:40:54 Times Seen109 Hash 318cccad0f09422c1f317c0f8b85eabc 43690ba73c8ef205f59c5ba576a1f40ef43104f3 7cb8c48f0c2b1391e0e8ac41994076f41a766056297737a4606ef57a86b6ae3b Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-08	2023-11-28
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:10 Last Seen2023-11-28 17:55:58 Times Seen32 Hash a6ef7927128284961f4cadd572969f09 57e21033749687e69de710a0be6d4244edf1fe51 d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b Loading...

	connect.facebook.net/signals/config/1853083501571805?v=2.9.62&r=stable	297 kB	2023-03-11	2023-03-11
Pretty URL connect.facebook.net/signals/config/1853083501571805?v=2.9.62&r=stable IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:45:05 Last Seen2023-03-11 12:45:05 Times Seen1 Hash 8eff634f4af0d57e491ad63ed306b0b1 72584bf91a19e63d39c9637a09f9666d33e89143 45f5e6df645cc4bca72481a3820db6e8b4d4d56727d72042e4114fd375c8bd6c Loading...

	www.googletagmanager.com/gtm.js?id=GTM-K878LCS&l=dataLayer	299 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-K878LCS&l=dataLayer IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:45:05 Last Seen2023-03-11 12:45:05 Times Seen1 Hash 9b4799150a883a33c9c33e8b78d2babd 52522f415ef14aaf090cf3567c6062425de56b80 6b70f8ad609138a74498826b957120ede0b765dca8f7e54562803fe945c399ff Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-15 19:32:36 Times Seen1507 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	static.criteo.net/js/ld/ld.js	43 kB	2023-03-08	2023-03-13
Pretty URL static.criteo.net/js/ld/ld.js IP 178.250.2.130 ASN #44788 Criteo SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:46 Last Seen2023-03-13 02:58:25 Times Seen1 Hash 06dd2666a8d51714f62d87fa051e3ba0 c31657453d7d400bfb3d1fcdf59ac4f597065ff8 d6c1aa198589b0a87b22f515905607c1c11839948491cea44a74b88116b40561 Loading...

	gum.criteo.com/syncframe?topUrl=ipfs.fleek.co&origin=onetag#%7B%22bundle%22:%7B%22origin%22:0,%22value%22:null%7D,%22cw%22:true,%22optout%22:%7B%22origin%22:0,%22value%22:null%7D,%22origin%22:%22onetag%22,%22pm%22:0,%22sid%22:%7B%22origin%22:0,%22value%22:null%7D,%22tld%22:%22fleek.co%22,%22topUrl%22:%22ipfs.fleek.co%22,%22version%22:%225_12_3%22,%22ifa%22:%7B%22origin%22:0,%22value%22:null%7D,%22lsw%22:true%7D	418 B	2023-03-07	2023-04-01
Pretty URL gum.criteo.com/syncframe?topUrl=ipfs.fleek.co&origin=onetag#%7B%22bundle%22:%7B%22origin%22:0,%22value%22:null%7D,%22cw%22:true,%22optout%22:%7B%22origin%22:0,%22value%22:null%7D,%22origin%22:%22onetag%22,%22pm%22:0,%22sid%22:%7B%22origin%22:0,%22value%22:null%7D,%22tld%22:%22fleek.co%22,%22topUrl%22:%22ipfs.fleek.co%22,%22version%22:%225_12_3%22,%22ifa%22:%7B%22origin%22:0,%22value%22:null%7D,%22lsw%22:true%7D IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:51:37 Last Seen2023-04-01 10:34:33 Times Seen447 Hash 755b312976dc0edb23fa08bed999c482 6685710ba04dc63e4122ec3ce89f3adfe479adf4 663197a6a8353d989cdc65d4f3112e425a00839c85a3fde99bbe451a9c604a6f Loading...

	code.jquery.com/jquery-3.2.1.slim.min.js	70 kB	2023-03-07	2024-04-18
Pretty URL code.jquery.com/jquery-3.2.1.slim.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:43 Last Seen2024-04-18 07:00:20 Times Seen105184 Hash 5f48fc77cac90c4778fa24ec9c57f37d 9e89d1515bc4c371b86f4cb1002fd8e377c1829f 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 Loading...

	www.redditstatic.com/ads/pixel.js	25 kB	2023-03-08	2023-12-01
Pretty URL www.redditstatic.com/ads/pixel.js IP 151.101.85.140 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:55 Last Seen2023-12-01 19:12:11 Times Seen28 Hash c1c34430d39fb43c9612aebe7ab8a9db 4d7f5cb7b29685a3a5a51c140288465e9553a0a7 4b4e80032e1c164685d3ff6eb4c606785ebaebaa648d3984478b0cc8d114190b Loading...

	p.ad.gt/api/v1/p/367?au_id=AU1D-0100-001656083096-ETFCNQ76-UDPG	41 kB	2023-03-10	2023-03-11
Pretty URL p.ad.gt/api/v1/p/367?au_id=AU1D-0100-001656083096-ETFCNQ76-UDPG IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 21:11:16 Last Seen2023-03-11 20:11:47 Times Seen1 Hash 7604c0d6d7649173cb629c800cb754e4 da10626b9fa2c0679e13c194d935c8891cd3bca4 60212563417a38c78c6f26317059bd1fcb944fd9091adefc242f6ab7a647af82 Loading...

HTTP Transactions (133)

URL IP Response Size

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7786cd9bd97e024b3a1d16215defaad2
786ddbb74b0b6bd9270622dbe0258d6caee407c1
9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5235
Expires: Wed, 16 Nov 2022 14:37:46 GMT
Date: Wed, 16 Nov 2022 13:10:31 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
c1a0e2d222d80206dfade230161226e0
7da70d982a1b9b9436c30f13f6a0c824fc2cfc6c
acdd376ffc2f60d7c4cef5ecd4f13cb4dd65e8244afe1a2f88d0138391494cbd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 633
Cache-Control: max-age=171432
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:31 GMT
Etag: "6374d976-117"
Expires: Fri, 18 Nov 2022 12:47:43 GMT
Last-Modified: Wed, 16 Nov 2022 12:37:10 GMT
Server: ECS (amb/6BB7)
X-Cache: HIT
Content-Length: 279

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
50ca72d658559083a1418dcc95529e90
bc614dae6a9611e5cbe5b2dfc94767ae88c7ccba
0a6b6bc390d0171bcab991021615ac35496a5999157b94c78f7d7112254daf9b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0A6B6BC390D0171BCAB991021615AC35496A5999157B94C78F7D7112254DAF9B"
Last-Modified: Wed, 16 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4406
Expires: Wed, 16 Nov 2022 14:23:57 GMT
Date: Wed, 16 Nov 2022 13:10:31 GMT
Connection: keep-alive

getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30

34.120.5.221

200 OK

39 kB

URL HTTP/2
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30
IP
34.120.5.221:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
39 kB (38615 bytes)
Hash
6fd699af416cc608a8ec016cad2b6443
61ac70b58e85ec4715624581c39c88e72cc03f40
c914cb9ffd7ca3bca25831dd4cbb8134f439b670165cc64506367b98d1102f04

HTTP Headers

GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: Yv9cEJi5HpTsqdM-S4pBYKW3Yx1ZNjouwaFJjYyZN8n2ccTI0f_UYw==
content-encoding: gzip
via: 1.1 7f06047c304d80ea094816a27c933914.cloudfront.net (CloudFront), 1.1 google
date: Wed, 16 Nov 2022 12:58:05 GMT
age: 746
content-type: application/json
content-length: 38615
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c88bc06741ab9fb81c2544acfcc34aa2
362cab19cff5aba27f472cc00071d5dfa38192e4
314ba27975f458e13917b2be91c9d5989a3e57c9e94b5a84dd52d0e21d27ae7f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "314BA27975F458E13917B2BE91C9D5989A3E57C9E94B5A84DD52D0E21D27AE7F"
Last-Modified: Mon, 14 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3735
Expires: Wed, 16 Nov 2022 14:12:46 GMT
Date: Wed, 16 Nov 2022 13:10:31 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: dkbeDKF1JVyFDXKjPPyE0Mndez40OZa9IuYjXdiXBwdvE+jLgAiqcmT1OH9wGNwnzPcodtfAJ3k=
x-amz-request-id: 6VF24B48CSSPVCXA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 16 Nov 2022 12:14:41 GMT
age: 3350
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9b4e6c72233070ef185ff980135e9555
2f14523a3f6f9532df3b872984fd23e156d2c465
5040e340e60b331b1569d52d66afcd5649a4121e2841d38cca0974e2a4c0af75

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1778
Cache-Control: max-age=165024
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:31 GMT
Etag: "6374bbf5-1d7"
Expires: Fri, 18 Nov 2022 11:00:55 GMT
Last-Modified: Wed, 16 Nov 2022 10:31:17 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 16 Nov 2022 12:44:33 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1558
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 13:10:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

104.17.24.14

200 OK

6.2 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (19015)
Size
6.2 kB (6157 bytes)
Hash
7b4114faa411d059a9a5ac4b5b4d9dee
277da4486916fa3a4ab3375f47bc98f58dbf90f6
60b3528de2f7d48cbb335d19dddef756aaacc70f73d4254a2ef17978a14ca0d9

HTTP Headers

GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Origin: https://ipfs.fleek.co
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 416774
expires: Mon, 06 Nov 2023 13:10:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mp%2BsIr5Uq8UP%2FTZY3rxMBAda%2BOhgYStKysuoZ4vAEUz4IdfZyeHT0aqAIkYC5ZJxoaDrBawuKu8uKctf8r5lBPIkkAHdmf7Sgh%2BFZAR2pNk0m%2FXvULxknc4Kp1P8svmXU2jWcbxz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76b0779f4a3bb50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.2.1.slim.min.js

69.16.175.42

200 OK

24 kB

URL HTTP/2
code.jquery.com/jquery-3.2.1.slim.min.js
IP
69.16.175.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (32012)
Size
24 kB (23856 bytes)
Hash
30f5157a965bc792a83e9bacfe265f03
8330886371fe27f3cbac509e0ac9712207574c66
4d12cab1f84ec2ac780bc8e0d865d9c61025be579c78d6532d76f0574d17fca0

HTTP Headers

GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Origin: https://ipfs.fleek.co
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:31 GMT
content-encoding: gzip
content-length: 23856
content-type: application/javascript; charset=utf-8
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-10fdd"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1668604231.dop211.sk1.t,1668604231.cds252.sk1.hn,1668604231.cds235.sk1.c
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
e95283042b9c823ed624a6a815302a78
f41d0710bbb563ec5f5082b4bb5c3e65cfe0df14
4004cc298d5f8dee97a604e29896bd22efc88b44abf52049acc945ab37c549b2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3163
Cache-Control: max-age=153819
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:31 GMT
Etag: "63748ac7-117"
Expires: Fri, 18 Nov 2022 07:54:10 GMT
Last-Modified: Wed, 16 Nov 2022 07:01:27 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
4e9f4afeaf2dac3f6dd5be7660121621
2480acef2865ac01e2310b05721c59b0bce84ffa
50eb36a97600d8b498e5aa79ae55e84ea09bbfa0e07309bdade124d372a73b94

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2693
Cache-Control: max-age=101095
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:31 GMT
Etag: "6373bea9-117"
Expires: Thu, 17 Nov 2022 17:15:26 GMT
Last-Modified: Tue, 15 Nov 2022 16:30:33 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279

www.redditstatic.com/ads/pixel.js

151.101.85.140

200 OK

7.7 kB

URL HTTP/2
www.redditstatic.com/ads/pixel.js
IP
151.101.85.140:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (25224)
Size
7.7 kB (7722 bytes)
Hash
3528fd00b652f61a266eb584d96f4fcc
d89e16aa1323c6c4f1ed3941122020684a599361
77efa9f2ddfdca7a45df37bbcd22fdaeb7b97161a2acd87e21eb78bdeaad1332

HTTP Headers

GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Mon, 07 Nov 2022 16:45:46 GMT
etag: "3528fd00b652f61a266eb584d96f4fcc"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 16 Nov 2022 13:10:31 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true,  "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
e95283042b9c823ed624a6a815302a78
f41d0710bbb563ec5f5082b4bb5c3e65cfe0df14
4004cc298d5f8dee97a604e29896bd22efc88b44abf52049acc945ab37c549b2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3163
Cache-Control: max-age=153819
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:31 GMT
Etag: "63748ac7-117"
Expires: Fri, 18 Nov 2022 07:54:10 GMT
Last-Modified: Wed, 16 Nov 2022 07:01:27 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279

prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff

52.84.93.109

200 OK

31 kB

URL HTTP/2
prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff
IP
52.84.93.109:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format, TrueType, length 31120, version 1.6554\012- data
Size
31 kB (31120 bytes)
Hash
57cbbfdafc43e0deecc75a309dd042c6
b9cc2ff331b8520706de175f5b3fdba6731a9bfc
a9117f16bdaa64c953b303bef951dfca6316ef59f1b7ca72d5b946b1d815f6a6

HTTP Headers

GET /packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ipfs.fleek.co
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: font/woff
content-length: 31120
date: Wed, 16 Nov 2022 13:10:32 GMT
last-modified: Wed, 16 Nov 2022 12:20:27 GMT
etag: "57cbbfdafc43e0deecc75a309dd042c6"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 5bcd3262b0e3ca0689291e9cc9f312e6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: MCNFPmMNthYO9qOTg6uNv_9kjPh9E9hYbsyw9gCI8dalPjU3K9ZkDQ==
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
53317aec9cafbd68ce439e1bdd7d4252
6827fa0a399c5be70f05aaeb5b44cc8071026f65
04a81d99b7b214fbd8a19882d71daedc13b5cd8fca333e6d075a017b2521a555

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8f69270501ab9db87293d702ce920198
56fff336cbae9601613470a96b470f677ca63fdb
00159fa0d3a7a8d9bd203a80c02dcd295e04ad152f4f05230222a9d71c1773b1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
e95283042b9c823ed624a6a815302a78
f41d0710bbb563ec5f5082b4bb5c3e65cfe0df14
4004cc298d5f8dee97a604e29896bd22efc88b44abf52049acc945ab37c549b2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3163
Cache-Control: max-age=153819
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:31 GMT
Etag: "63748ac7-117"
Expires: Fri, 18 Nov 2022 07:54:10 GMT
Last-Modified: Wed, 16 Nov 2022 07:01:27 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279

prod-cdn.wetransfer.net/packs/esm/71-2ff63878306f2c4473fc.es6.js

52.84.93.109

200 OK

397 B

URL HTTP/2
prod-cdn.wetransfer.net/packs/esm/71-2ff63878306f2c4473fc.es6.js
IP
52.84.93.109:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (397), with no line terminators
Size
397 B (397 bytes)
Hash
0ad4fcc2f503e98d836d3866925ebfa1
338854449bdbdc95f0f87cc10661d9164c27e75b
98a31fa8bc6612b753bf15b4c6fd22259186c158fd156c29724e4f90b3bc3dc8

HTTP Headers

GET /packs/esm/71-2ff63878306f2c4473fc.es6.js HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 397
date: Wed, 16 Nov 2022 02:36:44 GMT
last-modified: Mon, 27 Jun 2022 09:51:06 GMT
etag: "0ad4fcc2f503e98d836d3866925ebfa1"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a01be576a23f228f9f3e5ff71c09d934.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: DUmlj0Cg9SIRJL5q29m4XhTVQvQi_9McBmH07Fs3AMm_yrvb-BR9yw==
age: 38028
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
e95283042b9c823ed624a6a815302a78
f41d0710bbb563ec5f5082b4bb5c3e65cfe0df14
4004cc298d5f8dee97a604e29896bd22efc88b44abf52049acc945ab37c549b2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3163
Cache-Control: max-age=153819
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:31 GMT
Etag: "63748ac7-117"
Expires: Fri, 18 Nov 2022 07:54:10 GMT
Last-Modified: Wed, 16 Nov 2022 07:01:27 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279

ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

142.250.74.74

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32065)
Size
30 kB (30028 bytes)
Hash
6d973c8b7e2439d958e09c0a1ab9fe50
05ae0830200c20b9a2dfd5a825adc400481a60fb
f3c122dc227e829ed96b2a754296809201bd78abbad7ba50ef5079654e1cc894

HTTP Headers

GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Nov 2022 14:18:58 GMT
expires: Wed, 15 Nov 2023 14:18:58 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 82293
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

collector.brandmetrics.com/c.js?siteid=7f2d78d4-f913-42d1-8d60-7c59cb6b6daf&toploc=wetransfer.com&rnd=259291

20.50.2.28

200 OK

0 B

URL HTTP/2
collector.brandmetrics.com/c.js?siteid=7f2d78d4-f913-42d1-8d60-7c59cb6b6daf&toploc=wetransfer.com&rnd=259291
IP
20.50.2.28:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.js?siteid=7f2d78d4-f913-42d1-8d60-7c59cb6b6daf&toploc=wetransfer.com&rnd=259291 HTTP/1.1
Host: collector.brandmetrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript;charset=utf-8
date: Wed, 16 Nov 2022 13:10:30 GMT
content-length: 0
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/778938880/?random=1656083256772&cv=9&fst=1656083256772&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2&gtm=2wg6m0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&hn=www.google.com&async=1&rfmt=3&fmt=4

142.250.74.2

200 OK

986 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/778938880/?random=1656083256772&cv=9&fst=1656083256772&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2&gtm=2wg6m0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&hn=www.google.com&async=1&rfmt=3&fmt=4
IP
142.250.74.2:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2377), with no line terminators
Size
986 B (986 bytes)
Hash
a521d6b0b5ee82f3f637a3abdf35985e
dc5ccceac602b367a78642a3b73b97f518260c91
51843df23f12256f42575ec05ea496a3dc28cb4b8fc904226f281d73687501cc

HTTP Headers

GET /pagead/viewthroughconversion/778938880/?random=1656083256772&cv=9&fst=1656083256772&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2&gtm=2wg6m0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 13:10:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 986
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 16-Nov-2022 13:25:31 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
abdbaa56ac358c53c5dc3723c7671381
48c0e50792e786d83b35f0a36efb55f4c94c694d
6e9cb55f14b8219b7495ed4cd17bae3f0ca6127735ed01d3c1979601ffeb7b1c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

analytics.tiktok.com/i18n/pixel/config.js?sdkid=C81T07NV9S6QTNQPBO0G&hostname=wetransfer.com

23.36.79.32

200 OK

358 B

URL HTTP/2
analytics.tiktok.com/i18n/pixel/config.js?sdkid=C81T07NV9S6QTNQPBO0G&hostname=wetransfer.com
IP
23.36.79.32:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (308)
Size
358 B (358 bytes)
Hash
95a2ac27141ffd1d5df2919a521c22db
b8ebd9c76f8e0a6310b1df4051b6b772fe664ef0
6a945838225f8a5443ac4b2d4ec8193771abe424fd1b014ef4a4e21614b5608b

HTTP Headers

GET /i18n/pixel/config.js?sdkid=C81T07NV9S6QTNQPBO0G&hostname=wetransfer.com HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202211161310316C1CA9B93CD110E90D73
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465b37c68b021be14b3fb4371b9a5b962a466b738281d0052501ea7ec675539fd05e68a8cdc0a902f6f2b553eb6e4b0e556a
content-encoding: gzip
expires: Wed, 16 Nov 2022 13:10:31 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 16 Nov 2022 13:10:31 GMT
content-length: 358
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
set-cookie: _ttp=2Hd9jxqlMqYQHcK02az6ZXBGf9w; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=1, origin; dur=111
x-origin-response-time: 112,23.36.79.28
x-akamai-request-id: 8002dec
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
53317aec9cafbd68ce439e1bdd7d4252
6827fa0a399c5be70f05aaeb5b44cc8071026f65
04a81d99b7b214fbd8a19882d71daedc13b5cd8fca333e6d075a017b2521a555

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-K878LCS&l=dataLayer

142.250.74.168

200 OK

93 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-K878LCS&l=dataLayer
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (29001)
Size
93 kB (93061 bytes)
Hash
83527cfd296c325ace24173d6953783c
4e949030afbebe537ed52d213f0120aaa956f7b1
db5ea200d729adca9aeddab4ad97631dba4d6906f3fe8bea69da3321b23814ff

HTTP Headers

GET /gtm.js?id=GTM-K878LCS&l=dataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 16 Nov 2022 13:10:31 GMT
expires: Wed, 16 Nov 2022 13:10:31 GMT
cache-control: private, max-age=900
last-modified: Wed, 16 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93061
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
abdbaa56ac358c53c5dc3723c7671381
48c0e50792e786d83b35f0a36efb55f4c94c694d
6e9cb55f14b8219b7495ed4cd17bae3f0ca6127735ed01d3c1979601ffeb7b1c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.r2m02.amazontrust.com/

143.204.72.5

200 OK

471 B

URL HTTP/1.1
ocsp.r2m02.amazontrust.com/
IP
143.204.72.5:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
5cac2a541245e39328679004eb2680e1
e16241b9f60a1b71df5ed0fcac376d8b707aca62
cc66d9106c2fa92e03a21f67660e8c7bc555d97531ce2a154fdc0cdce11c102b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=127979
Date: Wed, 16 Nov 2022 13:10:31 GMT
Etag: "637426e4-1d7"
Expires: Fri, 18 Nov 2022 00:43:30 GMT
Last-Modified: Tue, 15 Nov 2022 23:55:16 GMT
Server: ECS (nyb/1D17)
X-Cache: Miss from cloudfront
Via: 1.1 0dd1077162fbc5ae77bb4c494a180158.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-P1
X-Amz-Cf-Id: TI69KDbB9wE2cVvbuQ5o_dq_QWOgX_g4szopSTUELDJruhmTu8-mWA==
Age: 2894

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Last-Modified, ETag, Alert, Backoff, Content-Type, Retry-After, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 16 Nov 2022 12:25:01 GMT
cache-control: public,max-age=3600
age: 2730
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

18.165.196.217

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
18.165.196.217:0
ASN
#0

File type
data
Size
471 B (471 bytes)
Hash
334b9981aad04ac77277ca281df90195
538e4db4c8729e02109f57240e2ac8ea199a8a0d
c6f77f70ff92ec953997fc1104aa9ec311bceb503a24d4fb5e8f6fca16031645

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=108991
Date: Wed, 16 Nov 2022 13:10:31 GMT
Etag: "6373d53f-1d7"
Expires: Thu, 17 Nov 2022 19:27:02 GMT
Last-Modified: Tue, 15 Nov 2022 18:06:55 GMT
Server: ECS (nyb/1D33)
X-Cache: Miss from cloudfront
Via: 1.1 4ae6e5888b43b4133973ba1aadad8194.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: gZTnFa__znFSyZKONX-1iNKr1ra5y95aKH0M6OG-7gmQ6nwm055MTA==
Age: 4807

analytics.tiktok.com/i18n/pixel/identify.js

23.36.79.32

200 OK

31 kB

URL HTTP/2
analytics.tiktok.com/i18n/pixel/identify.js
IP
23.36.79.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
31 kB (31427 bytes)
Hash
a4fcf5510b2e794e3ebc23902a232e19
d176a5ab9f10ae4d27b0aa41228a017c9b7b495d
b2d5977a1d6479e616b7fddffc94620cce83ca1c92fb9ce291f67c7b68ac4dae

HTTP Headers

GET /i18n/pixel/identify.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20221116131031E062C36305FC5ADC906E
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465b2afe39dc8b208a5b5bb4188a18a97d6be40bc41e13e6ab4e42d149fb83e8902c87fe3359ec755f0b35d1c72789b6aa3d
content-encoding: gzip
expires: Wed, 16 Nov 2022 13:10:31 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 16 Nov 2022 13:10:31 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=104
x-origin-response-time: 104,23.36.79.28
x-akamai-request-id: 8002dc0
X-Firefox-Spdy: h2

cdn.brandmetrics.com/scripts/bundle/65568.js?sid=7f2d78d4-f913-42d1-8d60-7c59cb6b6daf&toploc=ipfs.fleek.co

104.26.7.155

200 OK

14 kB

URL HTTP/2
cdn.brandmetrics.com/scripts/bundle/65568.js?sid=7f2d78d4-f913-42d1-8d60-7c59cb6b6daf&toploc=ipfs.fleek.co
IP
104.26.7.155:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (10973), with CRLF, LF line terminators
Size
14 kB (13710 bytes)
Hash
65fc0d0935644725a85be503ed858961
daf5bad75e0d1a3cd5bf3c9996b5342d5e0e6791
e6e5cfbf9e2bd44251cef6e1c35781d370d49be922571bdef386bdd4d1aac400

HTTP Headers

GET /scripts/bundle/65568.js?sid=7f2d78d4-f913-42d1-8d60-7c59cb6b6daf&toploc=ipfs.fleek.co HTTP/1.1
Host: cdn.brandmetrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:32 GMT
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-cache-status: EXPIRED
last-modified: Wed, 16 Nov 2022 04:09:59 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMaaD%2BdPvGL%2Bz%2FnGa%2Fn7y%2B4D30Fq1lB6TpD3158T3tTzjsXq1O0j1H1HBq6dlNB020XU6jp0yStgh%2BSHNQXib5UEZuqQyev%2F6YaAikZBPI8lSnlniHiz8M9nGaGCptQb27pfY5ER"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76b077a2da3cb511-OSL
content-encoding: br
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.41.253.170

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.41.253.170:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ts+sZm5iRWlBcEjQfVOMzg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VYXw16PQW7l07sekUDF9NyYlH7Q=

prod-cdn.wetransfer.net/packs/media/images/apple-touch-icon-180x180-precomposed-fd272b89.png

52.84.93.109

200 OK

16 kB

URL HTTP/2
prod-cdn.wetransfer.net/packs/media/images/apple-touch-icon-180x180-precomposed-fd272b89.png
IP
52.84.93.109:0
ASN
#16509 AMAZON-02

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (16208 bytes)
Hash
bc5b180f2d0001298a5ea3691e3fc623
edf2c67a5cef4efd081e5e6e4bc027e72be45593
b8c5bf2f80790d4abbe7fd5dca0bcf5c3eeaa4e23b1b35c8854a3fdb5c26b1e9

HTTP Headers

GET /packs/media/images/apple-touch-icon-180x180-precomposed-fd272b89.png HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 16208
date: Wed, 07 Sep 2022 04:51:29 GMT
last-modified: Tue, 06 Sep 2022 17:53:40 GMT
etag: "bc5b180f2d0001298a5ea3691e3fc623"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a01be576a23f228f9f3e5ff71c09d934.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: s8QvPZLRYwVFNPczv5Qf1bvrOiTXyxncxKfBvvsKuuUK1wN04M7YYA==
age: 6077944
X-Firefox-Spdy: h2

prod-cdn.wetransfer.net/packs/media/images/favicon-a34a7465.ico

52.84.93.109

200 OK

42 kB

URL HTTP/2
prod-cdn.wetransfer.net/packs/media/images/favicon-a34a7465.ico
IP
52.84.93.109:0
ASN
#16509 AMAZON-02

File type
MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Size
42 kB (41566 bytes)
Hash
692e1c7339c359b6412f059c9c9a0474
e7c1a53dca16b7664880e5b8a92524cf9a47fb62
d12161435ace47c6883360e08466508593325f134c1852b1d0e6e75d5f76adda

HTTP Headers

GET /packs/media/images/favicon-a34a7465.ico HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 41566
date: Sat, 10 Sep 2022 10:34:27 GMT
last-modified: Fri, 09 Sep 2022 13:23:06 GMT
etag: "692e1c7339c359b6412f059c9c9a0474"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a01be576a23f228f9f3e5ff71c09d934.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: H1c_0iB_wT_BfZ7aXY_KBqcBQNMXa_ioab_qTukiCjmX6XVobZ1KUg==
age: 5798166
X-Firefox-Spdy: h2

backgrounds.wetransfer.net/creator/wetransfer/2206-ideas-report-survey/evergreen/1_Nx2JGt/GTSuperWT-Regular.33399e4ba671a8a31fea.woff2

108.156.46.112

200 OK

40 kB

URL HTTP/2
backgrounds.wetransfer.net/creator/wetransfer/2206-ideas-report-survey/evergreen/1_Nx2JGt/GTSuperWT-Regular.33399e4ba671a8a31fea.woff2
IP
108.156.46.112:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format (Version 2), TrueType, length 40036, version 1.0\012- data
Size
40 kB (40036 bytes)
Hash
57e8971e577093e522e8288788750af9
d02fe432d9f05af964bb54bd7247a60b9ce39544
c6f19a8118ae24780824a797484f8c970d47601ebfeadbc535009b174b780de3

HTTP Headers

GET /creator/wetransfer/2206-ideas-report-survey/evergreen/1_Nx2JGt/GTSuperWT-Regular.33399e4ba671a8a31fea.woff2 HTTP/1.1
Host: backgrounds.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://backgrounds.wetransfer.net/creator/wetransfer/2206-ideas-report-survey/evergreen/1_Nx2JGt/b/index.html?cacheId=fb2hmwd_0_236386683&_origin=https://wetransfer.com
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: font/woff2
content-length: 40036
date: Wed, 16 Nov 2022 13:10:33 GMT
last-modified: Tue, 19 Jul 2022 08:16:10 GMT
etag: "57e8971e577093e522e8288788750af9"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 a96b4e5111339688525bc9e54ad91f88.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: wi40DI-h2GXZ0O_lofgDyjjC110RbdjycYPWoubZSrUoU4ld_CpE8g==
X-Firefox-Spdy: h2

prod-cdn.wetransfer.net/packs/media/gt-super-wt/GT-Super-WT-Super-1b214df1.woff

52.84.93.109

200 OK

60 kB

URL HTTP/2
prod-cdn.wetransfer.net/packs/media/gt-super-wt/GT-Super-WT-Super-1b214df1.woff
IP
52.84.93.109:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format, TrueType, length 43188, version 0.0\012- data
Size
60 kB (59990 bytes)
Hash
2a2e11c913169ebe411798b06be5ab16
fd7b87d3779ed9ba06ccee7cb76a1dcc88b2029b
89208a02ca94ea13310dd20471d722f7142edb9ae71f59fe5f28d00448933001

HTTP Headers

GET /packs/media/gt-super-wt/GT-Super-WT-Super-1b214df1.woff HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ipfs.fleek.co
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: font/woff
content-length: 43188
date: Wed, 16 Nov 2022 13:10:32 GMT
last-modified: Wed, 16 Nov 2022 12:20:28 GMT
etag: "55576599a2d772f9297c5036d355b1fb"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 5bcd3262b0e3ca0689291e9cc9f312e6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: Xvpj3NzGmyQw4zS9v4AWhJdTo063eUStUvp2k4CaIYMrmcIyRqSH6g==
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
74c07a15d0960c36c1d1160344b946da
9b0d25cc445c83d1eae53deb84a2a74b152af6d4
ba99f5ae2d779e578700195798bb71dd43f11195ef6a982e0eaac735e26b5a85

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3a9734f9f93c8158e73e4491e35f56bd
e57dc6ee66918ae45ce20c6dea942d2e786ff17c
171dfb208dfcaa849595e79c07f998833a5560ae06c736f9f4c45f445e121ada

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/plugins/ua/ecommerce.js

142.250.74.174

200 OK

738 B

URL HTTP/2
www.google-analytics.com/plugins/ua/ecommerce.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (745)
Size
738 B (738 bytes)
Hash
f804aa0b574b678d24df5281ed71a61d
2fc02211b273e1ab4d362df05d592f2d822c2add
1d2d8c7f3502f4459478fe8c7495a27464d6f178b1d564333a107d310c0ea74d

HTTP Headers

GET /plugins/ua/ecommerce.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 738
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 12:37:43 GMT
expires: Wed, 16 Nov 2022 13:37:43 GMT
cache-control: public, max-age=3600
age: 1969
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 16 Nov 2022 12:41:09 GMT
expires: Wed, 16 Nov 2022 14:41:09 GMT
cache-control: public, max-age=7200
age: 1763
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/plugins/ua/ec.js

142.250.74.174

200 OK

1.1 kB

URL HTTP/2
www.google-analytics.com/plugins/ua/ec.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (523)
Size
1.1 kB (1129 bytes)
Hash
17427cd827c6f9e01d5ee868be659be5
6ff2e43c1a10e3c924870b48ae3cc36280b97f53
59157001be3cd5b0e3eae8afa425d1c694591c403fb9692bc3ad6d3235b423e7

HTTP Headers

GET /plugins/ua/ec.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1129
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 12:11:41 GMT
expires: Wed, 16 Nov 2022 13:11:41 GMT
cache-control: public, max-age=3600
age: 3531
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

bat.bing.com/bat.js

13.107.21.200

200 OK

11 kB

URL HTTP/2
bat.bing.com/bat.js
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Size
11 kB (11421 bytes)
Hash
22e2e3226eb5ada04929a2e43307eeda
04615fa88f80567974bdeb0f103ca5909746ebd7
41feebdfb0b03cd7fee2eb886adef6f3f1f85d3f14215e9a388d2a50e42efb9b

HTTP Headers

GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11421
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ranges: bytes
etag: "077538f81f4d81:0"
vary: Accept-Encoding
set-cookie: MUID=0CBFA6EAEBFB630A39D6B4B4EAAC621F; domain=.bing.com; expires=Mon, 11-Dec-2023 13:10:32 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AF6F0A8F9E5B4B91AC6705F1113DD8C6 Ref B: OSL30EDGE0314 Ref C: 2022-11-16T13:10:32Z
date: Wed, 16 Nov 2022 13:10:32 GMT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1fa19aff1e1cd1bcb23807998ef85c43
a4c43d274ab7c17894153b771d5fe096e2142e96
e254f31055336f837930d3dbe663ff8b96129f069d67d4d8511f13f5620b5641

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3420
Cache-Control: max-age=87798
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:32 GMT
Etag: "637387e2-1d7"
Expires: Thu, 17 Nov 2022 13:33:50 GMT
Last-Modified: Tue, 15 Nov 2022 12:36:50 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1fa19aff1e1cd1bcb23807998ef85c43
a4c43d274ab7c17894153b771d5fe096e2142e96
e254f31055336f837930d3dbe663ff8b96129f069d67d4d8511f13f5620b5641

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6479
Cache-Control: max-age=90857
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:32 GMT
Etag: "637387e2-1d7"
Expires: Thu, 17 Nov 2022 14:24:49 GMT
Last-Modified: Tue, 15 Nov 2022 12:36:50 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9d96ce61547f9d3184b571ec26c13f61
9607a743ed3f0c67ffd8aa22fdc76070c00b18fc
ce83e5b84417ac34b261442b70b71cec63124f57e8baa8acee68dc22c38763c7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9d96ce61547f9d3184b571ec26c13f61
9607a743ed3f0c67ffd8aa22fdc76070c00b18fc
ce83e5b84417ac34b261442b70b71cec63124f57e8baa8acee68dc22c38763c7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001668604231-98DRPA5P-3JLB

142.250.74.34

302 Found

381 B

URL HTTP/2
cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001668604231-98DRPA5P-3JLB
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
381 B (381 bytes)
Hash
08f658b937e677341bad9188d8891a79
82788ade093e1f72584fee67f8b9d4613f3e4130
91b3f2af82c6d2e328e32c5cb8ed77f4758884db4a2e67eca268da9a2c781816

HTTP Headers

GET /pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001668604231-98DRPA5P-3JLB HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001668604231-98DRPA5P-3JLB&google_tc=
date: Wed, 16 Nov 2022 13:10:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 381
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 16-Nov-2022 13:25:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/778938880/?random=1656083256772&cv=9&fst=1656082800000&num=1&bg=ffffff&guid=ON&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2&gtm=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&async=1&fmt=3&is_vtc=1&random=2173468691&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/778938880/?random=1656083256772&cv=9&fst=1656082800000&num=1&bg=ffffff&guid=ON&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2&gtm=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&async=1&fmt=3&is_vtc=1&random=2173468691&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/778938880/?random=1656083256772&cv=9&fst=1656082800000&num=1&bg=ffffff&guid=ON&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2&gtm=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&async=1&fmt=3&is_vtc=1&random=2173468691&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 13:10:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

static.ads-twitter.com/uwt.js

151.101.84.157

200 OK

15 kB

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (57596), with no line terminators
Size
15 kB (15375 bytes)
Hash
573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Wed, 16 Nov 2022 13:10:32 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-bma1627-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2

a.ad.gt/api/v1/u/matches/367?url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F

100.22.4.13

200 OK

8.1 kB

URL HTTP/2
a.ad.gt/api/v1/u/matches/367?url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F
IP
100.22.4.13:0
ASN
#16509 AMAZON-02

File type
C source, ASCII text, with very long lines (12888)
Size
8.1 kB (8148 bytes)
Hash
961e62df9ba677fd31532bb5a5e3aac3
47ed19f516e99ab69d9f18d2df5d8d2fee664418
ffc67eab6edac3db05582bd822a06cb1737daf84138bb790c2f054093e666312

HTTP Headers

GET /api/v1/u/matches/367?url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F HTTP/1.1
Host: a.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:32 GMT
content-type: application/javascript
server: nginx/1.20.0
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

bat.bing.com/p/action/56335302.js

13.107.21.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/p/action/56335302.js
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p/action/56335302.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=1F45269BA37C677D0E6734C5A22B6659; domain=.bing.com; expires=Mon, 11-Dec-2023 13:10:32 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7EBC0C80BAF54FE6995BA2622CA7102B Ref B: OSL30EDGE0314 Ref C: 2022-11-16T13:10:32Z
date: Wed, 16 Nov 2022 13:10:32 GMT
X-Firefox-Spdy: h2

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
5d76d361c50e9ca15fff2077e912418a
5fc21ef1d686df2d20510320764d27df143d222d
a96bbc8602545d7a35cbe8fb55dfd274a0bbe3505b1a906eba281391584b0a9c

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 13:10:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 20 Nov 2022 11:55:11 GMT
ETag: "5fc21ef1d686df2d20510320764d27df143d222d"
Last-Modified: Wed, 16 Nov 2022 11:55:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 635
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76b077a718890afa-OSL

cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001668604231-98DRPA5P-3JLB&google_tc=

142.250.74.34

302 Found

288 B

URL HTTP/2
cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001668604231-98DRPA5P-3JLB&google_tc=
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
288 B (288 bytes)
Hash
427bfac05f328afc041f09f0074cddcb
71810d3e5208f8aa1685203f3ae135ac1d5e0807
72ae5e0ccad12b0d45a88b97f0c28e3ee7c77ccb8ff8ac8722e83454f4bcc70d

HTTP Headers

GET /pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001668604231-98DRPA5P-3JLB&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
location: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&google_error=3
date: Wed, 16 Nov 2022 13:10:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 288
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27340 bytes)
Hash
44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: DyVz3bxY2BBlnSKvCTgOGLZwJXeCiIJKDNVQFFhtfTKR+VZtg3UkIqo5qoiA50dT/4BjFQ1kmeVYOFYWnV2wjA==
content-length: 27340
x-fb-trip-id: 1904183273
date: Wed, 16 Nov 2022 13:10:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
f86cf0bde12ef9b07967fa7bfdcd2db3
e2d2b277538fe878767964d21105c5e81283369f
9b9a5e9ce9933adc810851f84e2f083eb5d101f800ba5fe98ea1bcf0e4e934b3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2865
Cache-Control: max-age=120005
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:32 GMT
Etag: "637407dc-138"
Expires: Thu, 17 Nov 2022 22:30:37 GMT
Last-Modified: Tue, 15 Nov 2022 21:42:52 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 312

backgrounds.wetransfer.net/creator/wetransfer/2206-ideas-report-survey/evergreen/1_Nx2JGt/b/bundle.97a69a71fca9ac47f890.js

108.156.46.112

200 OK

97 kB

URL HTTP/2
backgrounds.wetransfer.net/creator/wetransfer/2206-ideas-report-survey/evergreen/1_Nx2JGt/b/bundle.97a69a71fca9ac47f890.js
IP
108.156.46.112:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (48060), with LF, NEL line terminators
Size
97 kB (96732 bytes)
Hash
380112ed11e78355d13c12a33cf714d0
1a6e6e8130cb5aa558efae012b83ef30c0aa4cfc
80b2abfd004b579ab418b334b106456b20973b54b0caec7ffc1b08bdb442d170

HTTP Headers

GET /creator/wetransfer/2206-ideas-report-survey/evergreen/1_Nx2JGt/b/bundle.97a69a71fca9ac47f890.js HTTP/1.1
Host: backgrounds.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://backgrounds.wetransfer.net/creator/wetransfer/2206-ideas-report-survey/evergreen/1_Nx2JGt/b/index.html?cacheId=fb2hmwd_0_236386683&_origin=https://wetransfer.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/javascript
last-modified: Tue, 19 Jul 2022 08:16:12 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 16 Nov 2022 13:10:33 GMT
etag: W/"6acf1fb3e818355b8f1026a7260e0c68"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 a96b4e5111339688525bc9e54ad91f88.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: QBeKmQbDu0k5EreDXWnUa9iTjBpPXkfc-oyZViXY94lKp0w7MFlBAw==
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e4a9797558e523df0b9010ace420b63a
b0922fd57d9074df93e861fc81986f69d5e29777
a6ab8071a8d05d2e722a35bcebdf8cb871cc101ec7b4cd3a2c1bfd2af8719027

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6583
Cache-Control: max-age=124094
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:32 GMT
Etag: "6374094f-1d7"
Expires: Thu, 17 Nov 2022 23:38:46 GMT
Last-Modified: Tue, 15 Nov 2022 21:49:03 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

www.google.com/pagead/conversion_async.js

142.250.74.164

200 OK

15 kB

URL HTTP/2
www.google.com/pagead/conversion_async.js
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1654)
Size
15 kB (15185 bytes)
Hash
e9a582c90aac2328476e597baba398b4
06b0d94c58e65121f7bcc97eb323e1be19916373
5ff051b75b60717108be94182882ddb67a474820c0b7f8a3bc5e011bb0649d2a

HTTP Headers

GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 16 Nov 2022 13:10:32 GMT
expires: Wed, 16 Nov 2022 13:10:32 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 5797422194694114326
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15185
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/778938880/?random=1656083256772&cv=9&fst=1656082800000&num=1&bg=ffffff&guid=ON&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2&gtm=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&async=1&fmt=3&is_vtc=1&random=2173468691&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/778938880/?random=1656083256772&cv=9&fst=1656082800000&num=1&bg=ffffff&guid=ON&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2&gtm=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&async=1&fmt=3&is_vtc=1&random=2173468691&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/778938880/?random=1656083256772&cv=9&fst=1656082800000&num=1&bg=ffffff&guid=ON&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2&gtm=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&async=1&fmt=3&is_vtc=1&random=2173468691&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 13:10:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b9d1d7a3bdf402d8c0a4ad04e95ee031
9629d41afd2686b2d45c274f49e16016eeafae20
b56bd786cea3fe86bde6e8c25137440f8ce8347e8dfa8cb9374cf4092dce52bf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4400
Cache-Control: max-age=164358
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:32 GMT
Etag: "6374af1e-1d7"
Expires: Fri, 18 Nov 2022 10:49:50 GMT
Last-Modified: Wed, 16 Nov 2022 09:36:30 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&adnxs_id=$UID&gdpr=0

185.89.211.132

307 Redirection

0 B

URL HTTP/1.1
secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&adnxs_id=$UID&gdpr=0
IP
185.89.211.132:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&adnxs_id=$UID&gdpr=0 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 16 Nov 2022 13:10:32 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26adnxs_id%3D%24UID%26gdpr%3D0
AN-X-Request-Uuid: 52fdcbf2-7196-44cb-ad45-293e72c8c6e1
Set-Cookie: uuid2=2068448699266745975; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 14-Feb-2023 13:10:32 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001668604231-98DRPA5P-3JLB&gdpr=0

15.197.193.217

200 OK

70 B

URL HTTP/2
match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001668604231-98DRPA5P-3JLB&gdpr=0
IP
15.197.193.217:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
70 B (70 bytes)
Hash
58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

HTTP Headers

GET /track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001668604231-98DRPA5P-3JLB&gdpr=0 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:32 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
a6eb5971db7b9b8ca899d17a01a3f39b
530902f94af1b9cb968d0a35eb71ccbc8f3fa6e7
e0133a1a4953d1e29f2e00c767f7c2a99f2393a123b2fb90635f7d888d5453eb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 13:10:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 01:55:57 GMT
Expires: Wed, 23 Nov 2022 01:55:56 GMT
Etag: "530902f94af1b9cb968d0a35eb71ccbc8f3fa6e7"
Cache-Control: max-age=563723,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76b077a7ba1f0b65-OSL

sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3DAU1D-0100-001668604231-98DRPA5P-3JLB

185.29.132.241

302 Moved Temporarily

0 B

URL HTTP/1.1
sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3DAU1D-0100-001668604231-98DRPA5P-3JLB
IP
185.29.132.241:0
ASN
#30419 MEDIAMATH-INC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3DAU1D-0100-001668604231-98DRPA5P-3JLB HTTP/1.1
Host: sync.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Date: Wed, 16 Nov 2022 13:10:32 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 4629 97bee97 master zrh-pixel-x13 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=f62f6374-e149-4000-952b-014602b2ec4c; domain=.mathtag.com; path=/; expires=Thu, 14-Dec-2023 13:10:33 GMT; SameSite=None; Secure
location: https://ids.ad.gt/api/v1/mediamath_match?user_id=f62f6374-e149-4000-952b-014602b2ec4c&id=AU1D-0100-001668604231-98DRPA5P-3JLB
Expires: Wed, 16 Nov 2022 13:10:31 GMT

ocsp.sca1b.amazontrust.com/

18.165.196.217

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
18.165.196.217:0
ASN
#0

File type
data
Size
471 B (471 bytes)
Hash
416455c97f70dd68274596acf4c006b4
9c2ff3be5b0ac25d25b61cea57b3c2cf3cd710cb
19cab2157cd84e02d254cc9f007ecfd055ae59a89caa8c380d058600b434aacf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=133479
Date: Wed, 16 Nov 2022 13:10:32 GMT
Etag: "637430b8-1d7"
Expires: Fri, 18 Nov 2022 02:15:11 GMT
Last-Modified: Wed, 16 Nov 2022 00:37:12 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 4ae6e5888b43b4133973ba1aadad8194.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: _uw0bTyjKwMUFbHaXhPojBwRoKpwlJeLQC9hjMdnJs6TxcsTv-Snqw==
Age: 5879

www.clarity.ms/tag/uet/56335302

13.107.213.53

200 OK

0 B

URL HTTP/2
www.clarity.ms/tag/uet/56335302
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tag/uet/56335302 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: public,max-age=86400
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
x-cache: CONFIG_NOCACHE
x-azure-ref: 0SOF0YwAAAABm4lXoBS/mS4eKP2lAotONU1ZHMjBFREdFMDUwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 16 Nov 2022 13:10:32 GMT
content-length: 0
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3a9734f9f93c8158e73e4491e35f56bd
e57dc6ee66918ae45ce20c6dea942d2e786ff17c
171dfb208dfcaa849595e79c07f998833a5560ae06c736f9f4c45f445e121ada

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
74c07a15d0960c36c1d1160344b946da
9b0d25cc445c83d1eae53deb84a2a74b152af6d4
ba99f5ae2d779e578700195798bb71dd43f11195ef6a982e0eaac735e26b5a85

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

public.profitwell.com/js/profitwell.js?auth=1a33eb12b20b92f6b89c398e023e2ca1

54.230.111.5

200 OK

9.3 kB

URL HTTP/2
public.profitwell.com/js/profitwell.js?auth=1a33eb12b20b92f6b89c398e023e2ca1
IP
54.230.111.5:0
ASN
#16509 AMAZON-02

File type
data
Size
9.3 kB (9251 bytes)
Hash
d9b6d28290a7a3e187e8f7ce76665583
5edd71ecba65fe356ea1ab6c6f089d3b26ae8c1d
e5717d66f16b4ac67c5a5ff7d1e44e04487fde419bc9cb3bdf006d607db697a1

HTTP Headers

GET /js/profitwell.js?auth=1a33eb12b20b92f6b89c398e023e2ca1 HTTP/1.1
Host: public.profitwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/x-javascript
date: Tue, 15 Nov 2022 17:32:20 GMT
last-modified: Tue, 28 Jun 2022 18:43:42 GMT
etag: W/"f3710cf44008e9509cf9d74fde8cff1f"
cache-control: public,max-age=86400
x-amz-version-id: Wa8rEL0sgfJJ468C6RWZ8GSg57cuV9EE
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hFLO1HmXPllKRZD0o5eyaSorYq7Kqx5GYtD_WDONrPPkO0d9yuFtFw==
age: 70692
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1fa19aff1e1cd1bcb23807998ef85c43
a4c43d274ab7c17894153b771d5fe096e2142e96
e254f31055336f837930d3dbe663ff8b96129f069d67d4d8511f13f5620b5641

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6480
Cache-Control: max-age=90857
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:33 GMT
Etag: "637387e2-1d7"
Expires: Thu, 17 Nov 2022 14:24:50 GMT
Last-Modified: Tue, 15 Nov 2022 12:36:50 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26impr_uid%3D%7BPUB_USER_ID%7D

52.59.57.234

302 Found

0 B

URL HTTP/2
ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26impr_uid%3D%7BPUB_USER_ID%7D
IP
52.59.57.234:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26impr_uid%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Wed, 16 Nov 2022 13:10:32 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26impr_uid%3D%7BPUB_USER_ID%7D
set-cookie: tuuid=cb949412-0080-4330-a5df-8fcf62a7586f; Expires=Tue, 14 Feb 2023 13:10:32 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1668604232; Expires=Tue, 14 Feb 2023 13:10:32 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1b43631817b375ad10d08b6fd9ff9249
ca2988f207b07f60e4204c701e127f84a69a5446
d61ac811e9c087f7fe5a9baeaf3065ac313c1e777f169cf91516ef4b83304f1f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.godaddy.com/

192.124.249.23

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.23:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
08c8def6f19785fee6579c1e4e4b55b1
dbf35a66687c3af0c96ad208462eeefa5aa18886
ce2abf49f6205a18f47359d9f3ac003b8ae3e5ee2a22a4b3f6005dc8ec8df878

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 16 Nov 2022 13:10:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 15 Nov 2022 19:06:39 GMT
Expires: Wed, 16 Nov 2022 19:06:39 GMT
ETag: "dbf35a66687c3af0c96ad208462eeefa5aa18886"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

ocsp.godaddy.com/

192.124.249.23

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.23:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
977dab9d2dc1cf9e785d9526581ec8de
1b07cc856c8615537228d554284470062c6dbb79
a9c9ce9d3b399b41da3b6d31c67d23ce329f806172999119a038e6f2a7ffe79a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 16 Nov 2022 13:10:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 15 Nov 2022 20:39:55 GMT
Expires: Wed, 16 Nov 2022 20:39:55 GMT
ETag: "1b07cc856c8615537228d554284470062c6dbb79"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
86b82026e21c0ad82ab0bbffe71ed768
04d3ccc4a4892ad4eca8bc4eb593088dffc295ed
32eebab7559e600d0b93c559ff0caf16fdc9fa30965c9bedcbe9fa4b14731a9c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6149
Cache-Control: max-age=103116
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:33 GMT
Etag: "6373b910-1d7"
Expires: Thu, 17 Nov 2022 17:49:09 GMT
Last-Modified: Tue, 15 Nov 2022 16:06:40 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

resources.xg4ken.com/js/v2/ktag.js?tid=KT-N2780-3FE

52.30.11.209

200 OK

3.5 kB

URL HTTP/2
resources.xg4ken.com/js/v2/ktag.js?tid=KT-N2780-3FE
IP
52.30.11.209:0
ASN
#16509 AMAZON-02

File type
C source, ASCII text, with very long lines (9143)
Size
3.5 kB (3544 bytes)
Hash
14380f52b301a495de3bdf28112849a0
391f89a7f915c1166a14ffb55e0910b291d4b668
31a96352ccb1839e461d812b75d9ba902484ee4a501854f46cdcd216479b8355

HTTP Headers

GET /js/v2/ktag.js?tid=KT-N2780-3FE HTTP/1.1
Host: resources.xg4ken.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:33 GMT
content-type: application/javascript
content-length: 3544
server: nginx
last-modified: Mon, 14 Nov 2022 12:23:07 GMT
etag: "6372332b-dd8"
content-encoding: gzip
expires: Thu, 17 Nov 2022 13:10:33 GMT
x-xss-protection: 1; mode=block
cache-control: max-age=86400, public
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

18.165.196.217

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
18.165.196.217:0
ASN
#0

File type
data
Size
471 B (471 bytes)
Hash
e18d7900f510b8d6ac08ed6782111c09
b24937b1f6c1ccb05d0f382ca7d502755111b28c
85b6d0d5d0f64d7e724fc41e904256083d67d252f9f6cb46ffed05f9b7cb290e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=138868
Date: Wed, 16 Nov 2022 13:10:33 GMT
Etag: "63744312-1d7"
Expires: Fri, 18 Nov 2022 03:45:01 GMT
Last-Modified: Wed, 16 Nov 2022 01:55:30 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 4ae6e5888b43b4133973ba1aadad8194.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: h-p2XkitgfpsVuRp3T3B8TKBThi7wT6WiuAP8a-gli40PTP0Iz7xew==
Age: 6571

sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&uid=[UID]&gdpr=0

69.166.1.10

302 Found

0 B

URL HTTP/1.1
sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&uid=[UID]&gdpr=0
IP
69.166.1.10:0
ASN
#27630 AS-XFERNET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&uid=[UID]&gdpr=0 HTTP/1.1
Host: sync.go.sonobi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Date: Wed, 16 Nov 2022 13:10:33 GMT
Content-Type: text/plain; charset=utf8
Content-Length: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-188
X-Xss-Protection: 0
Location: https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&uid=823a2d5e-d27b-4c79-9c9c-40d478af9804&gdpr=0
Server: sonobi-go
Set-Cookie: __uis=823a2d5e-d27b-4c79-9c9c-40d478af9804; expires=Fri, 16 Dec 2022 13:10:32 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None
HAPLB8S=s85188|Y3ThT; path=/; domain=.go.sonobi.com; SameSite=None; secure

e-10220.adzerk.net/i.gif?e=eyJ2IjoiMS4xMCIsImF2Ijo0MzE0NDksImF0Ijo5NTksImJ0IjowLCJjbSI6NzU0MzQyNzksImNoIjozNDkwMiwiY2siOnt9LCJjciI6OTIxNDg5OTQsImRpIjoiODU3MzJiOWY1NWQ1NDc5MGIwYThjMjkzMmFjNDRkNzAiLCJkaiI6MCwiaWkiOiJmNDY4MDZhN2JhYzY0NzY5OGQ0ODM3MjQxZWE0Mzc5ZCIsImRtIjozLCJmYyI6MjMzOTUzNzAyLCJmbCI6MjI1NjcyMzM3LCJpcCI6IjM2LjgxLjE0My4xMDUiLCJudyI6MTAyMjAsInBjIjowLjQsIm9wIjowLjQsImVjIjowLCJnbSI6MCwiZXAiOm51bGwsInByIjoxNDk2ODYsInJ0IjozLCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wYTViMDM4OWFkYjVhNTNmMCIsInNwIjoyMTEyMTI5LCJzdCI6MTA1NTkyMiwidWsiOiJzcC02NmJiZTgzNC00ZWZmLTQ4NTktYjhlMi0wNDM1ZjJiZDA1NmIiLCJ6biI6MTk5MDcxLCJ0cyI6MTY1NjA4Mzk4NDMxMSwicG4iOiJpZnJhbWUiLCJnciI6dHJ1ZSwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJ0eiI6IlVUQyIsImFnIjoxLCJiYSI6MSwiZnEiOjB9&s=lMQvQpF7q84B7pVMqB23NqsR8CQ

34.199.140.62

200 OK

43 B

URL HTTP/2
e-10220.adzerk.net/i.gif?e=eyJ2IjoiMS4xMCIsImF2Ijo0MzE0NDksImF0Ijo5NTksImJ0IjowLCJjbSI6NzU0MzQyNzksImNoIjozNDkwMiwiY2siOnt9LCJjciI6OTIxNDg5OTQsImRpIjoiODU3MzJiOWY1NWQ1NDc5MGIwYThjMjkzMmFjNDRkNzAiLCJkaiI6MCwiaWkiOiJmNDY4MDZhN2JhYzY0NzY5OGQ0ODM3MjQxZWE0Mzc5ZCIsImRtIjozLCJmYyI6MjMzOTUzNzAyLCJmbCI6MjI1NjcyMzM3LCJpcCI6IjM2LjgxLjE0My4xMDUiLCJudyI6MTAyMjAsInBjIjowLjQsIm9wIjowLjQsImVjIjowLCJnbSI6MCwiZXAiOm51bGwsInByIjoxNDk2ODYsInJ0IjozLCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wYTViMDM4OWFkYjVhNTNmMCIsInNwIjoyMTEyMTI5LCJzdCI6MTA1NTkyMiwidWsiOiJzcC02NmJiZTgzNC00ZWZmLTQ4NTktYjhlMi0wNDM1ZjJiZDA1NmIiLCJ6biI6MTk5MDcxLCJ0cyI6MTY1NjA4Mzk4NDMxMSwicG4iOiJpZnJhbWUiLCJnciI6dHJ1ZSwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJ0eiI6IlVUQyIsImFnIjoxLCJiYSI6MSwiZnEiOjB9&s=lMQvQpF7q84B7pVMqB23NqsR8CQ
IP
34.199.140.62:0
ASN
#14618 AMAZON-AES

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

HTTP Headers

GET /i.gif?e=eyJ2IjoiMS4xMCIsImF2Ijo0MzE0NDksImF0Ijo5NTksImJ0IjowLCJjbSI6NzU0MzQyNzksImNoIjozNDkwMiwiY2siOnt9LCJjciI6OTIxNDg5OTQsImRpIjoiODU3MzJiOWY1NWQ1NDc5MGIwYThjMjkzMmFjNDRkNzAiLCJkaiI6MCwiaWkiOiJmNDY4MDZhN2JhYzY0NzY5OGQ0ODM3MjQxZWE0Mzc5ZCIsImRtIjozLCJmYyI6MjMzOTUzNzAyLCJmbCI6MjI1NjcyMzM3LCJpcCI6IjM2LjgxLjE0My4xMDUiLCJudyI6MTAyMjAsInBjIjowLjQsIm9wIjowLjQsImVjIjowLCJnbSI6MCwiZXAiOm51bGwsInByIjoxNDk2ODYsInJ0IjozLCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wYTViMDM4OWFkYjVhNTNmMCIsInNwIjoyMTEyMTI5LCJzdCI6MTA1NTkyMiwidWsiOiJzcC02NmJiZTgzNC00ZWZmLTQ4NTktYjhlMi0wNDM1ZjJiZDA1NmIiLCJ6biI6MTk5MDcxLCJ0cyI6MTY1NjA4Mzk4NDMxMSwicG4iOiJpZnJhbWUiLCJnciI6dHJ1ZSwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJ0eiI6IlVUQyIsImFnIjoxLCJiYSI6MSwiZnEiOjB9&s=lMQvQpF7q84B7pVMqB23NqsR8CQ HTTP/1.1
Host: e-10220.adzerk.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:33 GMT
content-type: image/gif
content-length: 43
server: nginx
x-powered-by: adzerk bifrost/
access-control-allow-origin: undefined
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
access-control-allow-headers: Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
x-served-by: bifrost-production-shard001-us-east-1a-i-0b06b9d8b72d6a4a4
set-cookie: azk=sp-66bbe834-4eff-4859-b8e2-0435f2bd056b; Path=/; Expires=Thu, 16 Nov 2023 13:10:33 GMT; Secure; SameSite=None
azk-ss=true; Path=/; Expires=Thu, 16 Nov 2023 13:10:33 GMT; Secure; SameSite=None
etag: W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
X-Firefox-Spdy: h2

secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26adnxs_id%3D%24UID%26gdpr%3D0

185.89.211.132

302 Found

0 B

URL HTTP/1.1
secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26adnxs_id%3D%24UID%26gdpr%3D0
IP
185.89.211.132:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Wed, 16 Nov 2022 13:10:33 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&adnxs_id=0&gdpr=0
AN-X-Request-Uuid: e0e07e38-c5f7-4380-9460-9c28511e7084
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26impr_uid%3D%7BPUB_USER_ID%7D

52.59.57.234

200 OK

43 B

URL HTTP/2
ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26impr_uid%3D%7BPUB_USER_ID%7D
IP
52.59.57.234:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26impr_uid%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:33 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2

px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1668604232093&url=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44

13.107.42.14

200 OK

0 B

URL HTTP/2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1668604232093&url=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?v=2&fmt=js&pid=&time=1668604232093&url=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44 HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&b7df27c5-b6a5-45ea-8aeb-82dcaf6e3b82"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 16-Nov-2023 13:10:33 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2432:u=1:x=1:i=1668604233:t=1668690633:v=2:sig=AQF50hrC9KDaF01YIGlKFWWLffg9E_xW"; Expires=Thu, 17 Nov 2022 13:10:33 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXtljKYLkFsXuT0X5LUzw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 70E55CC23E2A480BB6E9D3BD4E853AB6 Ref B: OSL30EDGE0508 Ref C: 2022-11-16T13:10:33Z
date: Wed, 16 Nov 2022 13:10:32 GMT
content-length: 0
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18704
Expires: Wed, 16 Nov 2022 18:22:17 GMT
Date: Wed, 16 Nov 2022 13:10:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18704
Expires: Wed, 16 Nov 2022 18:22:17 GMT
Date: Wed, 16 Nov 2022 13:10:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18704
Expires: Wed, 16 Nov 2022 18:22:17 GMT
Date: Wed, 16 Nov 2022 13:10:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18704
Expires: Wed, 16 Nov 2022 18:22:17 GMT
Date: Wed, 16 Nov 2022 13:10:33 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc50c38bf-fe3d-4eec-be11-1e782b0f0bbc.jpeg

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc50c38bf-fe3d-4eec-be11-1e782b0f0bbc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6629 bytes)
Hash
edd6a84f848a83f4d1990f92b4807def
bc2bb7815b062941d51fde65574851db55be37dc
4d015538adfa6c61a5dfca3cbb224ae91ccbe1d82212e997e22f895a77387bed

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc50c38bf-fe3d-4eec-be11-1e782b0f0bbc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6629
x-amzn-requestid: ff03ae40-8d00-41ec-875f-b49b1b86151c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqY6CG9IoAMF8rA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63740840-7fdaa40f3ca9246045270665;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:44:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4i9jW2AQ8PhWl9i01KDda11PoSD1csf_Gs7nwME9o2Oxft0UldI6vQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:47:49 GMT
age: 55364
etag: "bc2bb7815b062941d51fde65574851db55be37dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F520b9f3d-222d-4840-bd88-673cedf9b5fc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4919 bytes)
Hash
a698bf97cc6c0c464ed1a2b2adb1c1d3
a3977e8cde4b6ad7ef2e75a477e71b7bbbec21f0
64d52d8983b2bf30b9b1f260b8d6534664024b8dfda0da273307ee510ed33aad

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F520b9f3d-222d-4840-bd88-673cedf9b5fc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4919
x-amzn-requestid: aae0d2da-e891-40a6-bd83-8942fc3ef0c0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYFFEnxoAMFdCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406ed-6ff1cc593aa1c934659030db;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PhUSR2Y2GRZkB5UTrMma8vnIddc44pLJ2Sppk63xQyMC2imKLn-R4A==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:47:46 GMT
age: 55367
etag: "a3977e8cde4b6ad7ef2e75a477e71b7bbbec21f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11316 bytes)
Hash
848af62ec10d0c297922f8600b6ad12d
4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d
a3b4eb6768259876819d7e6c7ac9e21c603d54f60bf70ed077cb820711e2ae74

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11316
x-amzn-requestid: 8456b25a-b87f-490d-86b3-fb217afea082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniESaIAMF3Qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-30ed3b0972418bae4700edc8;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CqIZqrKKIWszHFwass9Cd-GNxQ5Q9z3_2haPPGprjVDal71MQDurqw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 22:15:24 GMT
age: 53709
etag: "4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e399ef-c649-4728-84e9-6fea03ea9b5a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9625 bytes)
Hash
ae0ab55e0e77a4265808a6689f25cbc3
187e6b340b43eb1aa0c724b749db7c20a486706a
3881e5ad44b9b2fae82510794af43d14e304ce624f26f66523f85d58fea063dc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e399ef-c649-4728-84e9-6fea03ea9b5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9625
x-amzn-requestid: 9bd72b4a-2ac0-423f-b0e2-73fd51e02e97
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYEBHTjIAMFvOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406e6-57f5412d5eca6d640a0f590d;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: UavYBt2WjF4WCRJGtM2zS-dZinNLgs_0HuyORwaVCSlj-32Qd6sNTQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 22:09:56 GMT
age: 54037
etag: "187e6b340b43eb1aa0c724b749db7c20a486706a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ids.ad.gt/api/v1/ppnt_match?uid=Zm0y3purUJxz&ev=1&pid=562316&id=AU1D-0100-001668604231-98DRPA5P-3JLB

44.224.40.30

200 OK

9.0 kB

URL HTTP/2
ids.ad.gt/api/v1/ppnt_match?uid=Zm0y3purUJxz&ev=1&pid=562316&id=AU1D-0100-001668604231-98DRPA5P-3JLB
IP
44.224.40.30:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
9.0 kB (9033 bytes)
Hash
75dce75f845c5aa5f99bd9e9d0d4a6c3
92ce84f06bf92792a37b80a197a9d1f242d9bebb
25e2a5ea13597467758f6454ad4652ac83d91d12984c3f79449c2e876f5eb7aa

HTTP Headers

GET /api/v1/ppnt_match?uid=Zm0y3purUJxz&ev=1&pid=562316&id=AU1D-0100-001668604231-98DRPA5P-3JLB HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001668604231-98DRPA5P-3JLB; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:33 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Thu, 17 Nov 2022 01:10:33 GMT
set-cookie: au_id=AU1D-0100-001668604231-98DRPA5P-3JLB; Expires=Fri, 15 Nov 2024 13:10:33 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667acc-25d7-4d63-8fab-1711f6b4988c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8235 bytes)
Hash
98802857df59f8eacd9211811cc59ae6
87e277a627c1085cad5c6e38bdd5100aa0a9ecee
102e73f690a972da6d3ab609ffab5f29884185d85c4230a19ec74d74c7320cf1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667acc-25d7-4d63-8fab-1711f6b4988c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8235
x-amzn-requestid: e8a91ec0-fa93-45b6-8dc8-a405c00242fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqY4_HANoAMFSvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63740839-3ebbd38b0e3e774923ad019e;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:44:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: _u6Uhc-g_xPTRSYys5rD3GC00roubyJdBRuHruvoMLf-UEAB6_zdQw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:46:20 GMT
age: 55453
etag: "87e277a627c1085cad5c6e38bdd5100aa0a9ecee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

a.ad.gt/api/v1/collect

100.22.4.13

204 No Content

0 B

URL HTTP/2
a.ad.gt/api/v1/collect
IP
100.22.4.13:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/v1/collect HTTP/1.1
Host: a.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Content-type: text/plain
Content-Length: 968
Origin: https://ipfs.fleek.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Wed, 16 Nov 2022 13:10:33 GMT
server: nginx/1.20.0
access-control-allow-origin: https://ipfs.fleek.co
vary: Origin
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44&rl=&if=false&ts=1668604232593&cd[partner_id]=367&cd[tagger_id]=841cb21260ed3f4f916b6b7ed9ac2d0e&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668604232592.1050942487&it=1668604232462&coo=false&tm=1&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44&rl=&if=false&ts=1668604232593&cd[partner_id]=367&cd[tagger_id]=841cb21260ed3f4f916b6b7ed9ac2d0e&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668604232592.1050942487&it=1668604232462&coo=false&tm=1&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44&rl=&if=false&ts=1668604232593&cd[partner_id]=367&cd[tagger_id]=841cb21260ed3f4f916b6b7ed9ac2d0e&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668604232592.1050942487&it=1668604232462&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Nov 2022 13:10:33 GMT
X-Firefox-Spdy: h2

ids.ad.gt/api/v1/g_match?google_error=3

44.224.40.30

200 OK

356 B

URL HTTP/2
ids.ad.gt/api/v1/g_match?google_error=3
IP
44.224.40.30:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
356 B (356 bytes)
Hash
cc7ce6d45edc11e593976675b7a1fd1f
b32d4dcf0aacc59e7923b973bb41baf7ef61e725
435d5696a580547a9b617a73f1a294c559de31fd94f40bd83e5cb2d0c2af1171

HTTP Headers

GET /api/v1/g_match?google_error=3 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001668604231-98DRPA5P-3JLB; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:33 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Thu, 17 Nov 2022 01:10:33 GMT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
97b17c78c6d6fb52647dd455fe8f220e
476c85bc36b3debf22dd5b07d9349a7f12dd7d6e
2bdccc0f42817ef947d61ccf558212e24c3e5740f7e4af29b0acd1dd8a67f1f1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1133
Cache-Control: max-age=103892
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:37 GMT
Etag: "6373cfb4-139"
Expires: Thu, 17 Nov 2022 18:02:09 GMT
Last-Modified: Tue, 15 Nov 2022 17:43:16 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313

dnacdn.net/dna

178.250.0.157

200 OK

0 B

URL HTTP/2
dnacdn.net/dna
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:37 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=tLklil80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3lFeVZGSlZjaEsyQW1XSTdnQ3hKOWdyQVVwS2s4WUNwd3hKRkhEaGFrRzY; expires=Mon, 11 Dec 2023 13:10:37 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 302746
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
242c70f7156a35008b468bc53223656c
5bb7a82134f6da679ada7ade414ed3dd7d1e613c
f4160ff727a9717accc785cfd4e71a2f4b5b72a32a0d3e53dc02a97ffb30e2e7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2754
Cache-Control: max-age=164176
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:37 GMT
Etag: "6374b4db-138"
Expires: Fri, 18 Nov 2022 10:46:53 GMT
Last-Modified: Wed, 16 Nov 2022 10:00:59 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 312

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
242c70f7156a35008b468bc53223656c
5bb7a82134f6da679ada7ade414ed3dd7d1e613c
f4160ff727a9717accc785cfd4e71a2f4b5b72a32a0d3e53dc02a97ffb30e2e7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2632
Cache-Control: max-age=164054
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:37 GMT
Etag: "6374b4db-138"
Expires: Fri, 18 Nov 2022 10:44:51 GMT
Last-Modified: Wed, 16 Nov 2022 10:00:59 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 312

bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001668604231-98DRPA5P-3JLB

198.148.27.140

302 Found

0 B

URL HTTP/2
bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001668604231-98DRPA5P-3JLB
IP
198.148.27.140:0
ASN
#19189 PULSEPOINT

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001668604231-98DRPA5P-3JLB HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-7bd458bbdd-mfnj7
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://ids.ad.gt/api/v1/ppnt_match?uid=Zm0y3purUJxz&ev=1&pid=562316&id=AU1D-0100-001668604231-98DRPA5P-3JLB
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: V=Zm0y3purUJxz;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sat, 11-Nov-2023 13:10:33 GMT;Max-Age=31104000;SameSite=None
INGRESSCOOKIE=bbfd2a1ff1592261; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2

gum.criteo.com/syncframe?topUrl=ipfs.fleek.co&origin=onetag

178.250.0.157

200 OK

0 B

URL HTTP/2
gum.criteo.com/syncframe?topUrl=ipfs.fleek.co&origin=onetag
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /syncframe?topUrl=ipfs.fleek.co&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:37 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=d473529d-9702-40c5-a3ed-79dc2c727d9c; expires=Mon, 11 Dec 2023 13:10:37 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 789350
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

prod-cdn.wetransfer.net/packs/css/application-a370aeb8.chunk.css

52.84.93.109

200 OK

0 B

URL HTTP/2
prod-cdn.wetransfer.net/packs/css/application-a370aeb8.chunk.css
IP
52.84.93.109:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /packs/css/application-a370aeb8.chunk.css HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
date: Wed, 16 Nov 2022 02:36:43 GMT
last-modified: Tue, 28 Jun 2022 12:26:02 GMT
etag: W/"0cac266ca337660fdbafc69249a04f53"
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a01be576a23f228f9f3e5ff71c09d934.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: T343TtRZ_iYkX7dZ2kcx-6R6vy8diXJg24x1Z1Q8spQDZP78PUTfww==
age: 38029
X-Firefox-Spdy: h2

prod-cdn.wetransfer.net/packs/esm/vendor-9aab5e914623660cfc9f.es6.js

52.84.93.109

200 OK

0 B

URL HTTP/2
prod-cdn.wetransfer.net/packs/esm/vendor-9aab5e914623660cfc9f.es6.js
IP
52.84.93.109:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /packs/esm/vendor-9aab5e914623660cfc9f.es6.js HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 16 Nov 2022 02:36:43 GMT
last-modified: Mon, 27 Jun 2022 09:51:07 GMT
etag: W/"f10c8755323d7e0e4d8e65fd27acb665"
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a01be576a23f228f9f3e5ff71c09d934.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: cL9BVLns8oMSdNxb_1ZSvzvp6CfebYXUzFH8wUb-mhkz7UX7p4xWtQ==
age: 38029
X-Firefox-Spdy: h2

ids.ad.gt/api/v1/g_match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&google_error=3

44.224.40.30

200 OK

0 B

URL HTTP/2
ids.ad.gt/api/v1/g_match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&google_error=3
IP
44.224.40.30:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/v1/g_match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&google_error=3 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001668604231-98DRPA5P-3JLB; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:33 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Thu, 17 Nov 2022 01:10:33 GMT
X-Firefox-Spdy: h2

ids.ad.gt/api/v1/mediamath_match?user_id=f62f6374-e149-4000-952b-014602b2ec4c&id=AU1D-0100-001668604231-98DRPA5P-3JLB

44.224.40.30

200 OK

0 B

URL HTTP/2
ids.ad.gt/api/v1/mediamath_match?user_id=f62f6374-e149-4000-952b-014602b2ec4c&id=AU1D-0100-001668604231-98DRPA5P-3JLB
IP
44.224.40.30:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/v1/mediamath_match?user_id=f62f6374-e149-4000-952b-014602b2ec4c&id=AU1D-0100-001668604231-98DRPA5P-3JLB HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001668604231-98DRPA5P-3JLB; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:33 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Thu, 17 Nov 2022 01:10:33 GMT
set-cookie: au_id=AU1D-0100-001668604231-98DRPA5P-3JLB; Expires=Fri, 15 Nov 2024 13:10:33 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2

connect.facebook.net/signals/plugins/identity.js?v=2.9.62

31.13.72.12

200 OK

0 B

URL HTTP/2
connect.facebook.net/signals/plugins/identity.js?v=2.9.62
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /signals/plugins/identity.js?v=2.9.62 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: NDslx36QepnNaEj7yNFo+KzsBMvxcFs/Aju53Fz+SJV8mqG7gMIgwHinQVW4cEW2ZRypWPQ6t4vXe0fxMiNN2Q==
priority: u=3,i
x-fb-trip-id: 1904183273
date: Wed, 16 Nov 2022 13:10:33 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

gem.gbc.criteo.com/newidsd

178.250.6.128

200 OK

0 B

URL HTTP/2
gem.gbc.criteo.com/newidsd
IP
178.250.6.128:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:37 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 81368
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

ag.gbc.criteo.com/newidsd

185.235.84.3

200 OK

0 B

URL HTTP/2
ag.gbc.criteo.com/newidsd
IP
185.235.84.3:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:36 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 115477
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

p.ad.gt/api/v1/p/367

104.22.5.69

200 OK

0 B

URL HTTP/2
p.ad.gt/api/v1/p/367
IP
104.22.5.69:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/v1/p/367 HTTP/1.1
Host: p.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:32 GMT
content-type: application/javascript
last-modified: Mon, 14 Nov 2022 19:18:32 GMT
cache-control: public, max-age=43200
expires: Thu, 17 Nov 2022 01:10:32 GMT
etag: W/"1668453512.0-40653-3373272138"
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 76b077a35cef1c16-OSL
X-Firefox-Spdy: h2

prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff

52.84.93.109

200 OK

0 B

URL HTTP/2
prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff
IP
52.84.93.109:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ipfs.fleek.co
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: font/woff
content-length: 32124
date: Wed, 16 Nov 2022 13:10:32 GMT
last-modified: Wed, 16 Nov 2022 12:20:27 GMT
etag: "868aedeefe7669e8a4f7196f7df5d058"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 5bcd3262b0e3ca0689291e9cc9f312e6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: -E4sMgnhYQcsv0m8KOkYaedUoqqUYgUSgG_lICCK20FapAvor5QUcQ==
X-Firefox-Spdy: h2

cdn.brandmetrics.com/tag/a79d0565d5244a0f813e40f2c4832d09/wetransfer.js

104.26.7.155

200 OK

0 B

URL HTTP/2
cdn.brandmetrics.com/tag/a79d0565d5244a0f813e40f2c4832d09/wetransfer.js
IP
104.26.7.155:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tag/a79d0565d5244a0f813e40f2c4832d09/wetransfer.js HTTP/1.1
Host: cdn.brandmetrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:31 GMT
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-bgj: minify
cf-polished: origSize=4735
cf-cache-status: HIT
age: 1537
last-modified: Wed, 16 Nov 2022 12:44:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L4jCIgHxVvE6770j0%2BM5QR9sh344RC1AtmbuAP4wjbceAY%2BmihgJOdYPHpRxT%2BPw593v66%2Bq%2FHoJ3vV%2BjZdEZRPJ7dPkZy3i58FXtZxXl2TfMQWBwu1yc6BX7fcqb14mpw7JZ5YN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76b0779fed3db511-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.criteo.net/js/ld/ld.js

178.250.2.130

200 OK

0 B

URL HTTP/2
static.criteo.net/js/ld/ld.js
IP
178.250.2.130:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/ld/ld.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 13:10:32 GMT
content-type: text/javascript
last-modified: Tue, 08 Nov 2022 15:05:46 GMT
etag: W/"636a704a-a8d9"
expires: Thu, 17 Nov 2022 13:10:32 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26unruly_id%3D%5BRX_UUID%5D&cb=1668604232978

213.19.147.45

302 Found

0 B

URL HTTP/2
sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26unruly_id%3D%5BRX_UUID%5D&cb=1668604232978
IP
213.19.147.45:0
ASN
#26120 RHYTHMONE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26unruly_id%3D%5BRX_UUID%5D&cb=1668604232978 HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
date: Wed, 16 Nov 2022 13:10:33 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001668604231-98DRPA5P-3JLB&unruly_id=OPTOUT
etag: OPTOUT
X-Firefox-Spdy: h2

dnacdn.net/dna

178.250.0.157

200 OK

0 B

URL HTTP/2
dnacdn.net/dna
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=tLklil80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3lFeVZGSlZjaEsyQW1XSTdnQ3hKOWdyQVVwS2s4WUNwd3hKRkhEaGFrRzY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:37 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=OTM6mV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3lFeVZGSlZjaEsyQW1XSTdnQ3hKOWlhZnRLV2pzYm1oUDdyUTlQUkdYMXE; expires=Mon, 11 Dec 2023 13:10:37 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 396521
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

ipfs.fleek.co/ipfs/bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44

104.17.64.14

200 OK

0 B

URL HTTP/2
ipfs.fleek.co/ipfs/bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44
IP
104.17.64.14:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	WeTransfer
fortinet	Phishing

HTTP Headers

GET /ipfs/bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44 HTTP/1.1
Host: ipfs.fleek.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __utma=155905004.1468018235.1653591318.1653591318.1653591318.1; __utmz=155905004.1653591318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); intercom-id-k1pm16x3=4dd3663d-9110-458c-8b62-23c955bfa0e0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:31 GMT
content-type: text/html
cf-ray: 76b0779caf5fb4ee-OSL
access-control-allow-origin: *
age: 71339
cache-control: max-age=86400
etag: W/"bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44"
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: hit
x-ipfs-path: /ipfs/bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44
x-ipfs-root: bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44
x-ipfs-roots: bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44
set-cookie: __cf_bm=5v8Ggm6mcwFu_chy4gdBbMopg6mEFb4IuatUK3lr.CA-1668604231-0-AQ8/GWJBNJOhSQezPmgvTaUPYrm8uZ35tjaDfRJXEmV3TdMvM4dCqH5NdXYG8CAlX/74B3G0KOj4OEw5575bwD0=; path=/; expires=Wed, 16-Nov-22 13:40:31 GMT; domain=.ipfs.fleek.co; HttpOnly; Secure; SameSite=None
cloudflare-web3-deprecation: This hostname will be deprecated on January 15th, 2023. If you are the site administrator, please refer to https://developers.cloudflare.com/web3/reference/migration-guide
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

ids.ad.gt/api/v1/match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&adnxs_id=0&gdpr=0

44.224.40.30

202 Accepted

0 B

URL HTTP/2
ids.ad.gt/api/v1/match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&adnxs_id=0&gdpr=0
IP
44.224.40.30:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/v1/match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&adnxs_id=0&gdpr=0 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001668604231-98DRPA5P-3JLB; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 202 Accepted
date: Wed, 16 Nov 2022 13:10:33 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Thu, 17 Nov 2022 01:10:33 GMT
set-cookie: au_id=AU1D-0100-001668604231-98DRPA5P-3JLB; Expires=Fri, 15 Nov 2024 13:10:33 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

104.18.11.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Origin: https://ipfs.fleek.co
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:31 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 03/10/2022 17:24:53
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 860
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 9112cdfe1e798677d8162c8f3d8d3a77
cdn-cache: HIT
cf-cache-status: HIT
age: 1435586
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76b0779faa970b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001668604231-98DRPA5P-3JLB

185.64.189.110

302 Found

0 B

URL HTTP/2
image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001668604231-98DRPA5P-3JLB
IP
185.64.189.110:0
ASN
#62713 AS-PUBMATIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001668604231-98DRPA5P-3JLB HTTP/1.1
Host: image2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Wed, 16 Nov 2022 13:10:31 GMT
set-cookie: KTPCACOOKIE=true; domain=pubmatic.com; secure; expires=Tue, 14-Feb-2023 13:10:31 GMT; path=/
location: https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001668604231-98DRPA5P-3JLB
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2

analytics.tiktok.com/i18n/pixel/events.js?sdkid=C81T07NV9S6QTNQPBO0G&lib=ttq

23.36.79.32

200 OK

0 B

URL HTTP/2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=C81T07NV9S6QTNQPBO0G&lib=ttq
IP
23.36.79.32:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /i18n/pixel/events.js?sdkid=C81T07NV9S6QTNQPBO0G&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20221116131031FC0F772BE8603FE27A68
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465b72c4d373bd80b9622d285172aefcc386973a140c16eb90ce5d77ed5beec48d533214a54c1559d9b565a992e9fe291ddc
content-encoding: gzip
expires: Wed, 16 Nov 2022 13:10:31 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 16 Nov 2022 13:10:31 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=107
x-origin-response-time: 107,23.36.79.28
x-akamai-request-id: 8002dd4
X-Firefox-Spdy: h2

ids.ad.gt/api/v1/unruly?id=AU1D-0100-001668604231-98DRPA5P-3JLB&unruly_id=OPTOUT

44.224.40.30

202 Accepted

0 B

URL HTTP/2
ids.ad.gt/api/v1/unruly?id=AU1D-0100-001668604231-98DRPA5P-3JLB&unruly_id=OPTOUT
IP
44.224.40.30:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/v1/unruly?id=AU1D-0100-001668604231-98DRPA5P-3JLB&unruly_id=OPTOUT HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001668604231-98DRPA5P-3JLB; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 202 Accepted
date: Wed, 16 Nov 2022 13:10:33 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Thu, 17 Nov 2022 01:10:33 GMT
set-cookie: au_id=AU1D-0100-001668604231-98DRPA5P-3JLB; Expires=Fri, 15 Nov 2024 13:10:33 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2

prod-cdn.wetransfer.net/packs/esm/runtime~application-4a7dc9dbc7889b72739b.es6.js

52.84.93.109

200 OK

0 B

URL HTTP/2
prod-cdn.wetransfer.net/packs/esm/runtime~application-4a7dc9dbc7889b72739b.es6.js
IP
52.84.93.109:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /packs/esm/runtime~application-4a7dc9dbc7889b72739b.es6.js HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 16 Nov 2022 02:36:44 GMT
last-modified: Thu, 23 Jun 2022 12:51:04 GMT
etag: W/"8d373cd7fdf9ee87968bebe558d05365"
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a01be576a23f228f9f3e5ff71c09d934.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: gCK__-jUlz5y5Lgh9WdXLElWaGYyvgOCV5-WeqgHR2hPzZ4NXJujrw==
age: 38028
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

104.18.10.207

200 OK

0 B

URL HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:31 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 11/15/2021 23:30:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: a35b0179a28ed953258d0fb41376a09c
cdn-cache: HIT
cf-cache-status: HIT
age: 11648079
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76b0779fe9e1b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

nolan.wetransfer.net/apps/wallpaper/0.9.0/main.449ac4713c593dca.esm.js

108.138.217.46

403 Forbidden

0 B

URL HTTP/2
nolan.wetransfer.net/apps/wallpaper/0.9.0/main.449ac4713c593dca.esm.js
IP
108.138.217.46:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /apps/wallpaper/0.9.0/main.449ac4713c593dca.esm.js HTTP/1.1
Host: nolan.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
content-type: application/xml
date: Wed, 16 Nov 2022 13:10:31 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 569d1c431d473cc631a7da026d9efbf2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P3
x-amz-cf-id: R3KggxoC6joFyITlC5fsNgLnGiQgEblNdhSqag5VKe-kVatAhRsAVg==
X-Firefox-Spdy: h2

ids.ad.gt/api/v1/son_match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&uid=823a2d5e-d27b-4c79-9c9c-40d478af9804&gdpr=0

44.224.40.30

200 OK

0 B

URL HTTP/2
ids.ad.gt/api/v1/son_match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&uid=823a2d5e-d27b-4c79-9c9c-40d478af9804&gdpr=0
IP
44.224.40.30:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/v1/son_match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&uid=823a2d5e-d27b-4c79-9c9c-40d478af9804&gdpr=0 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001668604231-98DRPA5P-3JLB; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:33 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Thu, 17 Nov 2022 01:10:33 GMT
set-cookie: au_id=AU1D-0100-001668604231-98DRPA5P-3JLB; Expires=Fri, 15 Nov 2024 13:10:33 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2

prod-cdn.wetransfer.net/packs/esm/application-2f0386ee23e6ae4bb05d.es6.js

52.84.93.109

200 OK

0 B

URL HTTP/2
prod-cdn.wetransfer.net/packs/esm/application-2f0386ee23e6ae4bb05d.es6.js
IP
52.84.93.109:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /packs/esm/application-2f0386ee23e6ae4bb05d.es6.js HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 16 Nov 2022 13:10:32 GMT
last-modified: Mon, 27 Jun 2022 09:51:06 GMT
etag: W/"229c5ddc2c3a2710d9292e35db8963c9"
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a01be576a23f228f9f3e5ff71c09d934.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: RMFSKFLyWgJYcJJka7hwjYPBk4fYY8WvEepbQBY8R7OMbTvi-zw7kg==
X-Firefox-Spdy: h2

nolan.wetransfer.net/apps/wallpaper/0.9.0/main.449ac4713c593dca.esm.js

108.138.217.46

403 Forbidden

0 B

URL HTTP/2
nolan.wetransfer.net/apps/wallpaper/0.9.0/main.449ac4713c593dca.esm.js
IP
108.138.217.46:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /apps/wallpaper/0.9.0/main.449ac4713c593dca.esm.js HTTP/1.1
Host: nolan.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-type: application/xml
date: Wed, 16 Nov 2022 13:10:31 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 569d1c431d473cc631a7da026d9efbf2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P3
x-amz-cf-id: qwMwmMaS3Lo-oC_IkrSiDl-Rz6QN9RlxmjWGjw7Y8GZLCLeci2wPGA==
X-Firefox-Spdy: h2

sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26unruly_id%3D%5BRX_UUID%5D

213.19.147.45

302 Found

0 B

URL HTTP/2
sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26unruly_id%3D%5BRX_UUID%5D
IP
213.19.147.45:0
ASN
#26120 RHYTHMONE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26unruly_id%3D%5BRX_UUID%5D HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Wed, 16 Nov 2022 13:10:32 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-a0ead07a-9c52-4c3d-a5c3-eafd24e80c79-003%22%7D; path=/; expires=Thu, 16 Nov 2023 13:10:32 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26unruly_id%3D%5BRX_UUID%5D&cb=1668604232978
etag: RXa0ead07a9c524c3da5c3eafd24e80c79003
X-Firefox-Spdy: h2

connect.facebook.net/signals/config/1904796869803472?v=2.9.62&r=stable

31.13.72.12

200 OK

0 B

URL HTTP/2
connect.facebook.net/signals/config/1904796869803472?v=2.9.62&r=stable
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /signals/config/1904796869803472?v=2.9.62&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: lw4G9t9KeIg5qHIF6PT7HvJErwKsODYddgOg4k+teHWMGFtzgshJMSYagQdoix8HTh9MfYg/xGZpldSGsT5vCg==
x-fb-trip-id: 1904183273
date: Wed, 16 Nov 2022 13:10:33 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001668604231-98DRPA5P-3JLB

185.64.189.110

200 OK

0 B

URL HTTP/2
image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001668604231-98DRPA5P-3JLB
IP
185.64.189.110:0
ASN
#62713 AS-PUBMATIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001668604231-98DRPA5P-3JLB HTTP/1.1
Host: image2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 13:10:32 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2

connect.facebook.net/signals/config/1853083501571805?v=2.9.62&r=stable

31.13.72.12

200 OK

0 B

URL HTTP/2
connect.facebook.net/signals/config/1853083501571805?v=2.9.62&r=stable
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /signals/config/1853083501571805?v=2.9.62&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: fNLThdtVWDRB+0sri/nzeMuN2TYW5XxxzpeDJxmd18jEswcT525F77wrO6TbmZka5q9d2EwIm5+sh1jLtStv8g==
priority: u=3,i
x-fb-trip-id: 1904183273
date: Wed, 16 Nov 2022 13:10:33 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (38)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations