r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 7786cd9bd97e024b3a1d16215defaad2
786ddbb74b0b6bd9270622dbe0258d6caee407c1
9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5235
Expires: Wed, 16 Nov 2022 14:37:46 GMT
Date: Wed, 16 Nov 2022 13:10:31 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c1a0e2d222d80206dfade230161226e0
7da70d982a1b9b9436c30f13f6a0c824fc2cfc6c
acdd376ffc2f60d7c4cef5ecd4f13cb4dd65e8244afe1a2f88d0138391494cbd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 633
Cache-Control: max-age=171432
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:31 GMT
Etag: "6374d976-117"
Expires: Fri, 18 Nov 2022 12:47:43 GMT
Last-Modified: Wed, 16 Nov 2022 12:37:10 GMT
Server: ECS (amb/6BB7)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 50ca72d658559083a1418dcc95529e90
bc614dae6a9611e5cbe5b2dfc94767ae88c7ccba
0a6b6bc390d0171bcab991021615ac35496a5999157b94c78f7d7112254daf9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0A6B6BC390D0171BCAB991021615AC35496A5999157B94C78F7D7112254DAF9B"
Last-Modified: Wed, 16 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4406
Expires: Wed, 16 Nov 2022 14:23:57 GMT
Date: Wed, 16 Nov 2022 13:10:31 GMT
Connection: keep-alive
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 39 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 6fd699af416cc608a8ec016cad2b6443
61ac70b58e85ec4715624581c39c88e72cc03f40
c914cb9ffd7ca3bca25831dd4cbb8134f439b670165cc64506367b98d1102f04
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: Yv9cEJi5HpTsqdM-S4pBYKW3Yx1ZNjouwaFJjYyZN8n2ccTI0f_UYw==
content-encoding: gzip
via: 1.1 7f06047c304d80ea094816a27c933914.cloudfront.net (CloudFront), 1.1 google
date: Wed, 16 Nov 2022 12:58:05 GMT
age: 746
content-type: application/json
content-length: 38615
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash c88bc06741ab9fb81c2544acfcc34aa2
362cab19cff5aba27f472cc00071d5dfa38192e4
314ba27975f458e13917b2be91c9d5989a3e57c9e94b5a84dd52d0e21d27ae7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "314BA27975F458E13917B2BE91C9D5989A3E57C9E94B5A84DD52D0E21D27AE7F"
Last-Modified: Mon, 14 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3735
Expires: Wed, 16 Nov 2022 14:12:46 GMT
Date: Wed, 16 Nov 2022 13:10:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: dkbeDKF1JVyFDXKjPPyE0Mndez40OZa9IuYjXdiXBwdvE+jLgAiqcmT1OH9wGNwnzPcodtfAJ3k=
x-amz-request-id: 6VF24B48CSSPVCXA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 16 Nov 2022 12:14:41 GMT
age: 3350
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9b4e6c72233070ef185ff980135e9555
2f14523a3f6f9532df3b872984fd23e156d2c465
5040e340e60b331b1569d52d66afcd5649a4121e2841d38cca0974e2a4c0af75
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1778
Cache-Control: max-age=165024
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:31 GMT
Etag: "6374bbf5-1d7"
Expires: Fri, 18 Nov 2022 11:00:55 GMT
Last-Modified: Wed, 16 Nov 2022 10:31:17 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 16 Nov 2022 12:44:33 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1558
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 13:10:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
104.17.24.14200 OK 6.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (19015)
Hash 7b4114faa411d059a9a5ac4b5b4d9dee
277da4486916fa3a4ab3375f47bc98f58dbf90f6
60b3528de2f7d48cbb335d19dddef756aaacc70f73d4254a2ef17978a14ca0d9
GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Origin: https://ipfs.fleek.co
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 416774
expires: Mon, 06 Nov 2023 13:10:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mp%2BsIr5Uq8UP%2FTZY3rxMBAda%2BOhgYStKysuoZ4vAEUz4IdfZyeHT0aqAIkYC5ZJxoaDrBawuKu8uKctf8r5lBPIkkAHdmf7Sgh%2BFZAR2pNk0m%2FXvULxknc4Kp1P8svmXU2jWcbxz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76b0779f4a3bb50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.2.1.slim.min.js
69.16.175.42200 OK 24 kB URL HTTP/2 code.jquery.com/jquery-3.2.1.slim.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (32012)
Hash 30f5157a965bc792a83e9bacfe265f03
8330886371fe27f3cbac509e0ac9712207574c66
4d12cab1f84ec2ac780bc8e0d865d9c61025be579c78d6532d76f0574d17fca0
GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Origin: https://ipfs.fleek.co
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:31 GMT
content-encoding: gzip
content-length: 23856
content-type: application/javascript; charset=utf-8
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-10fdd"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1668604231.dop211.sk1.t,1668604231.cds252.sk1.hn,1668604231.cds235.sk1.c
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e95283042b9c823ed624a6a815302a78
f41d0710bbb563ec5f5082b4bb5c3e65cfe0df14
4004cc298d5f8dee97a604e29896bd22efc88b44abf52049acc945ab37c549b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3163
Cache-Control: max-age=153819
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:31 GMT
Etag: "63748ac7-117"
Expires: Fri, 18 Nov 2022 07:54:10 GMT
Last-Modified: Wed, 16 Nov 2022 07:01:27 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4e9f4afeaf2dac3f6dd5be7660121621
2480acef2865ac01e2310b05721c59b0bce84ffa
50eb36a97600d8b498e5aa79ae55e84ea09bbfa0e07309bdade124d372a73b94
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2693
Cache-Control: max-age=101095
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:31 GMT
Etag: "6373bea9-117"
Expires: Thu, 17 Nov 2022 17:15:26 GMT
Last-Modified: Tue, 15 Nov 2022 16:30:33 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
www.redditstatic.com/ads/pixel.js
151.101.85.140200 OK 7.7 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP 151.101.85.140:0
File type ASCII text, with very long lines (25224)
Hash 3528fd00b652f61a266eb584d96f4fcc
d89e16aa1323c6c4f1ed3941122020684a599361
77efa9f2ddfdca7a45df37bbcd22fdaeb7b97161a2acd87e21eb78bdeaad1332
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 07 Nov 2022 16:45:46 GMT
etag: "3528fd00b652f61a266eb584d96f4fcc"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 16 Nov 2022 13:10:31 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e95283042b9c823ed624a6a815302a78
f41d0710bbb563ec5f5082b4bb5c3e65cfe0df14
4004cc298d5f8dee97a604e29896bd22efc88b44abf52049acc945ab37c549b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3163
Cache-Control: max-age=153819
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:31 GMT
Etag: "63748ac7-117"
Expires: Fri, 18 Nov 2022 07:54:10 GMT
Last-Modified: Wed, 16 Nov 2022 07:01:27 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff
52.84.93.109200 OK 31 kB URL HTTP/2 prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff
IP 52.84.93.109:0
File type Web Open Font Format, TrueType, length 31120, version 1.6554\012- data
Hash 57cbbfdafc43e0deecc75a309dd042c6
b9cc2ff331b8520706de175f5b3fdba6731a9bfc
a9117f16bdaa64c953b303bef951dfca6316ef59f1b7ca72d5b946b1d815f6a6
GET /packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ipfs.fleek.co
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: font/woff
content-length: 31120
date: Wed, 16 Nov 2022 13:10:32 GMT
last-modified: Wed, 16 Nov 2022 12:20:27 GMT
etag: "57cbbfdafc43e0deecc75a309dd042c6"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 5bcd3262b0e3ca0689291e9cc9f312e6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: MCNFPmMNthYO9qOTg6uNv_9kjPh9E9hYbsyw9gCI8dalPjU3K9ZkDQ==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53317aec9cafbd68ce439e1bdd7d4252
6827fa0a399c5be70f05aaeb5b44cc8071026f65
04a81d99b7b214fbd8a19882d71daedc13b5cd8fca333e6d075a017b2521a555
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8f69270501ab9db87293d702ce920198
56fff336cbae9601613470a96b470f677ca63fdb
00159fa0d3a7a8d9bd203a80c02dcd295e04ad152f4f05230222a9d71c1773b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e95283042b9c823ed624a6a815302a78
f41d0710bbb563ec5f5082b4bb5c3e65cfe0df14
4004cc298d5f8dee97a604e29896bd22efc88b44abf52049acc945ab37c549b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3163
Cache-Control: max-age=153819
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:31 GMT
Etag: "63748ac7-117"
Expires: Fri, 18 Nov 2022 07:54:10 GMT
Last-Modified: Wed, 16 Nov 2022 07:01:27 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
prod-cdn.wetransfer.net/packs/esm/71-2ff63878306f2c4473fc.es6.js
52.84.93.109200 OK 397 B URL HTTP/2 prod-cdn.wetransfer.net/packs/esm/71-2ff63878306f2c4473fc.es6.js
IP 52.84.93.109:0
File type ASCII text, with very long lines (397), with no line terminators
Hash 0ad4fcc2f503e98d836d3866925ebfa1
338854449bdbdc95f0f87cc10661d9164c27e75b
98a31fa8bc6612b753bf15b4c6fd22259186c158fd156c29724e4f90b3bc3dc8
GET /packs/esm/71-2ff63878306f2c4473fc.es6.js HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 397
date: Wed, 16 Nov 2022 02:36:44 GMT
last-modified: Mon, 27 Jun 2022 09:51:06 GMT
etag: "0ad4fcc2f503e98d836d3866925ebfa1"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a01be576a23f228f9f3e5ff71c09d934.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: DUmlj0Cg9SIRJL5q29m4XhTVQvQi_9McBmH07Fs3AMm_yrvb-BR9yw==
age: 38028
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e95283042b9c823ed624a6a815302a78
f41d0710bbb563ec5f5082b4bb5c3e65cfe0df14
4004cc298d5f8dee97a604e29896bd22efc88b44abf52049acc945ab37c549b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3163
Cache-Control: max-age=153819
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:31 GMT
Etag: "63748ac7-117"
Expires: Fri, 18 Nov 2022 07:54:10 GMT
Last-Modified: Wed, 16 Nov 2022 07:01:27 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
142.250.74.74200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (32065)
Hash 6d973c8b7e2439d958e09c0a1ab9fe50
05ae0830200c20b9a2dfd5a825adc400481a60fb
f3c122dc227e829ed96b2a754296809201bd78abbad7ba50ef5079654e1cc894
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Nov 2022 14:18:58 GMT
expires: Wed, 15 Nov 2023 14:18:58 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 82293
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
collector.brandmetrics.com/c.js?siteid=7f2d78d4-f913-42d1-8d60-7c59cb6b6daf&toploc=wetransfer.com&rnd=259291
20.50.2.28200 OK 0 B URL HTTP/2 collector.brandmetrics.com/c.js?siteid=7f2d78d4-f913-42d1-8d60-7c59cb6b6daf&toploc=wetransfer.com&rnd=259291
IP 20.50.2.28:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.js?siteid=7f2d78d4-f913-42d1-8d60-7c59cb6b6daf&toploc=wetransfer.com&rnd=259291 HTTP/1.1
Host: collector.brandmetrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=utf-8
date: Wed, 16 Nov 2022 13:10:30 GMT
content-length: 0
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/778938880/?random=1656083256772&cv=9&fst=1656083256772&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2>m=2wg6m0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.2200 OK 986 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/778938880/?random=1656083256772&cv=9&fst=1656083256772&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2>m=2wg6m0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.2:0
File type ASCII text, with very long lines (2377), with no line terminators
Hash a521d6b0b5ee82f3f637a3abdf35985e
dc5ccceac602b367a78642a3b73b97f518260c91
51843df23f12256f42575ec05ea496a3dc28cb4b8fc904226f281d73687501cc
GET /pagead/viewthroughconversion/778938880/?random=1656083256772&cv=9&fst=1656083256772&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2>m=2wg6m0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 13:10:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 986
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 16-Nov-2022 13:25:31 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash abdbaa56ac358c53c5dc3723c7671381
48c0e50792e786d83b35f0a36efb55f4c94c694d
6e9cb55f14b8219b7495ed4cd17bae3f0ca6127735ed01d3c1979601ffeb7b1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
analytics.tiktok.com/i18n/pixel/config.js?sdkid=C81T07NV9S6QTNQPBO0G&hostname=wetransfer.com
23.36.79.32200 OK 358 B URL HTTP/2 analytics.tiktok.com/i18n/pixel/config.js?sdkid=C81T07NV9S6QTNQPBO0G&hostname=wetransfer.com
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (308)
Hash 95a2ac27141ffd1d5df2919a521c22db
b8ebd9c76f8e0a6310b1df4051b6b772fe664ef0
6a945838225f8a5443ac4b2d4ec8193771abe424fd1b014ef4a4e21614b5608b
GET /i18n/pixel/config.js?sdkid=C81T07NV9S6QTNQPBO0G&hostname=wetransfer.com HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202211161310316C1CA9B93CD110E90D73
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465b37c68b021be14b3fb4371b9a5b962a466b738281d0052501ea7ec675539fd05e68a8cdc0a902f6f2b553eb6e4b0e556a
content-encoding: gzip
expires: Wed, 16 Nov 2022 13:10:31 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 16 Nov 2022 13:10:31 GMT
content-length: 358
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
set-cookie: _ttp=2Hd9jxqlMqYQHcK02az6ZXBGf9w; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=1, origin; dur=111
x-origin-response-time: 112,23.36.79.28
x-akamai-request-id: 8002dec
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53317aec9cafbd68ce439e1bdd7d4252
6827fa0a399c5be70f05aaeb5b44cc8071026f65
04a81d99b7b214fbd8a19882d71daedc13b5cd8fca333e6d075a017b2521a555
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-K878LCS&l=dataLayer
142.250.74.168200 OK 93 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-K878LCS&l=dataLayer
IP 142.250.74.168:0
File type ASCII text, with very long lines (29001)
Hash 83527cfd296c325ace24173d6953783c
4e949030afbebe537ed52d213f0120aaa956f7b1
db5ea200d729adca9aeddab4ad97631dba4d6906f3fe8bea69da3321b23814ff
GET /gtm.js?id=GTM-K878LCS&l=dataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 16 Nov 2022 13:10:31 GMT
expires: Wed, 16 Nov 2022 13:10:31 GMT
cache-control: private, max-age=900
last-modified: Wed, 16 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93061
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash abdbaa56ac358c53c5dc3723c7671381
48c0e50792e786d83b35f0a36efb55f4c94c694d
6e9cb55f14b8219b7495ed4cd17bae3f0ca6127735ed01d3c1979601ffeb7b1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.r2m02.amazontrust.com/
143.204.72.5200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 143.204.72.5:0
Hash 5cac2a541245e39328679004eb2680e1
e16241b9f60a1b71df5ed0fcac376d8b707aca62
cc66d9106c2fa92e03a21f67660e8c7bc555d97531ce2a154fdc0cdce11c102b
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=127979
Date: Wed, 16 Nov 2022 13:10:31 GMT
Etag: "637426e4-1d7"
Expires: Fri, 18 Nov 2022 00:43:30 GMT
Last-Modified: Tue, 15 Nov 2022 23:55:16 GMT
Server: ECS (nyb/1D17)
X-Cache: Miss from cloudfront
Via: 1.1 0dd1077162fbc5ae77bb4c494a180158.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-P1
X-Amz-Cf-Id: TI69KDbB9wE2cVvbuQ5o_dq_QWOgX_g4szopSTUELDJruhmTu8-mWA==
Age: 2894
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Last-Modified, ETag, Alert, Backoff, Content-Type, Retry-After, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 16 Nov 2022 12:25:01 GMT
cache-control: public,max-age=3600
age: 2730
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
18.165.196.217200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 18.165.196.217:0
Hash 334b9981aad04ac77277ca281df90195
538e4db4c8729e02109f57240e2ac8ea199a8a0d
c6f77f70ff92ec953997fc1104aa9ec311bceb503a24d4fb5e8f6fca16031645
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=108991
Date: Wed, 16 Nov 2022 13:10:31 GMT
Etag: "6373d53f-1d7"
Expires: Thu, 17 Nov 2022 19:27:02 GMT
Last-Modified: Tue, 15 Nov 2022 18:06:55 GMT
Server: ECS (nyb/1D33)
X-Cache: Miss from cloudfront
Via: 1.1 4ae6e5888b43b4133973ba1aadad8194.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: gZTnFa__znFSyZKONX-1iNKr1ra5y95aKH0M6OG-7gmQ6nwm055MTA==
Age: 4807
analytics.tiktok.com/i18n/pixel/identify.js
23.36.79.32200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/identify.js
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
Hash a4fcf5510b2e794e3ebc23902a232e19
d176a5ab9f10ae4d27b0aa41228a017c9b7b495d
b2d5977a1d6479e616b7fddffc94620cce83ca1c92fb9ce291f67c7b68ac4dae
GET /i18n/pixel/identify.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20221116131031E062C36305FC5ADC906E
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465b2afe39dc8b208a5b5bb4188a18a97d6be40bc41e13e6ab4e42d149fb83e8902c87fe3359ec755f0b35d1c72789b6aa3d
content-encoding: gzip
expires: Wed, 16 Nov 2022 13:10:31 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 16 Nov 2022 13:10:31 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=104
x-origin-response-time: 104,23.36.79.28
x-akamai-request-id: 8002dc0
X-Firefox-Spdy: h2
cdn.brandmetrics.com/scripts/bundle/65568.js?sid=7f2d78d4-f913-42d1-8d60-7c59cb6b6daf&toploc=ipfs.fleek.co
104.26.7.155200 OK 14 kB URL HTTP/2 cdn.brandmetrics.com/scripts/bundle/65568.js?sid=7f2d78d4-f913-42d1-8d60-7c59cb6b6daf&toploc=ipfs.fleek.co
IP 104.26.7.155:0
File type Unicode text, UTF-8 text, with very long lines (10973), with CRLF, LF line terminators
Hash 65fc0d0935644725a85be503ed858961
daf5bad75e0d1a3cd5bf3c9996b5342d5e0e6791
e6e5cfbf9e2bd44251cef6e1c35781d370d49be922571bdef386bdd4d1aac400
GET /scripts/bundle/65568.js?sid=7f2d78d4-f913-42d1-8d60-7c59cb6b6daf&toploc=ipfs.fleek.co HTTP/1.1
Host: cdn.brandmetrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:32 GMT
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-cache-status: EXPIRED
last-modified: Wed, 16 Nov 2022 04:09:59 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMaaD%2BdPvGL%2Bz%2FnGa%2Fn7y%2B4D30Fq1lB6TpD3158T3tTzjsXq1O0j1H1HBq6dlNB020XU6jp0yStgh%2BSHNQXib5UEZuqQyev%2F6YaAikZBPI8lSnlniHiz8M9nGaGCptQb27pfY5ER"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76b077a2da3cb511-OSL
content-encoding: br
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.41.253.170101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.253.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ts+sZm5iRWlBcEjQfVOMzg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VYXw16PQW7l07sekUDF9NyYlH7Q=
prod-cdn.wetransfer.net/packs/media/images/apple-touch-icon-180x180-precomposed-fd272b89.png
52.84.93.109200 OK 16 kB URL HTTP/2 prod-cdn.wetransfer.net/packs/media/images/apple-touch-icon-180x180-precomposed-fd272b89.png
IP 52.84.93.109:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash bc5b180f2d0001298a5ea3691e3fc623
edf2c67a5cef4efd081e5e6e4bc027e72be45593
b8c5bf2f80790d4abbe7fd5dca0bcf5c3eeaa4e23b1b35c8854a3fdb5c26b1e9
GET /packs/media/images/apple-touch-icon-180x180-precomposed-fd272b89.png HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 16208
date: Wed, 07 Sep 2022 04:51:29 GMT
last-modified: Tue, 06 Sep 2022 17:53:40 GMT
etag: "bc5b180f2d0001298a5ea3691e3fc623"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a01be576a23f228f9f3e5ff71c09d934.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: s8QvPZLRYwVFNPczv5Qf1bvrOiTXyxncxKfBvvsKuuUK1wN04M7YYA==
age: 6077944
X-Firefox-Spdy: h2
prod-cdn.wetransfer.net/packs/media/images/favicon-a34a7465.ico
52.84.93.109200 OK 42 kB URL HTTP/2 prod-cdn.wetransfer.net/packs/media/images/favicon-a34a7465.ico
IP 52.84.93.109:0
File type MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Hash 692e1c7339c359b6412f059c9c9a0474
e7c1a53dca16b7664880e5b8a92524cf9a47fb62
d12161435ace47c6883360e08466508593325f134c1852b1d0e6e75d5f76adda
GET /packs/media/images/favicon-a34a7465.ico HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 41566
date: Sat, 10 Sep 2022 10:34:27 GMT
last-modified: Fri, 09 Sep 2022 13:23:06 GMT
etag: "692e1c7339c359b6412f059c9c9a0474"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a01be576a23f228f9f3e5ff71c09d934.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: H1c_0iB_wT_BfZ7aXY_KBqcBQNMXa_ioab_qTukiCjmX6XVobZ1KUg==
age: 5798166
X-Firefox-Spdy: h2
backgrounds.wetransfer.net/creator/wetransfer/2206-ideas-report-survey/evergreen/1_Nx2JGt/GTSuperWT-Regular.33399e4ba671a8a31fea.woff2
108.156.46.112200 OK 40 kB URL HTTP/2 backgrounds.wetransfer.net/creator/wetransfer/2206-ideas-report-survey/evergreen/1_Nx2JGt/GTSuperWT-Regular.33399e4ba671a8a31fea.woff2
IP 108.156.46.112:0
File type Web Open Font Format (Version 2), TrueType, length 40036, version 1.0\012- data
Hash 57e8971e577093e522e8288788750af9
d02fe432d9f05af964bb54bd7247a60b9ce39544
c6f19a8118ae24780824a797484f8c970d47601ebfeadbc535009b174b780de3
GET /creator/wetransfer/2206-ideas-report-survey/evergreen/1_Nx2JGt/GTSuperWT-Regular.33399e4ba671a8a31fea.woff2 HTTP/1.1
Host: backgrounds.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://backgrounds.wetransfer.net/creator/wetransfer/2206-ideas-report-survey/evergreen/1_Nx2JGt/b/index.html?cacheId=fb2hmwd_0_236386683&_origin=https://wetransfer.com
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 40036
date: Wed, 16 Nov 2022 13:10:33 GMT
last-modified: Tue, 19 Jul 2022 08:16:10 GMT
etag: "57e8971e577093e522e8288788750af9"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 a96b4e5111339688525bc9e54ad91f88.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: wi40DI-h2GXZ0O_lofgDyjjC110RbdjycYPWoubZSrUoU4ld_CpE8g==
X-Firefox-Spdy: h2
prod-cdn.wetransfer.net/packs/media/gt-super-wt/GT-Super-WT-Super-1b214df1.woff
52.84.93.109200 OK 60 kB URL HTTP/2 prod-cdn.wetransfer.net/packs/media/gt-super-wt/GT-Super-WT-Super-1b214df1.woff
IP 52.84.93.109:0
File type Web Open Font Format, TrueType, length 43188, version 0.0\012- data
Hash 2a2e11c913169ebe411798b06be5ab16
fd7b87d3779ed9ba06ccee7cb76a1dcc88b2029b
89208a02ca94ea13310dd20471d722f7142edb9ae71f59fe5f28d00448933001
GET /packs/media/gt-super-wt/GT-Super-WT-Super-1b214df1.woff HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ipfs.fleek.co
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: font/woff
content-length: 43188
date: Wed, 16 Nov 2022 13:10:32 GMT
last-modified: Wed, 16 Nov 2022 12:20:28 GMT
etag: "55576599a2d772f9297c5036d355b1fb"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 5bcd3262b0e3ca0689291e9cc9f312e6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: Xvpj3NzGmyQw4zS9v4AWhJdTo063eUStUvp2k4CaIYMrmcIyRqSH6g==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 74c07a15d0960c36c1d1160344b946da
9b0d25cc445c83d1eae53deb84a2a74b152af6d4
ba99f5ae2d779e578700195798bb71dd43f11195ef6a982e0eaac735e26b5a85
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3a9734f9f93c8158e73e4491e35f56bd
e57dc6ee66918ae45ce20c6dea942d2e786ff17c
171dfb208dfcaa849595e79c07f998833a5560ae06c736f9f4c45f445e121ada
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/plugins/ua/ecommerce.js
142.250.74.174200 OK 738 B URL HTTP/2 www.google-analytics.com/plugins/ua/ecommerce.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (745)
Hash f804aa0b574b678d24df5281ed71a61d
2fc02211b273e1ab4d362df05d592f2d822c2add
1d2d8c7f3502f4459478fe8c7495a27464d6f178b1d564333a107d310c0ea74d
GET /plugins/ua/ecommerce.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 738
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 12:37:43 GMT
expires: Wed, 16 Nov 2022 13:37:43 GMT
cache-control: public, max-age=3600
age: 1969
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 16 Nov 2022 12:41:09 GMT
expires: Wed, 16 Nov 2022 14:41:09 GMT
cache-control: public, max-age=7200
age: 1763
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/plugins/ua/ec.js
142.250.74.174200 OK 1.1 kB URL HTTP/2 www.google-analytics.com/plugins/ua/ec.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (523)
Hash 17427cd827c6f9e01d5ee868be659be5
6ff2e43c1a10e3c924870b48ae3cc36280b97f53
59157001be3cd5b0e3eae8afa425d1c694591c403fb9692bc3ad6d3235b423e7
GET /plugins/ua/ec.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1129
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 12:11:41 GMT
expires: Wed, 16 Nov 2022 13:11:41 GMT
cache-control: public, max-age=3600
age: 3531
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/bat.js
13.107.21.200200 OK 11 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Hash 22e2e3226eb5ada04929a2e43307eeda
04615fa88f80567974bdeb0f103ca5909746ebd7
41feebdfb0b03cd7fee2eb886adef6f3f1f85d3f14215e9a388d2a50e42efb9b
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11421
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ranges: bytes
etag: "077538f81f4d81:0"
vary: Accept-Encoding
set-cookie: MUID=0CBFA6EAEBFB630A39D6B4B4EAAC621F; domain=.bing.com; expires=Mon, 11-Dec-2023 13:10:32 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AF6F0A8F9E5B4B91AC6705F1113DD8C6 Ref B: OSL30EDGE0314 Ref C: 2022-11-16T13:10:32Z
date: Wed, 16 Nov 2022 13:10:32 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1fa19aff1e1cd1bcb23807998ef85c43
a4c43d274ab7c17894153b771d5fe096e2142e96
e254f31055336f837930d3dbe663ff8b96129f069d67d4d8511f13f5620b5641
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3420
Cache-Control: max-age=87798
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:32 GMT
Etag: "637387e2-1d7"
Expires: Thu, 17 Nov 2022 13:33:50 GMT
Last-Modified: Tue, 15 Nov 2022 12:36:50 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1fa19aff1e1cd1bcb23807998ef85c43
a4c43d274ab7c17894153b771d5fe096e2142e96
e254f31055336f837930d3dbe663ff8b96129f069d67d4d8511f13f5620b5641
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6479
Cache-Control: max-age=90857
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:32 GMT
Etag: "637387e2-1d7"
Expires: Thu, 17 Nov 2022 14:24:49 GMT
Last-Modified: Tue, 15 Nov 2022 12:36:50 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9d96ce61547f9d3184b571ec26c13f61
9607a743ed3f0c67ffd8aa22fdc76070c00b18fc
ce83e5b84417ac34b261442b70b71cec63124f57e8baa8acee68dc22c38763c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9d96ce61547f9d3184b571ec26c13f61
9607a743ed3f0c67ffd8aa22fdc76070c00b18fc
ce83e5b84417ac34b261442b70b71cec63124f57e8baa8acee68dc22c38763c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001668604231-98DRPA5P-3JLB
142.250.74.34302 Found 381 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001668604231-98DRPA5P-3JLB
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 08f658b937e677341bad9188d8891a79
82788ade093e1f72584fee67f8b9d4613f3e4130
91b3f2af82c6d2e328e32c5cb8ed77f4758884db4a2e67eca268da9a2c781816
GET /pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001668604231-98DRPA5P-3JLB HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001668604231-98DRPA5P-3JLB&google_tc=
date: Wed, 16 Nov 2022 13:10:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 381
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 16-Nov-2022 13:25:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/778938880/?random=1656083256772&cv=9&fst=1656082800000&num=1&bg=ffffff&guid=ON&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2>m=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&async=1&fmt=3&is_vtc=1&random=2173468691&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/778938880/?random=1656083256772&cv=9&fst=1656082800000&num=1&bg=ffffff&guid=ON&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2>m=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&async=1&fmt=3&is_vtc=1&random=2173468691&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/778938880/?random=1656083256772&cv=9&fst=1656082800000&num=1&bg=ffffff&guid=ON&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2>m=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&async=1&fmt=3&is_vtc=1&random=2173468691&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 13:10:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.84.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Wed, 16 Nov 2022 13:10:32 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-bma1627-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
a.ad.gt/api/v1/u/matches/367?url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F
100.22.4.13200 OK 8.1 kB URL HTTP/2 a.ad.gt/api/v1/u/matches/367?url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F
IP 100.22.4.13:0
File type C source, ASCII text, with very long lines (12888)
Hash 961e62df9ba677fd31532bb5a5e3aac3
47ed19f516e99ab69d9f18d2df5d8d2fee664418
ffc67eab6edac3db05582bd822a06cb1737daf84138bb790c2f054093e666312
GET /api/v1/u/matches/367?url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F HTTP/1.1
Host: a.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:32 GMT
content-type: application/javascript
server: nginx/1.20.0
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
bat.bing.com/p/action/56335302.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/56335302.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/56335302.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=1F45269BA37C677D0E6734C5A22B6659; domain=.bing.com; expires=Mon, 11-Dec-2023 13:10:32 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7EBC0C80BAF54FE6995BA2622CA7102B Ref B: OSL30EDGE0314 Ref C: 2022-11-16T13:10:32Z
date: Wed, 16 Nov 2022 13:10:32 GMT
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 5d76d361c50e9ca15fff2077e912418a
5fc21ef1d686df2d20510320764d27df143d222d
a96bbc8602545d7a35cbe8fb55dfd274a0bbe3505b1a906eba281391584b0a9c
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 13:10:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 20 Nov 2022 11:55:11 GMT
ETag: "5fc21ef1d686df2d20510320764d27df143d222d"
Last-Modified: Wed, 16 Nov 2022 11:55:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 635
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76b077a718890afa-OSL
cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001668604231-98DRPA5P-3JLB&google_tc=
142.250.74.34302 Found 288 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001668604231-98DRPA5P-3JLB&google_tc=
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 427bfac05f328afc041f09f0074cddcb
71810d3e5208f8aa1685203f3ae135ac1d5e0807
72ae5e0ccad12b0d45a88b97f0c28e3ee7c77ccb8ff8ac8722e83454f4bcc70d
GET /pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001668604231-98DRPA5P-3JLB&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&google_error=3
date: Wed, 16 Nov 2022 13:10:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 288
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: DyVz3bxY2BBlnSKvCTgOGLZwJXeCiIJKDNVQFFhtfTKR+VZtg3UkIqo5qoiA50dT/4BjFQ1kmeVYOFYWnV2wjA==
content-length: 27340
x-fb-trip-id: 1904183273
date: Wed, 16 Nov 2022 13:10:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash f86cf0bde12ef9b07967fa7bfdcd2db3
e2d2b277538fe878767964d21105c5e81283369f
9b9a5e9ce9933adc810851f84e2f083eb5d101f800ba5fe98ea1bcf0e4e934b3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2865
Cache-Control: max-age=120005
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:32 GMT
Etag: "637407dc-138"
Expires: Thu, 17 Nov 2022 22:30:37 GMT
Last-Modified: Tue, 15 Nov 2022 21:42:52 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 312
backgrounds.wetransfer.net/creator/wetransfer/2206-ideas-report-survey/evergreen/1_Nx2JGt/b/bundle.97a69a71fca9ac47f890.js
108.156.46.112200 OK 97 kB URL HTTP/2 backgrounds.wetransfer.net/creator/wetransfer/2206-ideas-report-survey/evergreen/1_Nx2JGt/b/bundle.97a69a71fca9ac47f890.js
IP 108.156.46.112:0
File type Unicode text, UTF-8 text, with very long lines (48060), with LF, NEL line terminators
Hash 380112ed11e78355d13c12a33cf714d0
1a6e6e8130cb5aa558efae012b83ef30c0aa4cfc
80b2abfd004b579ab418b334b106456b20973b54b0caec7ffc1b08bdb442d170
GET /creator/wetransfer/2206-ideas-report-survey/evergreen/1_Nx2JGt/b/bundle.97a69a71fca9ac47f890.js HTTP/1.1
Host: backgrounds.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://backgrounds.wetransfer.net/creator/wetransfer/2206-ideas-report-survey/evergreen/1_Nx2JGt/b/index.html?cacheId=fb2hmwd_0_236386683&_origin=https://wetransfer.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Tue, 19 Jul 2022 08:16:12 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 16 Nov 2022 13:10:33 GMT
etag: W/"6acf1fb3e818355b8f1026a7260e0c68"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 a96b4e5111339688525bc9e54ad91f88.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: QBeKmQbDu0k5EreDXWnUa9iTjBpPXkfc-oyZViXY94lKp0w7MFlBAw==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e4a9797558e523df0b9010ace420b63a
b0922fd57d9074df93e861fc81986f69d5e29777
a6ab8071a8d05d2e722a35bcebdf8cb871cc101ec7b4cd3a2c1bfd2af8719027
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6583
Cache-Control: max-age=124094
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:32 GMT
Etag: "6374094f-1d7"
Expires: Thu, 17 Nov 2022 23:38:46 GMT
Last-Modified: Tue, 15 Nov 2022 21:49:03 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 15 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1654)
Hash e9a582c90aac2328476e597baba398b4
06b0d94c58e65121f7bcc97eb323e1be19916373
5ff051b75b60717108be94182882ddb67a474820c0b7f8a3bc5e011bb0649d2a
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 16 Nov 2022 13:10:32 GMT
expires: Wed, 16 Nov 2022 13:10:32 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 5797422194694114326
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15185
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/778938880/?random=1656083256772&cv=9&fst=1656082800000&num=1&bg=ffffff&guid=ON&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2>m=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&async=1&fmt=3&is_vtc=1&random=2173468691&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/778938880/?random=1656083256772&cv=9&fst=1656082800000&num=1&bg=ffffff&guid=ON&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2>m=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&async=1&fmt=3&is_vtc=1&random=2173468691&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/778938880/?random=1656083256772&cv=9&fst=1656082800000&num=1&bg=ffffff&guid=ON&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2>m=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&async=1&fmt=3&is_vtc=1&random=2173468691&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 13:10:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b9d1d7a3bdf402d8c0a4ad04e95ee031
9629d41afd2686b2d45c274f49e16016eeafae20
b56bd786cea3fe86bde6e8c25137440f8ce8347e8dfa8cb9374cf4092dce52bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4400
Cache-Control: max-age=164358
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:32 GMT
Etag: "6374af1e-1d7"
Expires: Fri, 18 Nov 2022 10:49:50 GMT
Last-Modified: Wed, 16 Nov 2022 09:36:30 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&adnxs_id=$UID&gdpr=0
185.89.211.132307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&adnxs_id=$UID&gdpr=0
IP 185.89.211.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&adnxs_id=$UID&gdpr=0 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 16 Nov 2022 13:10:32 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26adnxs_id%3D%24UID%26gdpr%3D0
AN-X-Request-Uuid: 52fdcbf2-7196-44cb-ad45-293e72c8c6e1
Set-Cookie: uuid2=2068448699266745975; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 14-Feb-2023 13:10:32 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001668604231-98DRPA5P-3JLB&gdpr=0
15.197.193.217200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001668604231-98DRPA5P-3JLB&gdpr=0
IP 15.197.193.217:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001668604231-98DRPA5P-3JLB&gdpr=0 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:32 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash a6eb5971db7b9b8ca899d17a01a3f39b
530902f94af1b9cb968d0a35eb71ccbc8f3fa6e7
e0133a1a4953d1e29f2e00c767f7c2a99f2393a123b2fb90635f7d888d5453eb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 13:10:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 01:55:57 GMT
Expires: Wed, 23 Nov 2022 01:55:56 GMT
Etag: "530902f94af1b9cb968d0a35eb71ccbc8f3fa6e7"
Cache-Control: max-age=563723,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76b077a7ba1f0b65-OSL
sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3DAU1D-0100-001668604231-98DRPA5P-3JLB
185.29.132.241302 Moved Temporarily 0 B URL HTTP/1.1 sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3DAU1D-0100-001668604231-98DRPA5P-3JLB
IP 185.29.132.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3DAU1D-0100-001668604231-98DRPA5P-3JLB HTTP/1.1
Host: sync.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Wed, 16 Nov 2022 13:10:32 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 4629 97bee97 master zrh-pixel-x13 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=f62f6374-e149-4000-952b-014602b2ec4c; domain=.mathtag.com; path=/; expires=Thu, 14-Dec-2023 13:10:33 GMT; SameSite=None; Secure
location: https://ids.ad.gt/api/v1/mediamath_match?user_id=f62f6374-e149-4000-952b-014602b2ec4c&id=AU1D-0100-001668604231-98DRPA5P-3JLB
Expires: Wed, 16 Nov 2022 13:10:31 GMT
ocsp.sca1b.amazontrust.com/
18.165.196.217200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 18.165.196.217:0
Hash 416455c97f70dd68274596acf4c006b4
9c2ff3be5b0ac25d25b61cea57b3c2cf3cd710cb
19cab2157cd84e02d254cc9f007ecfd055ae59a89caa8c380d058600b434aacf
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=133479
Date: Wed, 16 Nov 2022 13:10:32 GMT
Etag: "637430b8-1d7"
Expires: Fri, 18 Nov 2022 02:15:11 GMT
Last-Modified: Wed, 16 Nov 2022 00:37:12 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 4ae6e5888b43b4133973ba1aadad8194.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: _uw0bTyjKwMUFbHaXhPojBwRoKpwlJeLQC9hjMdnJs6TxcsTv-Snqw==
Age: 5879
www.clarity.ms/tag/uet/56335302
13.107.213.53200 OK 0 B URL HTTP/2 www.clarity.ms/tag/uet/56335302
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tag/uet/56335302 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public,max-age=86400
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
x-cache: CONFIG_NOCACHE
x-azure-ref: 0SOF0YwAAAABm4lXoBS/mS4eKP2lAotONU1ZHMjBFREdFMDUwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 16 Nov 2022 13:10:32 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3a9734f9f93c8158e73e4491e35f56bd
e57dc6ee66918ae45ce20c6dea942d2e786ff17c
171dfb208dfcaa849595e79c07f998833a5560ae06c736f9f4c45f445e121ada
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 74c07a15d0960c36c1d1160344b946da
9b0d25cc445c83d1eae53deb84a2a74b152af6d4
ba99f5ae2d779e578700195798bb71dd43f11195ef6a982e0eaac735e26b5a85
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
public.profitwell.com/js/profitwell.js?auth=1a33eb12b20b92f6b89c398e023e2ca1
54.230.111.5200 OK 9.3 kB URL HTTP/2 public.profitwell.com/js/profitwell.js?auth=1a33eb12b20b92f6b89c398e023e2ca1
IP 54.230.111.5:0
Hash d9b6d28290a7a3e187e8f7ce76665583
5edd71ecba65fe356ea1ab6c6f089d3b26ae8c1d
e5717d66f16b4ac67c5a5ff7d1e44e04487fde419bc9cb3bdf006d607db697a1
GET /js/profitwell.js?auth=1a33eb12b20b92f6b89c398e023e2ca1 HTTP/1.1
Host: public.profitwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
date: Tue, 15 Nov 2022 17:32:20 GMT
last-modified: Tue, 28 Jun 2022 18:43:42 GMT
etag: W/"f3710cf44008e9509cf9d74fde8cff1f"
cache-control: public,max-age=86400
x-amz-version-id: Wa8rEL0sgfJJ468C6RWZ8GSg57cuV9EE
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hFLO1HmXPllKRZD0o5eyaSorYq7Kqx5GYtD_WDONrPPkO0d9yuFtFw==
age: 70692
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1fa19aff1e1cd1bcb23807998ef85c43
a4c43d274ab7c17894153b771d5fe096e2142e96
e254f31055336f837930d3dbe663ff8b96129f069d67d4d8511f13f5620b5641
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6480
Cache-Control: max-age=90857
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:33 GMT
Etag: "637387e2-1d7"
Expires: Thu, 17 Nov 2022 14:24:50 GMT
Last-Modified: Tue, 15 Nov 2022 12:36:50 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26impr_uid%3D%7BPUB_USER_ID%7D
52.59.57.234302 Found 0 B URL HTTP/2 ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26impr_uid%3D%7BPUB_USER_ID%7D
IP 52.59.57.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26impr_uid%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 16 Nov 2022 13:10:32 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26impr_uid%3D%7BPUB_USER_ID%7D
set-cookie: tuuid=cb949412-0080-4330-a5df-8fcf62a7586f; Expires=Tue, 14 Feb 2023 13:10:32 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1668604232; Expires=Tue, 14 Feb 2023 13:10:32 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1b43631817b375ad10d08b6fd9ff9249
ca2988f207b07f60e4204c701e127f84a69a5446
d61ac811e9c087f7fe5a9baeaf3065ac313c1e777f169cf91516ef4b83304f1f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 08c8def6f19785fee6579c1e4e4b55b1
dbf35a66687c3af0c96ad208462eeefa5aa18886
ce2abf49f6205a18f47359d9f3ac003b8ae3e5ee2a22a4b3f6005dc8ec8df878
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 16 Nov 2022 13:10:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 15 Nov 2022 19:06:39 GMT
Expires: Wed, 16 Nov 2022 19:06:39 GMT
ETag: "dbf35a66687c3af0c96ad208462eeefa5aa18886"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 977dab9d2dc1cf9e785d9526581ec8de
1b07cc856c8615537228d554284470062c6dbb79
a9c9ce9d3b399b41da3b6d31c67d23ce329f806172999119a038e6f2a7ffe79a
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 16 Nov 2022 13:10:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 15 Nov 2022 20:39:55 GMT
Expires: Wed, 16 Nov 2022 20:39:55 GMT
ETag: "1b07cc856c8615537228d554284470062c6dbb79"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 86b82026e21c0ad82ab0bbffe71ed768
04d3ccc4a4892ad4eca8bc4eb593088dffc295ed
32eebab7559e600d0b93c559ff0caf16fdc9fa30965c9bedcbe9fa4b14731a9c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6149
Cache-Control: max-age=103116
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:33 GMT
Etag: "6373b910-1d7"
Expires: Thu, 17 Nov 2022 17:49:09 GMT
Last-Modified: Tue, 15 Nov 2022 16:06:40 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
resources.xg4ken.com/js/v2/ktag.js?tid=KT-N2780-3FE
52.30.11.209200 OK 3.5 kB URL HTTP/2 resources.xg4ken.com/js/v2/ktag.js?tid=KT-N2780-3FE
IP 52.30.11.209:0
File type C source, ASCII text, with very long lines (9143)
Hash 14380f52b301a495de3bdf28112849a0
391f89a7f915c1166a14ffb55e0910b291d4b668
31a96352ccb1839e461d812b75d9ba902484ee4a501854f46cdcd216479b8355
GET /js/v2/ktag.js?tid=KT-N2780-3FE HTTP/1.1
Host: resources.xg4ken.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:33 GMT
content-type: application/javascript
content-length: 3544
server: nginx
last-modified: Mon, 14 Nov 2022 12:23:07 GMT
etag: "6372332b-dd8"
content-encoding: gzip
expires: Thu, 17 Nov 2022 13:10:33 GMT
x-xss-protection: 1; mode=block
cache-control: max-age=86400, public
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
18.165.196.217200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 18.165.196.217:0
Hash e18d7900f510b8d6ac08ed6782111c09
b24937b1f6c1ccb05d0f382ca7d502755111b28c
85b6d0d5d0f64d7e724fc41e904256083d67d252f9f6cb46ffed05f9b7cb290e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=138868
Date: Wed, 16 Nov 2022 13:10:33 GMT
Etag: "63744312-1d7"
Expires: Fri, 18 Nov 2022 03:45:01 GMT
Last-Modified: Wed, 16 Nov 2022 01:55:30 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 4ae6e5888b43b4133973ba1aadad8194.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: h-p2XkitgfpsVuRp3T3B8TKBThi7wT6WiuAP8a-gli40PTP0Iz7xew==
Age: 6571
sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&uid=[UID]&gdpr=0
69.166.1.10302 Found 0 B URL HTTP/1.1 sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&uid=[UID]&gdpr=0
IP 69.166.1.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&uid=[UID]&gdpr=0 HTTP/1.1
Host: sync.go.sonobi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Wed, 16 Nov 2022 13:10:33 GMT
Content-Type: text/plain; charset=utf8
Content-Length: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-188
X-Xss-Protection: 0
Location: https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&uid=823a2d5e-d27b-4c79-9c9c-40d478af9804&gdpr=0
Server: sonobi-go
Set-Cookie: __uis=823a2d5e-d27b-4c79-9c9c-40d478af9804; expires=Fri, 16 Dec 2022 13:10:32 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None
HAPLB8S=s85188|Y3ThT; path=/; domain=.go.sonobi.com; SameSite=None; secure
e-10220.adzerk.net/i.gif?e=eyJ2IjoiMS4xMCIsImF2Ijo0MzE0NDksImF0Ijo5NTksImJ0IjowLCJjbSI6NzU0MzQyNzksImNoIjozNDkwMiwiY2siOnt9LCJjciI6OTIxNDg5OTQsImRpIjoiODU3MzJiOWY1NWQ1NDc5MGIwYThjMjkzMmFjNDRkNzAiLCJkaiI6MCwiaWkiOiJmNDY4MDZhN2JhYzY0NzY5OGQ0ODM3MjQxZWE0Mzc5ZCIsImRtIjozLCJmYyI6MjMzOTUzNzAyLCJmbCI6MjI1NjcyMzM3LCJpcCI6IjM2LjgxLjE0My4xMDUiLCJudyI6MTAyMjAsInBjIjowLjQsIm9wIjowLjQsImVjIjowLCJnbSI6MCwiZXAiOm51bGwsInByIjoxNDk2ODYsInJ0IjozLCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wYTViMDM4OWFkYjVhNTNmMCIsInNwIjoyMTEyMTI5LCJzdCI6MTA1NTkyMiwidWsiOiJzcC02NmJiZTgzNC00ZWZmLTQ4NTktYjhlMi0wNDM1ZjJiZDA1NmIiLCJ6biI6MTk5MDcxLCJ0cyI6MTY1NjA4Mzk4NDMxMSwicG4iOiJpZnJhbWUiLCJnciI6dHJ1ZSwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJ0eiI6IlVUQyIsImFnIjoxLCJiYSI6MSwiZnEiOjB9&s=lMQvQpF7q84B7pVMqB23NqsR8CQ
34.199.140.62200 OK 43 B URL HTTP/2 e-10220.adzerk.net/i.gif?e=eyJ2IjoiMS4xMCIsImF2Ijo0MzE0NDksImF0Ijo5NTksImJ0IjowLCJjbSI6NzU0MzQyNzksImNoIjozNDkwMiwiY2siOnt9LCJjciI6OTIxNDg5OTQsImRpIjoiODU3MzJiOWY1NWQ1NDc5MGIwYThjMjkzMmFjNDRkNzAiLCJkaiI6MCwiaWkiOiJmNDY4MDZhN2JhYzY0NzY5OGQ0ODM3MjQxZWE0Mzc5ZCIsImRtIjozLCJmYyI6MjMzOTUzNzAyLCJmbCI6MjI1NjcyMzM3LCJpcCI6IjM2LjgxLjE0My4xMDUiLCJudyI6MTAyMjAsInBjIjowLjQsIm9wIjowLjQsImVjIjowLCJnbSI6MCwiZXAiOm51bGwsInByIjoxNDk2ODYsInJ0IjozLCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wYTViMDM4OWFkYjVhNTNmMCIsInNwIjoyMTEyMTI5LCJzdCI6MTA1NTkyMiwidWsiOiJzcC02NmJiZTgzNC00ZWZmLTQ4NTktYjhlMi0wNDM1ZjJiZDA1NmIiLCJ6biI6MTk5MDcxLCJ0cyI6MTY1NjA4Mzk4NDMxMSwicG4iOiJpZnJhbWUiLCJnciI6dHJ1ZSwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJ0eiI6IlVUQyIsImFnIjoxLCJiYSI6MSwiZnEiOjB9&s=lMQvQpF7q84B7pVMqB23NqsR8CQ
IP 34.199.140.62:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /i.gif?e=eyJ2IjoiMS4xMCIsImF2Ijo0MzE0NDksImF0Ijo5NTksImJ0IjowLCJjbSI6NzU0MzQyNzksImNoIjozNDkwMiwiY2siOnt9LCJjciI6OTIxNDg5OTQsImRpIjoiODU3MzJiOWY1NWQ1NDc5MGIwYThjMjkzMmFjNDRkNzAiLCJkaiI6MCwiaWkiOiJmNDY4MDZhN2JhYzY0NzY5OGQ0ODM3MjQxZWE0Mzc5ZCIsImRtIjozLCJmYyI6MjMzOTUzNzAyLCJmbCI6MjI1NjcyMzM3LCJpcCI6IjM2LjgxLjE0My4xMDUiLCJudyI6MTAyMjAsInBjIjowLjQsIm9wIjowLjQsImVjIjowLCJnbSI6MCwiZXAiOm51bGwsInByIjoxNDk2ODYsInJ0IjozLCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wYTViMDM4OWFkYjVhNTNmMCIsInNwIjoyMTEyMTI5LCJzdCI6MTA1NTkyMiwidWsiOiJzcC02NmJiZTgzNC00ZWZmLTQ4NTktYjhlMi0wNDM1ZjJiZDA1NmIiLCJ6biI6MTk5MDcxLCJ0cyI6MTY1NjA4Mzk4NDMxMSwicG4iOiJpZnJhbWUiLCJnciI6dHJ1ZSwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJ0eiI6IlVUQyIsImFnIjoxLCJiYSI6MSwiZnEiOjB9&s=lMQvQpF7q84B7pVMqB23NqsR8CQ HTTP/1.1
Host: e-10220.adzerk.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:33 GMT
content-type: image/gif
content-length: 43
server: nginx
x-powered-by: adzerk bifrost/
access-control-allow-origin: undefined
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
access-control-allow-headers: Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
x-served-by: bifrost-production-shard001-us-east-1a-i-0b06b9d8b72d6a4a4
set-cookie: azk=sp-66bbe834-4eff-4859-b8e2-0435f2bd056b; Path=/; Expires=Thu, 16 Nov 2023 13:10:33 GMT; Secure; SameSite=None
azk-ss=true; Path=/; Expires=Thu, 16 Nov 2023 13:10:33 GMT; Secure; SameSite=None
etag: W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26adnxs_id%3D%24UID%26gdpr%3D0
185.89.211.132302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26adnxs_id%3D%24UID%26gdpr%3D0
IP 185.89.211.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Wed, 16 Nov 2022 13:10:33 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&adnxs_id=0&gdpr=0
AN-X-Request-Uuid: e0e07e38-c5f7-4380-9460-9c28511e7084
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26impr_uid%3D%7BPUB_USER_ID%7D
52.59.57.234200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26impr_uid%3D%7BPUB_USER_ID%7D
IP 52.59.57.234:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26impr_uid%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:33 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1668604232093&url=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1668604232093&url=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=&time=1668604232093&url=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44 HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&b7df27c5-b6a5-45ea-8aeb-82dcaf6e3b82"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 16-Nov-2023 13:10:33 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2432:u=1:x=1:i=1668604233:t=1668690633:v=2:sig=AQF50hrC9KDaF01YIGlKFWWLffg9E_xW"; Expires=Thu, 17 Nov 2022 13:10:33 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXtljKYLkFsXuT0X5LUzw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 70E55CC23E2A480BB6E9D3BD4E853AB6 Ref B: OSL30EDGE0508 Ref C: 2022-11-16T13:10:33Z
date: Wed, 16 Nov 2022 13:10:32 GMT
content-length: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18704
Expires: Wed, 16 Nov 2022 18:22:17 GMT
Date: Wed, 16 Nov 2022 13:10:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18704
Expires: Wed, 16 Nov 2022 18:22:17 GMT
Date: Wed, 16 Nov 2022 13:10:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18704
Expires: Wed, 16 Nov 2022 18:22:17 GMT
Date: Wed, 16 Nov 2022 13:10:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18704
Expires: Wed, 16 Nov 2022 18:22:17 GMT
Date: Wed, 16 Nov 2022 13:10:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc50c38bf-fe3d-4eec-be11-1e782b0f0bbc.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc50c38bf-fe3d-4eec-be11-1e782b0f0bbc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edd6a84f848a83f4d1990f92b4807def
bc2bb7815b062941d51fde65574851db55be37dc
4d015538adfa6c61a5dfca3cbb224ae91ccbe1d82212e997e22f895a77387bed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc50c38bf-fe3d-4eec-be11-1e782b0f0bbc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6629
x-amzn-requestid: ff03ae40-8d00-41ec-875f-b49b1b86151c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqY6CG9IoAMF8rA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63740840-7fdaa40f3ca9246045270665;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:44:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4i9jW2AQ8PhWl9i01KDda11PoSD1csf_Gs7nwME9o2Oxft0UldI6vQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:47:49 GMT
age: 55364
etag: "bc2bb7815b062941d51fde65574851db55be37dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F520b9f3d-222d-4840-bd88-673cedf9b5fc.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F520b9f3d-222d-4840-bd88-673cedf9b5fc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a698bf97cc6c0c464ed1a2b2adb1c1d3
a3977e8cde4b6ad7ef2e75a477e71b7bbbec21f0
64d52d8983b2bf30b9b1f260b8d6534664024b8dfda0da273307ee510ed33aad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F520b9f3d-222d-4840-bd88-673cedf9b5fc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4919
x-amzn-requestid: aae0d2da-e891-40a6-bd83-8942fc3ef0c0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYFFEnxoAMFdCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406ed-6ff1cc593aa1c934659030db;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PhUSR2Y2GRZkB5UTrMma8vnIddc44pLJ2Sppk63xQyMC2imKLn-R4A==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:47:46 GMT
age: 55367
etag: "a3977e8cde4b6ad7ef2e75a477e71b7bbbec21f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 848af62ec10d0c297922f8600b6ad12d
4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d
a3b4eb6768259876819d7e6c7ac9e21c603d54f60bf70ed077cb820711e2ae74
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11316
x-amzn-requestid: 8456b25a-b87f-490d-86b3-fb217afea082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniESaIAMF3Qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-30ed3b0972418bae4700edc8;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CqIZqrKKIWszHFwass9Cd-GNxQ5Q9z3_2haPPGprjVDal71MQDurqw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 22:15:24 GMT
age: 53709
etag: "4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e399ef-c649-4728-84e9-6fea03ea9b5a.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e399ef-c649-4728-84e9-6fea03ea9b5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae0ab55e0e77a4265808a6689f25cbc3
187e6b340b43eb1aa0c724b749db7c20a486706a
3881e5ad44b9b2fae82510794af43d14e304ce624f26f66523f85d58fea063dc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e399ef-c649-4728-84e9-6fea03ea9b5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9625
x-amzn-requestid: 9bd72b4a-2ac0-423f-b0e2-73fd51e02e97
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYEBHTjIAMFvOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406e6-57f5412d5eca6d640a0f590d;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: UavYBt2WjF4WCRJGtM2zS-dZinNLgs_0HuyORwaVCSlj-32Qd6sNTQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 22:09:56 GMT
age: 54037
etag: "187e6b340b43eb1aa0c724b749db7c20a486706a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/ppnt_match?uid=Zm0y3purUJxz&ev=1&pid=562316&id=AU1D-0100-001668604231-98DRPA5P-3JLB
44.224.40.30200 OK 9.0 kB URL HTTP/2 ids.ad.gt/api/v1/ppnt_match?uid=Zm0y3purUJxz&ev=1&pid=562316&id=AU1D-0100-001668604231-98DRPA5P-3JLB
IP 44.224.40.30:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 75dce75f845c5aa5f99bd9e9d0d4a6c3
92ce84f06bf92792a37b80a197a9d1f242d9bebb
25e2a5ea13597467758f6454ad4652ac83d91d12984c3f79449c2e876f5eb7aa
GET /api/v1/ppnt_match?uid=Zm0y3purUJxz&ev=1&pid=562316&id=AU1D-0100-001668604231-98DRPA5P-3JLB HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001668604231-98DRPA5P-3JLB; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:33 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Thu, 17 Nov 2022 01:10:33 GMT
set-cookie: au_id=AU1D-0100-001668604231-98DRPA5P-3JLB; Expires=Fri, 15 Nov 2024 13:10:33 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667acc-25d7-4d63-8fab-1711f6b4988c.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667acc-25d7-4d63-8fab-1711f6b4988c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 98802857df59f8eacd9211811cc59ae6
87e277a627c1085cad5c6e38bdd5100aa0a9ecee
102e73f690a972da6d3ab609ffab5f29884185d85c4230a19ec74d74c7320cf1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667acc-25d7-4d63-8fab-1711f6b4988c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8235
x-amzn-requestid: e8a91ec0-fa93-45b6-8dc8-a405c00242fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqY4_HANoAMFSvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63740839-3ebbd38b0e3e774923ad019e;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:44:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: _u6Uhc-g_xPTRSYys5rD3GC00roubyJdBRuHruvoMLf-UEAB6_zdQw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:46:20 GMT
age: 55453
etag: "87e277a627c1085cad5c6e38bdd5100aa0a9ecee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
a.ad.gt/api/v1/collect
100.22.4.13204 No Content 0 B IP 100.22.4.13:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v1/collect HTTP/1.1
Host: a.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Content-type: text/plain
Content-Length: 968
Origin: https://ipfs.fleek.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 16 Nov 2022 13:10:33 GMT
server: nginx/1.20.0
access-control-allow-origin: https://ipfs.fleek.co
vary: Origin
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44&rl=&if=false&ts=1668604232593&cd[partner_id]=367&cd[tagger_id]=841cb21260ed3f4f916b6b7ed9ac2d0e&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668604232592.1050942487&it=1668604232462&coo=false&tm=1&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44&rl=&if=false&ts=1668604232593&cd[partner_id]=367&cd[tagger_id]=841cb21260ed3f4f916b6b7ed9ac2d0e&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668604232592.1050942487&it=1668604232462&coo=false&tm=1&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44&rl=&if=false&ts=1668604232593&cd[partner_id]=367&cd[tagger_id]=841cb21260ed3f4f916b6b7ed9ac2d0e&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668604232592.1050942487&it=1668604232462&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Nov 2022 13:10:33 GMT
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/g_match?google_error=3
44.224.40.30200 OK 356 B URL HTTP/2 ids.ad.gt/api/v1/g_match?google_error=3
IP 44.224.40.30:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash cc7ce6d45edc11e593976675b7a1fd1f
b32d4dcf0aacc59e7923b973bb41baf7ef61e725
435d5696a580547a9b617a73f1a294c559de31fd94f40bd83e5cb2d0c2af1171
GET /api/v1/g_match?google_error=3 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001668604231-98DRPA5P-3JLB; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:33 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Thu, 17 Nov 2022 01:10:33 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 97b17c78c6d6fb52647dd455fe8f220e
476c85bc36b3debf22dd5b07d9349a7f12dd7d6e
2bdccc0f42817ef947d61ccf558212e24c3e5740f7e4af29b0acd1dd8a67f1f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1133
Cache-Control: max-age=103892
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:37 GMT
Etag: "6373cfb4-139"
Expires: Thu, 17 Nov 2022 18:02:09 GMT
Last-Modified: Tue, 15 Nov 2022 17:43:16 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:37 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=tLklil80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3lFeVZGSlZjaEsyQW1XSTdnQ3hKOWdyQVVwS2s4WUNwd3hKRkhEaGFrRzY; expires=Mon, 11 Dec 2023 13:10:37 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 302746
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 242c70f7156a35008b468bc53223656c
5bb7a82134f6da679ada7ade414ed3dd7d1e613c
f4160ff727a9717accc785cfd4e71a2f4b5b72a32a0d3e53dc02a97ffb30e2e7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2754
Cache-Control: max-age=164176
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:37 GMT
Etag: "6374b4db-138"
Expires: Fri, 18 Nov 2022 10:46:53 GMT
Last-Modified: Wed, 16 Nov 2022 10:00:59 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 242c70f7156a35008b468bc53223656c
5bb7a82134f6da679ada7ade414ed3dd7d1e613c
f4160ff727a9717accc785cfd4e71a2f4b5b72a32a0d3e53dc02a97ffb30e2e7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2632
Cache-Control: max-age=164054
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:10:37 GMT
Etag: "6374b4db-138"
Expires: Fri, 18 Nov 2022 10:44:51 GMT
Last-Modified: Wed, 16 Nov 2022 10:00:59 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 312
bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001668604231-98DRPA5P-3JLB
198.148.27.140302 Found 0 B URL HTTP/2 bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001668604231-98DRPA5P-3JLB
IP 198.148.27.140:0
GET /bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001668604231-98DRPA5P-3JLB HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-7bd458bbdd-mfnj7
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://ids.ad.gt/api/v1/ppnt_match?uid=Zm0y3purUJxz&ev=1&pid=562316&id=AU1D-0100-001668604231-98DRPA5P-3JLB
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: V=Zm0y3purUJxz;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sat, 11-Nov-2023 13:10:33 GMT;Max-Age=31104000;SameSite=None
INGRESSCOOKIE=bbfd2a1ff1592261; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?topUrl=ipfs.fleek.co&origin=onetag
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?topUrl=ipfs.fleek.co&origin=onetag
IP 178.250.0.157:0
GET /syncframe?topUrl=ipfs.fleek.co&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:37 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=d473529d-9702-40c5-a3ed-79dc2c727d9c; expires=Mon, 11 Dec 2023 13:10:37 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 789350
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
prod-cdn.wetransfer.net/packs/css/application-a370aeb8.chunk.css
52.84.93.109200 OK 0 B URL HTTP/2 prod-cdn.wetransfer.net/packs/css/application-a370aeb8.chunk.css
IP 52.84.93.109:0
GET /packs/css/application-a370aeb8.chunk.css HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
date: Wed, 16 Nov 2022 02:36:43 GMT
last-modified: Tue, 28 Jun 2022 12:26:02 GMT
etag: W/"0cac266ca337660fdbafc69249a04f53"
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a01be576a23f228f9f3e5ff71c09d934.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: T343TtRZ_iYkX7dZ2kcx-6R6vy8diXJg24x1Z1Q8spQDZP78PUTfww==
age: 38029
X-Firefox-Spdy: h2
prod-cdn.wetransfer.net/packs/esm/vendor-9aab5e914623660cfc9f.es6.js
52.84.93.109200 OK 0 B URL HTTP/2 prod-cdn.wetransfer.net/packs/esm/vendor-9aab5e914623660cfc9f.es6.js
IP 52.84.93.109:0
GET /packs/esm/vendor-9aab5e914623660cfc9f.es6.js HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 16 Nov 2022 02:36:43 GMT
last-modified: Mon, 27 Jun 2022 09:51:07 GMT
etag: W/"f10c8755323d7e0e4d8e65fd27acb665"
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a01be576a23f228f9f3e5ff71c09d934.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: cL9BVLns8oMSdNxb_1ZSvzvp6CfebYXUzFH8wUb-mhkz7UX7p4xWtQ==
age: 38029
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/g_match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&google_error=3
44.224.40.30200 OK 0 B URL HTTP/2 ids.ad.gt/api/v1/g_match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&google_error=3
IP 44.224.40.30:0
GET /api/v1/g_match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&google_error=3 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001668604231-98DRPA5P-3JLB; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:33 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Thu, 17 Nov 2022 01:10:33 GMT
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/mediamath_match?user_id=f62f6374-e149-4000-952b-014602b2ec4c&id=AU1D-0100-001668604231-98DRPA5P-3JLB
44.224.40.30200 OK 0 B URL HTTP/2 ids.ad.gt/api/v1/mediamath_match?user_id=f62f6374-e149-4000-952b-014602b2ec4c&id=AU1D-0100-001668604231-98DRPA5P-3JLB
IP 44.224.40.30:0
GET /api/v1/mediamath_match?user_id=f62f6374-e149-4000-952b-014602b2ec4c&id=AU1D-0100-001668604231-98DRPA5P-3JLB HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001668604231-98DRPA5P-3JLB; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:33 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Thu, 17 Nov 2022 01:10:33 GMT
set-cookie: au_id=AU1D-0100-001668604231-98DRPA5P-3JLB; Expires=Fri, 15 Nov 2024 13:10:33 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
connect.facebook.net/signals/plugins/identity.js?v=2.9.62
31.13.72.12200 OK 0 B URL HTTP/2 connect.facebook.net/signals/plugins/identity.js?v=2.9.62
IP 31.13.72.12:0
GET /signals/plugins/identity.js?v=2.9.62 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: NDslx36QepnNaEj7yNFo+KzsBMvxcFs/Aju53Fz+SJV8mqG7gMIgwHinQVW4cEW2ZRypWPQ6t4vXe0fxMiNN2Q==
priority: u=3,i
x-fb-trip-id: 1904183273
date: Wed, 16 Nov 2022 13:10:33 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.128200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.128:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:37 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 81368
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.3200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.3:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:36 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 115477
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
p.ad.gt/api/v1/p/367
104.22.5.69200 OK 0 B IP 104.22.5.69:0
GET /api/v1/p/367 HTTP/1.1
Host: p.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:32 GMT
content-type: application/javascript
last-modified: Mon, 14 Nov 2022 19:18:32 GMT
cache-control: public, max-age=43200
expires: Thu, 17 Nov 2022 01:10:32 GMT
etag: W/"1668453512.0-40653-3373272138"
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 76b077a35cef1c16-OSL
X-Firefox-Spdy: h2
prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff
52.84.93.109200 OK 0 B URL HTTP/2 prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff
IP 52.84.93.109:0
GET /packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ipfs.fleek.co
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: font/woff
content-length: 32124
date: Wed, 16 Nov 2022 13:10:32 GMT
last-modified: Wed, 16 Nov 2022 12:20:27 GMT
etag: "868aedeefe7669e8a4f7196f7df5d058"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 5bcd3262b0e3ca0689291e9cc9f312e6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: -E4sMgnhYQcsv0m8KOkYaedUoqqUYgUSgG_lICCK20FapAvor5QUcQ==
X-Firefox-Spdy: h2
cdn.brandmetrics.com/tag/a79d0565d5244a0f813e40f2c4832d09/wetransfer.js
104.26.7.155200 OK 0 B URL HTTP/2 cdn.brandmetrics.com/tag/a79d0565d5244a0f813e40f2c4832d09/wetransfer.js
IP 104.26.7.155:0
GET /tag/a79d0565d5244a0f813e40f2c4832d09/wetransfer.js HTTP/1.1
Host: cdn.brandmetrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:31 GMT
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-bgj: minify
cf-polished: origSize=4735
cf-cache-status: HIT
age: 1537
last-modified: Wed, 16 Nov 2022 12:44:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L4jCIgHxVvE6770j0%2BM5QR9sh344RC1AtmbuAP4wjbceAY%2BmihgJOdYPHpRxT%2BPw593v66%2Bq%2FHoJ3vV%2BjZdEZRPJ7dPkZy3i58FXtZxXl2TfMQWBwu1yc6BX7fcqb14mpw7JZ5YN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76b0779fed3db511-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.criteo.net/js/ld/ld.js
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/ld.js
IP 178.250.2.130:0
GET /js/ld/ld.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 13:10:32 GMT
content-type: text/javascript
last-modified: Tue, 08 Nov 2022 15:05:46 GMT
etag: W/"636a704a-a8d9"
expires: Thu, 17 Nov 2022 13:10:32 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26unruly_id%3D%5BRX_UUID%5D&cb=1668604232978
213.19.147.45302 Found 0 B URL HTTP/2 sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26unruly_id%3D%5BRX_UUID%5D&cb=1668604232978
IP 213.19.147.45:0
GET /usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26unruly_id%3D%5BRX_UUID%5D&cb=1668604232978 HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 16 Nov 2022 13:10:33 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001668604231-98DRPA5P-3JLB&unruly_id=OPTOUT
etag: OPTOUT
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=tLklil80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3lFeVZGSlZjaEsyQW1XSTdnQ3hKOWdyQVVwS2s4WUNwd3hKRkhEaGFrRzY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:37 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=OTM6mV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3lFeVZGSlZjaEsyQW1XSTdnQ3hKOWlhZnRLV2pzYm1oUDdyUTlQUkdYMXE; expires=Mon, 11 Dec 2023 13:10:37 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 396521
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ipfs.fleek.co/ipfs/bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44
104.17.64.14200 OK 0 B URL HTTP/2 ipfs.fleek.co/ipfs/bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44
IP 104.17.64.14:0
Analyzer Verdict Alert openphish WeTransfer
fortinet Phishing
GET /ipfs/bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44 HTTP/1.1
Host: ipfs.fleek.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __utma=155905004.1468018235.1653591318.1653591318.1653591318.1; __utmz=155905004.1653591318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); intercom-id-k1pm16x3=4dd3663d-9110-458c-8b62-23c955bfa0e0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:31 GMT
content-type: text/html
cf-ray: 76b0779caf5fb4ee-OSL
access-control-allow-origin: *
age: 71339
cache-control: max-age=86400
etag: W/"bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44"
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: hit
x-ipfs-path: /ipfs/bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44
x-ipfs-root: bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44
x-ipfs-roots: bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44
set-cookie: __cf_bm=5v8Ggm6mcwFu_chy4gdBbMopg6mEFb4IuatUK3lr.CA-1668604231-0-AQ8/GWJBNJOhSQezPmgvTaUPYrm8uZ35tjaDfRJXEmV3TdMvM4dCqH5NdXYG8CAlX/74B3G0KOj4OEw5575bwD0=; path=/; expires=Wed, 16-Nov-22 13:40:31 GMT; domain=.ipfs.fleek.co; HttpOnly; Secure; SameSite=None
cloudflare-web3-deprecation: This hostname will be deprecated on January 15th, 2023. If you are the site administrator, please refer to https://developers.cloudflare.com/web3/reference/migration-guide
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&adnxs_id=0&gdpr=0
44.224.40.30202 Accepted 0 B URL HTTP/2 ids.ad.gt/api/v1/match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&adnxs_id=0&gdpr=0
IP 44.224.40.30:0
GET /api/v1/match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&adnxs_id=0&gdpr=0 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001668604231-98DRPA5P-3JLB; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Wed, 16 Nov 2022 13:10:33 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Thu, 17 Nov 2022 01:10:33 GMT
set-cookie: au_id=AU1D-0100-001668604231-98DRPA5P-3JLB; Expires=Fri, 15 Nov 2024 13:10:33 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
104.18.11.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP 104.18.11.207:0
GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Origin: https://ipfs.fleek.co
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:31 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 03/10/2022 17:24:53
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 860
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 9112cdfe1e798677d8162c8f3d8d3a77
cdn-cache: HIT
cf-cache-status: HIT
age: 1435586
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76b0779faa970b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001668604231-98DRPA5P-3JLB
185.64.189.110302 Found 0 B URL HTTP/2 image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001668604231-98DRPA5P-3JLB
IP 185.64.189.110:0
GET /AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001668604231-98DRPA5P-3JLB HTTP/1.1
Host: image2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 16 Nov 2022 13:10:31 GMT
set-cookie: KTPCACOOKIE=true; domain=pubmatic.com; secure; expires=Tue, 14-Feb-2023 13:10:31 GMT; path=/
location: https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001668604231-98DRPA5P-3JLB
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=C81T07NV9S6QTNQPBO0G&lib=ttq
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=C81T07NV9S6QTNQPBO0G&lib=ttq
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
GET /i18n/pixel/events.js?sdkid=C81T07NV9S6QTNQPBO0G&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20221116131031FC0F772BE8603FE27A68
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465b72c4d373bd80b9622d285172aefcc386973a140c16eb90ce5d77ed5beec48d533214a54c1559d9b565a992e9fe291ddc
content-encoding: gzip
expires: Wed, 16 Nov 2022 13:10:31 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 16 Nov 2022 13:10:31 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=107
x-origin-response-time: 107,23.36.79.28
x-akamai-request-id: 8002dd4
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/unruly?id=AU1D-0100-001668604231-98DRPA5P-3JLB&unruly_id=OPTOUT
44.224.40.30202 Accepted 0 B URL HTTP/2 ids.ad.gt/api/v1/unruly?id=AU1D-0100-001668604231-98DRPA5P-3JLB&unruly_id=OPTOUT
IP 44.224.40.30:0
GET /api/v1/unruly?id=AU1D-0100-001668604231-98DRPA5P-3JLB&unruly_id=OPTOUT HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001668604231-98DRPA5P-3JLB; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Wed, 16 Nov 2022 13:10:33 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Thu, 17 Nov 2022 01:10:33 GMT
set-cookie: au_id=AU1D-0100-001668604231-98DRPA5P-3JLB; Expires=Fri, 15 Nov 2024 13:10:33 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
prod-cdn.wetransfer.net/packs/esm/runtime~application-4a7dc9dbc7889b72739b.es6.js
52.84.93.109200 OK 0 B URL HTTP/2 prod-cdn.wetransfer.net/packs/esm/runtime~application-4a7dc9dbc7889b72739b.es6.js
IP 52.84.93.109:0
GET /packs/esm/runtime~application-4a7dc9dbc7889b72739b.es6.js HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 16 Nov 2022 02:36:44 GMT
last-modified: Thu, 23 Jun 2022 12:51:04 GMT
etag: W/"8d373cd7fdf9ee87968bebe558d05365"
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a01be576a23f228f9f3e5ff71c09d934.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: gCK__-jUlz5y5Lgh9WdXLElWaGYyvgOCV5-WeqgHR2hPzZ4NXJujrw==
age: 38028
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
IP 104.18.10.207:0
GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:31 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 11/15/2021 23:30:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: a35b0179a28ed953258d0fb41376a09c
cdn-cache: HIT
cf-cache-status: HIT
age: 11648079
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76b0779fe9e1b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nolan.wetransfer.net/apps/wallpaper/0.9.0/main.449ac4713c593dca.esm.js
108.138.217.46403 Forbidden 0 B URL HTTP/2 nolan.wetransfer.net/apps/wallpaper/0.9.0/main.449ac4713c593dca.esm.js
IP 108.138.217.46:0
GET /apps/wallpaper/0.9.0/main.449ac4713c593dca.esm.js HTTP/1.1
Host: nolan.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-type: application/xml
date: Wed, 16 Nov 2022 13:10:31 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 569d1c431d473cc631a7da026d9efbf2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P3
x-amz-cf-id: R3KggxoC6joFyITlC5fsNgLnGiQgEblNdhSqag5VKe-kVatAhRsAVg==
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/son_match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&uid=823a2d5e-d27b-4c79-9c9c-40d478af9804&gdpr=0
44.224.40.30200 OK 0 B URL HTTP/2 ids.ad.gt/api/v1/son_match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&uid=823a2d5e-d27b-4c79-9c9c-40d478af9804&gdpr=0
IP 44.224.40.30:0
GET /api/v1/son_match?id=AU1D-0100-001668604231-98DRPA5P-3JLB&uid=823a2d5e-d27b-4c79-9c9c-40d478af9804&gdpr=0 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001668604231-98DRPA5P-3JLB; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:10:33 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Thu, 17 Nov 2022 01:10:33 GMT
set-cookie: au_id=AU1D-0100-001668604231-98DRPA5P-3JLB; Expires=Fri, 15 Nov 2024 13:10:33 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
prod-cdn.wetransfer.net/packs/esm/application-2f0386ee23e6ae4bb05d.es6.js
52.84.93.109200 OK 0 B URL HTTP/2 prod-cdn.wetransfer.net/packs/esm/application-2f0386ee23e6ae4bb05d.es6.js
IP 52.84.93.109:0
GET /packs/esm/application-2f0386ee23e6ae4bb05d.es6.js HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 16 Nov 2022 13:10:32 GMT
last-modified: Mon, 27 Jun 2022 09:51:06 GMT
etag: W/"229c5ddc2c3a2710d9292e35db8963c9"
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a01be576a23f228f9f3e5ff71c09d934.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: RMFSKFLyWgJYcJJka7hwjYPBk4fYY8WvEepbQBY8R7OMbTvi-zw7kg==
X-Firefox-Spdy: h2
nolan.wetransfer.net/apps/wallpaper/0.9.0/main.449ac4713c593dca.esm.js
108.138.217.46403 Forbidden 0 B URL HTTP/2 nolan.wetransfer.net/apps/wallpaper/0.9.0/main.449ac4713c593dca.esm.js
IP 108.138.217.46:0
GET /apps/wallpaper/0.9.0/main.449ac4713c593dca.esm.js HTTP/1.1
Host: nolan.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: application/xml
date: Wed, 16 Nov 2022 13:10:31 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 569d1c431d473cc631a7da026d9efbf2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P3
x-amz-cf-id: qwMwmMaS3Lo-oC_IkrSiDl-Rz6QN9RlxmjWGjw7Y8GZLCLeci2wPGA==
X-Firefox-Spdy: h2
sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26unruly_id%3D%5BRX_UUID%5D
213.19.147.45302 Found 0 B URL HTTP/2 sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26unruly_id%3D%5BRX_UUID%5D
IP 213.19.147.45:0
GET /usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26unruly_id%3D%5BRX_UUID%5D HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 16 Nov 2022 13:10:32 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-a0ead07a-9c52-4c3d-a5c3-eafd24e80c79-003%22%7D; path=/; expires=Thu, 16 Nov 2023 13:10:32 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001668604231-98DRPA5P-3JLB%26unruly_id%3D%5BRX_UUID%5D&cb=1668604232978
etag: RXa0ead07a9c524c3da5c3eafd24e80c79003
X-Firefox-Spdy: h2
connect.facebook.net/signals/config/1904796869803472?v=2.9.62&r=stable
31.13.72.12200 OK 0 B URL HTTP/2 connect.facebook.net/signals/config/1904796869803472?v=2.9.62&r=stable
IP 31.13.72.12:0
GET /signals/config/1904796869803472?v=2.9.62&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: lw4G9t9KeIg5qHIF6PT7HvJErwKsODYddgOg4k+teHWMGFtzgshJMSYagQdoix8HTh9MfYg/xGZpldSGsT5vCg==
x-fb-trip-id: 1904183273
date: Wed, 16 Nov 2022 13:10:33 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001668604231-98DRPA5P-3JLB
185.64.189.110200 OK 0 B URL HTTP/2 image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001668604231-98DRPA5P-3JLB
IP 185.64.189.110:0
GET /AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001668604231-98DRPA5P-3JLB HTTP/1.1
Host: image2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 13:10:32 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
connect.facebook.net/signals/config/1853083501571805?v=2.9.62&r=stable
31.13.72.12200 OK 0 B URL HTTP/2 connect.facebook.net/signals/config/1853083501571805?v=2.9.62&r=stable
IP 31.13.72.12:0
GET /signals/config/1853083501571805?v=2.9.62&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: fNLThdtVWDRB+0sri/nzeMuN2TYW5XxxzpeDJxmd18jEswcT525F77wrO6TbmZka5q9d2EwIm5+sh1jLtStv8g==
priority: u=3,i
x-fb-trip-id: 1904183273
date: Wed, 16 Nov 2022 13:10:33 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2