r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7786cd9bd97e024b3a1d16215defaad2
786ddbb74b0b6bd9270622dbe0258d6caee407c1
9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17265
Expires: Wed, 16 Nov 2022 08:57:43 GMT
Date: Wed, 16 Nov 2022 04:09:58 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 211c82682c91c3535fe3e01b969f52fa
58419d5e481326db576f7480680e65f747160987
45d309050f122bb671538adab10e3c96a4ed21e512cfd02876a441997d1e7aa0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=116839
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:09:58 GMT
Etag: "637387fd-117"
Expires: Thu, 17 Nov 2022 12:37:17 GMT
Last-Modified: Tue, 15 Nov 2022 12:37:17 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4fe5a11c3ca8a150aad830b739f24b58
898b730b1a66dd49c6f018333ba828410f63f347
2c3a2a8a3dfa29808bd550718025fdf355e4a88235cb50ae978abc00ee5fd23b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5072
Cache-Control: max-age=114341
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:09:58 GMT
Etag: "63736a6b-1d7"
Expires: Thu, 17 Nov 2022 11:55:39 GMT
Last-Modified: Tue, 15 Nov 2022 10:31:07 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c88bc06741ab9fb81c2544acfcc34aa2
362cab19cff5aba27f472cc00071d5dfa38192e4
314ba27975f458e13917b2be91c9d5989a3e57c9e94b5a84dd52d0e21d27ae7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "314BA27975F458E13917B2BE91C9D5989A3E57C9E94B5A84DD52D0E21D27AE7F"
Last-Modified: Mon, 14 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16681
Expires: Wed, 16 Nov 2022 08:47:59 GMT
Date: Wed, 16 Nov 2022 04:09:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 16 Nov 2022 03:44:32 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1526
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: k0lS/z8TbM4qJIC2cgvLSUjo31mMBjdruefe5wYyobZTm1k2sXp/nkbIawtFAFw8xnNVKKeH22Q=
x-amz-request-id: TY88NPHT6BH6A9MB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 16 Nov 2022 03:14:32 GMT
age: 3326
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:09:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff
54.230.111.127200 OK 31 kB URL HTTP/2 prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff
IP 54.230.111.127:0
File type Web Open Font Format, TrueType, length 31120, version 1.6554\012- data
Hash 57cbbfdafc43e0deecc75a309dd042c6
b9cc2ff331b8520706de175f5b3fdba6731a9bfc
a9117f16bdaa64c953b303bef951dfca6316ef59f1b7ca72d5b946b1d815f6a6
GET /packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ipfs.fleek.co
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: font/woff
content-length: 31120
date: Tue, 15 Nov 2022 17:32:19 GMT
last-modified: Tue, 15 Nov 2022 16:37:49 GMT
etag: "57cbbfdafc43e0deecc75a309dd042c6"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OxPOURw7k67ABGBLbUJoE6d9azethKlGII8xwNQXU9JGbD5P6_iIiQ==
age: 38260
X-Firefox-Spdy: h2
prod-cdn.wetransfer.net/packs/media/gt-super-wt/GT-Super-WT-Super-1b214df1.woff
54.230.111.127200 OK 43 kB URL HTTP/2 prod-cdn.wetransfer.net/packs/media/gt-super-wt/GT-Super-WT-Super-1b214df1.woff
IP 54.230.111.127:0
File type Web Open Font Format, TrueType, length 43188, version 0.0\012- data
Hash 55576599a2d772f9297c5036d355b1fb
c52e4f9a59137105deb12a3de25ee7d5a15fd286
1e3d5d86432b9bfcdf25ce0e35fd23667cea86f6fa71fa920cd84abb70258f73
GET /packs/media/gt-super-wt/GT-Super-WT-Super-1b214df1.woff HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ipfs.fleek.co
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: font/woff
content-length: 43188
date: Tue, 15 Nov 2022 17:32:19 GMT
last-modified: Tue, 15 Nov 2022 16:37:50 GMT
etag: "55576599a2d772f9297c5036d355b1fb"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p-rfA-D_M26GB21YcRjoMYFM-THpG08XGQuV6kHkuW8zwUTDP17c2Q==
age: 38260
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1ecc83b47682fd520914ad554ca8ad8e
16918bde255ba445cab21e81b6ab01bbecba96e6
9b0bbaf159a7cd8754744fdd96beebb507040f862692a5d3be02be19bb2c81ea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2483
Cache-Control: max-age=99163
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:09:58 GMT
Etag: "6373393e-117"
Expires: Thu, 17 Nov 2022 07:42:41 GMT
Last-Modified: Tue, 15 Nov 2022 07:01:18 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff
54.230.111.127200 OK 32 kB URL HTTP/2 prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff
IP 54.230.111.127:0
File type Web Open Font Format, TrueType, length 32124, version 1.6554\012- data
Hash 868aedeefe7669e8a4f7196f7df5d058
45bd20ef2c6b717a2526efd98a01207979b2a623
d8700b022ef56752cd12ff224b3f409e84aeb8a43ac68ba052167096baf46555
GET /packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ipfs.fleek.co
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: font/woff
content-length: 32124
date: Tue, 15 Nov 2022 17:32:19 GMT
last-modified: Tue, 15 Nov 2022 16:37:49 GMT
etag: "868aedeefe7669e8a4f7196f7df5d058"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: n7_JSiOy4KDpUejOUz_9qpRSq9HWWr5lqL4hw5D29LbK5-ITjV5qFQ==
age: 38260
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
104.17.24.14200 OK 6.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (19015)
Hash 7b4114faa411d059a9a5ac4b5b4d9dee
277da4486916fa3a4ab3375f47bc98f58dbf90f6
60b3528de2f7d48cbb335d19dddef756aaacc70f73d4254a2ef17978a14ca0d9
GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Origin: https://ipfs.fleek.co
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:09:58 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 384341
expires: Mon, 06 Nov 2023 04:09:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8CpWIm400Whkt5AnoQYw4eYxhV3x6U0Y2fryX5lDYfpD%2Bl67ohATNdpl%2FJHxsFTPEYixmjOfPT9R%2FqrgdmpxiozpyxKIjpPFMEGU%2BA9uN6Go%2Bb5UdQYpxwCEtcg%2FuuxFkZ%2FRDKP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76ad5fcdc8eab527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
prod-cdn.wetransfer.net/packs/esm/71-2ff63878306f2c4473fc.es6.js
54.230.111.127200 OK 397 B URL HTTP/2 prod-cdn.wetransfer.net/packs/esm/71-2ff63878306f2c4473fc.es6.js
IP 54.230.111.127:0
File type ASCII text, with very long lines (397), with no line terminators
Hash 0ad4fcc2f503e98d836d3866925ebfa1
338854449bdbdc95f0f87cc10661d9164c27e75b
98a31fa8bc6612b753bf15b4c6fd22259186c158fd156c29724e4f90b3bc3dc8
GET /packs/esm/71-2ff63878306f2c4473fc.es6.js HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 397
date: Tue, 15 Nov 2022 17:32:19 GMT
last-modified: Mon, 27 Jun 2022 09:51:06 GMT
etag: "0ad4fcc2f503e98d836d3866925ebfa1"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TajI83GHNYgh_v-9PYdC2u1l5k9HSpkcnSHqYaL6a-sr91gFjsn1bg==
age: 38260
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4e9f4afeaf2dac3f6dd5be7660121621
2480acef2865ac01e2310b05721c59b0bce84ffa
50eb36a97600d8b498e5aa79ae55e84ea09bbfa0e07309bdade124d372a73b94
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6063
Cache-Control: max-age=136898
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:09:58 GMT
Etag: "6373bea9-117"
Expires: Thu, 17 Nov 2022 18:11:36 GMT
Last-Modified: Tue, 15 Nov 2022 16:30:33 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1ecc83b47682fd520914ad554ca8ad8e
16918bde255ba445cab21e81b6ab01bbecba96e6
9b0bbaf159a7cd8754744fdd96beebb507040f862692a5d3be02be19bb2c81ea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2483
Cache-Control: max-age=99163
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:09:58 GMT
Etag: "6373393e-117"
Expires: Thu, 17 Nov 2022 07:42:41 GMT
Last-Modified: Tue, 15 Nov 2022 07:01:18 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
www.redditstatic.com/ads/pixel.js
151.101.85.140200 OK 7.7 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP 151.101.85.140:0
File type ASCII text, with very long lines (25224)
Hash 3528fd00b652f61a266eb584d96f4fcc
d89e16aa1323c6c4f1ed3941122020684a599361
77efa9f2ddfdca7a45df37bbcd22fdaeb7b97161a2acd87e21eb78bdeaad1332
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 07 Nov 2022 16:45:46 GMT
etag: "3528fd00b652f61a266eb584d96f4fcc"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 16 Nov 2022 04:09:58 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.2.1.slim.min.js
69.16.175.10200 OK 24 kB URL HTTP/2 code.jquery.com/jquery-3.2.1.slim.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32012)
Hash 30f5157a965bc792a83e9bacfe265f03
8330886371fe27f3cbac509e0ac9712207574c66
4d12cab1f84ec2ac780bc8e0d865d9c61025be579c78d6532d76f0574d17fca0
GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Origin: https://ipfs.fleek.co
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:09:58 GMT
content-encoding: gzip
content-length: 23856
content-type: application/javascript; charset=utf-8
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-10fdd"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1668571798.dop016.sk1.t,1668571798.cds205.sk1.hn,1668571798.cds235.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 68a04663a52ab4272c25f5afcc09a92d
48b0722227353d06cb1dfd4480b644be6e6fc030
892ba18611f372b6bf390d3628b66efc4a721f0f2bde61ae22546a0948935b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:09:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2316d2d43aee9525cdb65b3eb2ff53a0
cad4229071cf919cb3471632ac4924cfd1a97431
99d5cce0549dbb29351735d3e15f9cde16b2ca18c57581c8110b2c54998fa28d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:09:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
collector.brandmetrics.com/c.js?siteid=7f2d78d4-f913-42d1-8d60-7c59cb6b6daf&toploc=wetransfer.com&rnd=259291
20.50.2.28200 OK 0 B URL HTTP/2 collector.brandmetrics.com/c.js?siteid=7f2d78d4-f913-42d1-8d60-7c59cb6b6daf&toploc=wetransfer.com&rnd=259291
IP 20.50.2.28:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.js?siteid=7f2d78d4-f913-42d1-8d60-7c59cb6b6daf&toploc=wetransfer.com&rnd=259291 HTTP/1.1
Host: collector.brandmetrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=utf-8
date: Wed, 16 Nov 2022 04:09:58 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 15 kB IP 93.184.220.29:0
Hash 5af7ef10bc0d02afffc32f99f1e876f4
0c091f16b555808f3128a9560747b8ad2a55b243
773dd7edaa2d4801213844baa1edf8d405aa7b5af0a07ad18f29a0705e834676
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2483
Cache-Control: max-age=99163
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:09:58 GMT
Etag: "6373393e-117"
Expires: Thu, 17 Nov 2022 07:42:41 GMT
Last-Modified: Tue, 15 Nov 2022 07:01:18 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1ecc83b47682fd520914ad554ca8ad8e
16918bde255ba445cab21e81b6ab01bbecba96e6
9b0bbaf159a7cd8754744fdd96beebb507040f862692a5d3be02be19bb2c81ea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2483
Cache-Control: max-age=99163
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:09:58 GMT
Etag: "6373393e-117"
Expires: Thu, 17 Nov 2022 07:42:41 GMT
Last-Modified: Tue, 15 Nov 2022 07:01:18 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
142.250.74.138200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (32065)
Hash 6d973c8b7e2439d958e09c0a1ab9fe50
05ae0830200c20b9a2dfd5a825adc400481a60fb
f3c122dc227e829ed96b2a754296809201bd78abbad7ba50ef5079654e1cc894
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Nov 2022 12:14:42 GMT
expires: Wed, 15 Nov 2023 12:14:42 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 57316
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3dc58f0dcba4ac9021f62c5c1c862e91
d67cf5a8968b75d0d6893054f5201e015be19ecc
75d4e57dc6c25d2456a7513572a97de5f1c1caead2822c8a985da9b8dfa55f89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:09:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/778938880/?random=1656083256772&cv=9&fst=1656083256772&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2>m=2wg6m0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.207.194200 OK 986 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/778938880/?random=1656083256772&cv=9&fst=1656083256772&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2>m=2wg6m0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.207.194:0
File type ASCII text, with very long lines (2377), with no line terminators
Hash 47bacf15d747cedeba7d05e744cb5ee2
ba9850b64c1878782a4c97e81eb175a4e3d4e602
b35caf18ea802fb1eb4d8072fdd47965718b10a57fb0ca1fa4f35b784847cd57
GET /pagead/viewthroughconversion/778938880/?random=1656083256772&cv=9&fst=1656083256772&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2>m=2wg6m0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 04:09:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 986
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 16-Nov-2022 04:24:58 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/config.js?sdkid=C81T07NV9S6QTNQPBO0G&hostname=wetransfer.com
23.36.79.32200 OK 358 B URL HTTP/2 analytics.tiktok.com/i18n/pixel/config.js?sdkid=C81T07NV9S6QTNQPBO0G&hostname=wetransfer.com
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (308)
Hash 95a2ac27141ffd1d5df2919a521c22db
b8ebd9c76f8e0a6310b1df4051b6b772fe664ef0
6a945838225f8a5443ac4b2d4ec8193771abe424fd1b014ef4a4e21614b5608b
GET /i18n/pixel/config.js?sdkid=C81T07NV9S6QTNQPBO0G&hostname=wetransfer.com HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20221116040958BF28C3369197039346F4
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1bebd93717768ead7ab7162cd93ee2fd75104e56fb56c58667f995666121d7a14b27b076143f9983101bcea8e4ffb89c0164762950df30675e4a98720386d8273225
content-encoding: gzip
content-length: 358
x-origin-response-time: 10,23.218.220.142
x-akamai-request-id: b1dc5c8.48ff655
expires: Wed, 16 Nov 2022 04:09:58 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 16 Nov 2022 04:09:58 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
set-cookie: _ttp=2Hc609WRIwyFC1sQ1ZOMm22G7sc; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-218-220-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=10, inner; dur=2
x-parent-response-time: 111,23.36.79.28
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2316d2d43aee9525cdb65b3eb2ff53a0
cad4229071cf919cb3471632ac4924cfd1a97431
99d5cce0549dbb29351735d3e15f9cde16b2ca18c57581c8110b2c54998fa28d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:09:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-K878LCS&l=dataLayer
142.250.74.168200 OK 93 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-K878LCS&l=dataLayer
IP 142.250.74.168:0
File type ASCII text, with very long lines (29001)
Hash 23db4d54ec09c93045a3b88417b9dbb6
a1b5340b6179725818659c195b57fbf8817bf878
39a206eade9ffcbc7737da70a49f00bb8da00129f145bcf2eefe4720e3bff6af
GET /gtm.js?id=GTM-K878LCS&l=dataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 16 Nov 2022 04:09:58 GMT
expires: Wed, 16 Nov 2022 04:09:58 GMT
cache-control: private, max-age=900
last-modified: Wed, 16 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93062
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3dc58f0dcba4ac9021f62c5c1c862e91
d67cf5a8968b75d0d6893054f5201e015be19ecc
75d4e57dc6c25d2456a7513572a97de5f1c1caead2822c8a985da9b8dfa55f89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:09:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Cache-Control, Retry-After, Content-Length, Expires, ETag, Pragma, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 16 Nov 2022 03:25:01 GMT
cache-control: public,max-age=3600
age: 2697
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 334b9981aad04ac77277ca281df90195
538e4db4c8729e02109f57240e2ac8ea199a8a0d
c6f77f70ff92ec953997fc1104aa9ec311bceb503a24d4fb5e8f6fca16031645
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141814
Date: Wed, 16 Nov 2022 04:09:58 GMT
Etag: "6373d53f-1d7"
Expires: Thu, 17 Nov 2022 19:33:32 GMT
Last-Modified: Tue, 15 Nov 2022 18:06:55 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: P-IM-E-mMUfD6zorA1ER1CKxirKUrTDAFACZAkYmRobwWd9JNw9t2g==
Age: 5197
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 5cac2a541245e39328679004eb2680e1
e16241b9f60a1b71df5ed0fcac376d8b707aca62
cc66d9106c2fa92e03a21f67660e8c7bc555d97531ce2a154fdc0cdce11c102b
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=160989
Date: Wed, 16 Nov 2022 04:09:58 GMT
Etag: "637426e4-1d7"
Expires: Fri, 18 Nov 2022 00:53:07 GMT
Last-Modified: Tue, 15 Nov 2022 23:55:16 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FZ1Jg22e09ICYT0Hhi9lQufDlWd4XQYxZ1YU0zIdlInGmRdMh8rTRQ==
Age: 3471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash de57a2d376db743a3987c454889f1f21
0defab699bdb1b158026f93c2dd105bcd65f6764
b1c47a81ac45af6f756a8eca8ef14a82f0113ea8f09dae7a285a4491963ae2ff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4461
Cache-Control: max-age=108677
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:09:59 GMT
Etag: "637356af-1d7"
Expires: Thu, 17 Nov 2022 10:21:16 GMT
Last-Modified: Tue, 15 Nov 2022 09:06:55 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
a.ad.gt/api/v1/u/matches/367?url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F
52.24.20.187200 OK 3.6 kB URL HTTP/2 a.ad.gt/api/v1/u/matches/367?url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F
IP 52.24.20.187:0
File type C source, ASCII text, with very long lines (2097)
Hash 7d1387e887632e255c88c9715a8b8142
14c1f04ce2b0b1d81a25720d76a2489865922a83
6251ff8b31b7d558597828b8508b1099481ced02b3e304afbc01cbb3d358d448
GET /api/v1/u/matches/367?url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F HTTP/1.1
Host: a.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:09:59 GMT
content-type: application/javascript
server: nginx/1.20.0
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.164.183.116101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.183.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2ps6aDYGaND+bGKLS6IVMA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2pKKxkSX62KUnd+/+Lr1oopTcx0=
p.ad.gt/api/v1/p/367?au_id=AU1D-0100-001656083096-ETFCNQ76-UDPG
172.67.23.234200 OK 50 kB URL HTTP/2 p.ad.gt/api/v1/p/367?au_id=AU1D-0100-001656083096-ETFCNQ76-UDPG
IP 172.67.23.234:0
Hash e1d01700df89fe6cd6b63071a4dd85cb
8690097c7f25bae66e367f669a225c33c8236d7c
60d9b013f3aa26cee923116cd8301b0a681486b8d132fc62404706b1ecea8eae
GET /api/v1/p/367?au_id=AU1D-0100-001656083096-ETFCNQ76-UDPG HTTP/1.1
Host: p.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:09:59 GMT
content-type: application/javascript
last-modified: Mon, 14 Nov 2022 19:18:32 GMT
cache-control: public, max-age=43200
expires: Wed, 16 Nov 2022 16:09:59 GMT
etag: W/"1668453512.0-40653-3373272138"
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ad5fcddc4c0b69-OSL
X-Firefox-Spdy: h2
cdn.brandmetrics.com/scripts/bundle/65568.js?sid=7f2d78d4-f913-42d1-8d60-7c59cb6b6daf&toploc=ipfs.fleek.co
104.26.7.155200 OK 162 kB URL HTTP/2 cdn.brandmetrics.com/scripts/bundle/65568.js?sid=7f2d78d4-f913-42d1-8d60-7c59cb6b6daf&toploc=ipfs.fleek.co
IP 104.26.7.155:0
File type Unicode text, UTF-8 text, with very long lines (10973), with CRLF, LF line terminators
Size 162 kB (161703 bytes)
Hash 4aebda26e387799005403a497b1082c7
ea0348004dce937494c7d231456138ff45366581
9d76bfa5595218945fcffc337e1b85d1022aedb3f11503342d69b99c941cf9c5
GET /scripts/bundle/65568.js?sid=7f2d78d4-f913-42d1-8d60-7c59cb6b6daf&toploc=ipfs.fleek.co HTTP/1.1
Host: cdn.brandmetrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:09:59 GMT
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-cache-status: MISS
last-modified: Wed, 16 Nov 2022 04:09:59 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29%2FiM6DqoZS9L4ElPzabOEvOozAmcLRhqX30mCidVyjpPr590TW%2F2wH1R1vgRZ66QF7EVJVV0sR54L7gWeviYR7GPSgFrJBjxHoMH5U%2BmJxEtpPdXd2reiPm5Sic1zpQr8wTQqM2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ad5fd08c41b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001668571799-2VTSXSB6-Z2RD
54.68.224.4302 Found 473 B URL HTTP/2 ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001668571799-2VTSXSB6-Z2RD
IP 54.68.224.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (363)
Hash 3b5c678d9294898be63156ed4d37ae5d
6cdf5f6b43dcdaee68a613b1d3d9ae09b804664f
e86c718b48f639738d57d833f0c19f96a1b9442162456a0f9a6e2f1511c814c5
GET /api/v1/g_hosted?id=AU1D-0100-001668571799-2VTSXSB6-Z2RD HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 16 Nov 2022 04:09:59 GMT
content-type: text/html; charset=utf-8
content-length: 473
location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY2ODU3MTc5OS0yVlRTWFNCNi1aMlJE
server: nginx/1.20.0
set-cookie: au_id=AU1D-0100-001668571799-2VTSXSB6-Z2RD; Expires=Fri, 15 Nov 2024 04:09:59 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
g_hosted=; Expires=Fri, 15 Nov 2024 04:09:59 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
nolan.wetransfer.net/apps/wallpaper/0.9.0/main.449ac4713c593dca.esm.js
54.230.111.42403 Forbidden 243 B URL HTTP/2 nolan.wetransfer.net/apps/wallpaper/0.9.0/main.449ac4713c593dca.esm.js
IP 54.230.111.42:0
File type XML 1.0 document text\012- XML document, ASCII text
Hash ed4322987226d27a86cc7727ac477851
d5318f6207af143e9ef4647dfa22d7ec0852b5ec
4f5c26c242452c1a3bb406198f9bfbf017534253cc8a302abf44251536e0368d
GET /apps/wallpaper/0.9.0/main.449ac4713c593dca.esm.js HTTP/1.1
Host: nolan.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: application/xml
date: Wed, 16 Nov 2022 04:09:58 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: laypCfx2drZDM2I6kls-1yld9PgE7UeS5imfuLWEHFD3ndVinbBqpQ==
X-Firefox-Spdy: h2
nolan.wetransfer.net/apps/wallpaper/0.9.0/main.449ac4713c593dca.esm.js
54.230.111.42403 Forbidden 4.8 kB URL HTTP/2 nolan.wetransfer.net/apps/wallpaper/0.9.0/main.449ac4713c593dca.esm.js
IP 54.230.111.42:0
Hash 5308f3f6990188cbe206acca7eefba84
62bbfd6435ac8c53e2ba942430d6ccd470754b29
7a2508418d1d97f60b9bff6b24c0c3eeb1d4e1e69d54ebfe3be62fa210444af7
GET /apps/wallpaper/0.9.0/main.449ac4713c593dca.esm.js HTTP/1.1
Host: nolan.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-type: application/xml
date: Wed, 16 Nov 2022 04:09:58 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nTEiyg_xVM7JFWIRFnbLgy7w5W4t0-5v6-i2_Gu12rWGIOOjcJtcew==
X-Firefox-Spdy: h2
a.ad.gt/api/v1/collect
52.24.20.187204 No Content 0 B IP 52.24.20.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v1/collect HTTP/1.1
Host: a.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Content-type: text/plain
Content-Length: 968
Origin: https://ipfs.fleek.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 16 Nov 2022 04:10:00 GMT
server: nginx/1.20.0
access-control-allow-origin: https://ipfs.fleek.co
vary: Origin
X-Firefox-Spdy: h2
pixels.ad.gt/api/v1/getpixels?tagger_id=841cb21260ed3f4f916b6b7ed9ac2d0e&url=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44&code=%27none%27
52.34.253.46204 No Content 0 B URL HTTP/2 pixels.ad.gt/api/v1/getpixels?tagger_id=841cb21260ed3f4f916b6b7ed9ac2d0e&url=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44&code=%27none%27
IP 52.34.253.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/getpixels?tagger_id=841cb21260ed3f4f916b6b7ed9ac2d0e&url=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44&code=%27none%27 HTTP/1.1
Host: pixels.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 16 Nov 2022 04:10:00 GMT
server: nginx/1.20.0
X-Firefox-Spdy: h2
prod-cdn.wetransfer.net/packs/media/images/apple-touch-icon-180x180-precomposed-fd272b89.png
54.230.111.127200 OK 16 kB URL HTTP/2 prod-cdn.wetransfer.net/packs/media/images/apple-touch-icon-180x180-precomposed-fd272b89.png
IP 54.230.111.127:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash bc5b180f2d0001298a5ea3691e3fc623
edf2c67a5cef4efd081e5e6e4bc027e72be45593
b8c5bf2f80790d4abbe7fd5dca0bcf5c3eeaa4e23b1b35c8854a3fdb5c26b1e9
GET /packs/media/images/apple-touch-icon-180x180-precomposed-fd272b89.png HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 16208
date: Sat, 01 Oct 2022 03:57:56 GMT
last-modified: Fri, 30 Sep 2022 18:50:09 GMT
etag: "bc5b180f2d0001298a5ea3691e3fc623"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 923y-7D5cxI6Hj1-XTC6rUrNGgiG6_ao6MPQo6mULsCPoQf8AgQHtQ==
age: 3975125
X-Firefox-Spdy: h2
prod-cdn.wetransfer.net/packs/media/images/favicon-a34a7465.ico
54.230.111.127200 OK 42 kB URL HTTP/2 prod-cdn.wetransfer.net/packs/media/images/favicon-a34a7465.ico
IP 54.230.111.127:0
File type MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Hash 692e1c7339c359b6412f059c9c9a0474
e7c1a53dca16b7664880e5b8a92524cf9a47fb62
d12161435ace47c6883360e08466508593325f134c1852b1d0e6e75d5f76adda
GET /packs/media/images/favicon-a34a7465.ico HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 41566
date: Fri, 09 Sep 2022 02:48:13 GMT
last-modified: Thu, 08 Sep 2022 16:30:40 GMT
etag: "692e1c7339c359b6412f059c9c9a0474"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Pc23twK01R-VADQ9tdj9WrjVg691OyK1OIx_v0CnTV1zffAedRXRKw==
age: 5880108
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1fa19aff1e1cd1bcb23807998ef85c43
a4c43d274ab7c17894153b771d5fe096e2142e96
e254f31055336f837930d3dbe663ff8b96129f069d67d4d8511f13f5620b5641
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2539
Cache-Control: max-age=119349
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:10:00 GMT
Etag: "637387e2-1d7"
Expires: Thu, 17 Nov 2022 13:19:09 GMT
Last-Modified: Tue, 15 Nov 2022 12:36:50 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
bat.bing.com/bat.js
13.107.21.200200 OK 11 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Hash 22e2e3226eb5ada04929a2e43307eeda
04615fa88f80567974bdeb0f103ca5909746ebd7
41feebdfb0b03cd7fee2eb886adef6f3f1f85d3f14215e9a388d2a50e42efb9b
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11421
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ranges: bytes
etag: "077538f81f4d81:0"
vary: Accept-Encoding
set-cookie: MUID=1CEA007DF51D6E11187A1223F4E86F1E; domain=.bing.com; expires=Mon, 11-Dec-2023 04:10:00 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5E5BD21EE14F4F9A8AC32AE70BA339FB Ref B: OSL30EDGE0112 Ref C: 2022-11-16T04:10:00Z
date: Wed, 16 Nov 2022 04:09:59 GMT
X-Firefox-Spdy: h2
www.google-analytics.com/plugins/ua/ecommerce.js
142.250.74.174200 OK 738 B URL HTTP/2 www.google-analytics.com/plugins/ua/ecommerce.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (745)
Hash f804aa0b574b678d24df5281ed71a61d
2fc02211b273e1ab4d362df05d592f2d822c2add
1d2d8c7f3502f4459478fe8c7495a27464d6f178b1d564333a107d310c0ea74d
GET /plugins/ua/ecommerce.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 738
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 03:37:43 GMT
expires: Wed, 16 Nov 2022 04:37:43 GMT
cache-control: public, max-age=3600
age: 1937
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.210200 OK 4.5 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.210:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (12826)
Hash 806d185619a4ef5951ab91810117e4ba
f40031c0ea5718f6d9a0a35e8ca60262daedc440
06489a801966cb9e7b467aed4edb63aa10bc2e588d259054ef696ade54e4b19f
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 19:27:04 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=83203
date: Wed, 16 Nov 2022 04:10:00 GMT
content-length: 4530
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1fa19aff1e1cd1bcb23807998ef85c43
a4c43d274ab7c17894153b771d5fe096e2142e96
e254f31055336f837930d3dbe663ff8b96129f069d67d4d8511f13f5620b5641
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3102
Cache-Control: max-age=119911
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:10:00 GMT
Etag: "637387e2-1d7"
Expires: Thu, 17 Nov 2022 13:28:31 GMT
Last-Modified: Tue, 15 Nov 2022 12:36:50 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
static.ads-twitter.com/uwt.js
151.101.84.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Wed, 16 Nov 2022 04:10:00 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-bma1665-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5b80883a318b116e8b967c4e7c5fb219
4d7a8f63edad447a8b46f7816b950d90e01c7872
2b1bf5e0056b5d2dabc4a7ce5da47044293386d238e666abfa8c9c6d25da44aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:10:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 16 Nov 2022 02:41:09 GMT
expires: Wed, 16 Nov 2022 04:41:09 GMT
cache-control: public, max-age=7200
age: 5331
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/plugins/ua/ec.js
142.250.74.174200 OK 1.1 kB URL HTTP/2 www.google-analytics.com/plugins/ua/ec.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (523)
Hash 17427cd827c6f9e01d5ee868be659be5
6ff2e43c1a10e3c924870b48ae3cc36280b97f53
59157001be3cd5b0e3eae8afa425d1c694591c403fb9692bc3ad6d3235b423e7
GET /plugins/ua/ec.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1129
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 03:11:41 GMT
expires: Wed, 16 Nov 2022 04:11:41 GMT
cache-control: public, max-age=3600
age: 3499
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/p/action/56335302.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/56335302.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/56335302.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=27432438A6766FBF190F3666A7836EBE; domain=.bing.com; expires=Mon, 11-Dec-2023 04:10:00 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4719334DECD9473F9ED453C6006572F1 Ref B: OSL30EDGE0112 Ref C: 2022-11-16T04:10:00Z
date: Wed, 16 Nov 2022 04:09:59 GMT
X-Firefox-Spdy: h2
www.google.com/pagead/conversion_async.js
142.250.74.132200 OK 15 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (1654)
Hash e9a582c90aac2328476e597baba398b4
06b0d94c58e65121f7bcc97eb323e1be19916373
5ff051b75b60717108be94182882ddb67a474820c0b7f8a3bc5e011bb0649d2a
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 16 Nov 2022 04:10:00 GMT
expires: Wed, 16 Nov 2022 04:10:00 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 5797422194694114326
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15185
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
prod-cdn.wetransfer.net/packs/esm/vendor-9aab5e914623660cfc9f.es6.js
54.230.111.127200 OK 656 kB URL HTTP/2 prod-cdn.wetransfer.net/packs/esm/vendor-9aab5e914623660cfc9f.es6.js
IP 54.230.111.127:0
Size 656 kB (656011 bytes)
Hash 721e518e644bfbff541fcbf7995a9c1a
b3cce0daa5f2e019a647b614329faf0eacd7a179
9ba729bfdad21db14276c4298ed850c334d7e5fd20efd68ef0d13146f0e2c060
GET /packs/esm/vendor-9aab5e914623660cfc9f.es6.js HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 17:32:19 GMT
last-modified: Mon, 27 Jun 2022 09:51:07 GMT
etag: W/"f10c8755323d7e0e4d8e65fd27acb665"
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -IRTDj6wmunmWP1jqMMwBf-w9tBdFErfXYlGk9FOBW7HnSpn94wasw==
age: 38260
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/778938880/?random=1656083256772&cv=9&fst=1656082800000&num=1&bg=ffffff&guid=ON&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2>m=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&async=1&fmt=3&is_vtc=1&random=1128760533&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/778938880/?random=1656083256772&cv=9&fst=1656082800000&num=1&bg=ffffff&guid=ON&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2>m=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&async=1&fmt=3&is_vtc=1&random=1128760533&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/778938880/?random=1656083256772&cv=9&fst=1656082800000&num=1&bg=ffffff&guid=ON&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2>m=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&async=1&fmt=3&is_vtc=1&random=1128760533&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 04:10:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1fa19aff1e1cd1bcb23807998ef85c43
a4c43d274ab7c17894153b771d5fe096e2142e96
e254f31055336f837930d3dbe663ff8b96129f069d67d4d8511f13f5620b5641
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2539
Cache-Control: max-age=119349
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:10:00 GMT
Etag: "637387e2-1d7"
Expires: Thu, 17 Nov 2022 13:19:09 GMT
Last-Modified: Tue, 15 Nov 2022 12:36:50 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
www.clarity.ms/eus2-d/s/0.6.34/clarity.js
13.107.238.53404 Not Found 0 B URL HTTP/2 www.clarity.ms/eus2-d/s/0.6.34/clarity.js
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eus2-d/s/0.6.34/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
x-cache: CONFIG_NOCACHE
x-azure-ref: 0mGJ0YwAAAABkhaNz8+9/RY/WlPayJ3wDU1ZHMjBFREdFMDUxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 16 Nov 2022 04:09:59 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash f86cf0bde12ef9b07967fa7bfdcd2db3
e2d2b277538fe878767964d21105c5e81283369f
9b9a5e9ce9933adc810851f84e2f083eb5d101f800ba5fe98ea1bcf0e4e934b3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3485
Cache-Control: max-age=153056
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:10:00 GMT
Etag: "637407dc-138"
Expires: Thu, 17 Nov 2022 22:40:56 GMT
Last-Modified: Tue, 15 Nov 2022 21:42:52 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 312
www.clarity.ms/tag/uet/56335302
13.107.238.53200 OK 0 B URL HTTP/2 www.clarity.ms/tag/uet/56335302
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tag/uet/56335302 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public,max-age=86400
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
x-cache: CONFIG_NOCACHE
x-azure-ref: 0mGJ0YwAAAADGF+Eu74wRTa93QbrVhjJEU1ZHMjBFREdFMDUxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 16 Nov 2022 04:09:59 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 977dab9d2dc1cf9e785d9526581ec8de
1b07cc856c8615537228d554284470062c6dbb79
a9c9ce9d3b399b41da3b6d31c67d23ce329f806172999119a038e6f2a7ffe79a
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 16 Nov 2022 04:10:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 15 Nov 2022 20:39:55 GMT
Expires: Wed, 16 Nov 2022 20:39:55 GMT
ETag: "1b07cc856c8615537228d554284470062c6dbb79"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: bCTCBOPUaYsadmSzteKzAaSGn2zrvOw/cOXfbjLkzpaafEnbBDL+TEyUQeCr4ibxlh++YRcgfW3bRjJdG8urBw==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1904183273
date: Wed, 16 Nov 2022 04:10:00 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
resources.xg4ken.com/js/v2/ktag.js?tid=KT-N2780-3FE
52.30.11.209200 OK 3.5 kB URL HTTP/2 resources.xg4ken.com/js/v2/ktag.js?tid=KT-N2780-3FE
IP 52.30.11.209:0
File type C source, ASCII text, with very long lines (9143)
Hash 14380f52b301a495de3bdf28112849a0
391f89a7f915c1166a14ffb55e0910b291d4b668
31a96352ccb1839e461d812b75d9ba902484ee4a501854f46cdcd216479b8355
GET /js/v2/ktag.js?tid=KT-N2780-3FE HTTP/1.1
Host: resources.xg4ken.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:10:00 GMT
content-type: application/javascript
content-length: 3544
server: nginx
last-modified: Mon, 14 Nov 2022 12:23:07 GMT
etag: "6372332b-dd8"
content-encoding: gzip
expires: Thu, 17 Nov 2022 04:10:00 GMT
x-xss-protection: 1; mode=block
cache-control: max-age=86400, public
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1ace154d0f6419b5db4372cb2a996458
d559bb7e807a774add25cc092313aeb49f41eb17
3407a2e91eb3e6253f6cf3f4a5be401884c9409738734a468c30c9cfcdac1662
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:10:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/signals/config/1853083501571805?v=2.9.89&r=stable
31.13.72.12200 OK 88 kB URL HTTP/2 connect.facebook.net/signals/config/1853083501571805?v=2.9.89&r=stable
IP 31.13.72.12:0
File type ASCII text, with very long lines (64471)
Hash 255fae8d3b41ce90f13010b98c4021e1
fcbfc4fcfca32744300976e0403d07874cba5ff6
2f30e602aa0bb4f711bee2685324215d5ace5405063875da267679f33f91caec
GET /signals/config/1853083501571805?v=2.9.89&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: bG7s7TfEYutnL1kg/1dJJ4TQi0GYwzRvAM6976iFUPbivi1W9BvHrUeXKoxHJnQ4g+Uowl8wg2kdXNluikxffQ==
content-length: 87606
x-fb-trip-id: 1904183273
date: Wed, 16 Nov 2022 04:10:00 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 04c5a80143c95ac04c09c889a01b0a50
41f95a64edf0cb8a28daa5d269caa21e7109cd4b
e9b7225b0d35ad69d9eb5435fad320e32afae628dfaabd33c6b1a73a49fd7a29
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4483
Cache-Control: max-age=129573
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:10:00 GMT
Etag: "6373a83a-1d7"
Expires: Thu, 17 Nov 2022 16:09:33 GMT
Last-Modified: Tue, 15 Nov 2022 14:54:50 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
www.google.no/pagead/1p-user-list/778938880/?random=1656083256772&cv=9&fst=1656082800000&num=1&bg=ffffff&guid=ON&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2>m=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&async=1&fmt=3&is_vtc=1&random=1128760533&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/778938880/?random=1656083256772&cv=9&fst=1656082800000&num=1&bg=ffffff&guid=ON&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2>m=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&async=1&fmt=3&is_vtc=1&random=1128760533&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/778938880/?random=1656083256772&cv=9&fst=1656082800000&num=1&bg=ffffff&guid=ON&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2>m=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&async=1&fmt=3&is_vtc=1&random=1128760533&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 04:10:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10477
Expires: Wed, 16 Nov 2022 07:04:37 GMT
Date: Wed, 16 Nov 2022 04:10:00 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1fa19aff1e1cd1bcb23807998ef85c43
a4c43d274ab7c17894153b771d5fe096e2142e96
e254f31055336f837930d3dbe663ff8b96129f069d67d4d8511f13f5620b5641
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3102
Cache-Control: max-age=119911
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:10:00 GMT
Etag: "637387e2-1d7"
Expires: Thu, 17 Nov 2022 13:28:31 GMT
Last-Modified: Tue, 15 Nov 2022 12:36:50 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD%26auid%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD
34.98.64.218200 OK 56 B URL HTTP/2 u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD%26auid%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD
IP 34.98.64.218:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 15669dda86db3cbff7835fa202dc0b16
ce788cab9c1aa7e458a3971a59702c410b37e64d
5cc3f958039a8885c4e9526e22d454da47d579b9a02861e7a60b41fa0ba910df
GET /w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD%26auid%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD HTTP/1.1
Host: u.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Wed, 16 Nov 2022 04:10:00 GMT
content-type: text/html
content-length: 56
content-encoding: gzip
cache-control: private, max-age=0, no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0be1985-4e6e-4cc3-9b6e-2fc0d94bc02b.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0be1985-4e6e-4cc3-9b6e-2fc0d94bc02b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 96b4478c098865b0d19738098db61d64
0e18a8c51596c8a4d84a142a57ffe376294833cc
9c9e433cf8f2167e4cfc3cff247eee85ebb9977e338e6e144acaea830db17c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0be1985-4e6e-4cc3-9b6e-2fc0d94bc02b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5749
x-amzn-requestid: c67c9352-e777-417e-afe1-003d7a072e86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bkItcGfcoAMFzkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637187ef-670b63160b7d0cdf4a5b609e;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 00:12:31 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: vFDS3_SNf5hbW8NAtNERJbS1jj29nWO0_GSIypgwlv7kymKieO8qNA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 08:42:24 GMT
age: 70056
etag: "0e18a8c51596c8a4d84a142a57ffe376294833cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc50c38bf-fe3d-4eec-be11-1e782b0f0bbc.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc50c38bf-fe3d-4eec-be11-1e782b0f0bbc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edd6a84f848a83f4d1990f92b4807def
bc2bb7815b062941d51fde65574851db55be37dc
4d015538adfa6c61a5dfca3cbb224ae91ccbe1d82212e997e22f895a77387bed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc50c38bf-fe3d-4eec-be11-1e782b0f0bbc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6629
x-amzn-requestid: ff03ae40-8d00-41ec-875f-b49b1b86151c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqY6CG9IoAMF8rA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63740840-7fdaa40f3ca9246045270665;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:44:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4i9jW2AQ8PhWl9i01KDda11PoSD1csf_Gs7nwME9o2Oxft0UldI6vQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:47:49 GMT
age: 22931
etag: "bc2bb7815b062941d51fde65574851db55be37dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9d9493125a22b98bd2ac3a1b11cc0a12
8334175b79551b1e0592f63eb606543c915983a2
a583076207a416f2ccbb70821bc5185bb6b8e86180221014638af5af3b34a7fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:10:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4fb99a77-d99a-486f-b11a-d0f855262383.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4fb99a77-d99a-486f-b11a-d0f855262383.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed2eb8cd1cffa83445bfc822fff3cd95
5d6f0e9bec236755d70ac6779e86684795e5c798
6b3e294fc0977cd09c1565d5a6396a63b2ad5f7005b9f1e136c33cedae49f436
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4fb99a77-d99a-486f-b11a-d0f855262383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8236
x-amzn-requestid: 74104064-6d6f-44ef-ad9f-6550971f17f4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYEBET6oAMF_cQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406e6-269579cf1723940b16588c76;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: NoKPqN-FpS9ibMgsRSPIDrlu8I7OG_P_v7JHEcrBQE4ushlrVF5Yuw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 22:08:55 GMT
age: 21665
etag: "5d6f0e9bec236755d70ac6779e86684795e5c798"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c0551d8677fcc3d52af4234ed4a14ca6
85d13f59c62179583ecbb6c3d3003f921f096e61
293aade5e4fb84eb69c605c8f585e2a0b383c8df59c8d41ee0e5a9bbcc9ac4dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3352
Cache-Control: max-age=96782
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:10:00 GMT
Etag: "63732c8e-1d7"
Expires: Thu, 17 Nov 2022 07:03:02 GMT
Last-Modified: Tue, 15 Nov 2022 06:07:10 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: X3SUo1LP97TxraRav0ftskBhzWkTJInHaS44PW26yloF-dgD-bHBuA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:45:58 GMT
age: 23042
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001668571799-2VTSXSB6-Z2RD&gdpr=0
35.71.131.137200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001668571799-2VTSXSB6-Z2RD&gdpr=0
IP 35.71.131.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001668571799-2VTSXSB6-Z2RD&gdpr=0 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:10:00 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667acc-25d7-4d63-8fab-1711f6b4988c.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667acc-25d7-4d63-8fab-1711f6b4988c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 98802857df59f8eacd9211811cc59ae6
87e277a627c1085cad5c6e38bdd5100aa0a9ecee
102e73f690a972da6d3ab609ffab5f29884185d85c4230a19ec74d74c7320cf1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667acc-25d7-4d63-8fab-1711f6b4988c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8235
x-amzn-requestid: e8a91ec0-fa93-45b6-8dc8-a405c00242fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqY4_HANoAMFSvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63740839-3ebbd38b0e3e774923ad019e;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:44:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: _u6Uhc-g_xPTRSYys5rD3GC00roubyJdBRuHruvoMLf-UEAB6_zdQw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:46:20 GMT
age: 23020
etag: "87e277a627c1085cad5c6e38bdd5100aa0a9ecee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001668571799-2VTSXSB6-Z2RD&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD
52.211.12.99302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001668571799-2VTSXSB6-Z2RD&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD
IP 52.211.12.99:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=348447&dpuuid=AU1D-0100-001668571799-2VTSXSB6-Z2RD&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-0ed41892e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001668571799-2VTSXSB6-Z2RD&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=44189338369905986173388573977944395586; Max-Age=15552000; Expires=Mon, 15 May 2023 04:10:00 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: ig+5OnJVRqI=
Content-Length: 0
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3a9734f9f93c8158e73e4491e35f56bd
e57dc6ee66918ae45ce20c6dea942d2e786ff17c
171dfb208dfcaa849595e79c07f998833a5560ae06c736f9f4c45f445e121ada
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:10:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 04c5a80143c95ac04c09c889a01b0a50
41f95a64edf0cb8a28daa5d269caa21e7109cd4b
e9b7225b0d35ad69d9eb5435fad320e32afae628dfaabd33c6b1a73a49fd7a29
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4402
Cache-Control: max-age=129492
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:10:00 GMT
Etag: "6373a83a-1d7"
Expires: Thu, 17 Nov 2022 16:08:12 GMT
Last-Modified: Tue, 15 Nov 2022 14:54:50 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 17e6999ad811515fb0ce54ee41c4880e
9ff8fa18312b4c66cd2c04b24a9bb36253f5a5ca
a1a827db6aec946a9ba526f38113fc27ed5406b1df08f66dc891086918157b9a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1555
Cache-Control: max-age=112960
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:10:00 GMT
Etag: "637372c5-139"
Expires: Thu, 17 Nov 2022 11:32:40 GMT
Last-Modified: Tue, 15 Nov 2022 11:06:45 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 313
www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44&rl=&if=false&ts=1668571800189&cd[partner_id]=367&cd[tagger_id]=841cb21260ed3f4f916b6b7ed9ac2d0e&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668571800189.857301739&it=1668571800079&coo=false&tm=1&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44&rl=&if=false&ts=1668571800189&cd[partner_id]=367&cd[tagger_id]=841cb21260ed3f4f916b6b7ed9ac2d0e&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668571800189.857301739&it=1668571800079&coo=false&tm=1&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44&rl=&if=false&ts=1668571800189&cd[partner_id]=367&cd[tagger_id]=841cb21260ed3f4f916b6b7ed9ac2d0e&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668571800189.857301739&it=1668571800079&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Nov 2022 04:10:00 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44&rl=&if=false&ts=1668571800193&cd[partner_id]=367&cd[tagger_id]=841cb21260ed3f4f916b6b7ed9ac2d0e&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1668571800189.857301739&it=1668571800079&coo=false&tm=1&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44&rl=&if=false&ts=1668571800193&cd[partner_id]=367&cd[tagger_id]=841cb21260ed3f4f916b6b7ed9ac2d0e&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1668571800189.857301739&it=1668571800079&coo=false&tm=1&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44&rl=&if=false&ts=1668571800193&cd[partner_id]=367&cd[tagger_id]=841cb21260ed3f4f916b6b7ed9ac2d0e&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1668571800189.857301739&it=1668571800079&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Nov 2022 04:10:00 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash a6eb5971db7b9b8ca899d17a01a3f39b
530902f94af1b9cb968d0a35eb71ccbc8f3fa6e7
e0133a1a4953d1e29f2e00c767f7c2a99f2393a123b2fb90635f7d888d5453eb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:10:00 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 01:55:57 GMT
Expires: Wed, 23 Nov 2022 01:55:56 GMT
Etag: "530902f94af1b9cb968d0a35eb71ccbc8f3fa6e7"
Cache-Control: max-age=596155,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76ad5fda2ea2b527-OSL
secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001668571799-2VTSXSB6-Z2RD&adnxs_id=$UID&gdpr=0
68.67.179.166307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001668571799-2VTSXSB6-Z2RD&adnxs_id=$UID&gdpr=0
IP 68.67.179.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001668571799-2VTSXSB6-Z2RD&adnxs_id=$UID&gdpr=0 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 16 Nov 2022 04:10:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD%26adnxs_id%3D%24UID%26gdpr%3D0
AN-X-Request-Uuid: 2ec0132e-8f30-4739-9f12-b156954c6830
Set-Cookie: uuid2=2237425563542637838; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 14-Feb-2023 04:10:00 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 416455c97f70dd68274596acf4c006b4
9c2ff3be5b0ac25d25b61cea57b3c2cf3cd710cb
19cab2157cd84e02d254cc9f007ecfd055ae59a89caa8c380d058600b434aacf
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=161485
Date: Wed, 16 Nov 2022 04:10:00 GMT
Etag: "637430b8-1d7"
Expires: Fri, 18 Nov 2022 01:01:25 GMT
Last-Modified: Wed, 16 Nov 2022 00:37:12 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: RE61OpPrI6IE_IQZrvkLVT_noDR4rnZXogNoldob0JSPIzNBd1gSng==
Age: 1453
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash e18d7900f510b8d6ac08ed6782111c09
b24937b1f6c1ccb05d0f382ca7d502755111b28c
85b6d0d5d0f64d7e724fc41e904256083d67d252f9f6cb46ffed05f9b7cb290e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=167212
Date: Wed, 16 Nov 2022 04:10:00 GMT
Etag: "63744312-1d7"
Expires: Fri, 18 Nov 2022 02:36:52 GMT
Last-Modified: Wed, 16 Nov 2022 01:55:30 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: aODeosnhwlF9AcInISH1PariaVlyG0FgJEWsCyu_O80bhVih2fGyJg==
Age: 2483
px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1668571799837&url=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1668571799837&url=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=&time=1668571799837&url=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44 HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&218d2be1-4680-4ce6-82e0-35e1d01b1f1b"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 16-Nov-2023 04:10:00 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2419:u=1:x=1:i=1668571800:t=1668658200:v=2:sig=AQHRNi6c-t8jDpaz2mY1P16DuJdHC9yv"; Expires=Thu, 17 Nov 2022 04:10:00 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXtjqV4Er1PBwFaJzKH0Q==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: E52EC245D46C43ABBDE5B512F7D8DAAE Ref B: OSL30EDGE0212 Ref C: 2022-11-16T04:10:00Z
date: Wed, 16 Nov 2022 04:10:00 GMT
content-length: 0
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001668571799-2VTSXSB6-Z2RD&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD
52.211.12.99200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001668571799-2VTSXSB6-Z2RD&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD
IP 52.211.12.99:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001668571799-2VTSXSB6-Z2RD&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-034f2d6c4.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: JlwrNysCQYw=
Content-Length: 59
Connection: keep-alive
ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD%26impr_uid%3D%7BPUB_USER_ID%7D
3.122.208.114302 Found 0 B URL HTTP/2 ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD%26impr_uid%3D%7BPUB_USER_ID%7D
IP 3.122.208.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD%26impr_uid%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 16 Nov 2022 04:10:00 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD%26impr_uid%3D%7BPUB_USER_ID%7D
set-cookie: tuuid=f59305ec-0a00-419d-b450-6c88e6e2a4e6; Expires=Tue, 14 Feb 2023 04:10:00 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1668571800; Expires=Tue, 14 Feb 2023 04:10:00 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD
185.64.189.110200 OK 1.8 kB URL HTTP/2 image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD
IP 185.64.189.110:0
Hash 8c0e3b9b3c752bba10bc94b4df88247e
a94572ebe0bf4fc48f36ab87a5fc4a34f7ac0706
ca16d4e021b2a4028dae4ac604340a2786eededb36d5b41303d80c1a48284025
GET /AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD HTTP/1.1
Host: image2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:10:00 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD%26impr_uid%3D%7BPUB_USER_ID%7D
3.122.208.114200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD%26impr_uid%3D%7BPUB_USER_ID%7D
IP 3.122.208.114:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD%26impr_uid%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:10:00 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 97b17c78c6d6fb52647dd455fe8f220e
476c85bc36b3debf22dd5b07d9349a7f12dd7d6e
2bdccc0f42817ef947d61ccf558212e24c3e5740f7e4af29b0acd1dd8a67f1f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1649
Cache-Control: max-age=136845
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:10:00 GMT
Etag: "6373cfb4-139"
Expires: Thu, 17 Nov 2022 18:10:45 GMT
Last-Modified: Tue, 15 Nov 2022 17:43:16 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 313
secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD%26adnxs_id%3D%24UID%26gdpr%3D0
68.67.179.166302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD%26adnxs_id%3D%24UID%26gdpr%3D0
IP 68.67.179.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Wed, 16 Nov 2022 04:10:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001668571799-2VTSXSB6-Z2RD&adnxs_id=0&gdpr=0
AN-X-Request-Uuid: 12060ad7-a184-488e-8a6c-9a88edcf44b0
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:10:00 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=3GpqG180M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRjFYV044UUF6OHBsT3JRU2tvdllpJTJGUklVMHNyYlVEbUhQWFVxOGlPUlJw; expires=Mon, 11 Dec 2023 04:10:00 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 300843
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
e-10220.adzerk.net/i.gif?e=eyJ2IjoiMS4xMCIsImF2Ijo0MzE0NDksImF0Ijo5NTksImJ0IjowLCJjbSI6NzU0MzQyNzksImNoIjozNDkwMiwiY2siOnt9LCJjciI6OTIxNDg5OTQsImRpIjoiODU3MzJiOWY1NWQ1NDc5MGIwYThjMjkzMmFjNDRkNzAiLCJkaiI6MCwiaWkiOiJmNDY4MDZhN2JhYzY0NzY5OGQ0ODM3MjQxZWE0Mzc5ZCIsImRtIjozLCJmYyI6MjMzOTUzNzAyLCJmbCI6MjI1NjcyMzM3LCJpcCI6IjM2LjgxLjE0My4xMDUiLCJudyI6MTAyMjAsInBjIjowLjQsIm9wIjowLjQsImVjIjowLCJnbSI6MCwiZXAiOm51bGwsInByIjoxNDk2ODYsInJ0IjozLCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wYTViMDM4OWFkYjVhNTNmMCIsInNwIjoyMTEyMTI5LCJzdCI6MTA1NTkyMiwidWsiOiJzcC02NmJiZTgzNC00ZWZmLTQ4NTktYjhlMi0wNDM1ZjJiZDA1NmIiLCJ6biI6MTk5MDcxLCJ0cyI6MTY1NjA4Mzk4NDMxMSwicG4iOiJpZnJhbWUiLCJnciI6dHJ1ZSwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJ0eiI6IlVUQyIsImFnIjoxLCJiYSI6MSwiZnEiOjB9&s=lMQvQpF7q84B7pVMqB23NqsR8CQ
52.1.161.0200 OK 43 B URL HTTP/2 e-10220.adzerk.net/i.gif?e=eyJ2IjoiMS4xMCIsImF2Ijo0MzE0NDksImF0Ijo5NTksImJ0IjowLCJjbSI6NzU0MzQyNzksImNoIjozNDkwMiwiY2siOnt9LCJjciI6OTIxNDg5OTQsImRpIjoiODU3MzJiOWY1NWQ1NDc5MGIwYThjMjkzMmFjNDRkNzAiLCJkaiI6MCwiaWkiOiJmNDY4MDZhN2JhYzY0NzY5OGQ0ODM3MjQxZWE0Mzc5ZCIsImRtIjozLCJmYyI6MjMzOTUzNzAyLCJmbCI6MjI1NjcyMzM3LCJpcCI6IjM2LjgxLjE0My4xMDUiLCJudyI6MTAyMjAsInBjIjowLjQsIm9wIjowLjQsImVjIjowLCJnbSI6MCwiZXAiOm51bGwsInByIjoxNDk2ODYsInJ0IjozLCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wYTViMDM4OWFkYjVhNTNmMCIsInNwIjoyMTEyMTI5LCJzdCI6MTA1NTkyMiwidWsiOiJzcC02NmJiZTgzNC00ZWZmLTQ4NTktYjhlMi0wNDM1ZjJiZDA1NmIiLCJ6biI6MTk5MDcxLCJ0cyI6MTY1NjA4Mzk4NDMxMSwicG4iOiJpZnJhbWUiLCJnciI6dHJ1ZSwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJ0eiI6IlVUQyIsImFnIjoxLCJiYSI6MSwiZnEiOjB9&s=lMQvQpF7q84B7pVMqB23NqsR8CQ
IP 52.1.161.0:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /i.gif?e=eyJ2IjoiMS4xMCIsImF2Ijo0MzE0NDksImF0Ijo5NTksImJ0IjowLCJjbSI6NzU0MzQyNzksImNoIjozNDkwMiwiY2siOnt9LCJjciI6OTIxNDg5OTQsImRpIjoiODU3MzJiOWY1NWQ1NDc5MGIwYThjMjkzMmFjNDRkNzAiLCJkaiI6MCwiaWkiOiJmNDY4MDZhN2JhYzY0NzY5OGQ0ODM3MjQxZWE0Mzc5ZCIsImRtIjozLCJmYyI6MjMzOTUzNzAyLCJmbCI6MjI1NjcyMzM3LCJpcCI6IjM2LjgxLjE0My4xMDUiLCJudyI6MTAyMjAsInBjIjowLjQsIm9wIjowLjQsImVjIjowLCJnbSI6MCwiZXAiOm51bGwsInByIjoxNDk2ODYsInJ0IjozLCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wYTViMDM4OWFkYjVhNTNmMCIsInNwIjoyMTEyMTI5LCJzdCI6MTA1NTkyMiwidWsiOiJzcC02NmJiZTgzNC00ZWZmLTQ4NTktYjhlMi0wNDM1ZjJiZDA1NmIiLCJ6biI6MTk5MDcxLCJ0cyI6MTY1NjA4Mzk4NDMxMSwicG4iOiJpZnJhbWUiLCJnciI6dHJ1ZSwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJ0eiI6IlVUQyIsImFnIjoxLCJiYSI6MSwiZnEiOjB9&s=lMQvQpF7q84B7pVMqB23NqsR8CQ HTTP/1.1
Host: e-10220.adzerk.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:10:00 GMT
content-type: image/gif
content-length: 43
server: nginx
x-powered-by: adzerk bifrost/
access-control-allow-origin: undefined
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
access-control-allow-headers: Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
x-served-by: bifrost-production-shard001-us-east-1a-i-0b3a728dd05a6953b
set-cookie: azk=sp-66bbe834-4eff-4859-b8e2-0435f2bd056b; Path=/; Expires=Thu, 16 Nov 2023 04:10:00 GMT; Secure; SameSite=None
azk-ss=true; Path=/; Expires=Thu, 16 Nov 2023 04:10:00 GMT; Secure; SameSite=None
etag: W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
X-Firefox-Spdy: h2
sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001668571799-2VTSXSB6-Z2RD&uid=[UID]&gdpr=0
69.166.1.12302 Found 0 B URL HTTP/1.1 sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001668571799-2VTSXSB6-Z2RD&uid=[UID]&gdpr=0
IP 69.166.1.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001668571799-2VTSXSB6-Z2RD&uid=[UID]&gdpr=0 HTTP/1.1
Host: sync.go.sonobi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Wed, 16 Nov 2022 04:10:00 GMT
Content-Type: text/plain; charset=utf8
Content-Length: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-25
X-Xss-Protection: 0
Location: https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001668571799-2VTSXSB6-Z2RD&uid=7fe03662-dfcc-4d50-996c-6ba6e1c899b7&gdpr=0
Server: sonobi-go
Set-Cookie: __uis=7fe03662-dfcc-4d50-996c-6ba6e1c899b7; expires=Fri, 16 Dec 2022 04:10:00 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None
HAPLB8S=s8525|Y3Rim; path=/; domain=.go.sonobi.com; SameSite=None; secure
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash b09c92d0eeece0b0958b39b5d39e5b12
1780aeb5f5429b05ccee6d80292277a6ac58d217
f0b555715cf9364e46d6181abe7232f1638852404b55b1622c88fcc6cfcce508
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3302
Cache-Control: max-age=110768
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:10:01 GMT
Etag: "63736363-13a"
Expires: Thu, 17 Nov 2022 10:56:09 GMT
Last-Modified: Tue, 15 Nov 2022 10:01:07 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 314
gum.criteo.com/syncframe?topUrl=ipfs.fleek.co&origin=onetag
178.250.2.146200 OK 5.4 kB URL HTTP/2 gum.criteo.com/syncframe?topUrl=ipfs.fleek.co&origin=onetag
IP 178.250.2.146:0
Hash 5c1085314f0c020edb1cadaf350e724c
5457c1c0145b58d2aa5a53905e6429542e48ecea
5b98a129a3c14689ef075c2d35dc49af9544a9c375f24de02232dacfbd492dd4
GET /syncframe?topUrl=ipfs.fleek.co&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:10:00 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=dda00201-dd6a-4bc8-baf5-8d8a258ecdad; expires=Mon, 11 Dec 2023 04:10:00 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 293152
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/son_match?id=AU1D-0100-001668571799-2VTSXSB6-Z2RD&uid=7fe03662-dfcc-4d50-996c-6ba6e1c899b7&gdpr=0
54.68.224.4200 OK 43 B URL HTTP/2 ids.ad.gt/api/v1/son_match?id=AU1D-0100-001668571799-2VTSXSB6-Z2RD&uid=7fe03662-dfcc-4d50-996c-6ba6e1c899b7&gdpr=0
IP 54.68.224.4:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /api/v1/son_match?id=AU1D-0100-001668571799-2VTSXSB6-Z2RD&uid=7fe03662-dfcc-4d50-996c-6ba6e1c899b7&gdpr=0 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001668571799-2VTSXSB6-Z2RD; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:10:01 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Wed, 16 Nov 2022 16:10:01 GMT
set-cookie: au_id=AU1D-0100-001668571799-2VTSXSB6-Z2RD; Expires=Fri, 15 Nov 2024 04:10:01 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=C81T07NV9S6QTNQPBO0G&lib=ttq
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=C81T07NV9S6QTNQPBO0G&lib=ttq
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
GET /i18n/pixel/events.js?sdkid=C81T07NV9S6QTNQPBO0G&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2022111604095891EA4BFA4F4AE598953E
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1beb29a903d51f2fcf63164750b3b6180ca41aa9dbf469cd18fdfe7837a1069e44335e915be05d3409200251a0416d047d41fc01774c8595303c20c24c9a7397b0fa
content-encoding: gzip
x-origin-response-time: 8,23.218.220.137
x-akamai-request-id: 3dc21299.48ff650
expires: Wed, 16 Nov 2022 04:09:58 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 16 Nov 2022 04:09:58 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a23-218-220-137.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=100, origin; dur=8, inner; dur=4
x-parent-response-time: 108,23.36.79.28
X-Firefox-Spdy: h2
connect.facebook.net/signals/config/1904796869803472?v=2.9.62&r=stable
31.13.72.12200 OK 0 B URL HTTP/2 connect.facebook.net/signals/config/1904796869803472?v=2.9.62&r=stable
IP 31.13.72.12:0
GET /signals/config/1904796869803472?v=2.9.62&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: d2M8WqpTmgfdOcmOM+SijRWvFmSicSo7ZFgMzG/xYEL3HbKtO3bmmLNso7AwfZSZo1wOQUiuo2RIZjL87CShrg==
x-fb-trip-id: 1904183273
date: Wed, 16 Nov 2022 04:10:00 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
178.250.6.182200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.182:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:10:00 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 91345
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/g_match?id=AU1D-0100-001668571799-2VTSXSB6-Z2RD&google_error=3
54.68.224.4200 OK 0 B URL HTTP/2 ids.ad.gt/api/v1/g_match?id=AU1D-0100-001668571799-2VTSXSB6-Z2RD&google_error=3
IP 54.68.224.4:0
GET /api/v1/g_match?id=AU1D-0100-001668571799-2VTSXSB6-Z2RD&google_error=3 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001668571799-2VTSXSB6-Z2RD; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:10:00 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Wed, 16 Nov 2022 16:10:00 GMT
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.64200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.64:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:10:00 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 193326
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD%26unruly_id%3D%5BRX_UUID%5D&cb=1668571800879
213.19.147.45302 Found 0 B URL HTTP/2 sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD%26unruly_id%3D%5BRX_UUID%5D&cb=1668571800879
IP 213.19.147.45:0
GET /usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD%26unruly_id%3D%5BRX_UUID%5D&cb=1668571800879 HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 16 Nov 2022 04:10:00 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001668571799-2VTSXSB6-Z2RD&unruly_id=OPTOUT
etag: OPTOUT
X-Firefox-Spdy: h2
public.profitwell.com/js/profitwell.js?auth=1a33eb12b20b92f6b89c398e023e2ca1
54.230.111.82200 OK 0 B URL HTTP/2 public.profitwell.com/js/profitwell.js?auth=1a33eb12b20b92f6b89c398e023e2ca1
IP 54.230.111.82:0
GET /js/profitwell.js?auth=1a33eb12b20b92f6b89c398e023e2ca1 HTTP/1.1
Host: public.profitwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
date: Tue, 15 Nov 2022 17:32:20 GMT
last-modified: Tue, 28 Jun 2022 18:43:42 GMT
etag: W/"f3710cf44008e9509cf9d74fde8cff1f"
cache-control: public,max-age=86400
x-amz-version-id: Wa8rEL0sgfJJ468C6RWZ8GSg57cuV9EE
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xHNsCnedmShMrLXSI3o8YQBDiGeM8OzF72W8DBNfW8KeYUstlfspIg==
age: 38259
X-Firefox-Spdy: h2
p.ad.gt/api/v1/p/367
172.67.23.234200 OK 0 B IP 172.67.23.234:0
GET /api/v1/p/367 HTTP/1.1
Host: p.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:09:59 GMT
content-type: application/javascript
last-modified: Mon, 14 Nov 2022 19:18:32 GMT
cache-control: public, max-age=43200
expires: Wed, 16 Nov 2022 16:09:59 GMT
etag: W/"1668453512.0-40653-3373272138"
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ad5fd19d590b69-OSL
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/match?id=AU1D-0100-001668571799-2VTSXSB6-Z2RD&adnxs_id=0&gdpr=0
54.68.224.4202 Accepted 0 B URL HTTP/2 ids.ad.gt/api/v1/match?id=AU1D-0100-001668571799-2VTSXSB6-Z2RD&adnxs_id=0&gdpr=0
IP 54.68.224.4:0
GET /api/v1/match?id=AU1D-0100-001668571799-2VTSXSB6-Z2RD&adnxs_id=0&gdpr=0 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001668571799-2VTSXSB6-Z2RD; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Wed, 16 Nov 2022 04:10:01 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Wed, 16 Nov 2022 16:10:01 GMT
set-cookie: au_id=AU1D-0100-001668571799-2VTSXSB6-Z2RD; Expires=Fri, 15 Nov 2024 04:10:01 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
prod-cdn.wetransfer.net/packs/esm/runtime~application-4a7dc9dbc7889b72739b.es6.js
54.230.111.127200 OK 0 B URL HTTP/2 prod-cdn.wetransfer.net/packs/esm/runtime~application-4a7dc9dbc7889b72739b.es6.js
IP 54.230.111.127:0
GET /packs/esm/runtime~application-4a7dc9dbc7889b72739b.es6.js HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 07 Nov 2022 15:23:33 GMT
last-modified: Thu, 23 Jun 2022 12:51:04 GMT
etag: W/"8d373cd7fdf9ee87968bebe558d05365"
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: x-VbnkgEGgA2iPE0off4eAn7HCMnxCT1YfohHZBNkRQ7Nflqn3DlzA==
age: 737186
X-Firefox-Spdy: h2
prod-cdn.wetransfer.net/packs/esm/application-2f0386ee23e6ae4bb05d.es6.js
54.230.111.127200 OK 0 B URL HTTP/2 prod-cdn.wetransfer.net/packs/esm/application-2f0386ee23e6ae4bb05d.es6.js
IP 54.230.111.127:0
GET /packs/esm/application-2f0386ee23e6ae4bb05d.es6.js HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 03 Nov 2022 16:35:01 GMT
last-modified: Mon, 27 Jun 2022 09:51:06 GMT
etag: W/"229c5ddc2c3a2710d9292e35db8963c9"
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ViL5Xn6Ddrqa7gTNED5d1tYKpQ9dOHalgKvDQisvC5UzTzpobmAxXQ==
age: 1078498
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/identify.js
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/i18n/pixel/identify.js
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
GET /i18n/pixel/identify.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20221116040958063C9F3433B8489FF44A
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60d78171413f71ac7f621bddf9de079e3dff5b5a8251e7d6810d729a461898ac5629c636f808c1b4e0200e1e624a88afcd0fade5dc7cecd259e77d6aa502e72a43d704c2206b5bdf455825bded57cfade2
content-encoding: gzip
x-origin-response-time: 8,23.36.66.38
x-akamai-request-id: 6cd27bd5.48ff645
expires: Wed, 16 Nov 2022 04:09:58 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 16 Nov 2022 04:09:58 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a23-36-66-38.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=8, inner; dur=2
x-parent-response-time: 104,23.36.79.28
X-Firefox-Spdy: h2
sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD%26unruly_id%3D%5BRX_UUID%5D
213.19.147.45302 Found 0 B URL HTTP/2 sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD%26unruly_id%3D%5BRX_UUID%5D
IP 213.19.147.45:0
GET /usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD%26unruly_id%3D%5BRX_UUID%5D HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 16 Nov 2022 04:10:00 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-f5f1268a-b436-494d-af06-5fc5ee294905-003%22%7D; path=/; expires=Thu, 16 Nov 2023 04:10:00 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD%26unruly_id%3D%5BRX_UUID%5D&cb=1668571800879
etag: RXf5f1268ab436494daf065fc5ee294905003
X-Firefox-Spdy: h2
ipfs.fleek.co/ipfs/bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44
104.17.64.14200 OK 0 B URL HTTP/2 ipfs.fleek.co/ipfs/bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44
IP 104.17.64.14:0
Analyzer Verdict Alert openphish WeTransfer
fortinet Phishing
GET /ipfs/bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44 HTTP/1.1
Host: ipfs.fleek.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __utma=155905004.1468018235.1653591318.1653591318.1653591318.1; __utmz=155905004.1653591318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); intercom-id-k1pm16x3=4dd3663d-9110-458c-8b62-23c955bfa0e0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:09:58 GMT
content-type: text/html
cf-ray: 76ad5fcb2fb80b06-OSL
access-control-allow-origin: *
age: 38906
cache-control: max-age=86400
etag: W/"bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44"
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: hit
x-ipfs-path: /ipfs/bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44
x-ipfs-root: bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44
x-ipfs-roots: bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44
set-cookie: __cf_bm=fZdZIGPA30OUtyR.JUSismoO_69uVVszjO9gWpEZwrI-1668571798-0-AWO9+kfx/ePfCxvMx37scPHygJERAlVWh/gW//9hBMFG6vWyFIDvMpjOcCE+hDYPVyOdwWhScsoa19V1s3r38YM=; path=/; expires=Wed, 16-Nov-22 04:39:58 GMT; domain=.ipfs.fleek.co; HttpOnly; Secure; SameSite=None
cloudflare-web3-deprecation: This hostname will be deprecated on January 15th, 2023. If you are the site administrator, please refer to https://developers.cloudflare.com/web3/reference/migration-guide
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP 104.18.10.207:0
GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Origin: https://ipfs.fleek.co
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:09:58 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 03/10/2022 17:24:53
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 860
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 9112cdfe1e798677d8162c8f3d8d3a77
cdn-cache: HIT
cf-cache-status: HIT
age: 1403153
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76ad5fcdff330b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
connect.facebook.net/signals/plugins/identity.js?v=2.9.62
31.13.72.12200 OK 0 B URL HTTP/2 connect.facebook.net/signals/plugins/identity.js?v=2.9.62
IP 31.13.72.12:0
GET /signals/plugins/identity.js?v=2.9.62 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: kgk6gpgiLqEt6n5unyvl7H2DczU5w7h5T+LquU6gTaaq/Z1q1eFaA+ERp/2FC/Yl6SZV9u7a6IptTX2kjHUBpg==
priority: u=3,i
x-fb-trip-id: 1904183273
date: Wed, 16 Nov 2022 04:10:00 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.criteo.net/js/ld/ld.js
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/ld.js
IP 178.250.2.130:0
GET /js/ld/ld.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:10:00 GMT
content-type: text/javascript
last-modified: Tue, 08 Nov 2022 15:05:46 GMT
etag: W/"636a704a-a8d9"
expires: Thu, 17 Nov 2022 04:10:00 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30efee28-35ab-4b55-b685-02cbd4c5c8c8.jpeg
34.120.237.76200 OK 0 B URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30efee28-35ab-4b55-b685-02cbd4c5c8c8.jpeg
IP 34.120.237.76:0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30efee28-35ab-4b55-b685-02cbd4c5c8c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8971
x-amzn-requestid: b5dd68c5-7146-4d31-a7fd-4ac4c474119a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bnb6bGeyoAMFV9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6372d9dc-2ca4003e65d69039389bc676;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 00:14:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8TqIvhJUq_yG_iMFds_btqtYsrNzoaZeIQgOP0-Kc60yuQFOPYEXRA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 10:37:00 GMT
age: 63180
etag: "d829c5d23a494bc901d925dd02b84c470a0de479"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD
185.64.189.110302 Found 0 B URL HTTP/2 image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD
IP 185.64.189.110:0
GET /AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD HTTP/1.1
Host: image2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 16 Nov 2022 04:09:59 GMT
set-cookie: KTPCACOOKIE=true; domain=pubmatic.com; secure; expires=Tue, 14-Feb-2023 04:09:59 GMT; path=/
location: https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001668571799-2VTSXSB6-Z2RD
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
connect.facebook.net/signals/config/1853083501571805?v=2.9.62&r=stable
31.13.72.12200 OK 0 B URL HTTP/2 connect.facebook.net/signals/config/1853083501571805?v=2.9.62&r=stable
IP 31.13.72.12:0
GET /signals/config/1853083501571805?v=2.9.62&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: cbn2IjpZXhQs5epuUZLQxCHh7pQTjtxsD2HA1qUvF4kcSgHbHDiAi7Qz/Y89lS0QvhlaCyLUbTAqXYO2s/4JjQ==
x-fb-trip-id: 1904183273
date: Wed, 16 Nov 2022 04:10:00 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/g_match?google_error=3
54.68.224.4200 OK 0 B URL HTTP/2 ids.ad.gt/api/v1/g_match?google_error=3
IP 54.68.224.4:0
GET /api/v1/g_match?google_error=3 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001668571799-2VTSXSB6-Z2RD; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:10:00 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Wed, 16 Nov 2022 16:10:00 GMT
X-Firefox-Spdy: h2
prod-cdn.wetransfer.net/packs/css/application-a370aeb8.chunk.css
54.230.111.127200 OK 0 B URL HTTP/2 prod-cdn.wetransfer.net/packs/css/application-a370aeb8.chunk.css
IP 54.230.111.127:0
GET /packs/css/application-a370aeb8.chunk.css HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
date: Thu, 03 Nov 2022 13:36:33 GMT
last-modified: Tue, 28 Jun 2022 12:26:02 GMT
etag: W/"0cac266ca337660fdbafc69249a04f53"
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sRW73ddGzFhmv7R3-R4rhBR0bdnk023nwR37kWymHbEFYhYOg6pF0Q==
age: 1089205
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=3GpqG180M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRjFYV044UUF6OHBsT3JRU2tvdllpJTJGUklVMHNyYlVEbUhQWFVxOGlPUlJw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:10:00 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=VH2e8V80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRjFYV044UUF6OHBsT3JRU2tvdllpOUZtJTJCM2xrVzl0TXIlMkJDbU5yJTJGTEU4Qw; expires=Mon, 11 Dec 2023 04:10:01 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 334069
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2