letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
31.43.191.18302 Moved Temporarily 138 B URL HTTP/1.1 letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /5h5hB/Shovel.Knight.Dig-GoldBerg.zip HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Date: Fri, 23 Sep 2022 18:39:37 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Server: nginx centminmod
X-Powered-By: centminmod
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7712
Expires: Fri, 23 Sep 2022 20:48:10 GMT
Date: Fri, 23 Sep 2022 18:39:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
18.165.201.83200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.165.201.83:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 18:05:12 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 4ae6e5888b43b4133973ba1aadad8194.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: GgwbE90bfEUdaSQ1UJd83Q0XRTAmsSd4mMEb2siq9m7IMzuiMcFUpg==
Age: 2066
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
108.156.28.51200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 108.156.28.51:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 04:13:03 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 717666fbcd9eb8ed70d0f46dd99d0448.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: Je8LTM3OCwNwvv0ABeFNuLVRX_Pnk5rAFL1YAYW93EQ98ZX6P5aFCw==
age: 51996
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
letsupload.io/cache/themes/spirit/logo_inverse.png
31.43.191.18200 OK 12 kB URL HTTP/2 letsupload.io/cache/themes/spirit/logo_inverse.png
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
File type PNG image data, 307 x 83, 8-bit/color RGBA, non-interlaced\012- data
Hash 3e7068c602aa75b45c1bf60860251c65
abb37260776999382d7cdf9df4bcd20e9985cb44
d162b5fab298aa43c9555929facf4274044d4cbe92e7eda200290ff576a18268
GET /cache/themes/spirit/logo_inverse.png HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: image/png
content-length: 12259
last-modified: Tue, 05 Jan 2021 18:42:37 GMT
etag: "5ff4b31d-2fe3"
server: nginx centminmod
x-powered-by: centminmod
expires: Sun, 23 Oct 2022 18:39:38 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
letsupload.io/cache/themes/spirit/logo.png
31.43.191.18200 OK 12 kB URL HTTP/2 letsupload.io/cache/themes/spirit/logo.png
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
File type PNG image data, 307 x 83, 8-bit/color RGBA, non-interlaced\012- data
Hash 3e7068c602aa75b45c1bf60860251c65
abb37260776999382d7cdf9df4bcd20e9985cb44
d162b5fab298aa43c9555929facf4274044d4cbe92e7eda200290ff576a18268
GET /cache/themes/spirit/logo.png HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: image/png
content-length: 12259
last-modified: Tue, 05 Jan 2021 18:42:37 GMT
etag: "5ff4b31d-2fe3"
server: nginx centminmod
x-powered-by: centminmod
expires: Sun, 23 Oct 2022 18:39:38 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/images/file_icons/512px/zip.png
31.43.191.18200 OK 44 kB URL HTTP/2 letsupload.io/themes/spirit/assets/images/file_icons/512px/zip.png
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash 790aadb4959167d12326fbddeea8ac47
09eac90276ba712ce49a302644ee399aa42f4be6
f1f1edb104291a0b7e28d44e542f7777cad594de397874f886381893bdc6af4b
GET /themes/spirit/assets/images/file_icons/512px/zip.png HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: image/png
content-length: 43493
last-modified: Mon, 28 Sep 2020 20:29:06 GMT
etag: "5f724792-a9e5"
server: nginx centminmod
x-powered-by: centminmod
expires: Sun, 23 Oct 2022 18:39:38 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
letsupload.io/plugins/webdav/assets/img/mobile_icons_inverted.png
31.43.191.18200 OK 3.1 kB URL HTTP/2 letsupload.io/plugins/webdav/assets/img/mobile_icons_inverted.png
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
File type PNG image data, 195 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash cd93ac859eb1bab650f820ee09b821c9
8d4e30a9ae453744911ecbbcb82bf6113a94f6ec
8bb063904473a1de32aacb8ab6111bb464086a63eaa8cf17971dc4a389f5f0da
GET /plugins/webdav/assets/img/mobile_icons_inverted.png HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: image/png
content-length: 3062
last-modified: Sun, 18 Oct 2020 09:15:10 GMT
etag: "5f8c079e-bf6"
server: nginx centminmod
x-powered-by: centminmod
expires: Sun, 23 Oct 2022 18:39:38 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/img/adblock/primary.jpg
31.43.191.18200 OK 13 kB URL HTTP/2 letsupload.io/themes/spirit/assets/frontend/img/adblock/primary.jpg
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 601x155, components 3\012- data
Hash 0fc3ab39bcdfd3c8d38de7d89b292ada
a89f51203f0b0db4cd1c7f18388f9a84d008efa4
c661391117b70efa486492ff5439d6239ed6bfcca5cf1319ba4ebe7c37cdc72f
GET /themes/spirit/assets/frontend/img/adblock/primary.jpg HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: image/jpeg
content-length: 12809
last-modified: Mon, 28 Sep 2020 20:26:42 GMT
etag: "5f724702-3209"
server: nginx centminmod
x-powered-by: centminmod
expires: Sun, 23 Oct 2022 18:39:38 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/css/stack-interface.css
31.43.191.18200 OK 1.5 kB URL HTTP/2 letsupload.io/themes/spirit/assets/frontend/css/stack-interface.css
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
Hash 98e13c70c5cc86e4b5947d7cb3473b57
fde9551a888dd38b9eb0e6114ddfaba0b5fc074d
60fce1d5b3a1d0e30c4934b82e3146e38df28aee69a0a063f71cc719ce1465b0
GET /themes/spirit/assets/frontend/css/stack-interface.css HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 20:26:44 GMT
vary: Accept-Encoding
etag: W/"5f724704-c0a"
server: nginx centminmod
x-powered-by: centminmod
expires: Sun, 23 Oct 2022 18:39:38 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: gzip
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/css/socicon.css
31.43.191.18200 OK 2.3 kB URL HTTP/2 letsupload.io/themes/spirit/assets/frontend/css/socicon.css
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
Hash 6d32445ba19bbde8da63c727c6f55bda
33f0808509dee97f0d2bd7b58ad93899e6c86dd4
3dfbcd3e91c33a3fb627b05f0d29414e1745628aaf182dc9ed34103f9351c729
GET /themes/spirit/assets/frontend/css/socicon.css HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 20:26:44 GMT
vary: Accept-Encoding
etag: W/"5f724704-2443"
server: nginx centminmod
x-powered-by: centminmod
expires: Sun, 23 Oct 2022 18:39:38 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: gzip
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/css/bootstrap.min.css
31.43.191.18200 OK 13 kB URL HTTP/2 letsupload.io/themes/spirit/assets/frontend/css/bootstrap.min.css
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
Hash 25277013e1cd42c468523efc90262658
cd54a0d1044acf42c702bd9df615d2b1620bd298
f89f0bf29294cb48afd1e46504b34a52174344a38c3004f5a73840f2578eaf6e
GET /themes/spirit/assets/frontend/css/bootstrap.min.css HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 20:26:44 GMT
vary: Accept-Encoding
etag: W/"5f724704-12c75"
server: nginx centminmod
x-powered-by: centminmod
expires: Sun, 23 Oct 2022 18:39:38 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: gzip
X-Firefox-Spdy: h2
varechphugoid.com/1clkn/21164
23.109.248.153200 OK 26 B URL HTTP/1.1 varechphugoid.com/1clkn/21164
IP 23.109.248.153:0
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
GET /1clkn/21164 HTTP/1.1
Host: varechphugoid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 18:39:38 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Sat, 24-Sep-2022 18:39:38 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Sat, 24-Sep-2022 18:39:38 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
letsupload.io/themes/spirit/assets/frontend/css/theme.css
31.43.191.18200 OK 35 kB URL HTTP/2 letsupload.io/themes/spirit/assets/frontend/css/theme.css
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
Hash 899858f0cef45fbe04432525a1c47d20
32a76a508d210e9e43c4b7e36483835bec99717d
8d5c3f0c7ca1c78958c9d7d6ed89507c4c653211881caa156933e3df99cec05c
GET /themes/spirit/assets/frontend/css/theme.css HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 20:26:44 GMT
vary: Accept-Encoding
etag: W/"5f724704-301d8"
server: nginx centminmod
x-powered-by: centminmod
expires: Sun, 23 Oct 2022 18:39:38 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: gzip
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/js/datepicker.js
31.43.191.18200 OK 7.9 kB URL HTTP/2 letsupload.io/themes/spirit/assets/frontend/js/datepicker.js
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
Hash fb443d8a26a30555fbedc9d2a88d1376
8730381f842d69d7c9b75c4ee03064fc308285ba
7839f239323744ece55624cddad39fd9131eb86b5c6d6e820046ecd77317b683
GET /themes/spirit/assets/frontend/js/datepicker.js HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 28 Sep 2020 20:26:40 GMT
vary: Accept-Encoding
etag: W/"5f724700-51ef"
server: nginx centminmod
x-powered-by: centminmod
expires: Sun, 23 Oct 2022 18:39:38 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 66e05b8378ae2e63cef2f66b884431e2
077fa1ad901da0dc556ed4783e47f4ea63eb57e5
9dcb2bb4cecf5029309aa13f6a68eb64f5f28fa91d2289254806a6675a3bac4c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9DCB2BB4CECF5029309AA13F6A68EB64F5F28FA91D2289254806A6675A3BAC4C"
Last-Modified: Fri, 23 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5304
Expires: Fri, 23 Sep 2022 20:08:02 GMT
Date: Fri, 23 Sep 2022 18:39:38 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://letsupload.io
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 08:31:01 GMT
expires: Wed, 20 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 295717
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/css/custom.css
31.43.191.18200 OK 20 kB URL HTTP/2 letsupload.io/themes/spirit/assets/frontend/css/custom.css
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
Hash 2f92293668c3a401d645a43867b69578
74be725976ba5bb98bbe4c89c577f79537506936
42ab21d466be0cbe18b8567288b7657032dd904a107809a8d30dee7c86914611
GET /themes/spirit/assets/frontend/css/custom.css HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: text/css
last-modified: Thu, 04 Feb 2021 22:28:50 GMT
vary: Accept-Encoding
etag: W/"601c7522-22e8"
server: nginx centminmod
x-powered-by: centminmod
expires: Sun, 23 Oct 2022 18:39:38 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
waisheph.com/tag.min.js
139.45.197.245200 OK 23 kB IP 139.45.197.245:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash fad81e1d8109da8e32ac620d2e1c3a42
c94ed2cf8e8fa7dae7946433c614664eef017f70
6cbff42c82c58e3cae69cee8a165739c5bf753a47743aa36973d2bf49b7edb2f
GET /tag.min.js HTTP/1.1
Host: waisheph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: text/javascript; charset=utf-8
content-length: 22987
content-encoding: br
x-trace-id: 09f8908fdbe7243685a06e5e6df3186b
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Fri, 23 Sep 2022 16:04:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
31.43.191.18200 OK 0 B URL HTTP/2 letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /5h5hB/Shovel.Knight.Dig-GoldBerg.zip HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, no-cache
date: Fri, 23 Sep 2022 18:39:38 GMT
server: nginx centminmod
x-powered-by: centminmod
content-encoding: gzip
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png
31.43.191.18200 OK 5.0 kB URL HTTP/2 letsupload.io/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash a9a8c24cea41bed7ef78ed1d12d48291
cd86d71e15b97ab602e0e39bb6e9bbaf6779f4d7
3b379c83d1c0b117cec88debed9390723daffc2fb99cf51cc2175c47169d190e
GET /themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: image/png
content-length: 5016
last-modified: Mon, 28 Sep 2020 20:26:42 GMT
etag: "5f724702-1398"
server: nginx centminmod
x-powered-by: centminmod
expires: Sun, 23 Oct 2022 18:39:38 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png
31.43.191.18200 OK 447 B URL HTTP/2 letsupload.io/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash f3d5da06fe8d5a2425d5d229285e5eea
01032b864f3c74bbf44771e2ba41eeb2251fad90
d11d596429d3543bfb07191a87a67a8c22e198113c6f3a109158a5a85bf82f26
GET /themes/spirit/assets/frontend/img/favicon/favicon-16x16.png HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: image/png
content-length: 447
last-modified: Mon, 28 Sep 2020 20:26:40 GMT
etag: "5f724700-1bf"
server: nginx centminmod
x-powered-by: centminmod
expires: Sun, 23 Oct 2022 18:39:38 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e6561e23e9d181a4b18c7174cb89a590
221a300522f62c4bde7dd23420609a12ae3bd5b6
a66e6d4e834dfd29d86921222d86c7f8ac5d11a4e0c83ab40ff150629f2b9cec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e6561e23e9d181a4b18c7174cb89a590
221a300522f62c4bde7dd23420609a12ae3bd5b6
a66e6d4e834dfd29d86921222d86c7f8ac5d11a4e0c83ab40ff150629f2b9cec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e6561e23e9d181a4b18c7174cb89a590
221a300522f62c4bde7dd23420609a12ae3bd5b6
a66e6d4e834dfd29d86921222d86c7f8ac5d11a4e0c83ab40ff150629f2b9cec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 337bc17ad3f42a6fc2fb0b6ea8d66bb8
f1f1ca2528ade1334727ed3f212ad8e16ff5dd79
51712ea54a8a2ee6abc9f0abb941624add01797762f95a83ee8701804628f8da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51712EA54A8A2EE6ABC9F0ABB941624ADD01797762F95A83EE8701804628F8DA"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4660
Expires: Fri, 23 Sep 2022 19:57:19 GMT
Date: Fri, 23 Sep 2022 18:39:39 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.165.201.83200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.165.201.83:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Expires, Alert, Content-Length, ETag, Cache-Control, Content-Type, Backoff, Pragma, Last-Modified
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 23 Sep 2022 18:33:01 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 23 Sep 2022 19:26:57 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d1187be634e389e2e876be936bba8e74.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: -dxW-RlD9Yac10MduTo89-2Myx6bI15sU1yZIK6efM509xqI9LPzfg==
Age: 399
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:32:36 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 1022886107
content-type: text/javascript
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.130200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (2910)
Hash cd824f0b6f65ae37a516065809d4dfc9
d4c14686067e52beb955cd74fa7c81434ffc0b7a
6f2c440e5c3a5e4de6cda6b2e5404f28afe5a88e0f53eec9f40625605152ba28
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Fri, 23 Sep 2022 18:39:39 GMT
expires: Fri, 23 Sep 2022 18:39:39 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 13728192541115023788
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 58292
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e6561e23e9d181a4b18c7174cb89a590
221a300522f62c4bde7dd23420609a12ae3bd5b6
a66e6d4e834dfd29d86921222d86c7f8ac5d11a4e0c83ab40ff150629f2b9cec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f714931cf870bfa33815fd259b7246fd
38e411ef8ca1b31ead8415ee5f21d98bd9653a86
897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5290
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:39 GMT
Last-Modified: Fri, 23 Sep 2022 17:11:29 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/zrt_lookup.html
142.250.74.162200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/zrt_lookup.html
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20220921/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Fri, 23 Sep 2022 03:27:15 GMT
expires: Fri, 07 Oct 2022 03:27:15 GMT
cache-control: public, max-age=1209600
age: 54744
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash af56ebb29d27fb6a049680fe85c8828b
235a3579a72192a6a1fc0366d6d8671e2630b9f5
68454f522f57ca84315459fbf178251544804533512e9bebb8a6e3f3bce12895
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 18:39:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 18:25:22 GMT
Expires: Thu, 29 Sep 2022 18:25:21 GMT
Etag: "235a3579a72192a6a1fc0366d6d8671e2630b9f5"
Cache-Control: max-age=516941,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f5677d3b46b500-OSL
my.rtmark.net/gid.js?userId=5fcfaa89f0364d04bf54ef856699c847
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=5fcfaa89f0364d04bf54ef856699c847
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash f31d2c1f4fb2fdb6275f853e2e753acd
3ada43aff0bf1d110c47f6197a2ef94e3ae532c4
def5893653378fa6459614ba074072cb2f740a51ce06481a3e3ab8559b65293b
GET /gid.js?userId=5fcfaa89f0364d04bf54ef856699c847 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://letsupload.io
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 18:39:39 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://letsupload.io
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5fcfaa89f0364d04bf54ef856699c847; expires=Sat, 23 Sep 2023 18:39:39 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/css/font-awesome.min.css
31.43.191.18200 OK 13 kB URL HTTP/2 letsupload.io/themes/spirit/assets/frontend/css/font-awesome.min.css
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
File type ASCII text, with very long lines (58929)
Hash 63f5544c35649c307eccadd8a95c1bd0
1457ca7a3074db22675233009b8bb52bba222886
c58aa74791f035ec4c8077818001facfa7f6129fb9f347658717e0338c73e612
GET /themes/spirit/assets/frontend/css/font-awesome.min.css HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 20:26:44 GMT
vary: Accept-Encoding
etag: W/"5f724704-e6eb"
server: nginx centminmod
x-powered-by: centminmod
expires: Sun, 23 Oct 2022 18:39:38 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b19c871f8d68a5cf507d6d29cb89da17
11197481d015eb6d7811381df5ee51d9ff31bb3b
48ce88e049d6f9a08ab2bd0812c037b4b4401e1a788cacefb539831978054b7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 423331d8bae78ba045bea86f1e4c6e7f
8ed72a508ba25a95e6899569180a02728d5edb5c
fb27ab0f1591889639eff81fa012d5c185ecb1b04be5060af2e89e378fc264a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=letsupload.io
216.58.207.194200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=letsupload.io
IP 216.58.207.194:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=letsupload.io HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 23 Sep 2022 18:39:39 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
waisheph.com/?rb=z0GmfkYB2aZ4-8yNhxqHX2o9eYyeLsTSdRyU_-VMG1VJNQ1s6BVAnntfmIV0YH5ow7SxdeGtZB-eu10UaYvqjzCOkvYw1hZyIpWb8OJSvpRuXVurYlIIxkCYJ_im9Ln-kZAOchD59P-tLsyHj0xfZ4mgIY4f8LwxYd57xsPupKDnyWuzITvDHzT4t96Dt9W-Wc1ZDcyngAvBuv-eYALl1Wi9_60%3D&request_ab2=0&zoneid=5303181&js_build=iclick-v1.430.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fletsupload.io%2F5h5hB%2FShovel.Knight.Dig-GoldBerg.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.430.0&bs=3fc9dc02-ab98-450a-b8bf-038f0150b195&userId=5fcfaa89f0364d04bf54ef856699c847&m=link
139.45.197.245200 OK 1.8 kB URL HTTP/2 waisheph.com/?rb=z0GmfkYB2aZ4-8yNhxqHX2o9eYyeLsTSdRyU_-VMG1VJNQ1s6BVAnntfmIV0YH5ow7SxdeGtZB-eu10UaYvqjzCOkvYw1hZyIpWb8OJSvpRuXVurYlIIxkCYJ_im9Ln-kZAOchD59P-tLsyHj0xfZ4mgIY4f8LwxYd57xsPupKDnyWuzITvDHzT4t96Dt9W-Wc1ZDcyngAvBuv-eYALl1Wi9_60%3D&request_ab2=0&zoneid=5303181&js_build=iclick-v1.430.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fletsupload.io%2F5h5hB%2FShovel.Knight.Dig-GoldBerg.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.430.0&bs=3fc9dc02-ab98-450a-b8bf-038f0150b195&userId=5fcfaa89f0364d04bf54ef856699c847&m=link
IP 139.45.197.245:0
File type JSON data\012- , ASCII text, with very long lines (2288), with no line terminators
Hash 5c80550c48c993662c7e840fa4507b8a
6a93d745b1a2bbdfdf311c97bdfac8ba18f07645
26607d467b3504b5c3b677b3c1e53f6fea1ec4b853773991701fcfe703b680b9
GET /?rb=z0GmfkYB2aZ4-8yNhxqHX2o9eYyeLsTSdRyU_-VMG1VJNQ1s6BVAnntfmIV0YH5ow7SxdeGtZB-eu10UaYvqjzCOkvYw1hZyIpWb8OJSvpRuXVurYlIIxkCYJ_im9Ln-kZAOchD59P-tLsyHj0xfZ4mgIY4f8LwxYd57xsPupKDnyWuzITvDHzT4t96Dt9W-Wc1ZDcyngAvBuv-eYALl1Wi9_60%3D&request_ab2=0&zoneid=5303181&js_build=iclick-v1.430.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fletsupload.io%2F5h5hB%2FShovel.Knight.Dig-GoldBerg.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.430.0&bs=3fc9dc02-ab98-450a-b8bf-038f0150b195&userId=5fcfaa89f0364d04bf54ef856699c847&m=link HTTP/1.1
Host: waisheph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://letsupload.io/
Origin: https://letsupload.io
Connection: keep-alive
Cookie: OAID=5fcfaa89f0364d04bf54ef856699c847; oaidts=1663958378
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 18:39:39 GMT
content-type: application/json
x-trace-id: ee5f097fa9145fc68bf8fb00ab082a80
access-control-allow-origin: https://letsupload.io
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=5fcfaa89f0364d04bf54ef856699c847; expires=Sat, 23 Sep 2023 18:39:39 GMT; path=/; secure; SameSite=None
oaidts=1663958379; expires=Sat, 23 Sep 2023 18:39:39 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 30 Sep 2022 18:39:39 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b19c871f8d68a5cf507d6d29cb89da17
11197481d015eb6d7811381df5ee51d9ff31bb3b
48ce88e049d6f9a08ab2bd0812c037b4b4401e1a788cacefb539831978054b7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f4589cef50f0426b60bf56a1fadb93a5
7db92337dc8c6161e31f89f49db18c4cd22b871f
db8b6e5f5a4e43b9e8e835e9434f0f94ead7965c04dc4641dad639ac778d8215
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8ec1540e8ec974c8f6edcedfe7dd807f
920b0ea678361a34b5508dee6c6f556a47586562
5749ded70372335a59fbf3f405a3330d8fb4ba6ae1df1417e8197a723abc46cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s4.histats.com/stats/0.php?4434016&@f16&@g1&@h1&@i1&@j1663958378283&@k0&@l1&@mShovel.Knight.Dig-GoldBerg.zip%20-%20LetsUpload%20Unlimited%20Cloud%20Storage&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-171665649&@b3:1663958378&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fletsupload.io%2F5h5hB%2FShovel.Knight.Dig-GoldBerg.zip&@w
198.27.80.143200 OK 52 B URL HTTP/1.1 s4.histats.com/stats/0.php?4434016&@f16&@g1&@h1&@i1&@j1663958378283&@k0&@l1&@mShovel.Knight.Dig-GoldBerg.zip%20-%20LetsUpload%20Unlimited%20Cloud%20Storage&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-171665649&@b3:1663958378&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fletsupload.io%2F5h5hB%2FShovel.Knight.Dig-GoldBerg.zip&@w
IP 198.27.80.143:0
File type ASCII text, with no line terminators
Hash b813bded25431e86bd38409fc14b7fc5
c19f729252c1ccc10e0bc1477fad5eb0239c02fb
2ac6cdf5ba0928e852f8aa8d460433b6f2e8b0e47ad4ab6da3769b4811f9f175
GET /stats/0.php?4434016&@f16&@g1&@h1&@i1&@j1663958378283&@k0&@l1&@mShovel.Knight.Dig-GoldBerg.zip%20-%20LetsUpload%20Unlimited%20Cloud%20Storage&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-171665649&@b3:1663958378&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fletsupload.io%2F5h5hB%2FShovel.Knight.Dig-GoldBerg.zip&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 18:39:39 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 52
Connection: close
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash e9c12a7a1649b130fc149a1863516420
20ce11749b454211e4ecf308a9c3f9ee0bc3c3de
697eba36f6cf75d9eee0fc1213d1d670fa3b82a557384f30f732fac1fa1af5a6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 18:39:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 13:33:19 GMT
Expires: Fri, 30 Sep 2022 13:33:18 GMT
Etag: "20ce11749b454211e4ecf308a9c3f9ee0bc3c3de"
Cache-Control: max-age=585818,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f5677fef69b500-OSL
partner.googleadservices.com/gampad/cookie.js?domain=letsupload.io&callback=_gfp_s_&client=ca-pub-2032633001482750
172.217.21.162200 OK 204 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=letsupload.io&callback=_gfp_s_&client=ca-pub-2032633001482750
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash f5b31fe77027946ab880558cac3fab87
b5c40da7bbb5f9bf0435e918ae49ee108c7378cc
1c59809ad0879f8666792fc34bdbc55c7dcda03008ae7540a32b54d741d25529
GET /gampad/cookie.js?domain=letsupload.io&callback=_gfp_s_&client=ca-pub-2032633001482750 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 23 Sep 2022 18:39:39 GMT
server: cafe
cache-control: private
content-length: 204
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.253200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://letsupload.io/
Content-Type: text/plain;charset=UTF-8
Origin: https://letsupload.io
Content-Length: 1537
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 23 Sep 2022 18:39:39 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://letsupload.io
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ece8260ceafbd3b9a0a2d558556000f2
6c603250bcbb9a1ddc8652196d79d2a5aa8ad2b1
7b105d30166ff14be5941101e00b2782676557d430c87200a3bb36956b632820
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 49bdf35d14752f2b4e9658f505a41553
61572d3663df2af69e061d11a0ac046e843d10c4
92a138f2526e6b588a72dadb41740929935e0cf528f9e9c8ef275bb72de49a7d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 527240fd832d4de624cd58da497befb0
96cbaf59a0f3387b2fc7ea31b3491f3e3c193bb7
0835fc674d90936d09648d71f2d9db189d1b49c88eed37fc01f298b059b2ea40
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1609
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:40 GMT
Last-Modified: Fri, 23 Sep 2022 18:12:51 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 313
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
142.250.74.33200 OK 7.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1494)
Hash d4c271459de87911060fd730756373be
9100e62d0d61513c1b489e47a6a35b84e8be4a25
b14fbcdbed0b02e9656b4d5ff183d84c25b076ac0b1087d2feb9254ee9ce8c24
GET /pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 7553
x-xss-protection: 0
date: Fri, 23 Sep 2022 18:25:28 GMT
expires: Fri, 07 Oct 2022 18:25:28 GMT
cache-control: public, max-age=1209600
etag: 15375136450269253166
content-type: text/javascript; charset=UTF-8
age: 852
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash ed6decb2c26382e5307da9850d6cd1c2
e1513f6f3d7e9a54d1bd395c650acb95579bdfbb
d87d157333430393005fbd2b7c3f1a7bd8e4634a596bd86c553d0d299559b4bc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3853
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:40 GMT
Last-Modified: Fri, 23 Sep 2022 17:35:27 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash ed6decb2c26382e5307da9850d6cd1c2
e1513f6f3d7e9a54d1bd395c650acb95579bdfbb
d87d157333430393005fbd2b7c3f1a7bd8e4634a596bd86c553d0d299559b4bc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3853
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:40 GMT
Last-Modified: Fri, 23 Sep 2022 17:35:27 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 312
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
104.17.24.14200 OK 4.4 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (2171)
Hash 44c72b9bddfecacc9114e84d685dd085
38f3ff57b9b64a38fc2153eb30564b7fc1c86349
c82afd4f2d89288b4b79244f0c24264810b11326670710ac8e28e7bfc87c7991
GET /ajax/libs/webfont/1.6.28/webfontloader.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 4420
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04030-30d9"
last-modified: Mon, 04 May 2020 16:17:52 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 2592475
expires: Wed, 13 Sep 2023 18:39:40 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iPVG3ucPpG%2F8subwJz%2BxXa2PzcHGvi1mJZ0zvr4UzkEHidZuhsLZvPDIZEkjhOP1mn4JgJgtqI4f7bgNRUY5aosPjAREiKNZhz4Qhb8otfNvGjXWvr4xnOy3d1wlPMmoLRgbU9OB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74f567855fc0b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOfnDbOzWbwFmAKdg2ICAgAAAO8DbRFsGHuiEGv9LWNXUGPouF0GpgEnKQASAAA&wp=Yy39awAJFhYKmqgLAAyEOmxj6aphYMoUQRo1bA
178.250.2.129200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOfnDbOzWbwFmAKdg2ICAgAAAO8DbRFsGHuiEGv9LWNXUGPouF0GpgEnKQASAAA&wp=Yy39awAJFhYKmqgLAAyEOmxj6aphYMoUQRo1bA
IP 178.250.2.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kOfnDbOzWbwFmAKdg2ICAgAAAO8DbRFsGHuiEGv9LWNXUGPouF0GpgEnKQASAAA&wp=Yy39awAJFhYKmqgLAAyEOmxj6aphYMoUQRo1bA HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 715135
date: Fri, 23 Sep 2022 18:39:40 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOfnDbOzWe0HfJ2DYgICAAAAfyZ-uaHHsdAQa_0tY1zUSXWdnuEvFnuVABIAAA&wp=Yy39awAJfJQKmq11AApdtWGjrJx01aNRuW80sw
178.250.2.129200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOfnDbOzWe0HfJ2DYgICAAAAfyZ-uaHHsdAQa_0tY1zUSXWdnuEvFnuVABIAAA&wp=Yy39awAJfJQKmq11AApdtWGjrJx01aNRuW80sw
IP 178.250.2.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kOfnDbOzWe0HfJ2DYgICAAAAfyZ-uaHHsdAQa_0tY1zUSXWdnuEvFnuVABIAAA&wp=Yy39awAJfJQKmq11AApdtWGjrJx01aNRuW80sw HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 297869
date: Fri, 23 Sep 2022 18:39:40 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOfnDbOzWbAJmAKdg2ICAgAAAH8mfrmhx7HQEGz9LWMDO2WuY-RQ57oqRQASAAA&wp=Yy39awAO-lQKmubRAAk1AWCre120tAu2K7o-Gg
178.250.2.129200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOfnDbOzWbAJmAKdg2ICAgAAAH8mfrmhx7HQEGz9LWMDO2WuY-RQ57oqRQASAAA&wp=Yy39awAO-lQKmubRAAk1AWCre120tAu2K7o-Gg
IP 178.250.2.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kOfnDbOzWbAJmAKdg2ICAgAAAH8mfrmhx7HQEGz9LWMDO2WuY-RQ57oqRQASAAA&wp=Yy39awAO-lQKmubRAAk1AWCre120tAu2K7o-Gg HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server-processing-duration-in-ticks: 267821
date: Fri, 23 Sep 2022 18:39:39 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 75a6c13f18620214e5e013385d752044
174c34759a1e50884846a2505f0be16c285d75cc
fe6fcbbe324ceefc1e833208faedaeae6934b34f868690e5ad4676b02c0b3bf0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4264
Expires: Fri, 23 Sep 2022 19:50:44 GMT
Date: Fri, 23 Sep 2022 18:39:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4264
Expires: Fri, 23 Sep 2022 19:50:44 GMT
Date: Fri, 23 Sep 2022 18:39:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4264
Expires: Fri, 23 Sep 2022 19:50:44 GMT
Date: Fri, 23 Sep 2022 18:39:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b877ead4a15221fdd278ef27f281a7ec
48c10714503e8dfdd3e3c3d39b919ef2792f0d15
f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gWZNsIn_FEbYwMeR1JArmPEgyuHEGgWsfb-wB6P_NrmoHhNgvGWoPw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:07:28 GMT
age: 73932
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google.com/ads/measurement/l?ebcid=ALh7CaSeP30ZZ5LcReynw8xe_tOBvcLczBZNBgfyJ5EsYe8oJLAesHztjzr1W_7pIvDzv_awDxMu7cKO9g2DJuQF953fVKfcjA
142.250.74.164204 No Content 0 B URL HTTP/2 www.google.com/ads/measurement/l?ebcid=ALh7CaSeP30ZZ5LcReynw8xe_tOBvcLczBZNBgfyJ5EsYe8oJLAesHztjzr1W_7pIvDzv_awDxMu7cKO9g2DJuQF953fVKfcjA
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/measurement/l?ebcid=ALh7CaSeP30ZZ5LcReynw8xe_tOBvcLczBZNBgfyJ5EsYe8oJLAesHztjzr1W_7pIvDzv_awDxMu7cKO9g2DJuQF953fVKfcjA HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 23 Sep 2022 18:39:40 GMT
server: jumble_frontend_server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4264
Expires: Fri, 23 Sep 2022 19:50:44 GMT
Date: Fri, 23 Sep 2022 18:39:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4264
Expires: Fri, 23 Sep 2022 19:50:44 GMT
Date: Fri, 23 Sep 2022 18:39:40 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash d871e8210589327ec3345e5914ef0035
3319e03b081d202b9ab9cc4c78a5146143ab6663
182c8d0e9952a40aa3450a7334245d1f60ba9efa83c04ab02de4babe761e2a21
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6236
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:40 GMT
Last-Modified: Fri, 23 Sep 2022 16:55:44 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 314
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b318ea5c36d2b22b925f7dfe382df5f
0264e73c4cfff0bb255757c7e1c760a5ad3ece80
0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:26 GMT
age: 73694
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:48:22 GMT
age: 75078
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash cac61f17ab29d45a35986d6320bfb687
fc6fb3f1a435c7cea13f4331f6b20e8a6ddc9eef
536ce561cd9f9293468da2f5640b32be8da3eb763a6442f4264b8ae30ddb4007
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3875
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:40 GMT
Last-Modified: Fri, 23 Sep 2022 17:35:05 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash d871e8210589327ec3345e5914ef0035
3319e03b081d202b9ab9cc4c78a5146143ab6663
182c8d0e9952a40aa3450a7334245d1f60ba9efa83c04ab02de4babe761e2a21
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4309
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:40 GMT
Last-Modified: Fri, 23 Sep 2022 17:27:51 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 314
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f10a12719b387d176497669ba75f0acc
16e42ba7b20555bf5a8615e5f4bb561204aeeb5a
0cb2231817387d43a490565b61e24ea7a3cfcff3281f4ab4379a882cc5c3173f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14579
x-amzn-requestid: bce2c126-0883-4255-9246-d8055860f898
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCj6FYCoAMF9Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e18-66ba2e5d64b6a5b32b7ab36b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 92Pj9IQp3mBJQOW-XuHSK8laPqXOSBOmNbYcm4hSFzc1xqYscQKxMA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:48 GMT
age: 73672
etag: "16e42ba7b20555bf5a8615e5f4bb561204aeeb5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash cac61f17ab29d45a35986d6320bfb687
fc6fb3f1a435c7cea13f4331f6b20e8a6ddc9eef
536ce561cd9f9293468da2f5640b32be8da3eb763a6442f4264b8ae30ddb4007
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3875
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:40 GMT
Last-Modified: Fri, 23 Sep 2022 17:35:05 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 312
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56968ed0-3207-4af0-8229-5f3698c6c55f.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56968ed0-3207-4af0-8229-5f3698c6c55f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 61059307f07edc4e2ba9d07a258bca43
370d166426ad83fc04ccb6e300238d8cb6ab644a
55ec802097ab49f275686e99844ff4a3b554c8998213bb9c3f0380709297c55b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56968ed0-3207-4af0-8229-5f3698c6c55f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5936
x-amzn-requestid: 39e79389-c158-4427-aae0-b1d0dc1d0377
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4VowElZoAMF2Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ccfd1-2da28eb66f876af76158b090;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:12:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: -DSp0__jaBzizsfagTtIpwhkPqkvjS1L6T17J0OS5W0QhZww03ywpw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:29 GMT
age: 73691
etag: "370d166426ad83fc04ccb6e300238d8cb6ab644a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash cac61f17ab29d45a35986d6320bfb687
fc6fb3f1a435c7cea13f4331f6b20e8a6ddc9eef
536ce561cd9f9293468da2f5640b32be8da3eb763a6442f4264b8ae30ddb4007
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3875
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:40 GMT
Last-Modified: Fri, 23 Sep 2022 17:35:05 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash cac61f17ab29d45a35986d6320bfb687
fc6fb3f1a435c7cea13f4331f6b20e8a6ddc9eef
536ce561cd9f9293468da2f5640b32be8da3eb763a6442f4264b8ae30ddb4007
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3875
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:40 GMT
Last-Modified: Fri, 23 Sep 2022 17:35:05 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 312
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7606ff88f05062b66970d9805f38987a
d47db5fcd83023b4a8de40a47d4510e183de387a
20f89dd859e5715e27c289040fac6a121248e5b6c06da0a7f186984ffb029eb2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8497
x-amzn-requestid: 8543ac70-48ab-4523-856f-5d5fa1191c97
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yin-pEryoAMFTfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324205d-660bba3f655f940d143bc437;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:06:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: e9KUFhjuFMzjuh37rFiNKaMNVaGZwPGBkLrv0zgfSTT7dCIuWj4G9Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:27 GMT
age: 73693
etag: "d47db5fcd83023b4a8de40a47d4510e183de387a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 5759eaa62c945f7b74055a8a69da934d
c5b7096399f0f062055ceba4670348a67f978c4d
b4e0743f702228ce4129c890fc59df2648a1b78b58faad88ae47380e62a576a2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2336
Cache-Control: max-age=103695
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:40 GMT
Etag: "632ce65b-138"
Expires: Sat, 24 Sep 2022 23:27:55 GMT
Last-Modified: Thu, 22 Sep 2022 22:48:59 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 5759eaa62c945f7b74055a8a69da934d
c5b7096399f0f062055ceba4670348a67f978c4d
b4e0743f702228ce4129c890fc59df2648a1b78b58faad88ae47380e62a576a2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1763
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:39:40 GMT
Last-Modified: Fri, 23 Sep 2022 18:10:18 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 312
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000019662%2Fretina_detail.jpg&v=3&w=800&s=reQR9Cp3lalIRWTXjEd0Bina&b=800
178.250.2.135200 OK 42 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000019662%2Fretina_detail.jpg&v=3&w=800&s=reQR9Cp3lalIRWTXjEd0Bina&b=800
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x686, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 76f3a06f946826a07cc387bf64a94e18
96f3644331d35565f122ebfc6f14478047640d38
e039e3bd4eb7fcb93ccd0dc2f79e03cd3c92d2f7fdac0189dd202e07de8abacc
GET /img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000019662%2Fretina_detail.jpg&v=3&w=800&s=reQR9Cp3lalIRWTXjEd0Bina&b=800 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=444624
expires: Wed, 28 Sep 2022 22:10:05 GMT
date: Fri, 23 Sep 2022 18:39:40 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 42186
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=556&m=0&partner=49287&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F24217%2F151104%2F8b2c93c3b97d47dda0294650326e6c27_fluevog.png&v=3&w=196&s=8NHiLKv8Md3MYtAjz-f3IjYn
178.250.2.135200 OK 31 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=556&m=0&partner=49287&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F24217%2F151104%2F8b2c93c3b97d47dda0294650326e6c27_fluevog.png&v=3&w=196&s=8NHiLKv8Md3MYtAjz-f3IjYn
IP 178.250.2.135:0
File type PNG image data, 196 x 186, 8-bit/color RGBA, non-interlaced\012- data
Hash bafe427038e32311e25f71367cd745cc
9e58a232d3315d0f8d80d5dbebc8e7fe278f6511
78c5eae1ef5ba20f73f0008257a4dfa312a4909f5d0a7dd3d6333d4867108b09
GET /img/img?h=556&m=0&partner=49287&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F24217%2F151104%2F8b2c93c3b97d47dda0294650326e6c27_fluevog.png&v=3&w=196&s=8NHiLKv8Md3MYtAjz-f3IjYn HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=29188872
expires: Sun, 27 Aug 2023 14:40:53 GMT
date: Fri, 23 Sep 2022 18:39:40 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 31123
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/close_button.svg
178.250.2.130200 OK 308 B URL HTTP/2 static.criteo.net/flash/icon/close_button.svg
IP 178.250.2.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 1bfe2e290ec4440da74a2e2c249eae2b
0b888a3f9e27d1554f2e21d51e7a1c223d00dbd4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
GET /flash/icon/close_button.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 18:39:40 GMT
content-type: image/svg+xml
content-length: 308
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
etag: "5e46a5e4-134"
expires: Mon, 18 Sep 2023 18:39:40 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/back_button2.svg
178.250.2.130200 OK 293 B URL HTTP/2 static.criteo.net/flash/icon/back_button2.svg
IP 178.250.2.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash d9f776bdc698e1bc9c6a1977218019cd
5763cfb5ac79adf0fa7f03a82bad04eea2dca243
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
GET /flash/icon/back_button2.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 18:39:40 GMT
content-type: image/svg+xml
content-length: 293
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
etag: "626a59dc-125"
expires: Mon, 18 Sep 2023 18:39:40 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000022929%2Fretina_detail.jpg&v=3&w=400&s=dh8dWFkpmByYeRREMVdG-v9c&b=400
178.250.2.135200 OK 5.6 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000022929%2Fretina_detail.jpg&v=3&w=400&s=dh8dWFkpmByYeRREMVdG-v9c&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 237x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4722f673f3a7818ad34bd781410acef0
13907eb89e5f979eaef08a09402b7129a4e8c10f
b0f8443dc7e9f1f4188168035387a2fe317213c5b5afe3379e87fcd1fe8f8c2e
GET /img/img?c=3&cq=256&h=400&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000022929%2Fretina_detail.jpg&v=3&w=400&s=dh8dWFkpmByYeRREMVdG-v9c&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=406754
expires: Wed, 28 Sep 2022 11:38:55 GMT
date: Fri, 23 Sep 2022 18:39:40 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5570
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000018606%2Fretina_detail.jpg&v=3&w=400&s=ulxI9rF8LVuWBkd2b0FCuiQD&b=400
178.250.2.135200 OK 8.6 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000018606%2Fretina_detail.jpg&v=3&w=400&s=ulxI9rF8LVuWBkd2b0FCuiQD&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x295, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1095ccc193539ddb7c66ea5bb8def962
f0096d29c1fbda05a7ee4bea782e7f9a6266ca10
cd095cb713b6f6a0b2a8201d502e8e44cba2258d5fe84b5d7fc52e7df608538f
GET /img/img?c=3&cq=256&h=400&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000018606%2Fretina_detail.jpg&v=3&w=400&s=ulxI9rF8LVuWBkd2b0FCuiQD&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=389652
expires: Wed, 28 Sep 2022 06:53:53 GMT
date: Fri, 23 Sep 2022 18:39:40 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 8586
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=244&m=0&partner=49287&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F24217%2F151104%2F8b2c93c3b97d47dda0294650326e6c27_fluevog.png&v=3&w=196&s=vssbbpsjPfuZNnkxGxGDsmuv
178.250.2.135200 OK 31 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=244&m=0&partner=49287&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F24217%2F151104%2F8b2c93c3b97d47dda0294650326e6c27_fluevog.png&v=3&w=196&s=vssbbpsjPfuZNnkxGxGDsmuv
IP 178.250.2.135:0
File type PNG image data, 196 x 186, 8-bit/color RGBA, non-interlaced\012- data
Hash bafe427038e32311e25f71367cd745cc
9e58a232d3315d0f8d80d5dbebc8e7fe278f6511
78c5eae1ef5ba20f73f0008257a4dfa312a4909f5d0a7dd3d6333d4867108b09
GET /img/img?h=244&m=0&partner=49287&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F24217%2F151104%2F8b2c93c3b97d47dda0294650326e6c27_fluevog.png&v=3&w=196&s=vssbbpsjPfuZNnkxGxGDsmuv HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29188872
expires: Sun, 27 Aug 2023 14:40:53 GMT
date: Fri, 23 Sep 2022 18:39:40 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 31123
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/dt/1662e641d7d74eeb886a0ffc41a660df_avenirnextltpro-regular.woff
178.250.2.130200 OK 34 kB URL HTTP/2 static.criteo.net/design/dt/1662e641d7d74eeb886a0ffc41a660df_avenirnextltpro-regular.woff
IP 178.250.2.130:0
File type Web Open Font Format, CFF, length 34384, version 1.100\012- data
Hash 6ca898ae5c32e1195b576276384b72b1
05e67b45b9e1dcc4e64f02c619978ee7297f3752
38784db79bb7cb8998e180cff575a3d42741bbdbbeda1aad281c653089b193b1
GET /design/dt/1662e641d7d74eeb886a0ffc41a660df_avenirnextltpro-regular.woff HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 18:39:40 GMT
content-type: text/plain; charset=UTF-8
content-length: 34384
last-modified: Tue, 11 Jun 2019 14:25:37 GMT
etag: "5cffb9e1-8650"
expires: Mon, 18 Sep 2023 18:39:40 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000024948%2Fretina_detail.jpg&v=3&w=400&s=H5oJToZNsounA0p-rxEjywsD&b=400
178.250.2.135200 OK 24 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000024948%2Fretina_detail.jpg&v=3&w=400&s=H5oJToZNsounA0p-rxEjywsD&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x392, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 79f391a7b8a2979e0257ec764a000b59
5ceb71299b60fa63a821568902a9c8e48d6fdb01
a1ddc216c50c119c59f1ec80ae30cbadc0f24ce9e74984be9b155c369b146920
GET /img/img?c=3&cq=256&h=400&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000024948%2Fretina_detail.jpg&v=3&w=400&s=H5oJToZNsounA0p-rxEjywsD&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=371960
expires: Wed, 28 Sep 2022 01:59:01 GMT
date: Fri, 23 Sep 2022 18:39:40 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 23972
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000023847%2Fretina_detail.jpg&v=3&w=400&s=2bVA_Hi0J201uKbv7DELip4a&b=400
178.250.2.135200 OK 12 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000023847%2Fretina_detail.jpg&v=3&w=400&s=2bVA_Hi0J201uKbv7DELip4a&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x254, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0bccab1d25033b2ffa2a84e7d325094e
e7df70f89fd841371771144ae9c7857505446ad1
e13dcf5907221b79e2bb73b0530c07b6f8b27176b31535ad89e15fa64e801d2f
GET /img/img?c=3&cq=256&h=400&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000023847%2Fretina_detail.jpg&v=3&w=400&s=2bVA_Hi0J201uKbv7DELip4a&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=430786
expires: Wed, 28 Sep 2022 18:19:27 GMT
date: Fri, 23 Sep 2022 18:39:40 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 12284
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/dt/010ccf751ef748128c521a75a966b8f1_bauer-bodoni-condensed-bold.woff
178.250.2.130200 OK 19 kB URL HTTP/2 static.criteo.net/design/dt/010ccf751ef748128c521a75a966b8f1_bauer-bodoni-condensed-bold.woff
IP 178.250.2.130:0
File type Web Open Font Format, CFF, length 19060, version 3.1\012- data
Hash c9425392bd0018132c74733dd7b2dbf8
a47dd39ae0b16c90e8e15d66302f932e367851bf
389eb0c986cfdb90b468d3c2f068b5bcb6753bb9ece0581e1bba0b8087a92b74
GET /design/dt/010ccf751ef748128c521a75a966b8f1_bauer-bodoni-condensed-bold.woff HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 18:39:40 GMT
content-type: text/plain; charset=UTF-8
content-length: 19060
last-modified: Tue, 21 Jun 2022 20:54:03 GMT
etag: "62b22feb-4a74"
expires: Mon, 18 Sep 2023 18:39:40 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/dt/f342bdd505994d4ebb138128d448f553_avenirnextltpro.woff
178.250.2.130200 OK 21 kB URL HTTP/2 static.criteo.net/design/dt/f342bdd505994d4ebb138128d448f553_avenirnextltpro.woff
IP 178.250.2.130:0
File type Web Open Font Format, TrueType, length 21444, version 1.100\012- data
Hash 20be5fdc3302b5f3d13fca2690afc5ef
1e75a45c81ca3ab4aee08f53c828f60daa21ff58
ed53eeea7846fe89ec2d53b5bf89b34ca78854854abdb469697c63509cc2e0ec
GET /design/dt/f342bdd505994d4ebb138128d448f553_avenirnextltpro.woff HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 18:39:40 GMT
content-type: text/plain; charset=UTF-8
content-length: 21444
last-modified: Tue, 11 Jun 2019 14:25:37 GMT
etag: "5cffb9e1-53c4"
expires: Mon, 18 Sep 2023 18:39:40 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000022528%2Fretina_detail.jpg&v=3&w=400&s=q053ph1FL_wVvr5BL65j9a8m&b=400
178.250.2.135200 OK 9.4 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000022528%2Fretina_detail.jpg&v=3&w=400&s=q053ph1FL_wVvr5BL65j9a8m&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x278, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 016cbc79770b83302cfeedfea266279a
24d9187bc6eb40fb2f24e40fdeebf3cfad1adf28
1c5cb0208cc35c194528c276c6e82ed19f5abe71f1d0f391c1f33247cb95ea0f
GET /img/img?c=3&cq=256&h=400&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000022528%2Fretina_detail.jpg&v=3&w=400&s=q053ph1FL_wVvr5BL65j9a8m&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=389259
expires: Wed, 28 Sep 2022 06:47:20 GMT
date: Fri, 23 Sep 2022 18:39:40 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9398
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000025355%2Fretina_detail.jpg&v=3&w=400&s=qvAeZ6QrDmbQTV6Js-dj5HMW&b=400
178.250.2.135200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000025355%2Fretina_detail.jpg&v=3&w=400&s=qvAeZ6QrDmbQTV6Js-dj5HMW&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x370, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9cd7cfc71bed432d0d9ad206cfc00c53
9d3d087c07a6ed313b3fa3bad9244f687de35611
832c8796e22f549c20f63e8d08bd943100877d03c9988b221bdb0aa4e940d29a
GET /img/img?c=3&cq=256&h=400&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000025355%2Fretina_detail.jpg&v=3&w=400&s=qvAeZ6QrDmbQTV6Js-dj5HMW&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=542847
expires: Fri, 30 Sep 2022 01:27:08 GMT
date: Fri, 23 Sep 2022 18:39:40 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 11258
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=W0Rdm2nBQ4S9ThNU-VvcrtXRLaGogs9H8M2KZjdkoVqbsWAP_b_7km15ESSgqc8xoBrDmlF3QBtIO-TmshcORXYNrqRYC8ri1LvsVKsramTsppbyr0i677Q1VLsZi25NP_5AIZUQUXhYiz1evObcbMkDGW5aOsHb0C--31KI7XRm8OzTGtDYER8syx5Rh8-7mlRVrAsucqjX-WKvM8AiqfvQ3AHkNoC8Ehwd3jZgfGlvcUZ2ma5iE5mY2KUPg81MA1Y0Dw&sds=2&rev=82884&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=W0Rdm2nBQ4S9ThNU-VvcrtXRLaGogs9H8M2KZjdkoVqbsWAP_b_7km15ESSgqc8xoBrDmlF3QBtIO-TmshcORXYNrqRYC8ri1LvsVKsramTsppbyr0i677Q1VLsZi25NP_5AIZUQUXhYiz1evObcbMkDGW5aOsHb0C--31KI7XRm8OzTGtDYER8syx5Rh8-7mlRVrAsucqjX-WKvM8AiqfvQ3AHkNoC8Ehwd3jZgfGlvcUZ2ma5iE5mY2KUPg81MA1Y0Dw&sds=2&rev=82884&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=W0Rdm2nBQ4S9ThNU-VvcrtXRLaGogs9H8M2KZjdkoVqbsWAP_b_7km15ESSgqc8xoBrDmlF3QBtIO-TmshcORXYNrqRYC8ri1LvsVKsramTsppbyr0i677Q1VLsZi25NP_5AIZUQUXhYiz1evObcbMkDGW5aOsHb0C--31KI7XRm8OzTGtDYER8syx5Rh8-7mlRVrAsucqjX-WKvM8AiqfvQ3AHkNoC8Ehwd3jZgfGlvcUZ2ma5iE5mY2KUPg81MA1Y0Dw&sds=2&rev=82884&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:40 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=uRG8emnBQ4S9ThNUOGcXQOSA3hwytf_BUPTWwE_syldI6T0PjoSkDporF1ONKGTwSFOLZ01NDMH-gfTghbtDZOjvnN3Q3P2Hy15mtweQGRK4WAYCMrnMghW61F25ep1pbvXSBFtzHwH6XoQRXENWQsfHto9LSjiRBtlskfyxBs0zfWQ1dLDS1eMKpQC1n6Pv1FE0SFthJvZRm3gVYgNljNcjkbYOwxpn_VgcbqOyOnkI-HNRCzqiWpJOHtNAFgZs0wVUEg&sds=2&rev=82884&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=uRG8emnBQ4S9ThNUOGcXQOSA3hwytf_BUPTWwE_syldI6T0PjoSkDporF1ONKGTwSFOLZ01NDMH-gfTghbtDZOjvnN3Q3P2Hy15mtweQGRK4WAYCMrnMghW61F25ep1pbvXSBFtzHwH6XoQRXENWQsfHto9LSjiRBtlskfyxBs0zfWQ1dLDS1eMKpQC1n6Pv1FE0SFthJvZRm3gVYgNljNcjkbYOwxpn_VgcbqOyOnkI-HNRCzqiWpJOHtNAFgZs0wVUEg&sds=2&rev=82884&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=uRG8emnBQ4S9ThNUOGcXQOSA3hwytf_BUPTWwE_syldI6T0PjoSkDporF1ONKGTwSFOLZ01NDMH-gfTghbtDZOjvnN3Q3P2Hy15mtweQGRK4WAYCMrnMghW61F25ep1pbvXSBFtzHwH6XoQRXENWQsfHto9LSjiRBtlskfyxBs0zfWQ1dLDS1eMKpQC1n6Pv1FE0SFthJvZRm3gVYgNljNcjkbYOwxpn_VgcbqOyOnkI-HNRCzqiWpJOHtNAFgZs0wVUEg&sds=2&rev=82884&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:40 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=dyY7KmnBQ4S9ThNUdNrhHu_dYlnXOZlF38H6eV_p-PrCV5KDWciIk__BsogA9y4WjLMTORgeoUDGWgh4YvV7Brxtts1FpvVOpgMuEY1n24aYK_juUwreLgjDBtgVb2YLhWGrIvTr4Vi3U6GXV_xVkMKc-vsotDdK69UNjqF0YFB8iBpudw8d4_asbcUSelVTVicidh5l6W74cqpfjwADsUOwtYzGDwrQfH1AXJxQCnfLFMdKjA3jyjlirTtX1IlwfvtyPA&sds=2&rev=82884&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=dyY7KmnBQ4S9ThNUdNrhHu_dYlnXOZlF38H6eV_p-PrCV5KDWciIk__BsogA9y4WjLMTORgeoUDGWgh4YvV7Brxtts1FpvVOpgMuEY1n24aYK_juUwreLgjDBtgVb2YLhWGrIvTr4Vi3U6GXV_xVkMKc-vsotDdK69UNjqF0YFB8iBpudw8d4_asbcUSelVTVicidh5l6W74cqpfjwADsUOwtYzGDwrQfH1AXJxQCnfLFMdKjA3jyjlirTtX1IlwfvtyPA&sds=2&rev=82884&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=dyY7KmnBQ4S9ThNUdNrhHu_dYlnXOZlF38H6eV_p-PrCV5KDWciIk__BsogA9y4WjLMTORgeoUDGWgh4YvV7Brxtts1FpvVOpgMuEY1n24aYK_juUwreLgjDBtgVb2YLhWGrIvTr4Vi3U6GXV_xVkMKc-vsotDdK69UNjqF0YFB8iBpudw8d4_asbcUSelVTVicidh5l6W74cqpfjwADsUOwtYzGDwrQfH1AXJxQCnfLFMdKjA3jyjlirTtX1IlwfvtyPA&sds=2&rev=82884&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:41 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=W0Rdm2nBQ4S9ThNU-VvcrtXRLaGogs9H8M2KZjdkoVqbsWAP_b_7km15ESSgqc8xoBrDmlF3QBtIO-TmshcORXYNrqRYC8ri1LvsVKsramTsppbyr0i677Q1VLsZi25NP_5AIZUQUXhYiz1evObcbMkDGW5aOsHb0C--31KI7XRm8OzTGtDYER8syx5Rh8-7mlRVrAsucqjX-WKvM8AiqfvQ3AHkNoC8Ehwd3jZgfGlvcUZ2ma5iE5mY2KUPg81MA1Y0Dw&sds=2&rev=82884&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=W0Rdm2nBQ4S9ThNU-VvcrtXRLaGogs9H8M2KZjdkoVqbsWAP_b_7km15ESSgqc8xoBrDmlF3QBtIO-TmshcORXYNrqRYC8ri1LvsVKsramTsppbyr0i677Q1VLsZi25NP_5AIZUQUXhYiz1evObcbMkDGW5aOsHb0C--31KI7XRm8OzTGtDYER8syx5Rh8-7mlRVrAsucqjX-WKvM8AiqfvQ3AHkNoC8Ehwd3jZgfGlvcUZ2ma5iE5mY2KUPg81MA1Y0Dw&sds=2&rev=82884&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=W0Rdm2nBQ4S9ThNU-VvcrtXRLaGogs9H8M2KZjdkoVqbsWAP_b_7km15ESSgqc8xoBrDmlF3QBtIO-TmshcORXYNrqRYC8ri1LvsVKsramTsppbyr0i677Q1VLsZi25NP_5AIZUQUXhYiz1evObcbMkDGW5aOsHb0C--31KI7XRm8OzTGtDYER8syx5Rh8-7mlRVrAsucqjX-WKvM8AiqfvQ3AHkNoC8Ehwd3jZgfGlvcUZ2ma5iE5mY2KUPg81MA1Y0Dw&sds=2&rev=82884&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:41 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=uRG8emnBQ4S9ThNUOGcXQOSA3hwytf_BUPTWwE_syldI6T0PjoSkDporF1ONKGTwSFOLZ01NDMH-gfTghbtDZOjvnN3Q3P2Hy15mtweQGRK4WAYCMrnMghW61F25ep1pbvXSBFtzHwH6XoQRXENWQsfHto9LSjiRBtlskfyxBs0zfWQ1dLDS1eMKpQC1n6Pv1FE0SFthJvZRm3gVYgNljNcjkbYOwxpn_VgcbqOyOnkI-HNRCzqiWpJOHtNAFgZs0wVUEg&sds=2&rev=82884&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=uRG8emnBQ4S9ThNUOGcXQOSA3hwytf_BUPTWwE_syldI6T0PjoSkDporF1ONKGTwSFOLZ01NDMH-gfTghbtDZOjvnN3Q3P2Hy15mtweQGRK4WAYCMrnMghW61F25ep1pbvXSBFtzHwH6XoQRXENWQsfHto9LSjiRBtlskfyxBs0zfWQ1dLDS1eMKpQC1n6Pv1FE0SFthJvZRm3gVYgNljNcjkbYOwxpn_VgcbqOyOnkI-HNRCzqiWpJOHtNAFgZs0wVUEg&sds=2&rev=82884&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=uRG8emnBQ4S9ThNUOGcXQOSA3hwytf_BUPTWwE_syldI6T0PjoSkDporF1ONKGTwSFOLZ01NDMH-gfTghbtDZOjvnN3Q3P2Hy15mtweQGRK4WAYCMrnMghW61F25ep1pbvXSBFtzHwH6XoQRXENWQsfHto9LSjiRBtlskfyxBs0zfWQ1dLDS1eMKpQC1n6Pv1FE0SFthJvZRm3gVYgNljNcjkbYOwxpn_VgcbqOyOnkI-HNRCzqiWpJOHtNAFgZs0wVUEg&sds=2&rev=82884&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:41 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
IP 142.250.74.10:0
GET /css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 23 Sep 2022 18:39:38 GMT
date: Fri, 23 Sep 2022 18:39:38 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/css/jquery.steps.css
31.43.191.18200 OK 0 B URL HTTP/2 letsupload.io/themes/spirit/assets/frontend/css/jquery.steps.css
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
GET /themes/spirit/assets/frontend/css/jquery.steps.css HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 20:26:44 GMT
vary: Accept-Encoding
etag: W/"5f724704-1606"
server: nginx centminmod
x-powered-by: centminmod
expires: Sun, 23 Oct 2022 18:39:38 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/icon?family=Material+Icons
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/icon?family=Material+Icons
IP 142.250.74.10:0
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 23 Sep 2022 18:39:38 GMT
date: Fri, 23 Sep 2022 18:39:38 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
104.21.84.149200 OK 0 B IP 104.21.84.149:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:39 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3105
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BPUiY9TLozTP14%2FS%2F191o1cF02N%2F%2BgYy%2FcAFISj%2B8CjbIZ7kr1JmmEg%2BMz2VX9%2Ff5zQ9MfL0BPXf0rs59JIJpyZOOvyzVnsEFTTA98n%2FHpdaPmb8L3mpWNYCZuEL2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f5677cbf3a0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/css/flickity.css
31.43.191.18200 OK 0 B URL HTTP/2 letsupload.io/themes/spirit/assets/frontend/css/flickity.css
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
GET /themes/spirit/assets/frontend/css/flickity.css HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 20:26:44 GMT
vary: Accept-Encoding
etag: W/"5f724704-958"
server: nginx centminmod
x-powered-by: centminmod
expires: Sun, 23 Oct 2022 18:39:38 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: gzip
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/css/iconsmind.css
31.43.191.18200 OK 0 B URL HTTP/2 letsupload.io/themes/spirit/assets/frontend/css/iconsmind.css
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
GET /themes/spirit/assets/frontend/css/iconsmind.css HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 20:26:44 GMT
vary: Accept-Encoding
etag: W/"5f724704-178bf"
server: nginx centminmod
x-powered-by: centminmod
expires: Sun, 23 Oct 2022 18:39:38 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: gzip
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Yy39awAO-lQKmubRAAk1AWCre120tAu2K7o-Gg&u=%7CuS6BoFwy6I4GieDWAuHwwLYbGi95Zz1mWI4H39mZX9U%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVLL12Ry-dW6BJl1W-eOcanR9Q8xFH-m7NUALUt4xfoWe-8MxKUa5fpVRQnL-RBOo-LfypjNeQE0kvbptK09O8ING2RVQPMeBBnUMoMDSeJFf7uGIXIn8MCvxNANnSfI4jxXU-KLAy4Sma1UIsCeRf4BVGUv8aId_UE_p6_2xy-_J2fIrGA4o56Dz4lPsWLMpAbbx89sGxAi3e_FOb8Z1xoJsfJ-KsjWggEayGfdNC7o6b5zE2M7AwpdYD1R2Ru4QG916lAPWRqQjx-Vbe6PgzqiuKX6YZnJ2XjbffRRnvADmHv9EbCrty6dGwG_RJ9CgYBu6fV-R2BcOHNRCjIzKS89YKPAaDK5cX-bMxZ7QejysZCwKUHg-IORMtD-WNvbgYFK2gkNBucgEZiZM4RxArcx8aBfz-pvy0A31vqhhMERas3DKxJ2GFfI_q9JOQUuGy5n-LnRgnk5NOjrqPetQkeMMhWR9O8duzPBddQEMPG0WHehaqzgQo6K&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnQ4Aa_0tY9T0O9HN6wSB6qSQBMme0rFc9eqhhogBwI23ARABIABgw4SAgJgYggEXY2EtcHViLTIwMzI2MzMwMDE0ODI3NTCgAdW20uoDyAEJqQJZogbJPUewPqgDAaoE1gFP0C2Ru2A3Jop-m1oPpUr9GWTL3eGFb32aaxY7DIsLaKRj0XqYJYDcmwstqfmdg0__rcZyqF7muWma1jD2bhzDHHPcvs0sDOnnEJ-Lk1ue5bx75EUlbv2UHWOqUaVJ4JT8i3gTy_RWUcG3cJpyn2aQZo_OavQwCRG7uiR-MD6JHGbmPSbZRlYv8DBk6tSNMMGojf-v1fOU4-ZDUnF3CsWyq9TMTUPAeN4V4U32oqYK6YXuIeWpQFlLIBvwGoQBOidrHZ6ccrrFmTpC53DPosZJwJ3iusKXgAb-19uxzNXYw9sBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0VoSX3d_eiJ3eye78-uMT6TPeAvg%26client%3Dca-pub-2032633001482750%26adurl%3D
178.250.0.138200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Yy39awAO-lQKmubRAAk1AWCre120tAu2K7o-Gg&u=%7CuS6BoFwy6I4GieDWAuHwwLYbGi95Zz1mWI4H39mZX9U%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVLL12Ry-dW6BJl1W-eOcanR9Q8xFH-m7NUALUt4xfoWe-8MxKUa5fpVRQnL-RBOo-LfypjNeQE0kvbptK09O8ING2RVQPMeBBnUMoMDSeJFf7uGIXIn8MCvxNANnSfI4jxXU-KLAy4Sma1UIsCeRf4BVGUv8aId_UE_p6_2xy-_J2fIrGA4o56Dz4lPsWLMpAbbx89sGxAi3e_FOb8Z1xoJsfJ-KsjWggEayGfdNC7o6b5zE2M7AwpdYD1R2Ru4QG916lAPWRqQjx-Vbe6PgzqiuKX6YZnJ2XjbffRRnvADmHv9EbCrty6dGwG_RJ9CgYBu6fV-R2BcOHNRCjIzKS89YKPAaDK5cX-bMxZ7QejysZCwKUHg-IORMtD-WNvbgYFK2gkNBucgEZiZM4RxArcx8aBfz-pvy0A31vqhhMERas3DKxJ2GFfI_q9JOQUuGy5n-LnRgnk5NOjrqPetQkeMMhWR9O8duzPBddQEMPG0WHehaqzgQo6K&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnQ4Aa_0tY9T0O9HN6wSB6qSQBMme0rFc9eqhhogBwI23ARABIABgw4SAgJgYggEXY2EtcHViLTIwMzI2MzMwMDE0ODI3NTCgAdW20uoDyAEJqQJZogbJPUewPqgDAaoE1gFP0C2Ru2A3Jop-m1oPpUr9GWTL3eGFb32aaxY7DIsLaKRj0XqYJYDcmwstqfmdg0__rcZyqF7muWma1jD2bhzDHHPcvs0sDOnnEJ-Lk1ue5bx75EUlbv2UHWOqUaVJ4JT8i3gTy_RWUcG3cJpyn2aQZo_OavQwCRG7uiR-MD6JHGbmPSbZRlYv8DBk6tSNMMGojf-v1fOU4-ZDUnF3CsWyq9TMTUPAeN4V4U32oqYK6YXuIeWpQFlLIBvwGoQBOidrHZ6ccrrFmTpC53DPosZJwJ3iusKXgAb-19uxzNXYw9sBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0VoSX3d_eiJ3eye78-uMT6TPeAvg%26client%3Dca-pub-2032633001482750%26adurl%3D
IP 178.250.0.138:0
GET /delivery/r/afr.php?z=Yy39awAO-lQKmubRAAk1AWCre120tAu2K7o-Gg&u=%7CuS6BoFwy6I4GieDWAuHwwLYbGi95Zz1mWI4H39mZX9U%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVLL12Ry-dW6BJl1W-eOcanR9Q8xFH-m7NUALUt4xfoWe-8MxKUa5fpVRQnL-RBOo-LfypjNeQE0kvbptK09O8ING2RVQPMeBBnUMoMDSeJFf7uGIXIn8MCvxNANnSfI4jxXU-KLAy4Sma1UIsCeRf4BVGUv8aId_UE_p6_2xy-_J2fIrGA4o56Dz4lPsWLMpAbbx89sGxAi3e_FOb8Z1xoJsfJ-KsjWggEayGfdNC7o6b5zE2M7AwpdYD1R2Ru4QG916lAPWRqQjx-Vbe6PgzqiuKX6YZnJ2XjbffRRnvADmHv9EbCrty6dGwG_RJ9CgYBu6fV-R2BcOHNRCjIzKS89YKPAaDK5cX-bMxZ7QejysZCwKUHg-IORMtD-WNvbgYFK2gkNBucgEZiZM4RxArcx8aBfz-pvy0A31vqhhMERas3DKxJ2GFfI_q9JOQUuGy5n-LnRgnk5NOjrqPetQkeMMhWR9O8duzPBddQEMPG0WHehaqzgQo6K&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnQ4Aa_0tY9T0O9HN6wSB6qSQBMme0rFc9eqhhogBwI23ARABIABgw4SAgJgYggEXY2EtcHViLTIwMzI2MzMwMDE0ODI3NTCgAdW20uoDyAEJqQJZogbJPUewPqgDAaoE1gFP0C2Ru2A3Jop-m1oPpUr9GWTL3eGFb32aaxY7DIsLaKRj0XqYJYDcmwstqfmdg0__rcZyqF7muWma1jD2bhzDHHPcvs0sDOnnEJ-Lk1ue5bx75EUlbv2UHWOqUaVJ4JT8i3gTy_RWUcG3cJpyn2aQZo_OavQwCRG7uiR-MD6JHGbmPSbZRlYv8DBk6tSNMMGojf-v1fOU4-ZDUnF3CsWyq9TMTUPAeN4V4U32oqYK6YXuIeWpQFlLIBvwGoQBOidrHZ6ccrrFmTpC53DPosZJwJ3iusKXgAb-19uxzNXYw9sBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0VoSX3d_eiJ3eye78-uMT6TPeAvg%26client%3Dca-pub-2032633001482750%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:39 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=dyY7KmnBQ4S9ThNUdNrhHu_dYlnXOZlF38H6eV_p-PrCV5KDWciIk__BsogA9y4WjLMTORgeoUDGWgh4YvV7Brxtts1FpvVOpgMuEY1n24aYK_juUwreLgjDBtgVb2YLhWGrIvTr4Vi3U6GXV_xVkMKc-vsotDdK69UNjqF0YFB8iBpudw8d4_asbcUSelVTVicidh5l6W74cqpfjwADsUOwtYzGDwrQfH1AXJxQCnfLFMdKjA3jyjlirTtX1IlwfvtyPA"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 104342366
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/criteo_logo_2021.svg
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/criteo_logo_2021.svg
IP 178.250.2.130:0
GET /flash/icon/criteo_logo_2021.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 18:39:40 GMT
content-type: image/svg+xml
last-modified: Thu, 27 May 2021 13:21:59 GMT
etag: W/"60af9cf7-891"
expires: Mon, 18 Sep 2023 18:39:40 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Ka19qP_tgtRZSadEdVDr8Gxc-Ppzsd5LRConb8QzP8xN8tqatOMZohIBi6UCRXfFI6rWhwdhuzkhPhYbvoNfBUplVmrivESowP9l-XmdOyu7y8nz2DAsR2mtvkNfVzfsVTRzrOeeV41u1uTNAmLXAp4xRxJX9z6mxnrjPy4iEaV546G00ApDaU4rZfluV5RQsQQf8fYiEaRHlZElYZh5RxbP0jDzuhulWOMA4gH8ehkYXgBDMQavYztIl89WIkUhJ-O9OXY9VMg9ZM78B_4sSW6bEnaK8JhAa0Nmpk6qkwjGDS0d8VTNiaGMx_k33qtfRnLySG_VWtQ8uFtCUcU_wXLtV44Fqb_4T30BK2zVpnzgaZOyw3l64t00FIH0ne85X6Qv0YjiSjp19GSGt0adKbJ8pTX0jw-ym9Irhq4I2uNM1BJO
178.250.0.160200 OK 0 B URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Ka19qP_tgtRZSadEdVDr8Gxc-Ppzsd5LRConb8QzP8xN8tqatOMZohIBi6UCRXfFI6rWhwdhuzkhPhYbvoNfBUplVmrivESowP9l-XmdOyu7y8nz2DAsR2mtvkNfVzfsVTRzrOeeV41u1uTNAmLXAp4xRxJX9z6mxnrjPy4iEaV546G00ApDaU4rZfluV5RQsQQf8fYiEaRHlZElYZh5RxbP0jDzuhulWOMA4gH8ehkYXgBDMQavYztIl89WIkUhJ-O9OXY9VMg9ZM78B_4sSW6bEnaK8JhAa0Nmpk6qkwjGDS0d8VTNiaGMx_k33qtfRnLySG_VWtQ8uFtCUcU_wXLtV44Fqb_4T30BK2zVpnzgaZOyw3l64t00FIH0ne85X6Qv0YjiSjp19GSGt0adKbJ8pTX0jw-ym9Irhq4I2uNM1BJO
IP 178.250.0.160:0
GET /delivery/lg.php?cppv=3&cpp=Ka19qP_tgtRZSadEdVDr8Gxc-Ppzsd5LRConb8QzP8xN8tqatOMZohIBi6UCRXfFI6rWhwdhuzkhPhYbvoNfBUplVmrivESowP9l-XmdOyu7y8nz2DAsR2mtvkNfVzfsVTRzrOeeV41u1uTNAmLXAp4xRxJX9z6mxnrjPy4iEaV546G00ApDaU4rZfluV5RQsQQf8fYiEaRHlZElYZh5RxbP0jDzuhulWOMA4gH8ehkYXgBDMQavYztIl89WIkUhJ-O9OXY9VMg9ZM78B_4sSW6bEnaK8JhAa0Nmpk6qkwjGDS0d8VTNiaGMx_k33qtfRnLySG_VWtQ8uFtCUcU_wXLtV44Fqb_4T30BK2zVpnzgaZOyw3l64t00FIH0ne85X6Qv0YjiSjp19GSGt0adKbJ8pTX0jw-ym9Irhq4I2uNM1BJO HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:40 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1815791
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
31.43.191.18200 OK 0 B URL HTTP/2 letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
GET /5h5hB/Shovel.Knight.Dig-GoldBerg.zip HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq; expires=Sat, 24-Sep-2022 18:39:38 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, no-cache
date: Fri, 23 Sep 2022 18:39:38 GMT
server: nginx centminmod
x-powered-by: centminmod
content-encoding: gzip
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
31.43.191.18200 OK 0 B URL HTTP/2 letsupload.io/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
GET /themes/spirit/assets/frontend/js/jquery-3.1.1.min.js HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 28 Sep 2020 20:26:40 GMT
vary: Accept-Encoding
etag: W/"5f724700-152b5"
server: nginx centminmod
x-powered-by: centminmod
expires: Sun, 23 Oct 2022 18:39:38 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: gzip
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/js/granim.min.js
31.43.191.18200 OK 0 B URL HTTP/2 letsupload.io/themes/spirit/assets/frontend/js/granim.min.js
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
GET /themes/spirit/assets/frontend/js/granim.min.js HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 28 Sep 2020 20:26:40 GMT
vary: Accept-Encoding
etag: W/"5f724700-298a"
server: nginx centminmod
x-powered-by: centminmod
expires: Sun, 23 Oct 2022 18:39:38 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: gzip
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=-oJYSrTSIHMD8I_mWFN91L2DjvFlbvEm8UV3-5MZnsLNjfOcPISJT5CONG-vYVTv0TAfgi20K_NRXkID6ABe_sH29RBWQEuJVlujIqt92kRk2HsL1DBO6qpRCiRgtI1PkKIR-tYvuiTo-jgY5W9r2wrFDQPh27JjO777LjnlFE3XDtlwVg2Y1qHerNxRLhRacyu8fw9ScC2x2ZRevxOKRxVaWs1Izacn8e7EbCVyY24Cx6qv-9CfYQNb1IFA8H674a-PCyPbRT-zV-GJD5reGMKfDcz-HPjFtoBJcVJVki_cbK6c9Hi3hdSGzskuF6BxFHMvVcFERfDfccDlN4EfN7L9kCVq6Uj4WVZXsRhau50gSXrRNKzJXx0tVe9iaYYHRRVZ1JH5GiDChzOu11TKRQb_9nzfHA8L-qfXSJgImPf92Jil
178.250.0.160200 OK 0 B URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=-oJYSrTSIHMD8I_mWFN91L2DjvFlbvEm8UV3-5MZnsLNjfOcPISJT5CONG-vYVTv0TAfgi20K_NRXkID6ABe_sH29RBWQEuJVlujIqt92kRk2HsL1DBO6qpRCiRgtI1PkKIR-tYvuiTo-jgY5W9r2wrFDQPh27JjO777LjnlFE3XDtlwVg2Y1qHerNxRLhRacyu8fw9ScC2x2ZRevxOKRxVaWs1Izacn8e7EbCVyY24Cx6qv-9CfYQNb1IFA8H674a-PCyPbRT-zV-GJD5reGMKfDcz-HPjFtoBJcVJVki_cbK6c9Hi3hdSGzskuF6BxFHMvVcFERfDfccDlN4EfN7L9kCVq6Uj4WVZXsRhau50gSXrRNKzJXx0tVe9iaYYHRRVZ1JH5GiDChzOu11TKRQb_9nzfHA8L-qfXSJgImPf92Jil
IP 178.250.0.160:0
GET /delivery/lg.php?cppv=3&cpp=-oJYSrTSIHMD8I_mWFN91L2DjvFlbvEm8UV3-5MZnsLNjfOcPISJT5CONG-vYVTv0TAfgi20K_NRXkID6ABe_sH29RBWQEuJVlujIqt92kRk2HsL1DBO6qpRCiRgtI1PkKIR-tYvuiTo-jgY5W9r2wrFDQPh27JjO777LjnlFE3XDtlwVg2Y1qHerNxRLhRacyu8fw9ScC2x2ZRevxOKRxVaWs1Izacn8e7EbCVyY24Cx6qv-9CfYQNb1IFA8H674a-PCyPbRT-zV-GJD5reGMKfDcz-HPjFtoBJcVJVki_cbK6c9Hi3hdSGzskuF6BxFHMvVcFERfDfccDlN4EfN7L9kCVq6Uj4WVZXsRhau50gSXrRNKzJXx0tVe9iaYYHRRVZ1JH5GiDChzOu11TKRQb_9nzfHA8L-qfXSJgImPf92Jil HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:39 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1746893
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/js/flickity.min.js
31.43.191.18200 OK 0 B URL HTTP/2 letsupload.io/themes/spirit/assets/frontend/js/flickity.min.js
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
GET /themes/spirit/assets/frontend/js/flickity.min.js HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 28 Sep 2020 20:26:40 GMT
vary: Accept-Encoding
etag: W/"5f724700-d265"
server: nginx centminmod
x-powered-by: centminmod
expires: Sun, 23 Oct 2022 18:39:38 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: gzip
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Yy39awAJfJQKmq11AApdtWGjrJx01aNRuW80sw&u=%7CTLXKw52ubA0%2BVoYBt1u4KTg5IwCFxfsTqDgkoxmsGIw%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVLcRTLo73uKkXsOvAEhK6VheRnMkMXik8YIHd3krKckFPK0d7qa3pXR--to_WPD6E8w1dfAKcIP6NWcbxnFUZKI9q9HdOPVRTBL0CJRUeY0xTEwQasN6BeULUUcSxoM7g8gm7lXJ4fnDSB8AFB23GKBgvihRTENaHUtmds9C5NF80D8CyxzQhDgVJPFIa3N8Dso5Wn4pIwHoEPsIS4adwKQJeKvFCHbURTQOksrmRyIp3Ru8Yd_10T3Rr4ani8ik4TuCylsGa7qgaE1gPa-B_Q9TuBENLHD7WAofTDvEwjeYNH0-bCc_HpzgLxAyXzm1PbwXBlcqSPneBnIZ37_p1o_eVRBPzMlt7w_h3O4JhbVSo8RpS_CZdC66s3Wt9ylXFt-7oYg0_uA7XFE9fLHNiSGxO9Y6PbFwmuyZkblD_SEvvB1KEVa6QsvO0OFC3fhzJUub_pDcvmcaOLQ3PW1aIItranVXj7ty8Z1_1bLdGEBIWL_e0V-CNSL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-EK1a_0tY5T5JfXa6gS1u6mIBMme0rFcjfDi1pMBwI23ARABIABgw4SAgJgYggEXY2EtcHViLTIwMzI2MzMwMDE0ODI3NTCgAdW20uoDyAEJqQJZogbJPUewPqgDAaoE0AFP0IbiewRrNne9FgMpMnOP9cYthQtMZdKYRH1j_oxd9-yIDoZlAk2xLte4mxKnWcAbaBmWbbq7_PQ7mvo5HQai_fhhUlQBrhy6WzNlr3rZLUly0GrBvZ4h2jf0B56_lUeKRYW_vNXHY5LaU2K6yC-jsi1ckSS97X9bxk0QYigWGBC9sytZsVNNHAFLCWcmkd7kCLdgCU-fLgxkAR0k9bjRvkCVRZl057Laibwz9jVdYuv3eu-4ZHM__-1kZeE7NKyKyfpICgMzr4sr0_wsLVYrgAb-19uxzNXYw9sBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2xGzK2RGvwos1tTugEOnwl-PusCQ%26client%3Dca-pub-2032633001482750%26adurl%3D
178.250.0.138200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Yy39awAJfJQKmq11AApdtWGjrJx01aNRuW80sw&u=%7CTLXKw52ubA0%2BVoYBt1u4KTg5IwCFxfsTqDgkoxmsGIw%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVLcRTLo73uKkXsOvAEhK6VheRnMkMXik8YIHd3krKckFPK0d7qa3pXR--to_WPD6E8w1dfAKcIP6NWcbxnFUZKI9q9HdOPVRTBL0CJRUeY0xTEwQasN6BeULUUcSxoM7g8gm7lXJ4fnDSB8AFB23GKBgvihRTENaHUtmds9C5NF80D8CyxzQhDgVJPFIa3N8Dso5Wn4pIwHoEPsIS4adwKQJeKvFCHbURTQOksrmRyIp3Ru8Yd_10T3Rr4ani8ik4TuCylsGa7qgaE1gPa-B_Q9TuBENLHD7WAofTDvEwjeYNH0-bCc_HpzgLxAyXzm1PbwXBlcqSPneBnIZ37_p1o_eVRBPzMlt7w_h3O4JhbVSo8RpS_CZdC66s3Wt9ylXFt-7oYg0_uA7XFE9fLHNiSGxO9Y6PbFwmuyZkblD_SEvvB1KEVa6QsvO0OFC3fhzJUub_pDcvmcaOLQ3PW1aIItranVXj7ty8Z1_1bLdGEBIWL_e0V-CNSL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-EK1a_0tY5T5JfXa6gS1u6mIBMme0rFcjfDi1pMBwI23ARABIABgw4SAgJgYggEXY2EtcHViLTIwMzI2MzMwMDE0ODI3NTCgAdW20uoDyAEJqQJZogbJPUewPqgDAaoE0AFP0IbiewRrNne9FgMpMnOP9cYthQtMZdKYRH1j_oxd9-yIDoZlAk2xLte4mxKnWcAbaBmWbbq7_PQ7mvo5HQai_fhhUlQBrhy6WzNlr3rZLUly0GrBvZ4h2jf0B56_lUeKRYW_vNXHY5LaU2K6yC-jsi1ckSS97X9bxk0QYigWGBC9sytZsVNNHAFLCWcmkd7kCLdgCU-fLgxkAR0k9bjRvkCVRZl057Laibwz9jVdYuv3eu-4ZHM__-1kZeE7NKyKyfpICgMzr4sr0_wsLVYrgAb-19uxzNXYw9sBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2xGzK2RGvwos1tTugEOnwl-PusCQ%26client%3Dca-pub-2032633001482750%26adurl%3D
IP 178.250.0.138:0
GET /delivery/r/afr.php?z=Yy39awAJfJQKmq11AApdtWGjrJx01aNRuW80sw&u=%7CTLXKw52ubA0%2BVoYBt1u4KTg5IwCFxfsTqDgkoxmsGIw%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVLcRTLo73uKkXsOvAEhK6VheRnMkMXik8YIHd3krKckFPK0d7qa3pXR--to_WPD6E8w1dfAKcIP6NWcbxnFUZKI9q9HdOPVRTBL0CJRUeY0xTEwQasN6BeULUUcSxoM7g8gm7lXJ4fnDSB8AFB23GKBgvihRTENaHUtmds9C5NF80D8CyxzQhDgVJPFIa3N8Dso5Wn4pIwHoEPsIS4adwKQJeKvFCHbURTQOksrmRyIp3Ru8Yd_10T3Rr4ani8ik4TuCylsGa7qgaE1gPa-B_Q9TuBENLHD7WAofTDvEwjeYNH0-bCc_HpzgLxAyXzm1PbwXBlcqSPneBnIZ37_p1o_eVRBPzMlt7w_h3O4JhbVSo8RpS_CZdC66s3Wt9ylXFt-7oYg0_uA7XFE9fLHNiSGxO9Y6PbFwmuyZkblD_SEvvB1KEVa6QsvO0OFC3fhzJUub_pDcvmcaOLQ3PW1aIItranVXj7ty8Z1_1bLdGEBIWL_e0V-CNSL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-EK1a_0tY5T5JfXa6gS1u6mIBMme0rFcjfDi1pMBwI23ARABIABgw4SAgJgYggEXY2EtcHViLTIwMzI2MzMwMDE0ODI3NTCgAdW20uoDyAEJqQJZogbJPUewPqgDAaoE0AFP0IbiewRrNne9FgMpMnOP9cYthQtMZdKYRH1j_oxd9-yIDoZlAk2xLte4mxKnWcAbaBmWbbq7_PQ7mvo5HQai_fhhUlQBrhy6WzNlr3rZLUly0GrBvZ4h2jf0B56_lUeKRYW_vNXHY5LaU2K6yC-jsi1ckSS97X9bxk0QYigWGBC9sytZsVNNHAFLCWcmkd7kCLdgCU-fLgxkAR0k9bjRvkCVRZl057Laibwz9jVdYuv3eu-4ZHM__-1kZeE7NKyKyfpICgMzr4sr0_wsLVYrgAb-19uxzNXYw9sBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2xGzK2RGvwos1tTugEOnwl-PusCQ%26client%3Dca-pub-2032633001482750%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:40 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=uRG8emnBQ4S9ThNUOGcXQOSA3hwytf_BUPTWwE_syldI6T0PjoSkDporF1ONKGTwSFOLZ01NDMH-gfTghbtDZOjvnN3Q3P2Hy15mtweQGRK4WAYCMrnMghW61F25ep1pbvXSBFtzHwH6XoQRXENWQsfHto9LSjiRBtlskfyxBs0zfWQ1dLDS1eMKpQC1n6Pv1FE0SFthJvZRm3gVYgNljNcjkbYOwxpn_VgcbqOyOnkI-HNRCzqiWpJOHtNAFgZs0wVUEg"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 127689318
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=DMo-yf_tgtRZSadEdVDr8Gxc-PpeH19AHBKv5q-zOph06TufOopvDdH3WbHFSmg0dzAn93CEufXi30HmvQOlv0wKeN56pafWo44s2NFHWMnynSNVwVcPZtcyfokSKZ7jGo29CDKVMkejIbf7VRFbR18O-zmh1jLLkQTaTd5r1R_ShPgp-6h0XeKvGML_IU04koAg1NV4ZAPXQ22IM01e0gdMlNtM5QF3acsr6ACdLpALNy3iA1ScwkzKx_N1B6adK9ZZkT_nvBXCOpWqAdbDSsXauSdz0CGNQwiGF9dl2MYtZzAaFsoTbbGQjJB7voYn9vsiP7-NO5otMig2BzJPCN7qqSPPuUEOJAM-rZF4F7L5JoXPU2Bd2w5eAdFD7ur45txUxL_QIF1guLDMCMHvqSi1QhE327mHLgRiDec446X0g_AQ
178.250.0.160200 OK 0 B URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=DMo-yf_tgtRZSadEdVDr8Gxc-PpeH19AHBKv5q-zOph06TufOopvDdH3WbHFSmg0dzAn93CEufXi30HmvQOlv0wKeN56pafWo44s2NFHWMnynSNVwVcPZtcyfokSKZ7jGo29CDKVMkejIbf7VRFbR18O-zmh1jLLkQTaTd5r1R_ShPgp-6h0XeKvGML_IU04koAg1NV4ZAPXQ22IM01e0gdMlNtM5QF3acsr6ACdLpALNy3iA1ScwkzKx_N1B6adK9ZZkT_nvBXCOpWqAdbDSsXauSdz0CGNQwiGF9dl2MYtZzAaFsoTbbGQjJB7voYn9vsiP7-NO5otMig2BzJPCN7qqSPPuUEOJAM-rZF4F7L5JoXPU2Bd2w5eAdFD7ur45txUxL_QIF1guLDMCMHvqSi1QhE327mHLgRiDec446X0g_AQ
IP 178.250.0.160:0
GET /delivery/lg.php?cppv=3&cpp=DMo-yf_tgtRZSadEdVDr8Gxc-PpeH19AHBKv5q-zOph06TufOopvDdH3WbHFSmg0dzAn93CEufXi30HmvQOlv0wKeN56pafWo44s2NFHWMnynSNVwVcPZtcyfokSKZ7jGo29CDKVMkejIbf7VRFbR18O-zmh1jLLkQTaTd5r1R_ShPgp-6h0XeKvGML_IU04koAg1NV4ZAPXQ22IM01e0gdMlNtM5QF3acsr6ACdLpALNy3iA1ScwkzKx_N1B6adK9ZZkT_nvBXCOpWqAdbDSsXauSdz0CGNQwiGF9dl2MYtZzAaFsoTbbGQjJB7voYn9vsiP7-NO5otMig2BzJPCN7qqSPPuUEOJAM-rZF4F7L5JoXPU2Bd2w5eAdFD7ur45txUxL_QIF1guLDMCMHvqSi1QhE327mHLgRiDec446X0g_AQ HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:40 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1718889
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/animejs/animejs.js
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/animejs/animejs.js
IP 178.250.2.130:0
GET /animejs/animejs.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 18:39:40 GMT
content-type: text/javascript
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
etag: W/"5c9a64eb-3181"
expires: Mon, 18 Sep 2023 18:39:40 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/js/typed.min.js
31.43.191.18200 OK 0 B URL HTTP/2 letsupload.io/themes/spirit/assets/frontend/js/typed.min.js
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
GET /themes/spirit/assets/frontend/js/typed.min.js HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 28 Sep 2020 20:26:40 GMT
vary: Accept-Encoding
etag: W/"5f724700-f6d"
server: nginx centminmod
x-powered-by: centminmod
expires: Sun, 23 Oct 2022 18:39:38 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: gzip
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/js/jquery.steps.min.js
31.43.191.18200 OK 0 B URL HTTP/2 letsupload.io/themes/spirit/assets/frontend/js/jquery.steps.min.js
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
GET /themes/spirit/assets/frontend/js/jquery.steps.min.js HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 28 Sep 2020 20:26:40 GMT
vary: Accept-Encoding
etag: W/"5f724700-3621"
server: nginx centminmod
x-powered-by: centminmod
expires: Sun, 23 Oct 2022 18:39:38 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: gzip
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/js/smooth-scroll.min.js
31.43.191.18200 OK 0 B URL HTTP/2 letsupload.io/themes/spirit/assets/frontend/js/smooth-scroll.min.js
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
GET /themes/spirit/assets/frontend/js/smooth-scroll.min.js HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 28 Sep 2020 20:26:40 GMT
vary: Accept-Encoding
etag: W/"5f724700-1776"
server: nginx centminmod
x-powered-by: centminmod
expires: Sun, 23 Oct 2022 18:39:38 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: gzip
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/js/scripts.js
31.43.191.18200 OK 0 B URL HTTP/2 letsupload.io/themes/spirit/assets/frontend/js/scripts.js
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
GET /themes/spirit/assets/frontend/js/scripts.js HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 14 Oct 2020 22:17:02 GMT
vary: Accept-Encoding
etag: W/"5f8778de-1b521"
server: nginx centminmod
x-powered-by: centminmod
expires: Sun, 23 Oct 2022 18:39:38 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/adchoices_en.svg
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/adchoices_en.svg
IP 178.250.2.130:0
GET /flash/icon/adchoices_en.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 18:39:40 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
etag: W/"5e42b9ee-759"
expires: Mon, 18 Sep 2023 18:39:40 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
31.43.191.18200 OK 0 B URL HTTP/2 letsupload.io/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
GET /themes/spirit/assets/frontend/js/jquery.dataTables.min.js HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 28 Sep 2020 20:26:40 GMT
vary: Accept-Encoding
etag: W/"5f724700-10fe4"
server: nginx centminmod
x-powered-by: centminmod
expires: Sun, 23 Oct 2022 18:39:38 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: gzip
X-Firefox-Spdy: h2
letsupload.io/js/adsx.js
31.43.191.18200 OK 0 B IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
GET /js/adsx.js HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, no-cache
date: Fri, 23 Sep 2022 18:39:38 GMT
server: nginx centminmod
x-powered-by: centminmod
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy_small.svg
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy_small.svg
IP 178.250.2.130:0
GET /flash/icon/privacy_small.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 18:39:40 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
etag: W/"5e42ba84-6aa"
expires: Mon, 18 Sep 2023 18:39:40 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/css/lightbox.min.css
31.43.191.18200 OK 0 B URL HTTP/2 letsupload.io/themes/spirit/assets/frontend/css/lightbox.min.css
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
GET /themes/spirit/assets/frontend/css/lightbox.min.css HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 20:26:46 GMT
vary: Accept-Encoding
etag: W/"5f724706-e54"
server: nginx centminmod
x-powered-by: centminmod
expires: Sun, 23 Oct 2022 18:39:38 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: gzip
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/js/countdown.min.js
31.43.191.18200 OK 0 B URL HTTP/2 letsupload.io/themes/spirit/assets/frontend/js/countdown.min.js
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
GET /themes/spirit/assets/frontend/js/countdown.min.js HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/5h5hB/Shovel.Knight.Dig-GoldBerg.zip
Cookie: filehosting=bpf1kd0pdvkgjq8l5jle93padq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:38 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 28 Sep 2020 20:26:40 GMT
vary: Accept-Encoding
etag: W/"5f724700-14db"
server: nginx centminmod
x-powered-by: centminmod
expires: Sun, 23 Oct 2022 18:39:38 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: gzip
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Yy39awAJFhYKmqgLAAyEOmxj6aphYMoUQRo1bA&u=%7CTLXKw52ubA1B%2FW0%2BML9TM1mrEt80l%2FgjX3j9ntBFwR8%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVK6TO2Hi5p5w2U2yXf6tkWA-Jd790bs3fB5FsFV_K5RqqSbqck9KwlIp4t4QaWQcKBPWQ4HmRy4XYfdTOfZZ2RI3IbT7ZNFq3f2gHQ9W9es2i1yyBZQekmclraMoVT427gCaRYWjCZrUPiMbpcD6HC1jC0sC4MtUOcgwNNUE0CMZVqbcnUvYTiKjFiMQs12SwvOBZJ0d3eV2bjl1LeWDRgvMQcRJo3cgO6CKGPYRDkRno3cc8QjSwLerCVa1JqJLORsXqQiNf3bUZ70LpxS7lWVDEPladjnZMWTicfUv-7XcPTpxa1EpbcSJuOn0BNVmiQOmY1db1rz34IBSNlBwMEsk88hJ6HKAbJKo-ZvLUfeIW832Abon44UItGAIc7pTb7t2MApwRwOTDshUK5WGaL5_ziA8EUCY0J9K4eEth4QRwaHyDY07-vuUhBpfvu4_lPwwmyfhZBJZJUSW9wQdLRhHZta65JSM3NlOJW7om5jLBGHKf_HY31s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdUqIa_0tY5asJIvQ6gS6iLK4Dsme0rFcvY6X93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItMjAzMjYzMzAwMTQ4Mjc1MKAB1bbS6gPIAQmpAolpDEbTXrA-qAMBqgTPAU_QA9wqOfwW78FOZkh7oCS5nN1cOs7g4EBoRUD3th5miZcROJA76tX1AHYtykNDsyUTJfk3kSOLb1zOqezZE9aWC37e4i72LlutJ-ywi1x04E4A0iV_dthuF5JPfS2CeuZG8SafJNa3KDbY97gCVVWDVpTfd58D6jBJ2N4OdO3B5m1dtAEJ40IxEF9rmzlVsyLgKnPFiDJ2TCZkzvfEaZRF-CpSYoqfIRksjyof34DgBNx_GPOa74i_TpJIKh_E7AFAMZX9l5nCHMh7HWfyH4AG_tfbsczV2MPbAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2bVr8Srf3BJDjfJFC5PjcYKwZdBg%26client%3Dca-pub-2032633001482750%26adurl%3D
178.250.0.138200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Yy39awAJFhYKmqgLAAyEOmxj6aphYMoUQRo1bA&u=%7CTLXKw52ubA1B%2FW0%2BML9TM1mrEt80l%2FgjX3j9ntBFwR8%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVK6TO2Hi5p5w2U2yXf6tkWA-Jd790bs3fB5FsFV_K5RqqSbqck9KwlIp4t4QaWQcKBPWQ4HmRy4XYfdTOfZZ2RI3IbT7ZNFq3f2gHQ9W9es2i1yyBZQekmclraMoVT427gCaRYWjCZrUPiMbpcD6HC1jC0sC4MtUOcgwNNUE0CMZVqbcnUvYTiKjFiMQs12SwvOBZJ0d3eV2bjl1LeWDRgvMQcRJo3cgO6CKGPYRDkRno3cc8QjSwLerCVa1JqJLORsXqQiNf3bUZ70LpxS7lWVDEPladjnZMWTicfUv-7XcPTpxa1EpbcSJuOn0BNVmiQOmY1db1rz34IBSNlBwMEsk88hJ6HKAbJKo-ZvLUfeIW832Abon44UItGAIc7pTb7t2MApwRwOTDshUK5WGaL5_ziA8EUCY0J9K4eEth4QRwaHyDY07-vuUhBpfvu4_lPwwmyfhZBJZJUSW9wQdLRhHZta65JSM3NlOJW7om5jLBGHKf_HY31s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdUqIa_0tY5asJIvQ6gS6iLK4Dsme0rFcvY6X93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItMjAzMjYzMzAwMTQ4Mjc1MKAB1bbS6gPIAQmpAolpDEbTXrA-qAMBqgTPAU_QA9wqOfwW78FOZkh7oCS5nN1cOs7g4EBoRUD3th5miZcROJA76tX1AHYtykNDsyUTJfk3kSOLb1zOqezZE9aWC37e4i72LlutJ-ywi1x04E4A0iV_dthuF5JPfS2CeuZG8SafJNa3KDbY97gCVVWDVpTfd58D6jBJ2N4OdO3B5m1dtAEJ40IxEF9rmzlVsyLgKnPFiDJ2TCZkzvfEaZRF-CpSYoqfIRksjyof34DgBNx_GPOa74i_TpJIKh_E7AFAMZX9l5nCHMh7HWfyH4AG_tfbsczV2MPbAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2bVr8Srf3BJDjfJFC5PjcYKwZdBg%26client%3Dca-pub-2032633001482750%26adurl%3D
IP 178.250.0.138:0
GET /delivery/r/afr.php?z=Yy39awAJFhYKmqgLAAyEOmxj6aphYMoUQRo1bA&u=%7CTLXKw52ubA1B%2FW0%2BML9TM1mrEt80l%2FgjX3j9ntBFwR8%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVK6TO2Hi5p5w2U2yXf6tkWA-Jd790bs3fB5FsFV_K5RqqSbqck9KwlIp4t4QaWQcKBPWQ4HmRy4XYfdTOfZZ2RI3IbT7ZNFq3f2gHQ9W9es2i1yyBZQekmclraMoVT427gCaRYWjCZrUPiMbpcD6HC1jC0sC4MtUOcgwNNUE0CMZVqbcnUvYTiKjFiMQs12SwvOBZJ0d3eV2bjl1LeWDRgvMQcRJo3cgO6CKGPYRDkRno3cc8QjSwLerCVa1JqJLORsXqQiNf3bUZ70LpxS7lWVDEPladjnZMWTicfUv-7XcPTpxa1EpbcSJuOn0BNVmiQOmY1db1rz34IBSNlBwMEsk88hJ6HKAbJKo-ZvLUfeIW832Abon44UItGAIc7pTb7t2MApwRwOTDshUK5WGaL5_ziA8EUCY0J9K4eEth4QRwaHyDY07-vuUhBpfvu4_lPwwmyfhZBJZJUSW9wQdLRhHZta65JSM3NlOJW7om5jLBGHKf_HY31s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdUqIa_0tY5asJIvQ6gS6iLK4Dsme0rFcvY6X93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItMjAzMjYzMzAwMTQ4Mjc1MKAB1bbS6gPIAQmpAolpDEbTXrA-qAMBqgTPAU_QA9wqOfwW78FOZkh7oCS5nN1cOs7g4EBoRUD3th5miZcROJA76tX1AHYtykNDsyUTJfk3kSOLb1zOqezZE9aWC37e4i72LlutJ-ywi1x04E4A0iV_dthuF5JPfS2CeuZG8SafJNa3KDbY97gCVVWDVpTfd58D6jBJ2N4OdO3B5m1dtAEJ40IxEF9rmzlVsyLgKnPFiDJ2TCZkzvfEaZRF-CpSYoqfIRksjyof34DgBNx_GPOa74i_TpJIKh_E7AFAMZX9l5nCHMh7HWfyH4AG_tfbsczV2MPbAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2bVr8Srf3BJDjfJFC5PjcYKwZdBg%26client%3Dca-pub-2032633001482750%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 18:39:40 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=W0Rdm2nBQ4S9ThNU-VvcrtXRLaGogs9H8M2KZjdkoVqbsWAP_b_7km15ESSgqc8xoBrDmlF3QBtIO-TmshcORXYNrqRYC8ri1LvsVKsramTsppbyr0i677Q1VLsZi25NP_5AIZUQUXhYiz1evObcbMkDGW5aOsHb0C--31KI7XRm8OzTGtDYER8syx5Rh8-7mlRVrAsucqjX-WKvM8AiqfvQ3AHkNoC8Ehwd3jZgfGlvcUZ2ma5iE5mY2KUPg81MA1Y0Dw"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 85479958
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy.svg
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy.svg
IP 178.250.2.130:0
GET /flash/icon/privacy.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 18:39:40 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
etag: W/"5e4d1491-646"
expires: Mon, 18 Sep 2023 18:39:40 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2