Overview

URL ipfs.fleek.co/ipfs/bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44
IP104.17.64.14
ASNCLOUDFLARENET
Location
Report completed2022-09-30 20:32:27 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-09-30 2 ipfs.fleek.co/ipfs/bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44 WeTransfer
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-30 2 ipfs.fleek.co/ipfs/bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44 Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (61)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-09-30 06:01:15 UTC 104.17.25.14
mnemonic passive DNS analytics.tiktok.com (1) 1182 2020-02-29 13:09:05 UTC 2022-09-30 13:31:20 UTC 23.36.79.17
mnemonic passive DNS collector.brandmetrics.com (1) 4202 2018-03-06 08:51:46 UTC 2022-09-30 20:32:16 UTC 20.50.2.28
mnemonic passive DNS dnacdn.net (2) 3760 2019-09-02 15:07:45 UTC 2022-09-30 12:29:48 UTC 178.250.0.157
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-30 17:00:01 UTC 143.204.55.35
mnemonic passive DNS backgrounds.wetransfer.net (2) 20593 2017-11-10 13:53:45 UTC 2022-09-30 12:39:40 UTC 143.204.55.17
mnemonic passive DNS px.ads.linkedin.com (1) 522 2017-08-08 16:28:50 UTC 2022-09-30 08:33:25 UTC 13.107.42.14
mnemonic passive DNS a.ad.gt (1) 4743 2021-07-28 20:36:24 UTC 2022-09-30 20:32:16 UTC 52.24.125.191
mnemonic passive DNS ocsp.pki.goog (9) 175 2017-06-14 07:23:31 UTC 2022-09-30 04:55:27 UTC 142.250.74.3
mnemonic passive DNS code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-09-30 05:18:50 UTC 69.16.175.10
mnemonic passive DNS ajax.googleapis.com (1) 12905 2013-06-10 06:53:41 UTC 2022-09-30 18:44:48 UTC 216.58.207.234
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-30 05:12:28 UTC 54.70.239.215
mnemonic passive DNS ids.ad.gt (6) 4355 2017-10-06 16:11:51 UTC 2022-09-30 20:32:16 UTC 52.34.146.211
mnemonic passive DNS gem.gbc.criteo.com (1) 6039 2019-02-06 06:21:41 UTC 2022-09-30 18:32:53 UTC 185.235.84.42
mnemonic passive DNS www.redditstatic.com (1) 1440 2012-06-30 12:33:28 UTC 2022-09-30 15:17:59 UTC 151.101.85.140
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-09-30 16:35:12 UTC 142.250.74.164
mnemonic passive DNS www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-09-30 04:57:04 UTC 142.250.74.3
mnemonic passive DNS img-getpocket.cdn.mozilla.net (4) 1631 2017-09-01 03:40:57 UTC 2022-09-30 13:49:02 UTC 34.120.237.76
mnemonic passive DNS ocsp.digicert.com (20) 86 2012-05-21 07:02:23 UTC 2022-09-30 15:21:19 UTC 93.184.220.29
mnemonic passive DNS cm.g.doubleclick.net (3) 202 2013-05-30 23:19:45 UTC 2022-09-30 20:32:16 UTC 142.250.74.34
mnemonic passive DNS www.facebook.com (2) 99 2017-01-30 05:00:00 UTC 2022-09-30 04:55:34 UTC 157.240.221.35
mnemonic passive DNS b.clarity.ms (1) 3462 2021-07-27 12:49:08 UTC 2022-09-30 05:59:03 UTC 20.75.32.255
mnemonic passive DNS sync.1rx.io (2) 528 2015-12-17 22:59:40 UTC 2022-09-30 19:43:29 UTC 213.19.147.45
mnemonic passive DNS ipfs.fleek.co (1) 0 2020-04-21 22:10:54 UTC 2022-09-30 04:49:29 UTC 104.17.96.13 Domain (fleek.co) ranked at: 216311
mnemonic passive DNS pixels.ad.gt (1) 5248 2020-04-12 17:10:15 UTC 2022-09-30 20:32:17 UTC 54.200.124.182
mnemonic passive DNS image2.pubmatic.com (1) 873 2012-05-21 13:21:02 UTC 2022-09-30 20:32:16 UTC 185.64.189.110
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-09-30 05:03:32 UTC 104.18.20.226
mnemonic passive DNS match.adsrvr.org (1) 349 2012-08-07 19:20:17 UTC 2022-09-30 20:32:16 UTC 15.197.193.217
mnemonic passive DNS static.criteo.net (1) 652 2015-06-24 06:04:54 UTC 2022-09-30 16:08:48 UTC 178.250.0.130
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-30 05:34:07 UTC 143.204.55.110
mnemonic passive DNS ocsp.godaddy.com (1) 698 2012-05-20 19:28:57 UTC 2022-09-30 05:01:23 UTC 192.124.249.23
mnemonic passive DNS www.clarity.ms (3) 1404 2018-08-22 07:41:57 UTC 2022-09-30 04:57:12 UTC 13.107.246.53
mnemonic passive DNS ocsp.sectigo.com (1) 487 2018-12-17 11:31:55 UTC 2022-09-30 15:22:46 UTC 172.64.155.188
mnemonic passive DNS gum.criteo.com (1) 381 2015-01-22 10:58:57 UTC 2022-09-30 13:01:24 UTC 178.250.2.146
mnemonic passive DNS bat.bing.com (2) 387 2014-04-08 09:23:16 UTC 2022-09-30 04:57:12 UTC 13.107.21.200
mnemonic passive DNS googleads.g.doubleclick.net (1) 42 2021-02-20 15:43:32 UTC 2022-09-30 13:56:09 UTC 216.58.207.226
mnemonic passive DNS secure.adnxs.com (2) 396 2012-05-22 16:37:37 UTC 2022-09-30 11:01:28 UTC 37.252.173.215
mnemonic passive DNS dpm.demdex.net (2) 204 2017-01-30 04:59:39 UTC 2022-09-30 13:11:56 UTC 34.249.106.217
mnemonic passive DNS stackpath.bootstrapcdn.com (1) 2467 2018-04-05 04:41:29 UTC 2022-09-30 11:00:19 UTC 104.18.11.207
mnemonic passive DNS cdn.brandmetrics.com (2) 3726 2018-09-11 18:01:01 UTC 2022-09-30 20:32:16 UTC 104.26.7.155
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-30 04:56:26 UTC 34.117.237.239
mnemonic passive DNS prod-cdn.wetransfer.net (10) 25787 2019-07-13 02:59:52 UTC 2022-09-30 20:32:16 UTC 54.230.111.83
mnemonic passive DNS p.ad.gt (2) 5338 2021-05-18 05:18:08 UTC 2022-09-30 20:32:16 UTC 52.36.147.165
mnemonic passive DNS sync.smartadserver.com (1) 2157 2017-01-30 03:01:04 UTC 2022-09-30 20:32:16 UTC 185.86.138.146
mnemonic passive DNS r3.o.lencr.org (3) 344 2020-12-02 08:52:13 UTC 2022-09-30 04:55:29 UTC 23.36.77.32
mnemonic passive DNS c.bing.com (1) 247 2012-05-22 10:26:32 UTC 2022-09-30 05:30:25 UTC 13.107.21.200
mnemonic passive DNS www.google-analytics.com (3) 40 2012-10-03 01:04:21 UTC 2022-09-30 17:50:54 UTC 142.250.74.174
mnemonic passive DNS e-10220.adzerk.net (1) 23978 2019-03-22 07:17:33 UTC 2022-09-30 20:32:16 UTC 54.210.200.244
mnemonic passive DNS public.profitwell.com (1) 6695 2020-08-20 18:28:44 UTC 2022-09-30 20:32:16 UTC 54.230.111.96
mnemonic passive DNS nolan.wetransfer.net (1) 0 2022-03-22 17:21:50 UTC 2022-09-30 20:32:16 UTC 54.230.111.42 Domain (wetransfer.net) ranked at: 233366
mnemonic passive DNS ocsp.sca1b.amazontrust.com (3) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.110
mnemonic passive DNS sync.mathtag.com (1) 427 2012-05-22 05:36:42 UTC 2022-09-30 13:45:22 UTC 185.29.134.248
mnemonic passive DNS token.rubiconproject.com (1) 671 2017-01-30 05:00:50 UTC 2022-09-30 15:19:21 UTC 213.19.162.90
mnemonic passive DNS c.clarity.ms (1) 803 2021-02-03 23:22:47 UTC 2022-09-30 05:30:25 UTC 20.234.93.27
mnemonic passive DNS maxcdn.bootstrapcdn.com (1) 724 2014-06-18 00:37:31 UTC 2022-09-30 13:48:24 UTC 104.18.11.207
mnemonic passive DNS static.ads-twitter.com (1) 614 2017-01-30 05:00:15 UTC 2022-09-30 13:26:00 UTC 151.101.84.157
mnemonic passive DNS snap.licdn.com (1) 1044 2014-10-06 08:43:45 UTC 2022-09-30 08:33:25 UTC 23.36.76.210
mnemonic passive DNS id.hadron.ad.gt (1) 0 2022-06-07 11:19:05 UTC 2022-09-30 20:32:16 UTC 52.40.56.16 Domain (ad.gt) ranked at: 3764
mnemonic passive DNS connect.facebook.net (5) 139 2012-05-22 02:51:28 UTC 2022-09-30 04:55:42 UTC 157.240.221.16
mnemonic passive DNS id.halo.ad.gt (1) 62475 2021-05-20 10:51:57 UTC 2022-09-30 20:32:16 UTC 52.24.177.43
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-30 04:55:45 UTC 142.250.74.72


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.17.64.14

Date UQ / IDS / BL URL IP
2022-11-28 08:40:54 +0000
0 - 0 - 1 ipfs.fleek.co/ipfs/bafybeighvpcb7jfsd6j6nfpek (...) 104.17.64.14
2022-11-25 06:38:22 +0000
0 - 0 - 3 ipfs.fleek.co/ipfs/QmPHdVxyUKGsnTwjmAu28LhzjK (...) 104.17.64.14
2022-11-24 16:53:40 +0000
0 - 0 - 1 ipfs.fleek.co/ipfs/bafybeihl4uwnvveytshfkgaoq (...) 104.17.64.14
2022-11-24 07:03:46 +0000
0 - 0 - 2 ipfs.fleek.co/ipfs/bafybeicz34ees6mnhvmet35oz (...) 104.17.64.14
2022-11-24 06:42:00 +0000
0 - 0 - 3 ipfs.fleek.co/ipfs/QmUWQB73AD3Q8XKKPGKGY5k8tF (...) 104.17.64.14

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-11-28 10:43:06 +0000
0 - 0 - 14 erreprosimpphy.ml/ru/ozon/ 172.67.171.177
2022-11-28 10:42:15 +0000
0 - 0 - 1 germanylatest.com/wp-includes/ajuyu/ali1/ali/ (...) 104.21.94.68
2022-11-28 10:38:36 +0000
0 - 0 - 1 topsurvey360.top/finance-survey.html 104.21.31.208
2022-11-28 10:38:14 +0000
1 - 0 - 0 www.apexcarparts.in/welsfmmmm/login.php?cmd=l (...) 104.21.84.224
2022-11-28 10:34:17 +0000
0 - 0 - 8 kw.andropampanga.com/9946-how-long-do-fruit-t (...) 104.21.27.169

Last 5 reports on domain: fleek.co

Date UQ / IDS / BL URL IP
2022-11-28 08:40:54 +0000
0 - 0 - 1 ipfs.fleek.co/ipfs/bafybeighvpcb7jfsd6j6nfpek (...) 104.17.64.14
2022-11-28 07:15:45 +0000
0 - 0 - 2 storageapi.fleek.co/130aa16a-afd8-4ca9-a1a7-8 (...) 104.18.7.145
2022-11-28 07:13:16 +0000
0 - 0 - 2 storageapi-stg.fleek.co/33cef4be-531e-4d7f-a0 (...) 104.18.6.145
2022-11-28 07:12:52 +0000
0 - 0 - 3 storageapi-stg.fleek.co/77a3b1aa-0ebe-4b6d-90 (...) 104.18.6.145
2022-11-28 07:12:48 +0000
0 - 0 - 2 storageapi-stg.fleek.co/97b070fa-f984-433c-9b (...) 104.18.6.145

Last 2 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-16 13:10:42 +0000
0 - 0 - 2 ipfs.fleek.co/ipfs/bafybeieubzzlbbjz2haadaugi (...) 104.17.96.13
2022-11-16 04:10:09 +0000
0 - 0 - 2 ipfs.fleek.co/ipfs/bafybeieubzzlbbjz2haadaugi (...) 104.17.64.14


JavaScript

Executed Scripts (42)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (129)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 30 Sep 2022 20:16:13 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bwI_8AoAxm-CAdHHNMw73V6zssKMJOIgwoEjzdFGUgaduvczNayLDw==
Age: 962


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9643
Expires: Fri, 30 Sep 2022 23:12:58 GMT
Date: Fri, 30 Sep 2022 20:32:15 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 30 Sep 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _6KZVXotjFkieOR_smwpkpLwuPd90922g58SOZj-CH7MIisv6xitCQ==
age: 54228
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 30 Sep 2022 20:32:15 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff HTTP/1.1 
Host: prod-cdn.wetransfer.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ipfs.fleek.co
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.83
HTTP/2 200 OK
content-type: font/woff
                                        
content-length: 31120
date: Wed, 21 Sep 2022 09:55:05 GMT
last-modified: Wed, 21 Sep 2022 08:39:20 GMT
etag: "57cbbfdafc43e0deecc75a309dd042c6"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VZf7b_jl2s2XkCyxmQiNq38Hsy_K5yiJwpHjVxaan2vV0UcymV1JiA==
age: 815832
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 31120, version 1.6554\012- data
Size:   31120
Md5:    57cbbfdafc43e0deecc75a309dd042c6
Sha1:   b9cc2ff331b8520706de175f5b3fdba6731a9bfc
Sha256: a9117f16bdaa64c953b303bef951dfca6316ef59f1b7ca72d5b946b1d815f6a6
                                        
                                            GET /packs/esm/71-2ff63878306f2c4473fc.es6.js HTTP/1.1 
Host: prod-cdn.wetransfer.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.83
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 397
date: Fri, 30 Sep 2022 07:25:09 GMT
last-modified: Mon, 27 Jun 2022 09:51:06 GMT
etag: "0ad4fcc2f503e98d836d3866925ebfa1"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: P6p9wtYtyYovCuSfQ4B8Vs6oW94K4ccg-Pdb5p0eqR3O0yNYgdn8oQ==
age: 47228
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (397), with no line terminators
Size:   397
Md5:    0ad4fcc2f503e98d836d3866925ebfa1
Sha1:   338854449bdbdc95f0f87cc10661d9164c27e75b
Sha256: 98a31fa8bc6612b753bf15b4c6fd22259186c158fd156c29724e4f90b3bc3dc8
                                        
                                            GET /packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff HTTP/1.1 
Host: prod-cdn.wetransfer.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ipfs.fleek.co
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.83
HTTP/2 200 OK
content-type: font/woff
                                        
content-length: 32124
date: Wed, 21 Sep 2022 09:55:05 GMT
last-modified: Wed, 21 Sep 2022 08:39:20 GMT
etag: "868aedeefe7669e8a4f7196f7df5d058"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7VVR1_Ym9p7vT8ZxKW91tB-EusPvoDJtpA4RUTv_192cHQq5iWL4iQ==
age: 815832
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 32124, version 1.6554\012- data
Size:   32124
Md5:    868aedeefe7669e8a4f7196f7df5d058
Sha1:   45bd20ef2c6b717a2526efd98a01207979b2a623
Sha256: d8700b022ef56752cd12ff224b3f409e84aeb8a43ac68ba052167096baf46555
                                        
                                            GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Origin: https://ipfs.fleek.co
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 30 Sep 2022 20:32:16 GMT
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2514361
expires: Wed, 20 Sep 2023 20:32:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=viHDVbRrLI%2FYd9a4DRIKl8poP0NijzOQWxp%2BR2lXx7wUiEBub%2F8pwOA9qGK8J%2F9ZZPBvPmg6Ial8GqpAodcU6fRKFOK3O2pY3EpjJmuMaddjYYdKBzzbDRRSHWGpXp47Gael%2FAXN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 752fba155992b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (19015)
Size:   6157
Md5:    7b4114faa411d059a9a5ac4b5b4d9dee
Sha1:   277da4486916fa3a4ab3375f47bc98f58dbf90f6
Sha256: 60b3528de2f7d48cbb335d19dddef756aaacc70f73d4254a2ef17978a14ca0d9
                                        
                                            GET /packs/css/application-a370aeb8.chunk.css HTTP/1.1 
Host: prod-cdn.wetransfer.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.83
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 25 Aug 2022 07:07:34 GMT
last-modified: Tue, 28 Jun 2022 12:26:02 GMT
etag: W/"0cac266ca337660fdbafc69249a04f53"
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pU19pHmFbA-J_nzg1Zfmu3mPq2OrVbi3_knzpSEKsdkgNml0NdC-nA==
age: 3158682
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   57984
Md5:    84c15b20c7d681c29709c723608236e8
Sha1:   f16e3778241b8fcee4b8c880357c1626a34f8520
Sha256: bbe4fbede01b02411d81c4520c216d6a790dcdda9a7d7abda8b1a7c99fbf5333
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 710
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:32:16 GMT
Last-Modified: Fri, 30 Sep 2022 20:20:26 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /ads/pixel.js HTTP/1.1 
Host: www.redditstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.140
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Tue, 19 Jul 2022 22:48:09 GMT
etag: "95212d33cfff78ad59f5af5b20c48c53"
cache-control: public, max-age=60
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 30 Sep 2022 20:32:16 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (25224)
Size:   7722
Md5:    95212d33cfff78ad59f5af5b20c48c53
Sha1:   9b99a4091a6eb716bc68f1428e3c86eca068b25b
Sha256: bd69f250efa08cb2c0a06c35d91fda762779820d87779019c25211f4559ebb1d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6466
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:32:16 GMT
Last-Modified: Fri, 30 Sep 2022 18:44:30 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 20:32:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /jquery-3.2.1.slim.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Origin: https://ipfs.fleek.co
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 30 Sep 2022 20:32:16 GMT
content-encoding: gzip
content-length: 23856
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-10fdd"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664569936.dop213.sk1.t,1664569936.cds257.sk1.hn,1664569936.cds235.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32012)
Size:   23856
Md5:    30f5157a965bc792a83e9bacfe265f03
Sha1:   8330886371fe27f3cbac509e0ac9712207574c66
Sha256: 4d12cab1f84ec2ac780bc8e0d865d9c61025be579c78d6532d76f0574d17fca0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 20:32:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pagead/viewthroughconversion/778938880/?random=1656083256772&cv=9&fst=1656083256772&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2&gtm=2wg6m0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.226
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 20:32:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1066
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 30-Sep-2022 20:47:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2420), with no line terminators
Size:   1066
Md5:    6eb513a084f128334a51158f4ba5ad8d
Sha1:   84fdb322c00064da75284d9f3369f982fcd2d591
Sha256: 4584e7e238e114c508d8b27e05bd3b72e5a4efe3beef4d7acda978583b5837b7
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6249
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:32:16 GMT
Last-Modified: Fri, 30 Sep 2022 18:48:07 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.234
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 21:06:53 GMT
expires: Thu, 28 Sep 2023 21:06:53 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 170723
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32065)
Size:   30028
Md5:    6d973c8b7e2439d958e09c0a1ab9fe50
Sha1:   05ae0830200c20b9a2dfd5a825adc400481a60fb
Sha256: f3c122dc227e829ed96b2a754296809201bd78abbad7ba50ef5079654e1cc894
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4797
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:32:16 GMT
Last-Modified: Fri, 30 Sep 2022 19:12:20 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 20:32:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 20:32:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 20:32:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtm.js?id=GTM-K878LCS&l=dataLayer HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 30 Sep 2022 20:32:16 GMT
expires: Fri, 30 Sep 2022 20:32:16 GMT
cache-control: private, max-age=900
last-modified: Fri, 30 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93025
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (37282)
Size:   93025
Md5:    af10fa8898cc9d512ce033e60c2412a3
Sha1:   b77e9aa517a91dd51af82a0029ed23a1daa08de0
Sha256: 168d89dae28d158a283929db624c9fd56a857f96774a2be03c1c1978a5aa5bc5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.110
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:32:16 GMT
Last-Modified: Fri, 30 Sep 2022 19:16:33 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zVWBICh3ashgFfwE1bChCDjy4NR17zoKPPwqnFG95Odd-FTuAPr4HQ==
Age: 4544

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.110
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:32:16 GMT
Last-Modified: Fri, 30 Sep 2022 19:27:14 GMT
Server: ECS (nyb/1D18)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: yqkfENEpFb1_WdYUEzd8xe4XqFMNwJFHK49P1vxWsqADuFjFziLnWQ==
Age: 3902

                                        
                                            GET /i18n/pixel/identify.js HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 2022093020321665ACBEAADA4FA7F4C262
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e3c0ff5377bc85bbd2de4564d903b552f5b5d5e244a5e26221ce1cc8cc047f92bc8be3b88b81c1e73062354550b42cf02
content-encoding: gzip
expires: Fri, 30 Sep 2022 20:32:16 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 30 Sep 2022 20:32:16 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=112
x-origin-response-time: 112,23.36.79.13
x-akamai-request-id: 2271d834
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   31129
Md5:    93a973984cfdf3439c24269b8c9ab54d
Sha1:   020eaa8324913c8a92d046ee963782c55767184f
Sha256: c43831d1d3f11596fc3bd9b841d910a811f30e4ce32f778c3265b4c833132ac4
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 30 Sep 2022 20:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 30 Sep 2022 20:56:52 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TVTNQbqo5azYkypPiiCBJmlbcwN_s9FhPCxcfb8EIJQptCv8toew1w==
Age: 163


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2632
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:32:16 GMT
Last-Modified: Fri, 30 Sep 2022 19:48:24 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /c.js?siteid=7f2d78d4-f913-42d1-8d60-7c59cb6b6daf&toploc=ipfs.fleek.co&rnd=4136641 HTTP/1.1 
Host: collector.brandmetrics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         20.50.2.28
HTTP/2 200 OK
content-type: text/javascript;charset=utf-8
                                        
date: Fri, 30 Sep 2022 20:32:16 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hH5quoIn9zsVeGttfvXTfQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.70.239.215
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: U6lzAjhxHUgON+7HtMIzoNe2L7Y=


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   37233
Md5:    e96f230949d0b9f4bc4f9c8295abc5a5
Sha1:   31dfa10bf4ddb499e294930596dac8d6ad4bc734
Sha256: 3ef08e644cb4c01e007fcd44ecb4f0314c2a7c47552ce9d435eb819dea329309
                                        
                                            GET /creator/wetransfer/2206-ideas-report-survey/evergreen/1_Nx2JGt/GTSuperWT-Super.92798cc4e1ff728ee767.woff2 HTTP/1.1 
Host: backgrounds.wetransfer.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://backgrounds.wetransfer.net/creator/wetransfer/2206-ideas-report-survey/evergreen/1_Nx2JGt/b/index.html?cacheId=fb2hmwd_0_236386683&_origin=https://wetransfer.com
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         143.204.55.17
HTTP/2 200 OK
content-type: font/woff2
                                        
content-length: 38284
last-modified: Tue, 19 Jul 2022 08:16:10 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 30 Sep 2022 20:32:18 GMT
etag: "6a8d4646d9fcbd875b4a37a5c1b4cba5"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: u64TAzKKn4aSBBcJhqyw7vc_TtKeRCk6OR3rFKND9LBJPjUlHH-Y8Q==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 38284, version 1.0\012- data
Size:   38284
Md5:    6a8d4646d9fcbd875b4a37a5c1b4cba5
Sha1:   842d60bfa20e37a5c29fefaffd913ad97b6f76eb
Sha256: 31eb54dd415db1996b89102f560078329a59a8792568395c1531c2a43833b60d
                                        
                                            GET /creator/wetransfer/2206-ideas-report-survey/evergreen/1_Nx2JGt/GTSuperWT-Regular.33399e4ba671a8a31fea.woff2 HTTP/1.1 
Host: backgrounds.wetransfer.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://backgrounds.wetransfer.net/creator/wetransfer/2206-ideas-report-survey/evergreen/1_Nx2JGt/b/index.html?cacheId=fb2hmwd_0_236386683&_origin=https://wetransfer.com
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         143.204.55.17
HTTP/2 200 OK
content-type: font/woff2
                                        
content-length: 40036
last-modified: Tue, 19 Jul 2022 08:16:10 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 30 Sep 2022 20:32:18 GMT
etag: "57e8971e577093e522e8288788750af9"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8Wu3YziW3dBhdkKnQJsPPiA2N8MvMjGO5jzy8uL6jNbH1mJNrnfulg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 40036, version 1.0\012- data
Size:   40036
Md5:    57e8971e577093e522e8288788750af9
Sha1:   d02fe432d9f05af964bb54bd7247a60b9ce39544
Sha256: c6f19a8118ae24780824a797484f8c970d47601ebfeadbc535009b174b780de3
                                        
                                            GET /api/v1/g_hosted?id=AU1D-0100-001664569934-5LTPB2PF-B1VF HTTP/1.1 
Host: ids.ad.gt
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.34.146.211
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
date: Fri, 30 Sep 2022 20:32:17 GMT
content-length: 473
location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY2NDU2OTkzNC01TFRQQjJQRi1CMVZG
server: nginx/1.20.0
set-cookie: au_id=AU1D-0100-001664569934-5LTPB2PF-B1VF; Expires=Sun, 29 Sep 2024 20:32:17 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure g_hosted=; Expires=Sun, 29 Sep 2024 20:32:17 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (363)
Size:   473
Md5:    9947ed2e6a76cae8159a497f471b3ed6
Sha1:   4e3cc7d1a21228ecb423cf728b2e5388724615f0
Sha256: a8d9b986d0ebc1197887e72d55ce7de663ad1a9f3863b1b640cb1f10ce9e7cb5
                                        
                                            GET /packs/esm/runtime~application-4a7dc9dbc7889b72739b.es6.js HTTP/1.1 
Host: prod-cdn.wetransfer.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.83
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 30 Sep 2022 07:25:09 GMT
last-modified: Thu, 23 Jun 2022 12:51:04 GMT
etag: W/"8d373cd7fdf9ee87968bebe558d05365"
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QNs51O1d5bykpR1uwy9WY7rXBtCO9y5GU-k4qPdXdD72Jxli06U4Ew==
age: 47228
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7364), with no line terminators
Size:   3117
Md5:    9c30a6434f56421ab6168ef3b86cc97a
Sha1:   530259a916da8c9033854f0812299258939d0826
Sha256: e6cbc5bc2240c31356d977158532e3d33dcd7b57bcc483e0c60de2a1b8f7e2f8
                                        
                                            GET /api/v1/p/367 HTTP/1.1 
Host: p.ad.gt
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         52.36.147.165
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 30 Sep 2022 20:32:17 GMT
server: nginx/1.20.0
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (39992), with no line terminators
Size:   11719
Md5:    e60b88e4ec58f1c45d7b33d0d8445c33
Sha1:   6130dd0ddadeb7bba2373029445f38d3abdb1ff1
Sha256: 764ae9e53f9b2a2f73b7a11e689e0ade75e7159faa7b33fb67ec55da97d2b1c9
                                        
                                            GET /packs/js/wallpaper-api-v2.js HTTP/1.1 
Host: prod-cdn.wetransfer.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://backgrounds.wetransfer.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         54.230.111.83
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 21 Aug 2022 03:55:54 GMT
last-modified: Fri, 19 Aug 2022 12:34:03 GMT
etag: W/"4b0b7d731b18d770c7c8e83ccbb777f8"
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RJR6bwk9ZPoCIZXPGpYBvwb37rnv5NSnWkr4gZiFTDAfORkhoWJERQ==
age: 3515784
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10327), with no line terminators
Size:   3441
Md5:    9b466d2b16890387177adad2edabaa82
Sha1:   0769755fc3bcbafda0f67b0b4c91a24ee21c3bb6
Sha256: 9fe002dbbd3bc20600dc2fd5164efaca039f338e38139bfaaa787cf0fd57c74b
                                        
                                            GET /api/v1/getpixels?tagger_id=841cb21260ed3f4f916b6b7ed9ac2d0e&url=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44&code=%27none%27 HTTP/1.1 
Host: pixels.ad.gt
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.200.124.182
HTTP/2 204 No Content
                                        
date: Fri, 30 Sep 2022 20:32:17 GMT
server: nginx/1.20.0
X-Firefox-Spdy: h2

                                        
                                            GET /packs/media/images/apple-touch-icon-180x180-precomposed-fd272b89.png HTTP/1.1 
Host: prod-cdn.wetransfer.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.83
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 16208
date: Fri, 15 Jul 2022 08:13:25 GMT
last-modified: Thu, 14 Jul 2022 15:32:23 GMT
etag: "bc5b180f2d0001298a5ea3691e3fc623"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GLtGe4KWlpsSa2qOq2--Xgj0yfFv_uXNyM1j_T_ba43X1Do6D2aUtg==
age: 6697132
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size:   16208
Md5:    bc5b180f2d0001298a5ea3691e3fc623
Sha1:   edf2c67a5cef4efd081e5e6e4bc027e72be45593
Sha256: b8c5bf2f80790d4abbe7fd5dca0bcf5c3eeaa4e23b1b35c8854a3fdb5c26b1e9
                                        
                                            GET /packs/media/images/favicon-a34a7465.ico HTTP/1.1 
Host: prod-cdn.wetransfer.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.83
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
                                        
content-length: 41566
date: Thu, 02 Jun 2022 03:15:55 GMT
last-modified: Wed, 01 Jun 2022 15:16:41 GMT
etag: "692e1c7339c359b6412f059c9c9a0474"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sArgaEj4MNHjtRtWIVB10nJ-BP8tgwDed2lJ9rH239SQAUVfAZMIXw==
age: 10430183
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Size:   41566
Md5:    692e1c7339c359b6412f059c9c9a0474
Sha1:   e7c1a53dca16b7664880e5b8a92524cf9a47fb62
Sha256: d12161435ace47c6883360e08466508593325f134c1852b1d0e6e75d5f76adda
                                        
                                            GET /plugins/ua/ecommerce.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 738
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Sep 2022 20:05:19 GMT
expires: Fri, 30 Sep 2022 21:05:19 GMT
cache-control: public, max-age=3600
age: 1618
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (745)
Size:   738
Md5:    f804aa0b574b678d24df5281ed71a61d
Sha1:   2fc02211b273e1ab4d362df05d592f2d822c2add
Sha256: 1d2d8c7f3502f4459478fe8c7495a27464d6f178b1d564333a107d310c0ea74d
                                        
                                            GET /bat.js HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         13.107.21.200
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: private,max-age=1800
content-length: 11367
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=08A82AC7A0DB629626DE38E8A18C63C4; domain=.bing.com; expires=Wed, 25-Oct-2023 20:32:17 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4938FC66CA7F44EA9784E1C6BF9A6CD2 Ref B: OSL30EDGE0409 Ref C: 2022-09-30T20:32:17Z
date: Fri, 30 Sep 2022 20:32:17 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Size:   11367
Md5:    293ae3e0fc8b0d5c143fdf9d8490228d
Sha1:   3976c659b908e70818a3a1ac71860b497fe2d1a9
Sha256: 04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 20:32:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /li.lms-analytics/insight.min.js HTTP/1.1 
Host: snap.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.210
HTTP/2 200 OK
content-type: application/x-javascript;charset=utf-8
                                        
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=13483
date: Fri, 30 Sep 2022 20:32:18 GMT
content-length: 3063
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7751)
Size:   3063
Md5:    57efbbeb3e1d23c82b677511c67c8b0e
Sha1:   f927ba115ef4be362694c22850ddbdd1c1b054d1
Sha256: 873b38d80c8ff1ffcac23ecdb7fb2d17413ae3c217236d8e1e24574b1c4707c6
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3926
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:32:18 GMT
Last-Modified: Fri, 30 Sep 2022 19:26:52 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /js/profitwell.js?auth=1a33eb12b20b92f6b89c398e023e2ca1 HTTP/1.1 
Host: public.profitwell.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.96
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Fri, 30 Sep 2022 07:25:31 GMT
last-modified: Tue, 28 Jun 2022 18:43:42 GMT
etag: W/"f3710cf44008e9509cf9d74fde8cff1f"
cache-control: public,max-age=86400
x-amz-version-id: Wa8rEL0sgfJJ468C6RWZ8GSg57cuV9EE
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NH93mGUN5q8QPXFKOkbDPpI1UtkbBs6PdtITzzwiEtMhMam679DjNA==
age: 47206
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   24023
Md5:    fdccce7e4ed399306cbdd58384c1bc75
Sha1:   f98d5dacd1806a44d05039f601d20db0f252f679
Sha256: b2a2984266ed4be760c0943874afe80bb17135f54011bab828265b15f2f9fd96
                                        
                                            GET /p/action/56335302.js HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         13.107.21.200
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
cache-control: private,max-age=60
content-length: 668
content-encoding: gzip
vary: Accept-Encoding
set-cookie: MUID=2F53E7AC265C66583C69F583270B6764; domain=.bing.com; expires=Wed, 25-Oct-2023 20:32:18 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E56C62B759BA45FBBD3B5156A28E86F5 Ref B: OSL30EDGE0409 Ref C: 2022-09-30T20:32:18Z
date: Fri, 30 Sep 2022 20:32:17 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   668
Md5:    a3dff3b84cde49c9cf7b46f3d994771b
Sha1:   50f97d3f15b07abdcafaed98c07d41e272251b34
Sha256: 2f9d325f39cf5c0123678ad3c66ebbf065eae7f0bc994999d3e879b016984d13
                                        
                                            GET /pagead/1p-user-list/778938880/?random=1656083256772&cv=9&fst=1656082800000&num=1&bg=ffffff&guid=ON&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2&gtm=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&async=1&fmt=3&is_vtc=1&random=3850848731&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 20:32:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Fri, 30 Sep 2022 18:41:09 GMT
expires: Fri, 30 Sep 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 6669
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   19826
Md5:    cae538dcce82598fbe43c0bf443e62dd
Sha1:   cc68ac6be9c5e0087a0000e5735b83270ace30f5
Sha256: 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
                                        
                                            GET /uwt.js HTTP/1.1 
Host: static.ads-twitter.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.84.157
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Tue, 30 Aug 2022 20:19:10 GMT
cache-control: no-cache
content-encoding: gzip
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
accept-ranges: bytes
date: Fri, 30 Sep 2022 20:32:18 GMT
x-served-by: cache-iad-kjyo7100169-IAD, cache-bma1667-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15317
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (57443), with no line terminators
Size:   15317
Md5:    1e9c4d503a9e162d8b549dc3d9c040e2
Sha1:   1fa99d7d7e878cdd45567af4b0c3c65542036c1d
Sha256: f936c0124c595fe5d0c7858277f3a5f3bd104de39d36ac92557501fa1dec8563
                                        
                                            GET /plugins/ua/ec.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1129
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Sep 2022 20:14:24 GMT
expires: Fri, 30 Sep 2022 21:14:24 GMT
cache-control: public, max-age=3600
age: 1074
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (523)
Size:   1129
Md5:    17427cd827c6f9e01d5ee868be659be5
Sha1:   6ff2e43c1a10e3c924870b48ae3cc36280b97f53
Sha256: 59157001be3cd5b0e3eae8afa425d1c694591c403fb9692bc3ad6d3235b423e7
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3926
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:32:18 GMT
Last-Modified: Fri, 30 Sep 2022 19:26:52 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/hadron.json HTTP/1.1 
Host: id.hadron.ad.gt
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Access-Control-Allow-Origin: *
Origin: https://ipfs.fleek.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         52.40.56.16
HTTP/2 200 OK
content-type: application/json
                                        
date: Fri, 30 Sep 2022 20:32:17 GMT
server: nginx/1.20.0
access-control-allow-origin: https://ipfs.fleek.co
access-control-allow-credentials: true
vary: Origin
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   94
Md5:    a6a76071498d15e9c6ac89bee78a393b
Sha1:   3017f3bcc2166d2f63b69e69d70fbb42c47056bc
Sha256: 3a968ac85f34d77fe5377257d24916d2cd78acb2e855d2713cd891242b19c018
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6003
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:32:18 GMT
Last-Modified: Fri, 30 Sep 2022 18:52:16 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3926
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:32:18 GMT
Last-Modified: Fri, 30 Sep 2022 19:26:52 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1252
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:32:18 GMT
Last-Modified: Fri, 30 Sep 2022 20:11:26 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /signals/plugins/identity.js?v=2.9.62 HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.221.16
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: vlVpp+HThtfm591aIG2fRPKfUuPnP1l1iYe4Tx1OZaSYoSkuUFXElOtvW5qOj/uGtr0S1S5sAKJ4zkwComsQ0w==
content-length: 20460
x-fb-trip-id: 1679558926
date: Fri, 30 Sep 2022 20:32:18 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (58777)
Size:   20460
Md5:    e35edfae3eb48039c4d2d778e6172a6f
Sha1:   ea797aa48367e262b58a9422d1f54b234115c462
Sha256: 343049bec915b92f7a3f07cec7ea278c974ba6113a4057204e026c7bc2c26f0d
                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.221.16
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: Vl4D58EjRgFnDUHPNDaDUA24Zcfl2+qz2RIJEg++VYUj6nz27mxyYSVFPHbwWq9iqJuQfzVJ9oNSEGUKcdxWzw==
priority: u=3,i
content-length: 26840
x-fb-trip-id: 1679558926
date: Fri, 30 Sep 2022 20:32:18 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   26840
Md5:    e1327a02d76346c7e23d114e4e508b30
Sha1:   195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
Sha256: 331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5704
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:32:18 GMT
Last-Modified: Fri, 30 Sep 2022 18:57:14 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 20:32:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001664569934-5LTPB2PF-B1VF&adnxs_id=$UID&gdpr=0 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.252.173.215
HTTP/1.1 307 Redirection
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Fri, 30 Sep 2022 20:32:18 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001664569934-5LTPB2PF-B1VF%26adnxs_id%3D%24UID%26gdpr%3D0
AN-X-Request-Uuid: b27e2be7-c08a-4cf1-93e7-47a2fd4a2b6c
Set-Cookie: uuid2=6091169438388463041; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 29-Dec-2022 20:32:18 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

                                        
                                            GET /pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001664569934-5LTPB2PF-B1VF HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.34
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001664569934-5LTPB2PF-B1VF&google_tc=
date: Fri, 30 Sep 2022 20:32:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 381
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 30-Sep-2022 20:47:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   381
Md5:    a37e372403aed903588e4021cd1a8602
Sha1:   d50463209f2e1c9a6f0c76339fa58ce198dcfe6f
Sha256: daeef079f2596e8bec0ee35880d26b5d2862974b4bdaf672abe4212cd476f998
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 20:32:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6312
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:32:18 GMT
Last-Modified: Fri, 30 Sep 2022 18:47:06 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 20:32:18 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 04 Oct 2022 19:01:51 GMT
ETag: "7c14ffe0d7c596fbd0bcf6f531054d4853a0e3a1"
Last-Modified: Fri, 30 Sep 2022 19:01:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 50
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 752fba220d42b51b-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    42d5dcaa9f65570a80fae9be4f332275
Sha1:   7c14ffe0d7c596fbd0bcf6f531054d4853a0e3a1
Sha256: 273c2af3da489c8e7c5582716330a3870926dab5ceee7ffbdc1468102de4e2e3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2165
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:32:18 GMT
Last-Modified: Fri, 30 Sep 2022 19:56:13 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /pagead/1p-user-list/778938880/?random=1656083256772&cv=9&fst=1656082800000&num=1&bg=ffffff&guid=ON&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=420&u_java=false&u_nplug=5&u_nmime=2&gtm=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&async=1&fmt=3&is_vtc=1&random=3850848731&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 20:32:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4050
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:32:18 GMT
Last-Modified: Fri, 30 Sep 2022 19:24:48 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY2NDU2OTkzNC01TFRQQjJQRi1CMVZG HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.34
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY2NDU2OTkzNC01TFRQQjJQRi1CMVZG&google_tc=
date: Fri, 30 Sep 2022 20:32:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 345
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 30-Sep-2022 20:47:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   345
Md5:    e0fc4a70f4fad8b710491e4d07d58f51
Sha1:   788f28fdda3a5614e2b9ad9b8ccb657c076cac68
Sha256: ec71c165fd7010a5b8a4cad5da3f25f62e16050a9922f3d396a98e0617e1fd3a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6394
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:32:18 GMT
Last-Modified: Fri, 30 Sep 2022 18:45:44 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 312

                                        
                                            GET /ibs:dpid=348447&dpuuid=AU1D-0100-001664569934-5LTPB2PF-B1VF&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001664569934-5LTPB2PF-B1VF HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.249.106.217
HTTP/1.1 302 Found
                                        
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v044-0d06d6d5c.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001664569934-5LTPB2PF-B1VF&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001664569934-5LTPB2PF-B1VF
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=57153795473478302834233340250435676784; Max-Age=15552000; Expires=Wed, 29 Mar 2023 20:32:18 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: sQBBoKy3SWc=
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001664569934-5LTPB2PF-B1VF&google_tc= HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.34
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
location: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001664569934-5LTPB2PF-B1VF&google_error=3
date: Fri, 30 Sep 2022 20:32:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 288
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   288
Md5:    c6090ded85168ede58d8882e141b6908
Sha1:   31f3712bd9c12eb04b47d4a6dcb9b472746d4527
Sha256: 6aab5c3d2a5053dfb108182fabf5ef1bc6d63ca3c1d2322ad3f1842e56b88eb9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.23
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Fri, 30 Sep 2022 20:32:18 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 30 Sep 2022 14:28:45 GMT
Expires: Sat, 01 Oct 2022 14:28:45 GMT
ETag: "1bd69feff5fc85f7b352010fa435f2aff82d2562"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    a30754d1f7b4dbecd8454c66a0199018
Sha1:   1bd69feff5fc85f7b352010fa435f2aff82d2562
Sha256: 01800209b919b4fa17911f1641a15e3274ad35b76274d31713524fd5488bb562
                                        
                                            GET /sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3DAU1D-0100-001664569934-5LTPB2PF-B1VF HTTP/1.1 
Host: sync.mathtag.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.29.134.248
HTTP/1.1 302 Moved Temporarily
Content-Type: image/gif
                                        
Date: Fri, 30 Sep 2022 20:32:18 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 4525 e1952b7 master cdg-pixel-x16 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=23586337-5252-4c00-a67a-9b89920399b4; domain=.mathtag.com; path=/; expires=Sat, 28-Oct-2023 20:32:18 GMT; SameSite=None; Secure
location: https://ids.ad.gt/api/v1/mediamath_match?user_id=23586337-5252-4c00-a67a-9b89920399b4&id=AU1D-0100-001664569934-5LTPB2PF-B1VF
Expires: Fri, 30 Sep 2022 20:32:17 GMT

                                        
                                            GET /collect?v=2&fmt=js&pid=&time=1664569934735&url=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44 HTTP/1.1 
Host: px.ads.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         13.107.42.14
HTTP/2 200 OK
content-type: application/javascript
                                        
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure bcookie="v=2&d57d7d3a-a7cf-46fd-8a82-5386c84c39eb"; domain=.linkedin.com; Path=/; Secure; Expires=Sat, 30-Sep-2023 20:32:18 GMT; SameSite=None lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2399:u=1:x=1:i=1664569938:t=1664656338:v=2:sig=AQHsjupNvmqs59pAzjJtSMEK7yqQ9o9K"; Expires=Sat, 01 Oct 2022 20:32:18 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXp6uPfelAzLbROROH9Cg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 19C28330B7E44C59928432D332C1AD73 Ref B: OSL30EDGE0321 Ref C: 2022-09-30T20:32:18Z
date: Fri, 30 Sep 2022 20:32:17 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /signals/config/1853083501571805?v=2.9.84&r=stable HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         157.240.221.16
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: KTcGB1dGQ9aacqYjSXhmm2xX4Mfvd4QIlMouB5M6cOcPz5McWEZBtc3d/K/ttO9eiidbrtP7yUiGS5hix2Az/A==
content-length: 87710
x-fb-trip-id: 1679558926
date: Fri, 30 Sep 2022 20:32:18 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64471)
Size:   87710
Md5:    f3c6a31e45cc9a89aec57a731dc6497a
Sha1:   59d62fb52ef4043ff6bfa824eb1e7d6d0725c906
Sha256: 7cad59abf039a1e6d090eb75ed3474c411ee5a8c436df39a9639440779a61f79
                                        
                                            GET /track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001664569934-5LTPB2PF-B1VF&gdpr=0 HTTP/1.1 
Host: match.adsrvr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         15.197.193.217
HTTP/2 200 OK
content-type: image/gif
                                        
date: Fri, 30 Sep 2022 20:32:18 GMT
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   70
Md5:    58a7930cd4577fc33c35828c271eab8f
Sha1:   406e57f86dc101e10f3a57be1e2f7b93c4580474
Sha256: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
                                        
                                            GET /token?pid=50242&puid=AU1D-0100-001664569934-5LTPB2PF-B1VF&gdpr=0 HTTP/1.1 
Host: token.rubiconproject.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         213.19.162.90
HTTP/1.1 204 No Content
                                        
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 2eb7d209ab67664d6226c75331547ba1

                                        
                                            GET /getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001664569934-5LTPB2PF-B1VF%26sas_uid%3D%5bsas_uid%5d&gdpr=0 HTTP/1.1 
Host: sync.smartadserver.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.86.138.146
HTTP/1.1 404 Not Found
content-type: text/plain; charset=utf-8
                                        
date: Fri, 30 Sep 2022 20:32:18 GMT
content-length: 21


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   21
Md5:    efa6ba503d1db3c0aeb36d2dfe12081a
Sha1:   bcb085dea063066be3fed25872f48e310261dc8f
Sha256: 673c79de9e33392bc95881a3d58488cf44e0509352a299e09bf119e2b09d170a
                                        
                                            GET /api/v1/partner/367?sync=1&url=https%3A%2F%2Fwetransfer.com%2F HTTP/1.1 
Host: id.halo.ad.gt
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.24.177.43
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
date: Fri, 30 Sep 2022 20:32:16 GMT
server: nginx/1.20.0
origin-trial:
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (55419)
Size:   110991
Md5:    97a6aa054df00e3d951171b8db378c67
Sha1:   962d9a3f2719c5509ca2e2b65ee6453666e827fc
Sha256: e9e3f2b7adf4db38419f5334182850a120e38fcd964b33b07d67e1c7f4b93048
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3926
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:32:18 GMT
Last-Modified: Fri, 30 Sep 2022 19:26:52 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001664569934-5LTPB2PF-B1VF%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.252.173.215
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Fri, 30 Sep 2022 20:32:18 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001664569934-5LTPB2PF-B1VF&adnxs_id=0&gdpr=0
AN-X-Request-Uuid: 47035bef-47ff-4385-bd0b-57cdb89ffe7e
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 20:32:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.110
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:32:18 GMT
Last-Modified: Fri, 30 Sep 2022 18:55:40 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: KF3qT_hXTq82axOlFLYjjVyix1qA2YUcHc87MqYeZv5-yzBGf_iW5w==
Age: 5798

                                        
                                            GET /tag/uet/56335302 HTTP/1.1 
Host: www.clarity.ms
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.246.53
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: no-cache, no-store
expires: -1
set-cookie: CLID=74aeefdbf1624656912da4fe6198435a.20220930.20230930; expires=Sat, 30 Sep 2023 20:32:18 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0UlI3YwAAAAAnzAfXS4r8Rquo55gSqM2vU1ZHMjBFREdFMDUxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Fri, 30 Sep 2022 20:32:17 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1997
Md5:    0311129527066a14459abe733d08fa94
Sha1:   e783f3bca3dbf1462fea661e0bc3d48195f785e5
Sha256: a0be469bef9d3f61cd8695d0368d635e96acad442ff4c77f926b6209537f8a8c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9789cead-4e6c-4a12-9b45-25d0efd38fc9.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 16011
x-amzn-requestid: d58dfdcd-383a-45ac-8ae2-2b97f016b6a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPdbjFy1IAMF84A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63360f7c-1ca9707a5e5087fd769d9ab6;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:34:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QKHN1asEv6w1mTLxsmn7Oj5AZTsPcg0H8zv5_qQ1BYptjL254kCZdA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 22:20:36 GMT
age: 79902
etag: "78b798f2cfa7db13a6b5ca2ca2783bece5e77d5d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   16011
Md5:    1389b1d624b44706c7a6f6b7eb769241
Sha1:   78b798f2cfa7db13a6b5ca2ca2783bece5e77d5d
Sha256: c3c2526b98be06fc7e793e1150bacde2a7bd718e29a851a6e6992e8d84333790
                                        
                                            GET /AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001664569934-5LTPB2PF-B1VF HTTP/1.1 
Host: image2.pubmatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.64.189.110
HTTP/2 302 Found
                                        
server: nginx
date: Fri, 30 Sep 2022 20:32:18 GMT
set-cookie: KTPCACOOKIE=true; domain=pubmatic.com; secure; expires=Thu, 29-Dec-2022 20:32:18 GMT; path=/
location: https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001664569934-5LTPB2PF-B1VF
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5168
Md5:    a3dfbfd9e53912bbfabc18b47a588c56
Sha1:   7306aa205ba207be287394449697fcbc8f198338
Sha256: f3625a074cbe8f9f65755b7efac65acb8690b3705c017175dfc5082ae5d9ac5f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe12af206-9f17-40de-9764-14d3cdcb4d2f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6722
x-amzn-requestid: 6aca2e04-02b4-4e42-8bba-9bbe2ace1ed0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPeLrGq1oAMFuAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633610b0-65b0664d0233107029ef0157;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:40:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DClqs8vTlqibRwXU8dIkkFCUxigTLduturaxCfuvsMtDm-4VXjx2mg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 22:12:16 GMT
age: 80402
etag: "3248ca3a8b88efd5be8499898fce957d096cf211"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6722
Md5:    5b8d0a19bc0a56bb40a975c5c71af05a
Sha1:   3248ca3a8b88efd5be8499898fce957d096cf211
Sha256: da44d6dd845dc400b0b76f19c67e5a79d9359ce24fe5e4490477f195b23203b4
                                        
                                            GET /eus2/s/0.6.42/clarity.js HTTP/1.1 
Host: www.clarity.ms
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.246.53
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
cache-control: public,max-age=86400
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8d4495324d7d4"
vary: Accept-Encoding
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0UlI3YwAAAABnnOxCNBwbRp9G9iPaziQiU1ZHMjBFREdFMDUxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Fri, 30 Sep 2022 20:32:17 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (54141)
Size:   37455
Md5:    722a89c31d320ccab5a6870b22752027
Sha1:   0c51d050f2be3774ae11cec693c914e7acba2714
Sha256: a095dba8ef9ce4cc439d43774b492d9645ae792e8f3e57fca9ace24fb2a06e74
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3719
Expires: Fri, 30 Sep 2022 21:34:17 GMT
Date: Fri, 30 Sep 2022 20:32:18 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98c23448-09e3-4c05-86c5-dafbe6ca8a0e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8059
x-amzn-requestid: f8bb9e4b-9f3c-47ba-8524-de16155e536d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZNepwHAVoAMFvNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633544a4-5d884e29378635b60592b618;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 07:09:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NMiKZSkokVXNTV76vsVJ7VEu6YFfT9MqL7tHtT8CwZq0BwTbXOpm6Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 06:34:26 GMT
age: 50272
etag: "86dd3bf133e9eddf8852f39e1ee695ee599ac886"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8059
Md5:    d21d2bdcedbd619a80017054076319f9
Sha1:   86dd3bf133e9eddf8852f39e1ee695ee599ac886
Sha256: fc5672d5a8e9c6a5ec531f7ba05b65c192af37edf6c3a48105df3685de44ec0d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4338
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:32:18 GMT
Last-Modified: Fri, 30 Sep 2022 19:20:00 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001664569934-5LTPB2PF-B1VF&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001664569934-5LTPB2PF-B1VF HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.249.106.217
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-2-v044-022c8a2e6.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: TXd3nk8qQ5I=
Content-Length: 59
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   59
Md5:    1251cd5e5c2def4c046309375f87c1c1
Sha1:   e02d6b0c6a5c495c15985e2832e335eda8528c80
Sha256: 4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3719
Expires: Fri, 30 Sep 2022 21:34:17 GMT
Date: Fri, 30 Sep 2022 20:32:18 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59da9c68-5ffa-4dc1-adf8-645278cd60ca.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10380
x-amzn-requestid: 35ee2a77-159c-4bb4-a825-98c638398586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPdZYHsTIAMFQNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63360f6f-4f68073432bcea371c7b8f03;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IENB0e-e13ywHJKPgyLWn1bGPMMxFLUu3cIUcREjGhxDEMROEL1jBg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:45:15 GMT
age: 82023
etag: "265840b2d2fc6eb764cc6409b05deee8d77a19c2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10380
Md5:    139a144f8cb04ac8aae65f4bad1473e7
Sha1:   265840b2d2fc6eb764cc6409b05deee8d77a19c2
Sha256: 6e0f01b6bdd5a92e92c7b29a6172a2900c68900afd2abba948940621252e0fd8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 20:32:18 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 01:55:57 GMT
Expires: Wed, 05 Oct 2022 01:55:56 GMT
Etag: "91502e4eabf4935c7e4f1d0463e9396ff71284fa"
Cache-Control: max-age=364417,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 752fba22490f1bfa-OSL

                                        
                                            GET /i.gif?e=eyJ2IjoiMS4xMCIsImF2Ijo0MzE0NDksImF0Ijo5NTksImJ0IjowLCJjbSI6NzU0MzQyNzksImNoIjozNDkwMiwiY2siOnt9LCJjciI6OTIxNDg5OTQsImRpIjoiODU3MzJiOWY1NWQ1NDc5MGIwYThjMjkzMmFjNDRkNzAiLCJkaiI6MCwiaWkiOiJmNDY4MDZhN2JhYzY0NzY5OGQ0ODM3MjQxZWE0Mzc5ZCIsImRtIjozLCJmYyI6MjMzOTUzNzAyLCJmbCI6MjI1NjcyMzM3LCJpcCI6IjM2LjgxLjE0My4xMDUiLCJudyI6MTAyMjAsInBjIjowLjQsIm9wIjowLjQsImVjIjowLCJnbSI6MCwiZXAiOm51bGwsInByIjoxNDk2ODYsInJ0IjozLCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wYTViMDM4OWFkYjVhNTNmMCIsInNwIjoyMTEyMTI5LCJzdCI6MTA1NTkyMiwidWsiOiJzcC02NmJiZTgzNC00ZWZmLTQ4NTktYjhlMi0wNDM1ZjJiZDA1NmIiLCJ6biI6MTk5MDcxLCJ0cyI6MTY1NjA4Mzk4NDMxMSwicG4iOiJpZnJhbWUiLCJnciI6dHJ1ZSwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJ0eiI6IlVUQyIsImFnIjoxLCJiYSI6MSwiZnEiOjB9&s=lMQvQpF7q84B7pVMqB23NqsR8CQ HTTP/1.1 
Host: e-10220.adzerk.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.210.200.244
HTTP/2 200 OK
content-type: image/gif
                                        
date: Fri, 30 Sep 2022 20:32:18 GMT
content-length: 43
server: nginx
x-powered-by: adzerk bifrost/
access-control-allow-origin: undefined
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
access-control-allow-headers: Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
x-served-by: bifrost-production-shard001-us-east-1a-i-0634958c64155ee26
set-cookie: azk=sp-66bbe834-4eff-4859-b8e2-0435f2bd056b; Path=/; Expires=Sat, 30 Sep 2023 20:32:18 GMT; Secure; SameSite=None azk-ss=true; Path=/; Expires=Sat, 30 Sep 2023 20:32:18 GMT; Secure; SameSite=None
etag: W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    07fff40b5dd495aca2ac4e1c3fbc60aa
Sha1:   e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
Sha256: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
                                        
                                            GET /tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44&rl=&if=false&ts=1664569935119&cd[partner_id]=367&cd[tagger_id]=841cb21260ed3f4f916b6b7ed9ac2d0e&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1664569935114.1040358103&it=1664569934970&coo=false&tm=1&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.221.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Fri, 30 Sep 2022 20:32:18 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fipfs.fleek.co%2Fipfs%2Fbafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44&rl=&if=false&ts=1664569935114&cd[partner_id]=367&cd[tagger_id]=841cb21260ed3f4f916b6b7ed9ac2d0e&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664569935114.1040358103&it=1664569934970&coo=false&tm=1&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.221.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Fri, 30 Sep 2022 20:32:18 GMT
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3615
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:32:18 GMT
Last-Modified: Fri, 30 Sep 2022 19:32:03 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 314

                                        
                                            GET /dna HTTP/1.1 
Host: dnacdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         178.250.0.157
HTTP/2 200 OK
                                        
date: Fri, 30 Sep 2022 20:32:17 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=AH59qV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czI4ZWF5aDF6MUNZZ3NCdk5hYmE3dWtmdW1iV3B6Zml6UFIwQ3FLcUZoRUk; expires=Wed, 25 Oct 2023 20:32:18 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 209525
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2392
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:32:18 GMT
Last-Modified: Fri, 30 Sep 2022 19:52:26 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 314

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2435
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:32:18 GMT
Last-Modified: Fri, 30 Sep 2022 19:51:43 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 314

                                        
                                            POST /collect HTTP/1.1 
Host: b.clarity.ms
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Content-Type: text/plain;charset=UTF-8
Content-Length: 806
Origin: https://ipfs.fleek.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         20.75.32.255
HTTP/2 204 No Content
                                        
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://ipfs.fleek.co
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Fri, 30 Sep 2022 20:32:18 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001664569934-5LTPB2PF-B1VF%26unruly_id%3D%5BRX_UUID%5D&cb=1664569938503 HTTP/1.1 
Host: sync.1rx.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         213.19.147.45
HTTP/2 302 Found
content-type: text/html
                                        
date: Fri, 30 Sep 2022 20:32:18 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001664569934-5LTPB2PF-B1VF&unruly_id=OPTOUT
etag: OPTOUT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, max speed, from Unix\012- data
Size:   40
Md5:    51ca99cddc637b10a5b7783222dbc98a
Sha1:   f1121c5e0ae914c7e86609378de79a72e1fb7a39
Sha256: 5b54d1e99613db523e70b02d880451d1c84bab450ecfe66e5be207a822868ee6
                                        
                                            GET /c.gif?CtsSyncId=2F84DD736160416F93BE8F3982517071&RedC=c.clarity.ms&MXFR=19314A7147F7655F3C3A585E43F76BD5 HTTP/1.1 
Host: c.bing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.21.200
HTTP/2 302 Found
                                        
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=2F84DD736160416F93BE8F3982517071&MUID=346C313880B864C914A6231781EF653B
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=346C313880B864C914A6231781EF653B; domain=c.bing.com; expires=Wed, 25-Oct-2023 20:32:19 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7306D13438DB4274AAD442A17E9D036C Ref B: OSL30EDGE0409 Ref C: 2022-09-30T20:32:18Z
date: Fri, 30 Sep 2022 20:32:18 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /c.gif?CtsSyncId=2F84DD736160416F93BE8F3982517071&MUID=346C313880B864C914A6231781EF653B HTTP/1.1 
Host: c.clarity.ms
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         20.234.93.27
HTTP/2 200 OK
content-type: image/gif
                                        
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
accept-ranges: bytes
etag: "8d3298b0aac7d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Fri, 30-Sep-2022 20:42:19 GMT; path=/; SameSite=None; Secure;
date: Fri, 30 Sep 2022 20:32:19 GMT
content-length: 42
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    32023bb33cfb2a1990a4ef2d85b6ac16
Sha1:   23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
Sha256: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
                                        
                                            GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1 
Host: stackpath.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.11.207
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 30 Sep 2022 20:32:16 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 11/15/2021 23:30:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: a35b0179a28ed953258d0fb41376a09c
cdn-cache: HIT
cf-cache-status: HIT
age: 7613784
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 752fba15cd2eb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /apps/wallpaper/0.9.0/main.449ac4713c593dca.esm.js HTTP/1.1 
Host: nolan.wetransfer.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.42
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 30 Sep 2022 20:32:17 GMT
last-modified: Wed, 22 Jun 2022 12:27:44 GMT
etag: W/"b5c7053227a8d64715428d2e5fc3c068"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cY2WRptKFt5j_MyOH3ruEAy7j4-UOO3RPmPHuHKv7MLiDgtnDnBpug==
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /scripts/bundle/65568.js?sid=7f2d78d4-f913-42d1-8d60-7c59cb6b6daf&toploc=ipfs.fleek.co HTTP/1.1 
Host: cdn.brandmetrics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.26.7.155
HTTP/2 200 OK
content-type: text/javascript;charset=utf-8
                                        
date: Fri, 30 Sep 2022 20:32:16 GMT
cache-control: public, max-age=3600
cf-cache-status: EXPIRED
last-modified: Fri, 30 Sep 2022 11:41:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nlVv9Fv%2FIhhTrDxnXEpaOxQsWONU7aY3OM%2BBbhmiZoKvC0kc3nZazV05r2CvqOgR29KDb48rkDNjCZixSyyxs1K%2BzbXfTWBTk58NH7JqkxpkhBIDswReKYR2UWL7m0QAyq2j0zXJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 752fba194adcb4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /signals/config/1853083501571805?v=2.9.62&r=stable HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.221.16
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 5oiB/0CjEAGMMnJaD+S7CQ56gbtBhgto0bAxYxQbWUH2x/cH4ff4CRPjHMyKtQmlJKCCrLDamj4tN2dZTNobaA==
x-fb-trip-id: 1679558926
date: Fri, 30 Sep 2022 20:32:18 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /packs/esm/application-2f0386ee23e6ae4bb05d.es6.js HTTP/1.1 
Host: prod-cdn.wetransfer.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.83
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 30 Sep 2022 07:25:09 GMT
last-modified: Mon, 27 Jun 2022 09:51:06 GMT
etag: W/"229c5ddc2c3a2710d9292e35db8963c9"
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: C2rKSgS44sVm9slf18ntsRktdmjQ5KnzbCBFqhPoWNHbx-99TWM8cw==
age: 47228
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /api/v1/g_match?id=AU1D-0100-001664569934-5LTPB2PF-B1VF&google_error=3 HTTP/1.1 
Host: ids.ad.gt
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001664569934-5LTPB2PF-B1VF; g_hosted=; halo_id=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         52.34.146.211
HTTP/2 200 OK
content-type: image/gif
                                        
date: Fri, 30 Sep 2022 20:32:18 GMT
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Sat, 01 Oct 2022 08:32:18 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /tag/a79d0565d5244a0f813e40f2c4832d09/wetransfer.js HTTP/1.1 
Host: cdn.brandmetrics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.26.7.155
HTTP/2 200 OK
content-type: text/javascript;charset=utf-8
                                        
date: Fri, 30 Sep 2022 20:32:16 GMT
cache-control: public, max-age=3600
cf-bgj: minify
cf-polished: origSize=4735
cf-cache-status: HIT
age: 3458
last-modified: Fri, 30 Sep 2022 19:34:38 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAZW2f3NvndSfirr5t7utWSnZJXKUFODNv91G4SVicIiIUrfiNE4rcytBxDBpNIb4b6iunIqOl2ZfNca%2BShiDmnwtlZMHINScyOskHdKon8Wms75kopT0lwEUfFI8IZSe2o544wO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 752fba15ad90b4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /newidsd HTTP/1.1 
Host: gem.gbc.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         185.235.84.42
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Fri, 30 Sep 2022 20:32:18 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 111216
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/ld/ld.js HTTP/1.1 
Host: static.criteo.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         178.250.0.130
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 20:32:18 GMT
last-modified: Thu, 25 Aug 2022 11:02:07 GMT
etag: W/"630756af-a8d9"
expires: Sat, 01 Oct 2022 20:32:18 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /tag/uet/56335302 HTTP/1.1 
Host: www.clarity.ms
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         13.107.246.53
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: no-cache, no-store
expires: -1
set-cookie: CLID=d8da0fda86b64ce490882f06001565de.20220930.20230930; expires=Sat, 30 Sep 2023 20:32:18 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
x-cache: CONFIG_NOCACHE
x-azure-ref: 0UlI3YwAAAACT0If1MtwzQogr9gyndCpsU1ZHMjBFREdFMDUxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Fri, 30 Sep 2022 20:32:17 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001664569934-5LTPB2PF-B1VF%26unruly_id%3D%5BRX_UUID%5D HTTP/1.1 
Host: sync.1rx.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         213.19.147.45
HTTP/2 302 Found
content-type: text/html
                                        
date: Fri, 30 Sep 2022 20:32:18 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-d2c489b7-1aee-4322-adb4-6e2d6b9dc12e-003%22%7D; path=/; expires=Sat, 30 Sep 2023 20:32:18 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001664569934-5LTPB2PF-B1VF%26unruly_id%3D%5BRX_UUID%5D&cb=1664569938503
etag: RXd2c489b71aee4322adb46e2d6b9dc12e003
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /api/v1/match?id=AU1D-0100-001664569934-5LTPB2PF-B1VF&adnxs_id=0&gdpr=0 HTTP/1.1 
Host: ids.ad.gt
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001664569934-5LTPB2PF-B1VF; g_hosted=; halo_id=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         52.34.146.211
HTTP/2 202 Accepted
content-type: image/gif
                                        
date: Fri, 30 Sep 2022 20:32:18 GMT
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Sat, 01 Oct 2022 08:32:18 GMT
set-cookie: au_id=AU1D-0100-001664569934-5LTPB2PF-B1VF; Expires=Sun, 29 Sep 2024 20:32:18 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /api/v1/p/367?au_id=AU1D-0100-001656083096-ETFCNQ76-UDPG HTTP/1.1 
Host: p.ad.gt
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.36.147.165
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 30 Sep 2022 20:32:16 GMT
server: nginx/1.20.0
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /api/v1/unruly?id=AU1D-0100-001664569934-5LTPB2PF-B1VF&unruly_id=OPTOUT HTTP/1.1 
Host: ids.ad.gt
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001664569934-5LTPB2PF-B1VF; g_hosted=; halo_id=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         52.34.146.211
HTTP/2 202 Accepted
content-type: image/gif
                                        
date: Fri, 30 Sep 2022 20:32:18 GMT
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Sat, 01 Oct 2022 08:32:18 GMT
set-cookie: au_id=AU1D-0100-001664569934-5LTPB2PF-B1VF; Expires=Sun, 29 Sep 2024 20:32:18 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /ipfs/bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44 HTTP/1.1 
Host: ipfs.fleek.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __utma=155905004.1468018235.1653591318.1653591318.1653591318.1; __utmz=155905004.1653591318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); intercom-id-k1pm16x3=4dd3663d-9110-458c-8b62-23c955bfa0e0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         104.17.96.13
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 20:32:15 GMT
cf-ray: 752fba125f3b0b06-OSL
access-control-allow-origin: *
age: 37814
cache-control: max-age=86400
etag: W/"bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44"
cf-cache-status: HIT
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: hit
x-ipfs-path: /ipfs/bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44
x-ipfs-root: bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44
x-ipfs-roots: bafybeieubzzlbbjz2haadaugixl2tefufwjbonqbu5uivtzdqfv62sad44
set-cookie: __cf_bm=PMPgna8EGMgNOeV.Thgrq9yK0PlASGhpg04L8WzxEsA-1664569935-0-AWJYexR90jB5zMjTF1o9GtgUdL/7dyMiYy3c81cTV2Cjgeo5r0fZRS2RR0Hlc3+VKwdWmE6o2udSbW37m3UNHMQ=; path=/; expires=Fri, 30-Sep-22 21:02:15 GMT; domain=.ipfs.fleek.co; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
cloudflare-web3-deprecation: This hostname will be deprecated on January 15th, 2023. If you are the site administrator, please refer to https://developers.cloudflare.com/web3/reference/migration-guide
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - openphish: WeTransfer
    - fortinet: Phishing
                                        
                                            GET /packs/media/gt-super-wt/GT-Super-WT-Super-1b214df1.woff HTTP/1.1 
Host: prod-cdn.wetransfer.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ipfs.fleek.co
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.83
HTTP/2 200 OK
content-type: font/woff
                                        
content-length: 43188
date: Tue, 27 Sep 2022 20:14:36 GMT
last-modified: Tue, 27 Sep 2022 17:41:13 GMT
etag: "55576599a2d772f9297c5036d355b1fb"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GF2TBv7T2RuCXmclZzrAsIr4fB2IvwhOtT0jMBRV4hLzC4JURJLRyw==
age: 260261
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Origin: https://ipfs.fleek.co
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.11.207
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 30 Sep 2022 20:32:16 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 03/10/2022 17:24:53
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 860
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 9112cdfe1e798677d8162c8f3d8d3a77
cdn-cache: HIT
cf-cache-status: HIT
age: 3458605
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 752fba15a9b3b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /api/v1/mediamath_match?user_id=23586337-5252-4c00-a67a-9b89920399b4&id=AU1D-0100-001664569934-5LTPB2PF-B1VF HTTP/1.1 
Host: ids.ad.gt
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001664569934-5LTPB2PF-B1VF; g_hosted=; halo_id=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         52.34.146.211
HTTP/2 200 OK
content-type: image/gif
                                        
date: Fri, 30 Sep 2022 20:32:18 GMT
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Sat, 01 Oct 2022 08:32:18 GMT
set-cookie: au_id=AU1D-0100-001664569934-5LTPB2PF-B1VF; Expires=Sun, 29 Sep 2024 20:32:18 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dna HTTP/1.1 
Host: dnacdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=AH59qV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czI4ZWF5aDF6MUNZZ3NCdk5hYmE3dWtmdW1iV3B6Zml6UFIwQ3FLcUZoRUk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         178.250.0.157
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Fri, 30 Sep 2022 20:32:18 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=yfRXl180M0RITmhlJTJCZkMwOUJGQlhaMUN2czI4ZWF5aDF6MUNZZ3NCdk5hYmE3dW1JVWFTRCUyQmZicndSYllMTFhmcjhZJTJC; expires=Wed, 25 Oct 2023 20:32:18 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 218911
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /api/v1/u/matches/367?url=https%3A%2F%2Fwetransfer.com%2F&ref=https%3A%2F%2Fabout.wetransfer.com%2F HTTP/1.1 
Host: a.ad.gt
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.24.125.191
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 30 Sep 2022 20:32:16 GMT
server: nginx/1.20.0
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /signals/config/1904796869803472?v=2.9.62&r=stable HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.221.16
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 3J92qFe66yf9sSck0H8ZjsyjHOpjrz4+N5qOlBUnMwbNgYrMih91n9M3qYAYiNajKBrhQiazXqxgGQSYjvz99A==
x-fb-trip-id: 1679558926
date: Fri, 30 Sep 2022 20:32:18 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /syncframe?topUrl=ipfs.fleek.co&origin=onetag HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         178.250.2.146
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Fri, 30 Sep 2022 20:32:17 GMT
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=d505da68-4aa8-474f-a607-fefc286950e8; expires=Wed, 25 Oct 2023 20:32:17 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 269225
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /api/v1/g_match?google_error=3 HTTP/1.1 
Host: ids.ad.gt
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001664569934-5LTPB2PF-B1VF; g_hosted=; halo_id=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         52.34.146.211
HTTP/2 200 OK
content-type: image/gif
                                        
date: Fri, 30 Sep 2022 20:32:18 GMT
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Sat, 01 Oct 2022 08:32:18 GMT
X-Firefox-Spdy: h2


--- Additional Info ---