ocsp.digicert.com/
200 OK 471 B IP
Hash 221b3fe9a6458de64d8bbfcd4a8e2f36
988c93428ff15108d46a11865e1c7e2782fbae34
a5ff1b60b9ef85086d0c6617d9d39cf17ae45855bf7b0ee24ec49ad5a863c18e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5428
Cache-Control: max-age=108574
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 04:52:02 GMT
Etag: "635a4fdd-1d7"
Expires: Sat, 29 Oct 2022 11:01:36 GMT
Last-Modified: Thu, 27 Oct 2022 09:31:09 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1e997bec759570aa0db03e31bf013cc2
948fd8263ab0b40f75eaf9495f76a7f39f39d5f9
853f97990fe10ccb34066b1e73e93dac45794f42fb745b266b6a46b9e26d52e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "853F97990FE10CCB34066B1E73E93DAC45794F42FB745B266B6A46B9E26D52E9"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2461
Expires: Fri, 28 Oct 2022 05:33:03 GMT
Date: Fri, 28 Oct 2022 04:52:02 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 42d84e61e6aa4d3cce623adccfafc3e2
0dba69e98be53c153a6726ff934b2d55feb20d75
2f53662c68c9ea7be85837310861c8007fd039e5e4d8eb8f0d8948d5d1571a03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2F53662C68C9EA7BE85837310861C8007FD039E5E4D8EB8F0D8948D5D1571A03"
Last-Modified: Thu, 27 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2786
Expires: Fri, 28 Oct 2022 05:38:28 GMT
Date: Fri, 28 Oct 2022 04:52:02 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: DZRJuqHyMcy+UrsE+0d7go/toLNCPPn3CDBQb3YyvGvOrXeYVJMs8hRZhl+yWlwXsvHo+EnI1sw=
x-amz-request-id: ZHW5DSWF5V1HNH6C
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 28 Oct 2022 04:10:07 GMT
age: 2515
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash c9fac87567ce50cf66d8e605a0296f11
4e4cf48ab576ef4355f2cfd826684b64c1771597
7e97aa4a80c0a3be8126af6f5b0644d55b7841a01d39bfd19c106f2714c9468a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=108177
Date: Fri, 28 Oct 2022 04:52:02 GMT
Etag: "635a6383-1d7"
Expires: Sat, 29 Oct 2022 10:54:59 GMT
Last-Modified: Thu, 27 Oct 2022 10:54:59 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hKZVBaJVnbf0yH9AsnK01Y1nCspibqcP9XLJOb-4OZqJoI8LyfjMxA==
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 04:52:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
file.io/Uwc1tR8oLDvJ
302 Found 98 B IP
File type HTML document, ASCII text, with no line terminators
Hash e7e7f90c5abf82dc398c1c05573dd23a
c4b6c5107f0628530c0b136bdff5abe5f8a846fc
4a3d04a1c4616ffe1438c8d0a3faae8b53e16d8fbff216eecbea5204716500ab
GET /Uwc1tR8oLDvJ HTTP/1.1
Host: file.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Fri, 28 Oct 2022 04:52:03 GMT
content-type: text/html; charset=utf-8
content-length: 98
location: https://www.file.io/deleted
access-control-allow-origin: *
access-control-allow-headers: Cache-Control,Authorization,Content-Type,X-reqed-With,x-requested-with
access-control-allow-methods: GET,HEAD,POST,PUT,PATCH,DELETE
access-control-expose-headers: X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset
retry-after: 60
x-ratelimit-limit: 1
x-ratelimit-remaining: 9
x-ratelimit-reset: 2022-10-28T04:53:03.001Z
vary: Accept
X-Firefox-Spdy: h2
www.file.io/static/Inter.var-c2fe3cb2b7c746f7966a973d869d21c3.woff2
200 OK 325 kB URL HTTP/2 www.file.io/static/Inter.var-c2fe3cb2b7c746f7966a973d869d21c3.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 324864, version 1.0\012- data
Size 325 kB (324864 bytes)
Hash 8dd26c3dd0125fb16ce19b8f5e8273fb
f919da7384706d6924f10d56ce258129ed498845
85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8
GET /static/Inter.var-c2fe3cb2b7c746f7966a973d869d21c3.woff2 HTTP/1.1
Host: www.file.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file.io/deleted
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 324864
x-amz-id-2: sSSvEVeGWnw7g7RUFP6xImOcCkbUsEPYe9N2/GzPM+Ki8UbN8r3w1aufQi9nenxqJwIhpSVIU/c=
x-amz-request-id: W3XRACMSY7QT2C89
date: Mon, 24 Oct 2022 09:09:02 GMT
last-modified: Mon, 24 Oct 2022 09:05:46 GMT
etag: "8dd26c3dd0125fb16ce19b8f5e8273fb"
accept-ranges: bytes
server: AmazonS3
cache-control: public, max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3i7MIlneEn7P1VxgkBtrpjSCG769kB9fxveX-sks58gRX3cD7fApZQ==
age: 330182
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 30c5107c8f49f7471978d43d30847010
9f5c74e117f8cd972c5ca0983bc4023910601113
1c4451ea36f959819a5d50296603c2352c380ff89bf8812db857df6b8ac7bf69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 04:52:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash d72d2f5d05f03753594e43fd34398221
ac6795c1c33f3fa2139e7f8dc601c3e6de6029a5
036c965156cf07faecc342cb2e30b7a20def68ad4a10423951ce871a7a3a6777
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3980
Cache-Control: max-age=102066
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 04:52:03 GMT
Etag: "635a3c19-1d7"
Expires: Sat, 29 Oct 2022 09:13:09 GMT
Last-Modified: Thu, 27 Oct 2022 08:06:49 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 28 Oct 2022 04:41:09 GMT
expires: Fri, 28 Oct 2022 06:41:09 GMT
cache-control: public, max-age=7200
age: 654
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.file.io/page-data/deleted/page-data.json
200 OK 152 B URL HTTP/2 www.file.io/page-data/deleted/page-data.json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 728a4f433ef9bed1433eaa226cad06d0
d11dd8bfb88d158862a89fd6ca40054c53e2e77a
6741ba37050e6f42390fa4ce19efe5f2760490a010d7b1c613cd0707df88e3e5
GET /page-data/deleted/page-data.json HTTP/1.1
Host: www.file.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file.io/deleted/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 152
x-amz-id-2: a7X5IX4arGQ95EoThrDvD0gjKA9dGqcZio4D/ux2Zd+85G4yCkM7+7Yu2J+ZlNdpWOyLsuf5eqk=
x-amz-request-id: XXHBFK7G32YXRZJS
last-modified: Mon, 24 Oct 2022 09:05:44 GMT
accept-ranges: bytes
server: AmazonS3
cache-control: public, max-age=0, s-maxage=86400
date: Thu, 27 Oct 2022 06:48:49 GMT
etag: "728a4f433ef9bed1433eaa226cad06d0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZAmtcxpszDdal2fg21F-DRoVOGzcJzyv1q_riig1DprkgZYU9zbVPQ==
age: 79395
X-Firefox-Spdy: h2
www.file.io/page-data/app-data.json
200 OK 50 B URL HTTP/2 www.file.io/page-data/app-data.json
IP
File type JSON data\012- , ASCII text
Hash c2add5c1ce131d8981ee8ababaf5ec74
46fd41410a413ee58bb0a77563466c62b1e6153d
27b75a7887b7fd3716f7abff1ede95e77201eab7cbb4cc167d250c2082a56871
GET /page-data/app-data.json HTTP/1.1
Host: www.file.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file.io/deleted/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 50
x-amz-id-2: cem4N/LEZ5hv8h0RsefRB9nuV8rimV5hVlXAw8Umy2bNAtwimmw9v11YJdIvmeVIX51x91NJjwU=
x-amz-request-id: NAHD0QV8986YQDGD
last-modified: Mon, 24 Oct 2022 09:05:44 GMT
accept-ranges: bytes
server: AmazonS3
cache-control: public, max-age=0, s-maxage=86400
date: Thu, 27 Oct 2022 05:52:49 GMT
etag: "c2add5c1ce131d8981ee8ababaf5ec74"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tGFNYhp8jfkh6L4yR2MnDfTCbYilcu_h0Y1vR0BBwpHhquMctPs_nQ==
age: 82755
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 30c5107c8f49f7471978d43d30847010
9f5c74e117f8cd972c5ca0983bc4023910601113
1c4451ea36f959819a5d50296603c2352c380ff89bf8812db857df6b8ac7bf69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 04:52:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.file.io/page-data/sq/d/1655680770.json
200 OK 447 B URL HTTP/2 www.file.io/page-data/sq/d/1655680770.json
IP
File type JSON data\012- , ASCII text, with very long lines (447), with no line terminators
Hash c839c57483bd5d788408e7fc88e7cc8d
cab3b9fef4d0858c7d37d0a75a7f9b38ba229ac7
d2b39ffcc4994277d64afbdc2fdf1f9320dd33207dba07a324f21a1bb67d4a27
GET /page-data/sq/d/1655680770.json HTTP/1.1
Host: www.file.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file.io/deleted/
Cookie: _ga=GA1.2.1048497921.1666932722; _gid=GA1.2.37558474.1666932722
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 447
x-amz-id-2: SFbmDmF9GjegQ6jxBqvWu6bOXNGBVX+ix9fVBIn+BpDEzUVnlKrGrGgjvmkMtImB8bjucDzrCc8=
x-amz-request-id: H5W1HGD1PSHZ20D5
last-modified: Mon, 24 Oct 2022 09:05:44 GMT
accept-ranges: bytes
server: AmazonS3
cache-control: public, max-age=0, s-maxage=86400
date: Fri, 28 Oct 2022 01:07:40 GMT
etag: "c839c57483bd5d788408e7fc88e7cc8d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Fegm23FdWgSHjkxgDnG1yEhmc5UEQ9B2626iOtNs_Mn-hX6BwPUY4g==
age: 13464
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fgsVsbYl4jp/u9bx0ir1uQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: j5ZhxPLpzkd7H2WFHVU5Kar0Cyg=
www.file.io/381417c15e948e10ceded78bff93c5a25db3efa3-40bf9a1dd8e6dc843785.js
200 OK 70 kB URL HTTP/2 www.file.io/381417c15e948e10ceded78bff93c5a25db3efa3-40bf9a1dd8e6dc843785.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 473a0ce385897cc0ffbe606580e4d9e8
9a910f5df21f551ad5c381c0342d9296398f6db9
1b3aa71543e135a4f3227bc0b8ee465edbb7f59369e7bdd12f262ba765ee4134
GET /381417c15e948e10ceded78bff93c5a25db3efa3-40bf9a1dd8e6dc843785.js HTTP/1.1
Host: www.file.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file.io/deleted/
Cookie: _ga=GA1.2.1048497921.1666932722; _gid=GA1.2.37558474.1666932722
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
x-amz-id-2: Gj21ZWbkKC5kP3+7VOu6YQJOMs3J+tgeoW+uXLf4UR0QIy7vbR5BGDeu2WNSk/Fq8dGtTxd9kg0=
x-amz-request-id: W7FWHCWENB9747XM
date: Mon, 24 Oct 2022 09:08:09 GMT
last-modified: Mon, 24 Oct 2022 09:05:35 GMT
etag: W/"d7b6ca59f2fccbba3f62d8b48c85f4ab"
server: AmazonS3
cache-control: public, max-age=31536000
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ptimA7kZKMXtw9cc3Cdbmr92GCo1w5cT5FvT7_gpfaY0BWTq2Xy2_w==
age: 330235
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5e83a28b4cf3704ed7ee9b5b209caec6
9da8bd6baa00c240f5fe8511be7ebdc5166c18cf
021e6992122fcdc5803bd23e45f2fbb7b26f2c7d1d027dd5f9163d90f9fd6a36
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 04:52:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5e83a28b4cf3704ed7ee9b5b209caec6
9da8bd6baa00c240f5fe8511be7ebdc5166c18cf
021e6992122fcdc5803bd23e45f2fbb7b26f2c7d1d027dd5f9163d90f9fd6a36
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 04:52:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.file.io/scripts/prebid7.18.0.js
200 OK 76 kB URL HTTP/2 www.file.io/scripts/prebid7.18.0.js
IP
File type ASCII text, with very long lines (65161)
Hash 754abb393c68f76b352d5edd4c034da5
86fb1786db401e8aae88eab70630f29805738f4b
dccb1612d29bc4e732ed37b54baf179a35f5c0e679099a13cda3dc832533de8c
GET /scripts/prebid7.18.0.js HTTP/1.1
Host: www.file.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file.io/deleted/
Cookie: _ga=GA1.2.1048497921.1666932722; _gid=GA1.2.37558474.1666932722; _gat=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
x-amz-id-2: jnwnZcd/3jvZD0E7Tmkj6ZJ+9PRo2To6H8j2dqVdeA6aRlxJs4Y0ykD1oxUEA+Abedi2b3FbVl4=
x-amz-request-id: 48T0FY3STDN5MWBT
date: Mon, 24 Oct 2022 09:08:10 GMT
last-modified: Mon, 24 Oct 2022 09:05:45 GMT
etag: W/"c488e1001b33af7893c3558f28b0fac8"
server: AmazonS3
cache-control: public, max-age=31536000
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: c1PpvVZFsNNs4xNaKal5YUg-5xNzCRfOraXJvTEJuTQFNYvZs8juSw==
age: 330234
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-65658019-1&cid=1048497921.1666932722&jid=1361037545&gjid=1873296034&_gid=37558474.1666932722&_u=aEBAAEAAAAAAACAAI~&z=170099160
200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-65658019-1&cid=1048497921.1666932722&jid=1361037545&gjid=1873296034&_gid=37558474.1666932722&_u=aEBAAEAAAAAAACAAI~&z=170099160
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-65658019-1&cid=1048497921.1666932722&jid=1361037545&gjid=1873296034&_gid=37558474.1666932722&_u=aEBAAEAAAAAAACAAI~&z=170099160 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.file.io
Connection: keep-alive
Referer: https://www.file.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.file.io
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 28 Oct 2022 04:52:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5e83a28b4cf3704ed7ee9b5b209caec6
9da8bd6baa00c240f5fe8511be7ebdc5166c18cf
021e6992122fcdc5803bd23e45f2fbb7b26f2c7d1d027dd5f9163d90f9fd6a36
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 04:52:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 280 B IP
Hash 4f4beaf638f535fcd54f90228e39b142
7ceb4cda48c1fef5b1d3321cbc49fbccb0818212
7e28c676cb02e2b7fcd3f3bdd84e6ae857ca839371cf6a430c87f6c9e9f1b8e8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5526
Cache-Control: max-age=149321
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 04:52:04 GMT
Etag: "635aeea7-118"
Expires: Sat, 29 Oct 2022 22:20:45 GMT
Last-Modified: Thu, 27 Oct 2022 20:48:39 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 280
securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.file.io
200 OK 88 B URL HTTP/2 securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.file.io
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 25574d9bf970f32a1a459b76b7ea2324
d415595e894626360a1a8d013c4015f985554f28
fa1b7b3f9a0175a834b8683fc9d9d2395c1f473850c59d7e22bdad65ddd2671f
GET /pagead/ppub_config?ippd=www.file.io HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.file.io
Connection: keep-alive
Referer: https://www.file.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
date: Fri, 28 Oct 2022 04:52:04 GMT
expires: Fri, 28 Oct 2022 04:52:04 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 88
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 28-Oct-2022 05:07:04 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
200 OK 131 kB URL HTTP/2 securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
IP
File type ASCII text, with very long lines (65439)
Size 131 kB (130586 bytes)
Hash 237f50417617e11a97983c9361857c6b
c1c412ade8ff569aa5a3e5a73eb56cecb92b6fdc
535d387c91921ef295caa91698b28df486df405fee4b1bc3b578000420dd9014
GET /gpt/pubads_impl_2022102401.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 130586
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Oct 2022 15:50:48 GMT
expires: Fri, 27 Oct 2023 15:50:48 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Mon, 24 Oct 2022 08:37:42 GMT
content-type: text/javascript
age: 46876
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bid.glass/ad/hb.php?src=prebid_prebid_7.18.0
200 OK 39 B URL HTTP/1.1 bid.glass/ad/hb.php?src=prebid_prebid_7.18.0
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 60f653299256560d00e41ae817423f54
fed03f927711ebd337f9f74e28f7d34a7802dc84
0231b604d8a9e5bbd178fa9788c3e24cc7f336784ef37d98ab97837e3759cfaf
POST /ad/hb.php?src=prebid_prebid_7.18.0 HTTP/1.1
Host: bid.glass
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 333
Origin: https://www.file.io
Connection: keep-alive
Referer: https://www.file.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 28 Oct 2022 04:52:04 GMT
Server: Apache
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json
useast.quantumdex.io/auction/pbjs
204 No Content 0 B URL HTTP/2 useast.quantumdex.io/auction/pbjs
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /auction/pbjs HTTP/1.1
Host: useast.quantumdex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1718
Origin: https://www.file.io
Connection: keep-alive
Referer: https://www.file.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 28 Oct 2022 04:52:04 GMT
access-control-allow-origin: https://www.file.io
access-control-allow-credentials: true
access-control-allow-methods: POST, GET
set-cookie: uid=9b2084a4-d29c-4b24-bb65-7fa5927aef15; expires=Sun, 27 Nov 2022 05:52:04 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76110f55ca1109b5-ARN
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c14c3f7d8817b44fda85ba769cc83062
bf41520c5a807058748db49621e7d6ee4ecf5729
eb15bf461ab810e1487ece424600f22d33bebc4f438ef6a10927df18dda0d216
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 04:52:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=www.file.io
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.file.io
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.file.io HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 28 Oct 2022 04:52:04 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e4310918d6232571380ecdee01460a00
fde570a320de2d68089611ea286d8638d55dcb31
fc0209573f8bc2b00eadf4c750f336102d4d34cc4ea65fe60dfeb789970fcba1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 04:52:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=www.file.io
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.file.io
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.file.io HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 28 Oct 2022 04:52:04 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c14c3f7d8817b44fda85ba769cc83062
bf41520c5a807058748db49621e7d6ee4ecf5729
eb15bf461ab810e1487ece424600f22d33bebc4f438ef6a10927df18dda0d216
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 04:52:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e4310918d6232571380ecdee01460a00
fde570a320de2d68089611ea286d8638d55dcb31
fc0209573f8bc2b00eadf4c750f336102d4d34cc4ea65fe60dfeb789970fcba1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 04:52:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.file.io/a874c63d384a247abb93b2eff37b6f661aa3cb57-5cfe5a4092f64f208325.js
200 OK 20 kB URL HTTP/2 www.file.io/a874c63d384a247abb93b2eff37b6f661aa3cb57-5cfe5a4092f64f208325.js
IP
File type ASCII text, with very long lines (21660)
Hash 13bbdc72910f67362dde702cef647ad6
89a2ea426b7cb8dcafc29a021e15034333a17880
6e322732c2372d5e8337f46870320d0149c64f0b5fd38d65112ecac42adcbf45
GET /a874c63d384a247abb93b2eff37b6f661aa3cb57-5cfe5a4092f64f208325.js HTTP/1.1
Host: www.file.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file.io/deleted/
Cookie: _ga=GA1.2.1048497921.1666932722; _gid=GA1.2.37558474.1666932722
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
x-amz-id-2: 1UO22uvA0B/HYbkcJl0IkwJwf074iSXMkLcO/ho4H+ROBjm3ZnVr4zV0tFfeRll/7p2P/rUYc5aJd0bMbUoXzQ==
x-amz-request-id: W7FJJ34V3GD5AKP2
date: Mon, 24 Oct 2022 09:08:09 GMT
last-modified: Mon, 24 Oct 2022 09:05:36 GMT
etag: W/"2b921aab089ea83ec7bb825f970e0b68"
server: AmazonS3
cache-control: public, max-age=31536000
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4wDVfpeTdXahlX58Q6P2WfkGjHKZpxLyt8DpbFRwZyFBu5Fr5R_fiw==
age: 330235
X-Firefox-Spdy: h2
71b4507ad12a3149750b9661b1b44d14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
200 OK 3.1 kB URL HTTP/2 71b4507ad12a3149750b9661b1b44d14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5835)
Hash 3fa5e95a358d660ddb3c45769ae1357f
5f6164fbaf8cfbccfd061b00ae48dedfc16bbcd9
d32f4b680031c0e11222eb17385aa9d3b11d2903b05bff34c3d4eb6292631137
GET /safeframe/1-0-38/html/container.html HTTP/1.1
Host: 71b4507ad12a3149750b9661b1b44d14.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 28 Oct 2022 04:52:04 GMT
expires: Sat, 28 Oct 2023 04:52:04 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d832dd14c4a3b1d3cc484c23e5d1bdbe
f86bdb773bcbf196c12e3b3966886be29e6c19ce
cb9607f51ded06b584097781cbf799c0d0b041f80452361da2f67d6e5c264e4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 04:52:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.file.io/page-data/sq/d/1810866655.json
200 OK 6.8 kB URL HTTP/2 www.file.io/page-data/sq/d/1810866655.json
IP
File type JSON data\012- , ASCII text, with very long lines (1830), with no line terminators
Hash 9313e62853abe0fffa1d659c004c849d
92c4ccf75bcd9514cece30ad16ee861c27740cf6
a5626fc8809baa86fb14c2ba7de0692da7095217988c2a7681fa54bcc9de9480
GET /page-data/sq/d/1810866655.json HTTP/1.1
Host: www.file.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file.io/deleted/
Cookie: _ga=GA1.2.1048497921.1666932722; _gid=GA1.2.37558474.1666932722
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json
x-amz-id-2: VC2eBJty9CW5/QM/e1ebShJS4t0U3A9/9NoakVkr2eiviSNfL3iERp1Wo9PuO/ElqpqxAXAbR30=
x-amz-request-id: KRWWZE0TDPRT23V6
last-modified: Mon, 24 Oct 2022 09:05:44 GMT
server: AmazonS3
cache-control: public, max-age=0, s-maxage=86400
content-encoding: br
date: Fri, 28 Oct 2022 04:17:29 GMT
etag: W/"7bb0144e136507cd9bfbaceb72189d09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dXPwX_hbBJcpSpOHfOVwczKl20CuB8PdNoiRaP9Sa9jlSwp-JRS4Yw==
age: 2075
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Oct 2022 14:32:16 GMT
expires: Thu, 26 Oct 2023 14:32:16 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 137988
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0e1b81fcc7a70f4aa2d9951ef290017c
bfa146eb28fbde7c3f7a08a63e5560091938a107
35f4482a0989b04bd4dd86d0895a276cb94309708f45a20804cde74c4890a9e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 04:52:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
200 OK 514 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 60ccd531ba4400db2c04ca7e9c657915
952a4ef29825c93888c43ab2325d5fad39921556
40231f9829b13afbf468d73f15909ac0c85762088a81c9e88ea061d7a4b1e576
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 28 Oct 2022 04:52:04 GMT
date: Fri, 28 Oct 2022 04:52:04 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-3weLqaKJ2i-90PIDFjY76g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8199
Expires: Fri, 28 Oct 2022 07:08:44 GMT
Date: Fri, 28 Oct 2022 04:52:05 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8199
Expires: Fri, 28 Oct 2022 07:08:44 GMT
Date: Fri, 28 Oct 2022 04:52:05 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8199
Expires: Fri, 28 Oct 2022 07:08:44 GMT
Date: Fri, 28 Oct 2022 04:52:05 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8199
Expires: Fri, 28 Oct 2022 07:08:44 GMT
Date: Fri, 28 Oct 2022 04:52:05 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8199
Expires: Fri, 28 Oct 2022 07:08:44 GMT
Date: Fri, 28 Oct 2022 04:52:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg
200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2193431d88baf9af6829421cd13743ff
a192ab139ad0dc5cf206986eb06028ddad224e46
c535e09fb4a53ca580f5f5926d1494c50b6ad6c7c9ec78df6b7015213852b737
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9720
x-amzn-requestid: 6b4749ca-bcb9-4274-a309-e6d463851a6a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aV_n6FOSIAMFroA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63524632-56186f1f2a0bf68f6dba843b;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 07:11:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DjRLNrY4BFc3GwHGBW40LIyh-RYT3hshdKPxXok4KE97fGvatXN6yQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 11:05:53 GMT
age: 63972
etag: "a192ab139ad0dc5cf206986eb06028ddad224e46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a4f2e78-4c98-4f44-b823-f9f9c3850dab.jpeg
200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a4f2e78-4c98-4f44-b823-f9f9c3850dab.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 36abb19bfc8dc656604d1aaf0f9535f8
2a9686597b6baded54a9dbead224193825d2fddf
d1577656aafce56a2088479a357df0df8bfef92952290cef14cca89d43043ab8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a4f2e78-4c98-4f44-b823-f9f9c3850dab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8759
x-amzn-requestid: b8158571-eda8-4aec-9595-a4082b7bee5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: arwwIEdzIAMFvnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635afb33-7f65d3997faa3c5520e6b51f;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 21:42:11 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U7Xxk7NDKFyC4jUkSmUBeLvBTqqEnQOR8tzfKAzyf2sFbw9JOQ7QWw==
via: 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 22:27:25 GMT
age: 23080
etag: "2a9686597b6baded54a9dbead224193825d2fddf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b6e2a26-e87a-4329-8df1-ba2276a57eba.webp
200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b6e2a26-e87a-4329-8df1-ba2276a57eba.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13bafc15fa2fe97e27115e17bce8b22f
9d0fc7b50cbb96a3e85ccb501ed1d60a39a164d3
734419d9f9c28185501c25db3e0df01f2dc901a1a87bcdd066028392c8c82cf5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b6e2a26-e87a-4329-8df1-ba2276a57eba.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14602
x-amzn-requestid: f3e186c6-4734-4c1b-a432-aa799a12ed4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: arv9yGaMoAMFZ4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635af9f1-05c8bdc2153acd8915e04826;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 21:36:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -LtByCyKdn883A5CbwMzP1WXAsdL1X8sDa8qyRWuDmYGUNS-u9xTJA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 22:28:50 GMT
age: 22995
etag: "9d0fc7b50cbb96a3e85ccb501ed1d60a39a164d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7425e2fe-72f2-47ed-8c24-ca3882b64ca1.jpeg
200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7425e2fe-72f2-47ed-8c24-ca3882b64ca1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 21fd2ff471cab32871d4174e8fc656ba
ee6362f36470fea2a8a3432c12520f9a10175b68
01c3e63861073442cdbc414358415d2989ecffd9c3989e7946baec540b1066c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7425e2fe-72f2-47ed-8c24-ca3882b64ca1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4876
x-amzn-requestid: a6461ca9-ee65-420f-b066-681535c670ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: arv9wECHoAMFRmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635af9f1-657e9e40753d916d02adf799;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 21:36:49 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XKBFWTsqFqE48-bnCpCV2QLQaUGbRcR27yZ-ophBDl6ud3jQSh9eDQ==
via: 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 21:41:29 GMT
age: 25836
etag: "ee6362f36470fea2a8a3432c12520f9a10175b68"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b104e69-491c-4f53-9fae-fa41129f2f85.jpeg
200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b104e69-491c-4f53-9fae-fa41129f2f85.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fc2c93221654ead6c53327eede97fe64
2bf9f4a515624ce9c25ec72b8240d29a42dbefe8
7fa00658dda757daff0f6128c1bee4367c70d18769952f2eb5c066df6b56d379
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b104e69-491c-4f53-9fae-fa41129f2f85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7422
x-amzn-requestid: 108f56ce-0454-4f91-8713-e2b6599b96c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: arv3YFTsIAMF2Ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635af9c8-4c46b93363b0dd0d7aaa9831;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 21:36:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: J-xtYZ3VNTdma0utzBEvDkNp8AKyIP7_C0NoBXleVdUFTgMi7mfyIA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 21:41:18 GMT
age: 25847
etag: "2bf9f4a515624ce9c25ec72b8240d29a42dbefe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8626fba0-a7c4-4dc6-bf12-c0729c021a4e.jpeg
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8626fba0-a7c4-4dc6-bf12-c0729c021a4e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d2fd6da7ee9edf699043f459c5222890
fe98ecc73d8d3d4cb3cb2e544219551d21dea9a8
9f643aa4ce0b1527bd820eaf3d4fa42fb531f4f8aa0f393e0307172223fe0375
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8626fba0-a7c4-4dc6-bf12-c0729c021a4e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9928
x-amzn-requestid: 5198ff9e-5292-4c63-ac2d-ce11c5959f6d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: arv1_FUvIAMFtfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635af9bf-3ac07df1496453695a0b5bf8;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 21:35:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZBHu0-r4506nO6xxbqjAWtDWKjnINBPem06anr8ZxxWhFyVy-cVUGA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 21:41:18 GMT
age: 25847
etag: "fe98ecc73d8d3d4cb3cb2e544219551d21dea9a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/xbbe/pixel?d=CLi5-wEQvbPz_QIYm_6s1gEwAQ&v=APEucNXUDg3GAj-btF0bdfmUdwxZSgYo5sxVuhHPr2Ko-7jAVtABpf5Yi8x7L5R1TZqPKAb3AVltgqA6FHYCaLSiEBaryWYy76KD9_ZugV1AJcQw3Fs9V7TQo9VRDwxbhnP8E6trG-JB6p5AiCSZPpUCiaFi5uXzKjG11nkBWAPU9nQY3Tw12io
200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/xbbe/pixel?d=CLi5-wEQvbPz_QIYm_6s1gEwAQ&v=APEucNXUDg3GAj-btF0bdfmUdwxZSgYo5sxVuhHPr2Ko-7jAVtABpf5Yi8x7L5R1TZqPKAb3AVltgqA6FHYCaLSiEBaryWYy76KD9_ZugV1AJcQw3Fs9V7TQo9VRDwxbhnP8E6trG-JB6p5AiCSZPpUCiaFi5uXzKjG11nkBWAPU9nQY3Tw12io
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=CLi5-wEQvbPz_QIYm_6s1gEwAQ&v=APEucNXUDg3GAj-btF0bdfmUdwxZSgYo5sxVuhHPr2Ko-7jAVtABpf5Yi8x7L5R1TZqPKAb3AVltgqA6FHYCaLSiEBaryWYy76KD9_ZugV1AJcQw3Fs9V7TQo9VRDwxbhnP8E6trG-JB6p5AiCSZPpUCiaFi5uXzKjG11nkBWAPU9nQY3Tw12io HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://71b4507ad12a3149750b9661b1b44d14.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 04:52:05 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 28-Oct-2022 05:07:05 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 Oct 2022 04:52:05 GMT
cache-control: private
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/xbbe/pixel?d=CLi5-wEQvbPz_QIYm_6s1gEwAQ&v=APEucNUH-YedKHiNP2jsplcfZRokbLVSmoYcaD3dknaOjmJQ9TjUNFRp892dnDJwpKCXVhwFm3MnwiWW1Xjiw0yBnBdF2XJG9T_PTE7NiRYX7jIc4To6PDJyLvPhXfwRmqx8lVz-rdYfB1tJzT9ulyw5N22_HUyrBPQdLBgnQSTV4RDLeGqqvKA
200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/xbbe/pixel?d=CLi5-wEQvbPz_QIYm_6s1gEwAQ&v=APEucNUH-YedKHiNP2jsplcfZRokbLVSmoYcaD3dknaOjmJQ9TjUNFRp892dnDJwpKCXVhwFm3MnwiWW1Xjiw0yBnBdF2XJG9T_PTE7NiRYX7jIc4To6PDJyLvPhXfwRmqx8lVz-rdYfB1tJzT9ulyw5N22_HUyrBPQdLBgnQSTV4RDLeGqqvKA
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=CLi5-wEQvbPz_QIYm_6s1gEwAQ&v=APEucNUH-YedKHiNP2jsplcfZRokbLVSmoYcaD3dknaOjmJQ9TjUNFRp892dnDJwpKCXVhwFm3MnwiWW1Xjiw0yBnBdF2XJG9T_PTE7NiRYX7jIc4To6PDJyLvPhXfwRmqx8lVz-rdYfB1tJzT9ulyw5N22_HUyrBPQdLBgnQSTV4RDLeGqqvKA HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://71b4507ad12a3149750b9661b1b44d14.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 04:52:05 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 28-Oct-2022 05:07:05 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 Oct 2022 04:52:05 GMT
cache-control: private
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bh71MydCSw1_UibOi9hLafN-Mv9uiLMRkZcMUbeUukJ4mgUxVlwcS6iDfkd8t9vZSUNJgmGTeadAH8_JsrPU0mKVUtVw7GWwiT89g8nPwLCRrFbjGf1EnLnrOeionW5GP_hWc7Bmua7AmY5pONVfBuNcPExDnBkCw-J0EtFB4W735nDu8&cry=1&dbm_d=AKAmf-DvQH_bab7M1ievIaS2tDtufbZtemZ8RNf0gqZM3apuCssWZWEEJW2f4r6JVEOeZLLv_GP6SU5rGkrffMCjGcTAgobFUFHFa7ASGB0hBxGQ-epxhV4MLTglJnOH8-2DiApFOPMx1vthaBzDPQduWdFM6As9ng3x6XT1y-cUMAl_z7TkPhpDeA1VLZ2oOyNsYcqcuOS-MTFH3dznl8fjAWj6I6zQy8_dDwTkYmwS8ojYAYnkdQWTmR_D5j_0bjoiXYVeaf2l6EfYZYwVMGDEhCsWBJYBf_Jc1LbcmZVG_fduldnSOA-62eh_4D_LqVF7_i-nUDiiTwbVWCQycPJbe4SnMKT149qb9Oiz8Mp838xeN2os_foymoAtDUbXD8JGIkcZJU6oe-crmV4HHqvQ0miNqy_Fvfr8ghKI9UCwbThEWJUObw3osw0XYCe5mCPp7l1r4i85a4D_dYb2u8A1FeYe-7tutGdR072aUuPffRH0TB5MVb3IWIQEgfz7duFKeVk4PvrPe-2PNqIsj6RtH_Bhczgn0wcphA0-kCdqHJfcraD4eJH7hzBeeU1AdOrSzKrf-02iMMA-LWhof_DhM_keJzHM30qY0_VhIxrZAx03NHCHYpexO8slxZsgu6aDB5bMjj22g2aeIM2shJfpTYtW0C3_Bw8Ij-n8C52P5RokY-mHoIbO-Ol_m2-AeBHpRNESdymL1hsyvfGvJ1Y9yJEPlw2HTavf0tjaw6lCafK-FiiS8I-TgYqy6Z5kSqTzZjrW9lNoLCSEWW5fbJMgvSRUVGNgfeAhCU39Cj1nBEaoc5Dbif8ojRcQuHYJZQzUYfZl5xBcojmWsgMg2heQk66EmaAXsOP0oPlKL0f364yBFwd_cFWoC1F3y7kWU2lYA7U2s1BQWLhkA3e2HJfy4qw3MVEbVrPIDVGhi0VXekEakNV7-Ej9lsmDBgwpfbhlmoxRms2ksHItMM385KFHJ3YDjGMHt1libtojAuBWWMWbGb4HSLDn0SKOAeNaO2dAI8ac7at2RXg540Gg5EbDhhrdEnLU6F9-AUqD33OynbfDJ8PMfI69GofZlahUQNFnCsDp7YyIX7Sw2Ws24xH-i1z9C8569CiXqqF_3JlODTCcofX7DSIUrX6R3HHAmjax36dnvpn4KCK2on_PdkVepHSBAZAVjmzOEa_GlBu6gcqrQDbB8VoqHKf1W0EhS9n7knHPAFOfzceA-IYItzbeataT8MdWrA7PEM5LUbH-Upw8rJRd7uenzozqzlvN_jPbjh9joffx_0pg9mUeOA_7zh9qVsP9L-aD-dF3-gYxYGGvpOl4NLyW5wIHe2hn5ljQ5wWUe9eRFyXIoCB9V7jTjnHqBb4-Fw_CT6D3w6sKyH4aJGTCBUBbTBmgmZezComtfBY5FiAEPNLNsE3zWbDqPJ2qpdPEyzC4TPXoWsX8oAXmqW3guPHV1X7FCoR83_uOURI__2t1P1mDklI9lBA1hHGx12zziuLbSBVX1pz0u09M0yhP1PNGTv0wpoV9KP4WDGzx9SF9YjU2U2dqUheJFDCnhOd5CgMFMIET5AGrw9wDWeJYPjPM3XbeBcBnKdTYnJDfeSIszmemd_3SVAIumOYYRlv2T_UNhO7y1eWRMwDsvTwIDCv07IZNdpUn8fuCTmW45wt4Z76Az3Zx4Vy7ePjQevBVYIaLWMTamX78steNrbqpgMK8979udxV6CNLxVkg7-omym68rtp4Rs2OurjXpRiUAk7IRpyyUFB_nvJpsGFTdhkJUuRtTWkut4PFTu_arXg_H0fe25sAs1bAo_BNBDgxSU3gWRIZcunDa-VqW3L6Kk660TzdqZ_fYDWCgHEEoW5VfLkkBAeMpPMpy_a1zrsLC2VAkDgfdSipUbuhrj4CLVbBIpw3Jy_MFp8a45QdUZur__gF2goZrujmlgR6jNBADmSY1yKjZ1RARmSbi-6KDQF6NHgxZnJ75ro8_-Vycd1hFwhKCj6a0EL04XmVcfrnPBJrE7FWeDudGRF3zQQgpXPB0pY3Fyj8z_Fcok9aQNGCDjCDVSmfPkjqlv6eRUDuRnmwwLC4CWmYsoXkB5i1fBL8ezlAG17A_wkPEBf07UUjR4MwUYHUcZwb5hHGX-lhpAXxdPCMaCf4PFcM4e7iYcJwr09LO1jdPv0YTosHnoQ7n8CqIaFeAcfIF4S3fMRhqY3mIqkUO5Zh0l1mtTT7gzWIVZW1ETPA1MUQimt6JpY1prJIKck9tT7-KYMLTAQa1dfkRIxDJLEtJmY1qnNytoP3wtnFCwGLtdmzxPjCpnvuBmUkW6WyvMBMBotU7jo5Upk0L-PR0-5TQrwHuuvVNjXIoFk2EUcy2ysDl8DWePKFwwnMmMM1c0jJ6OUNNOVwy9kB2obgmLgf0PfNMl0aoF73jSV_XAZ_Ix3zZH--vz5-sw3E_dmQJrhcmATpu7vMTL6GN_R2-9yGghwe8ce40IHxfROhr7nP1ZhnVOZT05fjCZj8asOIdPBftSHsYJIXiO32FHteBz00s-4KxQl44UQj1L_XJcRZdDaimhNGiPBC99Wsb7j7FuhXiLMVKTs5fY2WgaswSI9Qn4fuYqvgcs31pfxtLapdUs8OlRD9wUuf3ASXplGhpQoLKeM82YardJZAteQDqv2il0m87Yy_2QdsiSjsDyUwcXxAWEUHxSQOcjw84XQ12sfd2Qakm8X4XfBdG4iy5D2LU7vYRhkwdNMpxJjZXl0SaM-oisVZF1y5muppNLFYTWcRVskaBDht8RPOQXi2FjZcvpkgwDP-6jykWXbSYTeGbkVbvb9p6QqqHrb3hNY3LGUUvK07TrdmgRThf5ghyzhE3xlReeHw6PlzXrWO1rE-JSNXMMZKI1DaLc7jcIGFjlXLgwDakuUt_tdJ9Or7lo7cOt028GU6UVSoVnppk1lU0FQ-PrgmvYlV83N4EgG8Z5tkW2pkbdW3qPfaPYqyz35ntkU34s9dvIvU-mI8xdEXqndGsSb9jFlhM3TMn_7gvq0msc_4U9Crz8ldLuMZHsvpyDtLr-yLxaTjlHfPxpxh-PDXwRn-WfUqxLvHBaFjRgC6F0lBJ2vt-Ptml1uM9tn751MlEmdgmeCd7I1HnnUapA6tCCLmvoLla3aLPOrVLG8Gzh4n2LZp1Xzfgsq_ktDs3l-5H0P8s3qfarCwNtqQ-mIRVyqeIGpsD2C9MQZKtrFxiUyXIDncElSSCqS5YqiBTqFtf0tOAFxkJZQmKQYAkowhVm6CMFF4bNJeKPngyOFB2CofqH_Cs62ft88sab-7hZJjelMynGvHHljOMBTHDsXRkXUZQE72aRmSwF7aYWqARkkieDFQ1vyB0VfKL6EYxYXNyafy7YCTW7ftE7ScscGCqQ9Fwu9b0xsPro0cVDK3iy7bt_pT44e1oxUeUlhMt8-LcVbChvCPJl2Gwh0qJyouAUHnnBEkw&cid=CAASKORoUbkcNGA-KN3bYVDBaHGqqhxSrUOOfmrP1HqCeo134S2jP_a66NQ&rfl=1%2Chttps%253A%252F%252Fwww.file.io%252F%240
200 OK 34 kB URL HTTP/2 googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bh71MydCSw1_UibOi9hLafN-Mv9uiLMRkZcMUbeUukJ4mgUxVlwcS6iDfkd8t9vZSUNJgmGTeadAH8_JsrPU0mKVUtVw7GWwiT89g8nPwLCRrFbjGf1EnLnrOeionW5GP_hWc7Bmua7AmY5pONVfBuNcPExDnBkCw-J0EtFB4W735nDu8&cry=1&dbm_d=AKAmf-DvQH_bab7M1ievIaS2tDtufbZtemZ8RNf0gqZM3apuCssWZWEEJW2f4r6JVEOeZLLv_GP6SU5rGkrffMCjGcTAgobFUFHFa7ASGB0hBxGQ-epxhV4MLTglJnOH8-2DiApFOPMx1vthaBzDPQduWdFM6As9ng3x6XT1y-cUMAl_z7TkPhpDeA1VLZ2oOyNsYcqcuOS-MTFH3dznl8fjAWj6I6zQy8_dDwTkYmwS8ojYAYnkdQWTmR_D5j_0bjoiXYVeaf2l6EfYZYwVMGDEhCsWBJYBf_Jc1LbcmZVG_fduldnSOA-62eh_4D_LqVF7_i-nUDiiTwbVWCQycPJbe4SnMKT149qb9Oiz8Mp838xeN2os_foymoAtDUbXD8JGIkcZJU6oe-crmV4HHqvQ0miNqy_Fvfr8ghKI9UCwbThEWJUObw3osw0XYCe5mCPp7l1r4i85a4D_dYb2u8A1FeYe-7tutGdR072aUuPffRH0TB5MVb3IWIQEgfz7duFKeVk4PvrPe-2PNqIsj6RtH_Bhczgn0wcphA0-kCdqHJfcraD4eJH7hzBeeU1AdOrSzKrf-02iMMA-LWhof_DhM_keJzHM30qY0_VhIxrZAx03NHCHYpexO8slxZsgu6aDB5bMjj22g2aeIM2shJfpTYtW0C3_Bw8Ij-n8C52P5RokY-mHoIbO-Ol_m2-AeBHpRNESdymL1hsyvfGvJ1Y9yJEPlw2HTavf0tjaw6lCafK-FiiS8I-TgYqy6Z5kSqTzZjrW9lNoLCSEWW5fbJMgvSRUVGNgfeAhCU39Cj1nBEaoc5Dbif8ojRcQuHYJZQzUYfZl5xBcojmWsgMg2heQk66EmaAXsOP0oPlKL0f364yBFwd_cFWoC1F3y7kWU2lYA7U2s1BQWLhkA3e2HJfy4qw3MVEbVrPIDVGhi0VXekEakNV7-Ej9lsmDBgwpfbhlmoxRms2ksHItMM385KFHJ3YDjGMHt1libtojAuBWWMWbGb4HSLDn0SKOAeNaO2dAI8ac7at2RXg540Gg5EbDhhrdEnLU6F9-AUqD33OynbfDJ8PMfI69GofZlahUQNFnCsDp7YyIX7Sw2Ws24xH-i1z9C8569CiXqqF_3JlODTCcofX7DSIUrX6R3HHAmjax36dnvpn4KCK2on_PdkVepHSBAZAVjmzOEa_GlBu6gcqrQDbB8VoqHKf1W0EhS9n7knHPAFOfzceA-IYItzbeataT8MdWrA7PEM5LUbH-Upw8rJRd7uenzozqzlvN_jPbjh9joffx_0pg9mUeOA_7zh9qVsP9L-aD-dF3-gYxYGGvpOl4NLyW5wIHe2hn5ljQ5wWUe9eRFyXIoCB9V7jTjnHqBb4-Fw_CT6D3w6sKyH4aJGTCBUBbTBmgmZezComtfBY5FiAEPNLNsE3zWbDqPJ2qpdPEyzC4TPXoWsX8oAXmqW3guPHV1X7FCoR83_uOURI__2t1P1mDklI9lBA1hHGx12zziuLbSBVX1pz0u09M0yhP1PNGTv0wpoV9KP4WDGzx9SF9YjU2U2dqUheJFDCnhOd5CgMFMIET5AGrw9wDWeJYPjPM3XbeBcBnKdTYnJDfeSIszmemd_3SVAIumOYYRlv2T_UNhO7y1eWRMwDsvTwIDCv07IZNdpUn8fuCTmW45wt4Z76Az3Zx4Vy7ePjQevBVYIaLWMTamX78steNrbqpgMK8979udxV6CNLxVkg7-omym68rtp4Rs2OurjXpRiUAk7IRpyyUFB_nvJpsGFTdhkJUuRtTWkut4PFTu_arXg_H0fe25sAs1bAo_BNBDgxSU3gWRIZcunDa-VqW3L6Kk660TzdqZ_fYDWCgHEEoW5VfLkkBAeMpPMpy_a1zrsLC2VAkDgfdSipUbuhrj4CLVbBIpw3Jy_MFp8a45QdUZur__gF2goZrujmlgR6jNBADmSY1yKjZ1RARmSbi-6KDQF6NHgxZnJ75ro8_-Vycd1hFwhKCj6a0EL04XmVcfrnPBJrE7FWeDudGRF3zQQgpXPB0pY3Fyj8z_Fcok9aQNGCDjCDVSmfPkjqlv6eRUDuRnmwwLC4CWmYsoXkB5i1fBL8ezlAG17A_wkPEBf07UUjR4MwUYHUcZwb5hHGX-lhpAXxdPCMaCf4PFcM4e7iYcJwr09LO1jdPv0YTosHnoQ7n8CqIaFeAcfIF4S3fMRhqY3mIqkUO5Zh0l1mtTT7gzWIVZW1ETPA1MUQimt6JpY1prJIKck9tT7-KYMLTAQa1dfkRIxDJLEtJmY1qnNytoP3wtnFCwGLtdmzxPjCpnvuBmUkW6WyvMBMBotU7jo5Upk0L-PR0-5TQrwHuuvVNjXIoFk2EUcy2ysDl8DWePKFwwnMmMM1c0jJ6OUNNOVwy9kB2obgmLgf0PfNMl0aoF73jSV_XAZ_Ix3zZH--vz5-sw3E_dmQJrhcmATpu7vMTL6GN_R2-9yGghwe8ce40IHxfROhr7nP1ZhnVOZT05fjCZj8asOIdPBftSHsYJIXiO32FHteBz00s-4KxQl44UQj1L_XJcRZdDaimhNGiPBC99Wsb7j7FuhXiLMVKTs5fY2WgaswSI9Qn4fuYqvgcs31pfxtLapdUs8OlRD9wUuf3ASXplGhpQoLKeM82YardJZAteQDqv2il0m87Yy_2QdsiSjsDyUwcXxAWEUHxSQOcjw84XQ12sfd2Qakm8X4XfBdG4iy5D2LU7vYRhkwdNMpxJjZXl0SaM-oisVZF1y5muppNLFYTWcRVskaBDht8RPOQXi2FjZcvpkgwDP-6jykWXbSYTeGbkVbvb9p6QqqHrb3hNY3LGUUvK07TrdmgRThf5ghyzhE3xlReeHw6PlzXrWO1rE-JSNXMMZKI1DaLc7jcIGFjlXLgwDakuUt_tdJ9Or7lo7cOt028GU6UVSoVnppk1lU0FQ-PrgmvYlV83N4EgG8Z5tkW2pkbdW3qPfaPYqyz35ntkU34s9dvIvU-mI8xdEXqndGsSb9jFlhM3TMn_7gvq0msc_4U9Crz8ldLuMZHsvpyDtLr-yLxaTjlHfPxpxh-PDXwRn-WfUqxLvHBaFjRgC6F0lBJ2vt-Ptml1uM9tn751MlEmdgmeCd7I1HnnUapA6tCCLmvoLla3aLPOrVLG8Gzh4n2LZp1Xzfgsq_ktDs3l-5H0P8s3qfarCwNtqQ-mIRVyqeIGpsD2C9MQZKtrFxiUyXIDncElSSCqS5YqiBTqFtf0tOAFxkJZQmKQYAkowhVm6CMFF4bNJeKPngyOFB2CofqH_Cs62ft88sab-7hZJjelMynGvHHljOMBTHDsXRkXUZQE72aRmSwF7aYWqARkkieDFQ1vyB0VfKL6EYxYXNyafy7YCTW7ftE7ScscGCqQ9Fwu9b0xsPro0cVDK3iy7bt_pT44e1oxUeUlhMt8-LcVbChvCPJl2Gwh0qJyouAUHnnBEkw&cid=CAASKORoUbkcNGA-KN3bYVDBaHGqqhxSrUOOfmrP1HqCeo134S2jP_a66NQ&rfl=1%2Chttps%253A%252F%252Fwww.file.io%252F%240
IP
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash 0248d21e113fb4d7dfa2df34d5026ac0
b7b22d9c16224c7c580a3fdc663deac02e646d6b
ade5d6fcdeaa74542b7b459288bae09ce42ca7c480198146cd7c4058c315c039
GET /dbm/ad?dbm_c=AKAmf-Bh71MydCSw1_UibOi9hLafN-Mv9uiLMRkZcMUbeUukJ4mgUxVlwcS6iDfkd8t9vZSUNJgmGTeadAH8_JsrPU0mKVUtVw7GWwiT89g8nPwLCRrFbjGf1EnLnrOeionW5GP_hWc7Bmua7AmY5pONVfBuNcPExDnBkCw-J0EtFB4W735nDu8&cry=1&dbm_d=AKAmf-DvQH_bab7M1ievIaS2tDtufbZtemZ8RNf0gqZM3apuCssWZWEEJW2f4r6JVEOeZLLv_GP6SU5rGkrffMCjGcTAgobFUFHFa7ASGB0hBxGQ-epxhV4MLTglJnOH8-2DiApFOPMx1vthaBzDPQduWdFM6As9ng3x6XT1y-cUMAl_z7TkPhpDeA1VLZ2oOyNsYcqcuOS-MTFH3dznl8fjAWj6I6zQy8_dDwTkYmwS8ojYAYnkdQWTmR_D5j_0bjoiXYVeaf2l6EfYZYwVMGDEhCsWBJYBf_Jc1LbcmZVG_fduldnSOA-62eh_4D_LqVF7_i-nUDiiTwbVWCQycPJbe4SnMKT149qb9Oiz8Mp838xeN2os_foymoAtDUbXD8JGIkcZJU6oe-crmV4HHqvQ0miNqy_Fvfr8ghKI9UCwbThEWJUObw3osw0XYCe5mCPp7l1r4i85a4D_dYb2u8A1FeYe-7tutGdR072aUuPffRH0TB5MVb3IWIQEgfz7duFKeVk4PvrPe-2PNqIsj6RtH_Bhczgn0wcphA0-kCdqHJfcraD4eJH7hzBeeU1AdOrSzKrf-02iMMA-LWhof_DhM_keJzHM30qY0_VhIxrZAx03NHCHYpexO8slxZsgu6aDB5bMjj22g2aeIM2shJfpTYtW0C3_Bw8Ij-n8C52P5RokY-mHoIbO-Ol_m2-AeBHpRNESdymL1hsyvfGvJ1Y9yJEPlw2HTavf0tjaw6lCafK-FiiS8I-TgYqy6Z5kSqTzZjrW9lNoLCSEWW5fbJMgvSRUVGNgfeAhCU39Cj1nBEaoc5Dbif8ojRcQuHYJZQzUYfZl5xBcojmWsgMg2heQk66EmaAXsOP0oPlKL0f364yBFwd_cFWoC1F3y7kWU2lYA7U2s1BQWLhkA3e2HJfy4qw3MVEbVrPIDVGhi0VXekEakNV7-Ej9lsmDBgwpfbhlmoxRms2ksHItMM385KFHJ3YDjGMHt1libtojAuBWWMWbGb4HSLDn0SKOAeNaO2dAI8ac7at2RXg540Gg5EbDhhrdEnLU6F9-AUqD33OynbfDJ8PMfI69GofZlahUQNFnCsDp7YyIX7Sw2Ws24xH-i1z9C8569CiXqqF_3JlODTCcofX7DSIUrX6R3HHAmjax36dnvpn4KCK2on_PdkVepHSBAZAVjmzOEa_GlBu6gcqrQDbB8VoqHKf1W0EhS9n7knHPAFOfzceA-IYItzbeataT8MdWrA7PEM5LUbH-Upw8rJRd7uenzozqzlvN_jPbjh9joffx_0pg9mUeOA_7zh9qVsP9L-aD-dF3-gYxYGGvpOl4NLyW5wIHe2hn5ljQ5wWUe9eRFyXIoCB9V7jTjnHqBb4-Fw_CT6D3w6sKyH4aJGTCBUBbTBmgmZezComtfBY5FiAEPNLNsE3zWbDqPJ2qpdPEyzC4TPXoWsX8oAXmqW3guPHV1X7FCoR83_uOURI__2t1P1mDklI9lBA1hHGx12zziuLbSBVX1pz0u09M0yhP1PNGTv0wpoV9KP4WDGzx9SF9YjU2U2dqUheJFDCnhOd5CgMFMIET5AGrw9wDWeJYPjPM3XbeBcBnKdTYnJDfeSIszmemd_3SVAIumOYYRlv2T_UNhO7y1eWRMwDsvTwIDCv07IZNdpUn8fuCTmW45wt4Z76Az3Zx4Vy7ePjQevBVYIaLWMTamX78steNrbqpgMK8979udxV6CNLxVkg7-omym68rtp4Rs2OurjXpRiUAk7IRpyyUFB_nvJpsGFTdhkJUuRtTWkut4PFTu_arXg_H0fe25sAs1bAo_BNBDgxSU3gWRIZcunDa-VqW3L6Kk660TzdqZ_fYDWCgHEEoW5VfLkkBAeMpPMpy_a1zrsLC2VAkDgfdSipUbuhrj4CLVbBIpw3Jy_MFp8a45QdUZur__gF2goZrujmlgR6jNBADmSY1yKjZ1RARmSbi-6KDQF6NHgxZnJ75ro8_-Vycd1hFwhKCj6a0EL04XmVcfrnPBJrE7FWeDudGRF3zQQgpXPB0pY3Fyj8z_Fcok9aQNGCDjCDVSmfPkjqlv6eRUDuRnmwwLC4CWmYsoXkB5i1fBL8ezlAG17A_wkPEBf07UUjR4MwUYHUcZwb5hHGX-lhpAXxdPCMaCf4PFcM4e7iYcJwr09LO1jdPv0YTosHnoQ7n8CqIaFeAcfIF4S3fMRhqY3mIqkUO5Zh0l1mtTT7gzWIVZW1ETPA1MUQimt6JpY1prJIKck9tT7-KYMLTAQa1dfkRIxDJLEtJmY1qnNytoP3wtnFCwGLtdmzxPjCpnvuBmUkW6WyvMBMBotU7jo5Upk0L-PR0-5TQrwHuuvVNjXIoFk2EUcy2ysDl8DWePKFwwnMmMM1c0jJ6OUNNOVwy9kB2obgmLgf0PfNMl0aoF73jSV_XAZ_Ix3zZH--vz5-sw3E_dmQJrhcmATpu7vMTL6GN_R2-9yGghwe8ce40IHxfROhr7nP1ZhnVOZT05fjCZj8asOIdPBftSHsYJIXiO32FHteBz00s-4KxQl44UQj1L_XJcRZdDaimhNGiPBC99Wsb7j7FuhXiLMVKTs5fY2WgaswSI9Qn4fuYqvgcs31pfxtLapdUs8OlRD9wUuf3ASXplGhpQoLKeM82YardJZAteQDqv2il0m87Yy_2QdsiSjsDyUwcXxAWEUHxSQOcjw84XQ12sfd2Qakm8X4XfBdG4iy5D2LU7vYRhkwdNMpxJjZXl0SaM-oisVZF1y5muppNLFYTWcRVskaBDht8RPOQXi2FjZcvpkgwDP-6jykWXbSYTeGbkVbvb9p6QqqHrb3hNY3LGUUvK07TrdmgRThf5ghyzhE3xlReeHw6PlzXrWO1rE-JSNXMMZKI1DaLc7jcIGFjlXLgwDakuUt_tdJ9Or7lo7cOt028GU6UVSoVnppk1lU0FQ-PrgmvYlV83N4EgG8Z5tkW2pkbdW3qPfaPYqyz35ntkU34s9dvIvU-mI8xdEXqndGsSb9jFlhM3TMn_7gvq0msc_4U9Crz8ldLuMZHsvpyDtLr-yLxaTjlHfPxpxh-PDXwRn-WfUqxLvHBaFjRgC6F0lBJ2vt-Ptml1uM9tn751MlEmdgmeCd7I1HnnUapA6tCCLmvoLla3aLPOrVLG8Gzh4n2LZp1Xzfgsq_ktDs3l-5H0P8s3qfarCwNtqQ-mIRVyqeIGpsD2C9MQZKtrFxiUyXIDncElSSCqS5YqiBTqFtf0tOAFxkJZQmKQYAkowhVm6CMFF4bNJeKPngyOFB2CofqH_Cs62ft88sab-7hZJjelMynGvHHljOMBTHDsXRkXUZQE72aRmSwF7aYWqARkkieDFQ1vyB0VfKL6EYxYXNyafy7YCTW7ftE7ScscGCqQ9Fwu9b0xsPro0cVDK3iy7bt_pT44e1oxUeUlhMt8-LcVbChvCPJl2Gwh0qJyouAUHnnBEkw&cid=CAASKORoUbkcNGA-KN3bYVDBaHGqqhxSrUOOfmrP1HqCeo134S2jP_a66NQ&rfl=1%2Chttps%253A%252F%252Fwww.file.io%252F%240 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://71b4507ad12a3149750b9661b1b44d14.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 04:52:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 34164
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 28-Oct-2022 05:07:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e5124b2c271566d13c9369c954b403ef
d72a4361b39b1383f1123738e9be1f26ce68ad9a
b72d9cd6f2c65dc55871070a971325964c3d4289917ac87a22c2c172f307132a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 04:52:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
200 OK 38 kB URL HTTP/2 s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
IP
File type ASCII text, with very long lines (3095)
Hash 4f9b890a6c4cfbbfd0fb7eff98bf4dde
2db204fb0ee448842b40f84463234ea496763130
8e0d4c67a688228e1ba10b1e1dc367c078edf7e9bc35be0bd4ae8c0ce980647c
GET /879366/express_html_inpage_rendering_lib_200_276.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://71b4507ad12a3149750b9661b1b44d14.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://71b4507ad12a3149750b9661b1b44d14.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 37872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Oct 2022 20:22:42 GMT
expires: Fri, 28 Oct 2022 20:22:42 GMT
cache-control: public, max-age=86400
age: 30564
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e5124b2c271566d13c9369c954b403ef
d72a4361b39b1383f1123738e9be1f26ce68ad9a
b72d9cd6f2c65dc55871070a971325964c3d4289917ac87a22c2c172f307132a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 04:52:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuWmsteh3alBUjZMukjyxYz9NPC1QNf3Ek9WzY8GIHt7t4-9TljuKD5S73T6bvhOQ5AHvd1UJb7aOy9U3t6m80YIMNWw822LTfcDA9jUpKqZfc-_0C2dlLstTBnItXKJ6Qv4GHETayKbC_CS_GxaCryTcoLQNjYJLCGmF4p-bQLEYf1DSVHJY2L8t0X13lDEEjF2lQrOIW-M0sxL6CiqOV4ZEMQa4HCmg8BGWi3AxpGIDooyVZCL9_pj-X-AF0570GQS8r0aIxrr1vP-KqKbjvccx7-W6HVhFz-1emQVFYJGZSfS-fzAxo7cuERHFLLBTowsVzeGwUit5U4i6hHneUTBrRpZh48CDyMzQE9KeMZqlyEpNegfa6cVs3NK5aD92Yi5k53W7LvlOjxBmqzxy7DN9ybRVFsXmDF7p1V6hOPfRlMghWSGUXM-jhoOl3dImtV8dX-rzic1vJbuXkI_POSxTNPRuLcKzuQ-aKnKDHiaAtFoxcUHhIf4Oo6ceNTzFHkpAos7ZKMaLjlUqLL6nBcmAixsim0rl-qPjxIPn7_kPg5bY6cfTLMgt-FtjW4JxERDDyvAEkqk0W1jrlwi_pTuYUoyF4weK_62NV1UbLr7jvu6jijLtij0W7x4bu9C1KNl3IZDy8mVwhgCqaDCFQ5CgQ3zWCiMt-DxZGMkn_awpwxqxtjtwCW2WZkRKEef9cDiwnKe2G8kJMqIGV7GMuQaYoc5QToIS2_fez4X903huHGKBSFnvkAWm8PMFW_8lKbBfUINclFKEdof5ueNtfu58hcnmLXuTVp4u6Qj1hqlSRSCz3P7iIZ-rdvkSRcAk2z2xdifHdKeod469bp95cvmWED8pQwO8D3kwl1lvsJcQeLKnVaUDes6astMDjoiY4I3NhJj9tqFqjFVzKX9n-ujL5VYQQylYTzqbWVsIcYzrQI7qBB5T8D0FgTZhlJha49t3U5TwUky0tiOcmxuxHGvhjWQRUe2s4W_uFfUsI1KHsdwgRSix9bWN1hsom5kCgvtzy9pEWnpmeHbXtjpss2wt5qG8ehG18ttrgcVYwYfWP3TmT90T65MCLdv4CGMUo5REG5j1h1peBgN8-Kh4ipT0Q7rBtIC0zYY3cKazBXmNleuh0Tsq7gXxKjKnRzwzuLtE7Ayhx559qjoGWHd1nB1-qp&sai=AMfl-YQ3ZX-x-8p3h7CMa9AAu-WnmyZw5QTtzQDANQU8OCeIqICengJ_zUFGcR8_5EsDx8Ly8CnmilvLCUeZ9hkTf5GVMjn73rX-BPIvGnEzhrbYF0MjkHnx1hr3wt8xw5AR77JByd0WRGH_cdZrzH12mTa3xX182dcIlIUax08qXacNByW_nweClGEYGLYsu2Z1xL93sJrDxya36Vz-GDmO43xauQtPggOkz--dyQ0&sig=Cg0ArKJSzNIFWPEF_qlREAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=157&cbvp=1&cstd=151&cisv=r20221026.48966&arae=0&ftch=1&adurl=
200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuWmsteh3alBUjZMukjyxYz9NPC1QNf3Ek9WzY8GIHt7t4-9TljuKD5S73T6bvhOQ5AHvd1UJb7aOy9U3t6m80YIMNWw822LTfcDA9jUpKqZfc-_0C2dlLstTBnItXKJ6Qv4GHETayKbC_CS_GxaCryTcoLQNjYJLCGmF4p-bQLEYf1DSVHJY2L8t0X13lDEEjF2lQrOIW-M0sxL6CiqOV4ZEMQa4HCmg8BGWi3AxpGIDooyVZCL9_pj-X-AF0570GQS8r0aIxrr1vP-KqKbjvccx7-W6HVhFz-1emQVFYJGZSfS-fzAxo7cuERHFLLBTowsVzeGwUit5U4i6hHneUTBrRpZh48CDyMzQE9KeMZqlyEpNegfa6cVs3NK5aD92Yi5k53W7LvlOjxBmqzxy7DN9ybRVFsXmDF7p1V6hOPfRlMghWSGUXM-jhoOl3dImtV8dX-rzic1vJbuXkI_POSxTNPRuLcKzuQ-aKnKDHiaAtFoxcUHhIf4Oo6ceNTzFHkpAos7ZKMaLjlUqLL6nBcmAixsim0rl-qPjxIPn7_kPg5bY6cfTLMgt-FtjW4JxERDDyvAEkqk0W1jrlwi_pTuYUoyF4weK_62NV1UbLr7jvu6jijLtij0W7x4bu9C1KNl3IZDy8mVwhgCqaDCFQ5CgQ3zWCiMt-DxZGMkn_awpwxqxtjtwCW2WZkRKEef9cDiwnKe2G8kJMqIGV7GMuQaYoc5QToIS2_fez4X903huHGKBSFnvkAWm8PMFW_8lKbBfUINclFKEdof5ueNtfu58hcnmLXuTVp4u6Qj1hqlSRSCz3P7iIZ-rdvkSRcAk2z2xdifHdKeod469bp95cvmWED8pQwO8D3kwl1lvsJcQeLKnVaUDes6astMDjoiY4I3NhJj9tqFqjFVzKX9n-ujL5VYQQylYTzqbWVsIcYzrQI7qBB5T8D0FgTZhlJha49t3U5TwUky0tiOcmxuxHGvhjWQRUe2s4W_uFfUsI1KHsdwgRSix9bWN1hsom5kCgvtzy9pEWnpmeHbXtjpss2wt5qG8ehG18ttrgcVYwYfWP3TmT90T65MCLdv4CGMUo5REG5j1h1peBgN8-Kh4ipT0Q7rBtIC0zYY3cKazBXmNleuh0Tsq7gXxKjKnRzwzuLtE7Ayhx559qjoGWHd1nB1-qp&sai=AMfl-YQ3ZX-x-8p3h7CMa9AAu-WnmyZw5QTtzQDANQU8OCeIqICengJ_zUFGcR8_5EsDx8Ly8CnmilvLCUeZ9hkTf5GVMjn73rX-BPIvGnEzhrbYF0MjkHnx1hr3wt8xw5AR77JByd0WRGH_cdZrzH12mTa3xX182dcIlIUax08qXacNByW_nweClGEYGLYsu2Z1xL93sJrDxya36Vz-GDmO43xauQtPggOkz--dyQ0&sig=Cg0ArKJSzNIFWPEF_qlREAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=157&cbvp=1&cstd=151&cisv=r20221026.48966&arae=0&ftch=1&adurl=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsuWmsteh3alBUjZMukjyxYz9NPC1QNf3Ek9WzY8GIHt7t4-9TljuKD5S73T6bvhOQ5AHvd1UJb7aOy9U3t6m80YIMNWw822LTfcDA9jUpKqZfc-_0C2dlLstTBnItXKJ6Qv4GHETayKbC_CS_GxaCryTcoLQNjYJLCGmF4p-bQLEYf1DSVHJY2L8t0X13lDEEjF2lQrOIW-M0sxL6CiqOV4ZEMQa4HCmg8BGWi3AxpGIDooyVZCL9_pj-X-AF0570GQS8r0aIxrr1vP-KqKbjvccx7-W6HVhFz-1emQVFYJGZSfS-fzAxo7cuERHFLLBTowsVzeGwUit5U4i6hHneUTBrRpZh48CDyMzQE9KeMZqlyEpNegfa6cVs3NK5aD92Yi5k53W7LvlOjxBmqzxy7DN9ybRVFsXmDF7p1V6hOPfRlMghWSGUXM-jhoOl3dImtV8dX-rzic1vJbuXkI_POSxTNPRuLcKzuQ-aKnKDHiaAtFoxcUHhIf4Oo6ceNTzFHkpAos7ZKMaLjlUqLL6nBcmAixsim0rl-qPjxIPn7_kPg5bY6cfTLMgt-FtjW4JxERDDyvAEkqk0W1jrlwi_pTuYUoyF4weK_62NV1UbLr7jvu6jijLtij0W7x4bu9C1KNl3IZDy8mVwhgCqaDCFQ5CgQ3zWCiMt-DxZGMkn_awpwxqxtjtwCW2WZkRKEef9cDiwnKe2G8kJMqIGV7GMuQaYoc5QToIS2_fez4X903huHGKBSFnvkAWm8PMFW_8lKbBfUINclFKEdof5ueNtfu58hcnmLXuTVp4u6Qj1hqlSRSCz3P7iIZ-rdvkSRcAk2z2xdifHdKeod469bp95cvmWED8pQwO8D3kwl1lvsJcQeLKnVaUDes6astMDjoiY4I3NhJj9tqFqjFVzKX9n-ujL5VYQQylYTzqbWVsIcYzrQI7qBB5T8D0FgTZhlJha49t3U5TwUky0tiOcmxuxHGvhjWQRUe2s4W_uFfUsI1KHsdwgRSix9bWN1hsom5kCgvtzy9pEWnpmeHbXtjpss2wt5qG8ehG18ttrgcVYwYfWP3TmT90T65MCLdv4CGMUo5REG5j1h1peBgN8-Kh4ipT0Q7rBtIC0zYY3cKazBXmNleuh0Tsq7gXxKjKnRzwzuLtE7Ayhx559qjoGWHd1nB1-qp&sai=AMfl-YQ3ZX-x-8p3h7CMa9AAu-WnmyZw5QTtzQDANQU8OCeIqICengJ_zUFGcR8_5EsDx8Ly8CnmilvLCUeZ9hkTf5GVMjn73rX-BPIvGnEzhrbYF0MjkHnx1hr3wt8xw5AR77JByd0WRGH_cdZrzH12mTa3xX182dcIlIUax08qXacNByW_nweClGEYGLYsu2Z1xL93sJrDxya36Vz-GDmO43xauQtPggOkz--dyQ0&sig=Cg0ArKJSzNIFWPEF_qlREAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=157&cbvp=1&cstd=151&cisv=r20221026.48966&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://71b4507ad12a3149750b9661b1b44d14.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 04:52:06 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 28-Oct-2022 05:07:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 Oct 2022 04:52:06 GMT
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss9j1ioIRqjRVc-llAUPtY1njDTx2xVb2muVPgYb3u8j_weDE2jaasuzCv6UQN6RyUXtYAWI0hkipzzH5otMMeMCLtJoEusM8SENfWYMukQgjvNJzDDgB1zI0bqRX0XQF2tUXT2Hsfq9b8ATXSwNQFFBVg75ADfbjF-Bf7muidLlMF-zPFAsHilFiF_WEegM6akbKXr5uqupdrO3wXgGODp_6R53sLpfymykmeIXcaPXo40GY4akqNauu5CKWMJyVHb_YV7QWeX-IYMOTy86bUlhQcSarnHaM1yZfOgV0I2DbEDvRcMp1uTR3VNCZfSw8C8VWFEbznIUz5zb4MtlNzma-PxTG0oKoU2ugEMGCUxP8uWRAcUxOd0Wk3OuLJRpo8TUqrbxylfOEwWin6CUnsGX_AH7XRvrLahJWLgk_p4DidMAUpOZIY2pzHpHbX7Qv57mU2gyHNCSF0S3dCFVEYppLXedkaqHbtUOfg4-BktqB_J98dY96hmZU3ZvkLGymeN0qBRpZUgNXlnyl3EDZjLAoYXnW1mJaW19PuVm54kBviQ5OnXhDP4o6I7YOTvlaLvKhvI_9baQbjy3jW1Xj5Pp7OullupOJ5lhL32M5ZJiVur1UWbSTf2L1-_6OTM_JgK9J5R7snjfTqcFCq5L7ng8SbV7QJFs7QNzMbEKvj6yi74stsun3Vvj2LlZ9ck-UOmiTnu3aHTUWrzkPe1n0p0sRgJZS0tBcfjdHKvuRxYSyU-GMA9RQ2hGWGHZbt0KaO_UuDfJ-PDnqxSwMm15ryQbrhV3Tpo0J9D-C5emN9an8r86frMtUT8_ixsudBZbq7Diyie8ZlQGqEkx4qQ1fssFe-h-fhi9AzFGNAcmgKidVKOF_h5YaLZKEaqgf2NARjU10rapVsDRDLGvsCh3GMaDcLNRA4dQ7OUmC56QQsWWv9tG6Vw6Q2ntsD5uFS-I8znhVCK_Tj6JDfy6uvCVVYP22wgbh8QIjvWuuwV10VvuvKSIBc4GidqRpk4r4yjuDc5E5PXRrstWOQvkGdx3503D_IuOMXTAajXbE_YniS4mCUr-92raR9_m-zJoEyMR9YcDwo99UPpzxFLs7MnlNX1U3-f-zZ7x4T23rm7-Lt28eUW0WA8xepo6Lu76WYoQKfA5HUUlQyxqVEyS6fTWB1k7co0X5mBGQ&sai=AMfl-YRyxgHCAyV8b2tu6ia1JO-xWUn_VZUuiwW3Ea4JpYvZS7NwYg36bLo4U1hw19q1l05Gehvr6pllQ3cw6GokDDmfH1Gn-m2EaRtZqpNpnRjaeAS6RSZ1hN7aSY1nMsI4Rcb-cuYt9KODvxVgQY-s9OCeZ73Zc2FZ4G6suSy--_Dzoapw5xEvG_0VqDmUToFYubEB0SY9pn1WMG5ZCJ89SnQpYFnTSuKC1krX0bI&sig=Cg0ArKJSzJnQqXRIcUS6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=165&cbvp=1&cstd=159&cisv=r20221026.01594&arae=0&ftch=1&adurl=
200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss9j1ioIRqjRVc-llAUPtY1njDTx2xVb2muVPgYb3u8j_weDE2jaasuzCv6UQN6RyUXtYAWI0hkipzzH5otMMeMCLtJoEusM8SENfWYMukQgjvNJzDDgB1zI0bqRX0XQF2tUXT2Hsfq9b8ATXSwNQFFBVg75ADfbjF-Bf7muidLlMF-zPFAsHilFiF_WEegM6akbKXr5uqupdrO3wXgGODp_6R53sLpfymykmeIXcaPXo40GY4akqNauu5CKWMJyVHb_YV7QWeX-IYMOTy86bUlhQcSarnHaM1yZfOgV0I2DbEDvRcMp1uTR3VNCZfSw8C8VWFEbznIUz5zb4MtlNzma-PxTG0oKoU2ugEMGCUxP8uWRAcUxOd0Wk3OuLJRpo8TUqrbxylfOEwWin6CUnsGX_AH7XRvrLahJWLgk_p4DidMAUpOZIY2pzHpHbX7Qv57mU2gyHNCSF0S3dCFVEYppLXedkaqHbtUOfg4-BktqB_J98dY96hmZU3ZvkLGymeN0qBRpZUgNXlnyl3EDZjLAoYXnW1mJaW19PuVm54kBviQ5OnXhDP4o6I7YOTvlaLvKhvI_9baQbjy3jW1Xj5Pp7OullupOJ5lhL32M5ZJiVur1UWbSTf2L1-_6OTM_JgK9J5R7snjfTqcFCq5L7ng8SbV7QJFs7QNzMbEKvj6yi74stsun3Vvj2LlZ9ck-UOmiTnu3aHTUWrzkPe1n0p0sRgJZS0tBcfjdHKvuRxYSyU-GMA9RQ2hGWGHZbt0KaO_UuDfJ-PDnqxSwMm15ryQbrhV3Tpo0J9D-C5emN9an8r86frMtUT8_ixsudBZbq7Diyie8ZlQGqEkx4qQ1fssFe-h-fhi9AzFGNAcmgKidVKOF_h5YaLZKEaqgf2NARjU10rapVsDRDLGvsCh3GMaDcLNRA4dQ7OUmC56QQsWWv9tG6Vw6Q2ntsD5uFS-I8znhVCK_Tj6JDfy6uvCVVYP22wgbh8QIjvWuuwV10VvuvKSIBc4GidqRpk4r4yjuDc5E5PXRrstWOQvkGdx3503D_IuOMXTAajXbE_YniS4mCUr-92raR9_m-zJoEyMR9YcDwo99UPpzxFLs7MnlNX1U3-f-zZ7x4T23rm7-Lt28eUW0WA8xepo6Lu76WYoQKfA5HUUlQyxqVEyS6fTWB1k7co0X5mBGQ&sai=AMfl-YRyxgHCAyV8b2tu6ia1JO-xWUn_VZUuiwW3Ea4JpYvZS7NwYg36bLo4U1hw19q1l05Gehvr6pllQ3cw6GokDDmfH1Gn-m2EaRtZqpNpnRjaeAS6RSZ1hN7aSY1nMsI4Rcb-cuYt9KODvxVgQY-s9OCeZ73Zc2FZ4G6suSy--_Dzoapw5xEvG_0VqDmUToFYubEB0SY9pn1WMG5ZCJ89SnQpYFnTSuKC1krX0bI&sig=Cg0ArKJSzJnQqXRIcUS6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=165&cbvp=1&cstd=159&cisv=r20221026.01594&arae=0&ftch=1&adurl=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjss9j1ioIRqjRVc-llAUPtY1njDTx2xVb2muVPgYb3u8j_weDE2jaasuzCv6UQN6RyUXtYAWI0hkipzzH5otMMeMCLtJoEusM8SENfWYMukQgjvNJzDDgB1zI0bqRX0XQF2tUXT2Hsfq9b8ATXSwNQFFBVg75ADfbjF-Bf7muidLlMF-zPFAsHilFiF_WEegM6akbKXr5uqupdrO3wXgGODp_6R53sLpfymykmeIXcaPXo40GY4akqNauu5CKWMJyVHb_YV7QWeX-IYMOTy86bUlhQcSarnHaM1yZfOgV0I2DbEDvRcMp1uTR3VNCZfSw8C8VWFEbznIUz5zb4MtlNzma-PxTG0oKoU2ugEMGCUxP8uWRAcUxOd0Wk3OuLJRpo8TUqrbxylfOEwWin6CUnsGX_AH7XRvrLahJWLgk_p4DidMAUpOZIY2pzHpHbX7Qv57mU2gyHNCSF0S3dCFVEYppLXedkaqHbtUOfg4-BktqB_J98dY96hmZU3ZvkLGymeN0qBRpZUgNXlnyl3EDZjLAoYXnW1mJaW19PuVm54kBviQ5OnXhDP4o6I7YOTvlaLvKhvI_9baQbjy3jW1Xj5Pp7OullupOJ5lhL32M5ZJiVur1UWbSTf2L1-_6OTM_JgK9J5R7snjfTqcFCq5L7ng8SbV7QJFs7QNzMbEKvj6yi74stsun3Vvj2LlZ9ck-UOmiTnu3aHTUWrzkPe1n0p0sRgJZS0tBcfjdHKvuRxYSyU-GMA9RQ2hGWGHZbt0KaO_UuDfJ-PDnqxSwMm15ryQbrhV3Tpo0J9D-C5emN9an8r86frMtUT8_ixsudBZbq7Diyie8ZlQGqEkx4qQ1fssFe-h-fhi9AzFGNAcmgKidVKOF_h5YaLZKEaqgf2NARjU10rapVsDRDLGvsCh3GMaDcLNRA4dQ7OUmC56QQsWWv9tG6Vw6Q2ntsD5uFS-I8znhVCK_Tj6JDfy6uvCVVYP22wgbh8QIjvWuuwV10VvuvKSIBc4GidqRpk4r4yjuDc5E5PXRrstWOQvkGdx3503D_IuOMXTAajXbE_YniS4mCUr-92raR9_m-zJoEyMR9YcDwo99UPpzxFLs7MnlNX1U3-f-zZ7x4T23rm7-Lt28eUW0WA8xepo6Lu76WYoQKfA5HUUlQyxqVEyS6fTWB1k7co0X5mBGQ&sai=AMfl-YRyxgHCAyV8b2tu6ia1JO-xWUn_VZUuiwW3Ea4JpYvZS7NwYg36bLo4U1hw19q1l05Gehvr6pllQ3cw6GokDDmfH1Gn-m2EaRtZqpNpnRjaeAS6RSZ1hN7aSY1nMsI4Rcb-cuYt9KODvxVgQY-s9OCeZ73Zc2FZ4G6suSy--_Dzoapw5xEvG_0VqDmUToFYubEB0SY9pn1WMG5ZCJ89SnQpYFnTSuKC1krX0bI&sig=Cg0ArKJSzJnQqXRIcUS6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=165&cbvp=1&cstd=159&cisv=r20221026.01594&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://71b4507ad12a3149750b9661b1b44d14.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 04:52:06 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 28-Oct-2022 05:07:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 Oct 2022 04:52:06 GMT
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuWmsteh3alBUjZMukjyxYz9NPC1QNf3Ek9WzY8GIHt7t4-9TljuKD5S73T6bvhOQ5AHvd1UJb7aOy9U3t6m80YIMNWw822LTfcDA9jUpKqZfc-_0C2dlLstTBnItXKJ6Qv4GHETayKbC_CS_GxaCryTcoLQNjYJLCGmF4p-bQLEYf1DSVHJY2L8t0X13lDEEjF2lQrOIW-M0sxL6CiqOV4ZEMQa4HCmg8BGWi3AxpGIDooyVZCL9_pj-X-AF0570GQS8r0aIxrr1vP-KqKbjvccx7-W6HVhFz-1emQVFYJGZSfS-fzAxo7cuERHFLLBTowsVzeGwUit5U4i6hHneUTBrRpZh48CDyMzQE9KeMZqlyEpNegfa6cVs3NK5aD92Yi5k53W7LvlOjxBmqzxy7DN9ybRVFsXmDF7p1V6hOPfRlMghWSGUXM-jhoOl3dImtV8dX-rzic1vJbuXkI_POSxTNPRuLcKzuQ-aKnKDHiaAtFoxcUHhIf4Oo6ceNTzFHkpAos7ZKMaLjlUqLL6nBcmAixsim0rl-qPjxIPn7_kPg5bY6cfTLMgt-FtjW4JxERDDyvAEkqk0W1jrlwi_pTuYUoyF4weK_62NV1UbLr7jvu6jijLtij0W7x4bu9C1KNl3IZDy8mVwhgCqaDCFQ5CgQ3zWCiMt-DxZGMkn_awpwxqxtjtwCW2WZkRKEef9cDiwnKe2G8kJMqIGV7GMuQaYoc5QToIS2_fez4X903huHGKBSFnvkAWm8PMFW_8lKbBfUINclFKEdof5ueNtfu58hcnmLXuTVp4u6Qj1hqlSRSCz3P7iIZ-rdvkSRcAk2z2xdifHdKeod469bp95cvmWED8pQwO8D3kwl1lvsJcQeLKnVaUDes6astMDjoiY4I3NhJj9tqFqjFVzKX9n-ujL5VYQQylYTzqbWVsIcYzrQI7qBB5T8D0FgTZhlJha49t3U5TwUky0tiOcmxuxHGvhjWQRUe2s4W_uFfUsI1KHsdwgRSix9bWN1hsom5kCgvtzy9pEWnpmeHbXtjpss2wt5qG8ehG18ttrgcVYwYfWP3TmT90T65MCLdv4CGMUo5REG5j1h1peBgN8-Kh4ipT0Q7rBtIC0zYY3cKazBXmNleuh0Tsq7gXxKjKnRzwzuLtE7Ayhx559qjoGWHd1nB1-qp&sai=AMfl-YQ3ZX-x-8p3h7CMa9AAu-WnmyZw5QTtzQDANQU8OCeIqICengJ_zUFGcR8_5EsDx8Ly8CnmilvLCUeZ9hkTf5GVMjn73rX-BPIvGnEzhrbYF0MjkHnx1hr3wt8xw5AR77JByd0WRGH_cdZrzH12mTa3xX182dcIlIUax08qXacNByW_nweClGEYGLYsu2Z1xL93sJrDxya36Vz-GDmO43xauQtPggOkz--dyQ0&sig=Cg0ArKJSzNIFWPEF_qlREAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=548&vt=11&dtpt=391&dett=3&cstd=151&cisv=r20221026.48966&arae=0&ftch=1&adurl=
200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuWmsteh3alBUjZMukjyxYz9NPC1QNf3Ek9WzY8GIHt7t4-9TljuKD5S73T6bvhOQ5AHvd1UJb7aOy9U3t6m80YIMNWw822LTfcDA9jUpKqZfc-_0C2dlLstTBnItXKJ6Qv4GHETayKbC_CS_GxaCryTcoLQNjYJLCGmF4p-bQLEYf1DSVHJY2L8t0X13lDEEjF2lQrOIW-M0sxL6CiqOV4ZEMQa4HCmg8BGWi3AxpGIDooyVZCL9_pj-X-AF0570GQS8r0aIxrr1vP-KqKbjvccx7-W6HVhFz-1emQVFYJGZSfS-fzAxo7cuERHFLLBTowsVzeGwUit5U4i6hHneUTBrRpZh48CDyMzQE9KeMZqlyEpNegfa6cVs3NK5aD92Yi5k53W7LvlOjxBmqzxy7DN9ybRVFsXmDF7p1V6hOPfRlMghWSGUXM-jhoOl3dImtV8dX-rzic1vJbuXkI_POSxTNPRuLcKzuQ-aKnKDHiaAtFoxcUHhIf4Oo6ceNTzFHkpAos7ZKMaLjlUqLL6nBcmAixsim0rl-qPjxIPn7_kPg5bY6cfTLMgt-FtjW4JxERDDyvAEkqk0W1jrlwi_pTuYUoyF4weK_62NV1UbLr7jvu6jijLtij0W7x4bu9C1KNl3IZDy8mVwhgCqaDCFQ5CgQ3zWCiMt-DxZGMkn_awpwxqxtjtwCW2WZkRKEef9cDiwnKe2G8kJMqIGV7GMuQaYoc5QToIS2_fez4X903huHGKBSFnvkAWm8PMFW_8lKbBfUINclFKEdof5ueNtfu58hcnmLXuTVp4u6Qj1hqlSRSCz3P7iIZ-rdvkSRcAk2z2xdifHdKeod469bp95cvmWED8pQwO8D3kwl1lvsJcQeLKnVaUDes6astMDjoiY4I3NhJj9tqFqjFVzKX9n-ujL5VYQQylYTzqbWVsIcYzrQI7qBB5T8D0FgTZhlJha49t3U5TwUky0tiOcmxuxHGvhjWQRUe2s4W_uFfUsI1KHsdwgRSix9bWN1hsom5kCgvtzy9pEWnpmeHbXtjpss2wt5qG8ehG18ttrgcVYwYfWP3TmT90T65MCLdv4CGMUo5REG5j1h1peBgN8-Kh4ipT0Q7rBtIC0zYY3cKazBXmNleuh0Tsq7gXxKjKnRzwzuLtE7Ayhx559qjoGWHd1nB1-qp&sai=AMfl-YQ3ZX-x-8p3h7CMa9AAu-WnmyZw5QTtzQDANQU8OCeIqICengJ_zUFGcR8_5EsDx8Ly8CnmilvLCUeZ9hkTf5GVMjn73rX-BPIvGnEzhrbYF0MjkHnx1hr3wt8xw5AR77JByd0WRGH_cdZrzH12mTa3xX182dcIlIUax08qXacNByW_nweClGEYGLYsu2Z1xL93sJrDxya36Vz-GDmO43xauQtPggOkz--dyQ0&sig=Cg0ArKJSzNIFWPEF_qlREAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=548&vt=11&dtpt=391&dett=3&cstd=151&cisv=r20221026.48966&arae=0&ftch=1&adurl=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsuWmsteh3alBUjZMukjyxYz9NPC1QNf3Ek9WzY8GIHt7t4-9TljuKD5S73T6bvhOQ5AHvd1UJb7aOy9U3t6m80YIMNWw822LTfcDA9jUpKqZfc-_0C2dlLstTBnItXKJ6Qv4GHETayKbC_CS_GxaCryTcoLQNjYJLCGmF4p-bQLEYf1DSVHJY2L8t0X13lDEEjF2lQrOIW-M0sxL6CiqOV4ZEMQa4HCmg8BGWi3AxpGIDooyVZCL9_pj-X-AF0570GQS8r0aIxrr1vP-KqKbjvccx7-W6HVhFz-1emQVFYJGZSfS-fzAxo7cuERHFLLBTowsVzeGwUit5U4i6hHneUTBrRpZh48CDyMzQE9KeMZqlyEpNegfa6cVs3NK5aD92Yi5k53W7LvlOjxBmqzxy7DN9ybRVFsXmDF7p1V6hOPfRlMghWSGUXM-jhoOl3dImtV8dX-rzic1vJbuXkI_POSxTNPRuLcKzuQ-aKnKDHiaAtFoxcUHhIf4Oo6ceNTzFHkpAos7ZKMaLjlUqLL6nBcmAixsim0rl-qPjxIPn7_kPg5bY6cfTLMgt-FtjW4JxERDDyvAEkqk0W1jrlwi_pTuYUoyF4weK_62NV1UbLr7jvu6jijLtij0W7x4bu9C1KNl3IZDy8mVwhgCqaDCFQ5CgQ3zWCiMt-DxZGMkn_awpwxqxtjtwCW2WZkRKEef9cDiwnKe2G8kJMqIGV7GMuQaYoc5QToIS2_fez4X903huHGKBSFnvkAWm8PMFW_8lKbBfUINclFKEdof5ueNtfu58hcnmLXuTVp4u6Qj1hqlSRSCz3P7iIZ-rdvkSRcAk2z2xdifHdKeod469bp95cvmWED8pQwO8D3kwl1lvsJcQeLKnVaUDes6astMDjoiY4I3NhJj9tqFqjFVzKX9n-ujL5VYQQylYTzqbWVsIcYzrQI7qBB5T8D0FgTZhlJha49t3U5TwUky0tiOcmxuxHGvhjWQRUe2s4W_uFfUsI1KHsdwgRSix9bWN1hsom5kCgvtzy9pEWnpmeHbXtjpss2wt5qG8ehG18ttrgcVYwYfWP3TmT90T65MCLdv4CGMUo5REG5j1h1peBgN8-Kh4ipT0Q7rBtIC0zYY3cKazBXmNleuh0Tsq7gXxKjKnRzwzuLtE7Ayhx559qjoGWHd1nB1-qp&sai=AMfl-YQ3ZX-x-8p3h7CMa9AAu-WnmyZw5QTtzQDANQU8OCeIqICengJ_zUFGcR8_5EsDx8Ly8CnmilvLCUeZ9hkTf5GVMjn73rX-BPIvGnEzhrbYF0MjkHnx1hr3wt8xw5AR77JByd0WRGH_cdZrzH12mTa3xX182dcIlIUax08qXacNByW_nweClGEYGLYsu2Z1xL93sJrDxya36Vz-GDmO43xauQtPggOkz--dyQ0&sig=Cg0ArKJSzNIFWPEF_qlREAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=548&vt=11&dtpt=391&dett=3&cstd=151&cisv=r20221026.48966&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://71b4507ad12a3149750b9661b1b44d14.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 04:52:06 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 28-Oct-2022 05:07:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 Oct 2022 04:52:06 GMT
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss9j1ioIRqjRVc-llAUPtY1njDTx2xVb2muVPgYb3u8j_weDE2jaasuzCv6UQN6RyUXtYAWI0hkipzzH5otMMeMCLtJoEusM8SENfWYMukQgjvNJzDDgB1zI0bqRX0XQF2tUXT2Hsfq9b8ATXSwNQFFBVg75ADfbjF-Bf7muidLlMF-zPFAsHilFiF_WEegM6akbKXr5uqupdrO3wXgGODp_6R53sLpfymykmeIXcaPXo40GY4akqNauu5CKWMJyVHb_YV7QWeX-IYMOTy86bUlhQcSarnHaM1yZfOgV0I2DbEDvRcMp1uTR3VNCZfSw8C8VWFEbznIUz5zb4MtlNzma-PxTG0oKoU2ugEMGCUxP8uWRAcUxOd0Wk3OuLJRpo8TUqrbxylfOEwWin6CUnsGX_AH7XRvrLahJWLgk_p4DidMAUpOZIY2pzHpHbX7Qv57mU2gyHNCSF0S3dCFVEYppLXedkaqHbtUOfg4-BktqB_J98dY96hmZU3ZvkLGymeN0qBRpZUgNXlnyl3EDZjLAoYXnW1mJaW19PuVm54kBviQ5OnXhDP4o6I7YOTvlaLvKhvI_9baQbjy3jW1Xj5Pp7OullupOJ5lhL32M5ZJiVur1UWbSTf2L1-_6OTM_JgK9J5R7snjfTqcFCq5L7ng8SbV7QJFs7QNzMbEKvj6yi74stsun3Vvj2LlZ9ck-UOmiTnu3aHTUWrzkPe1n0p0sRgJZS0tBcfjdHKvuRxYSyU-GMA9RQ2hGWGHZbt0KaO_UuDfJ-PDnqxSwMm15ryQbrhV3Tpo0J9D-C5emN9an8r86frMtUT8_ixsudBZbq7Diyie8ZlQGqEkx4qQ1fssFe-h-fhi9AzFGNAcmgKidVKOF_h5YaLZKEaqgf2NARjU10rapVsDRDLGvsCh3GMaDcLNRA4dQ7OUmC56QQsWWv9tG6Vw6Q2ntsD5uFS-I8znhVCK_Tj6JDfy6uvCVVYP22wgbh8QIjvWuuwV10VvuvKSIBc4GidqRpk4r4yjuDc5E5PXRrstWOQvkGdx3503D_IuOMXTAajXbE_YniS4mCUr-92raR9_m-zJoEyMR9YcDwo99UPpzxFLs7MnlNX1U3-f-zZ7x4T23rm7-Lt28eUW0WA8xepo6Lu76WYoQKfA5HUUlQyxqVEyS6fTWB1k7co0X5mBGQ&sai=AMfl-YRyxgHCAyV8b2tu6ia1JO-xWUn_VZUuiwW3Ea4JpYvZS7NwYg36bLo4U1hw19q1l05Gehvr6pllQ3cw6GokDDmfH1Gn-m2EaRtZqpNpnRjaeAS6RSZ1hN7aSY1nMsI4Rcb-cuYt9KODvxVgQY-s9OCeZ73Zc2FZ4G6suSy--_Dzoapw5xEvG_0VqDmUToFYubEB0SY9pn1WMG5ZCJ89SnQpYFnTSuKC1krX0bI&sig=Cg0ArKJSzJnQqXRIcUS6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=520&vt=11&dtpt=355&dett=3&cstd=159&cisv=r20221026.01594&arae=0&ftch=1&adurl=
200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss9j1ioIRqjRVc-llAUPtY1njDTx2xVb2muVPgYb3u8j_weDE2jaasuzCv6UQN6RyUXtYAWI0hkipzzH5otMMeMCLtJoEusM8SENfWYMukQgjvNJzDDgB1zI0bqRX0XQF2tUXT2Hsfq9b8ATXSwNQFFBVg75ADfbjF-Bf7muidLlMF-zPFAsHilFiF_WEegM6akbKXr5uqupdrO3wXgGODp_6R53sLpfymykmeIXcaPXo40GY4akqNauu5CKWMJyVHb_YV7QWeX-IYMOTy86bUlhQcSarnHaM1yZfOgV0I2DbEDvRcMp1uTR3VNCZfSw8C8VWFEbznIUz5zb4MtlNzma-PxTG0oKoU2ugEMGCUxP8uWRAcUxOd0Wk3OuLJRpo8TUqrbxylfOEwWin6CUnsGX_AH7XRvrLahJWLgk_p4DidMAUpOZIY2pzHpHbX7Qv57mU2gyHNCSF0S3dCFVEYppLXedkaqHbtUOfg4-BktqB_J98dY96hmZU3ZvkLGymeN0qBRpZUgNXlnyl3EDZjLAoYXnW1mJaW19PuVm54kBviQ5OnXhDP4o6I7YOTvlaLvKhvI_9baQbjy3jW1Xj5Pp7OullupOJ5lhL32M5ZJiVur1UWbSTf2L1-_6OTM_JgK9J5R7snjfTqcFCq5L7ng8SbV7QJFs7QNzMbEKvj6yi74stsun3Vvj2LlZ9ck-UOmiTnu3aHTUWrzkPe1n0p0sRgJZS0tBcfjdHKvuRxYSyU-GMA9RQ2hGWGHZbt0KaO_UuDfJ-PDnqxSwMm15ryQbrhV3Tpo0J9D-C5emN9an8r86frMtUT8_ixsudBZbq7Diyie8ZlQGqEkx4qQ1fssFe-h-fhi9AzFGNAcmgKidVKOF_h5YaLZKEaqgf2NARjU10rapVsDRDLGvsCh3GMaDcLNRA4dQ7OUmC56QQsWWv9tG6Vw6Q2ntsD5uFS-I8znhVCK_Tj6JDfy6uvCVVYP22wgbh8QIjvWuuwV10VvuvKSIBc4GidqRpk4r4yjuDc5E5PXRrstWOQvkGdx3503D_IuOMXTAajXbE_YniS4mCUr-92raR9_m-zJoEyMR9YcDwo99UPpzxFLs7MnlNX1U3-f-zZ7x4T23rm7-Lt28eUW0WA8xepo6Lu76WYoQKfA5HUUlQyxqVEyS6fTWB1k7co0X5mBGQ&sai=AMfl-YRyxgHCAyV8b2tu6ia1JO-xWUn_VZUuiwW3Ea4JpYvZS7NwYg36bLo4U1hw19q1l05Gehvr6pllQ3cw6GokDDmfH1Gn-m2EaRtZqpNpnRjaeAS6RSZ1hN7aSY1nMsI4Rcb-cuYt9KODvxVgQY-s9OCeZ73Zc2FZ4G6suSy--_Dzoapw5xEvG_0VqDmUToFYubEB0SY9pn1WMG5ZCJ89SnQpYFnTSuKC1krX0bI&sig=Cg0ArKJSzJnQqXRIcUS6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=520&vt=11&dtpt=355&dett=3&cstd=159&cisv=r20221026.01594&arae=0&ftch=1&adurl=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjss9j1ioIRqjRVc-llAUPtY1njDTx2xVb2muVPgYb3u8j_weDE2jaasuzCv6UQN6RyUXtYAWI0hkipzzH5otMMeMCLtJoEusM8SENfWYMukQgjvNJzDDgB1zI0bqRX0XQF2tUXT2Hsfq9b8ATXSwNQFFBVg75ADfbjF-Bf7muidLlMF-zPFAsHilFiF_WEegM6akbKXr5uqupdrO3wXgGODp_6R53sLpfymykmeIXcaPXo40GY4akqNauu5CKWMJyVHb_YV7QWeX-IYMOTy86bUlhQcSarnHaM1yZfOgV0I2DbEDvRcMp1uTR3VNCZfSw8C8VWFEbznIUz5zb4MtlNzma-PxTG0oKoU2ugEMGCUxP8uWRAcUxOd0Wk3OuLJRpo8TUqrbxylfOEwWin6CUnsGX_AH7XRvrLahJWLgk_p4DidMAUpOZIY2pzHpHbX7Qv57mU2gyHNCSF0S3dCFVEYppLXedkaqHbtUOfg4-BktqB_J98dY96hmZU3ZvkLGymeN0qBRpZUgNXlnyl3EDZjLAoYXnW1mJaW19PuVm54kBviQ5OnXhDP4o6I7YOTvlaLvKhvI_9baQbjy3jW1Xj5Pp7OullupOJ5lhL32M5ZJiVur1UWbSTf2L1-_6OTM_JgK9J5R7snjfTqcFCq5L7ng8SbV7QJFs7QNzMbEKvj6yi74stsun3Vvj2LlZ9ck-UOmiTnu3aHTUWrzkPe1n0p0sRgJZS0tBcfjdHKvuRxYSyU-GMA9RQ2hGWGHZbt0KaO_UuDfJ-PDnqxSwMm15ryQbrhV3Tpo0J9D-C5emN9an8r86frMtUT8_ixsudBZbq7Diyie8ZlQGqEkx4qQ1fssFe-h-fhi9AzFGNAcmgKidVKOF_h5YaLZKEaqgf2NARjU10rapVsDRDLGvsCh3GMaDcLNRA4dQ7OUmC56QQsWWv9tG6Vw6Q2ntsD5uFS-I8znhVCK_Tj6JDfy6uvCVVYP22wgbh8QIjvWuuwV10VvuvKSIBc4GidqRpk4r4yjuDc5E5PXRrstWOQvkGdx3503D_IuOMXTAajXbE_YniS4mCUr-92raR9_m-zJoEyMR9YcDwo99UPpzxFLs7MnlNX1U3-f-zZ7x4T23rm7-Lt28eUW0WA8xepo6Lu76WYoQKfA5HUUlQyxqVEyS6fTWB1k7co0X5mBGQ&sai=AMfl-YRyxgHCAyV8b2tu6ia1JO-xWUn_VZUuiwW3Ea4JpYvZS7NwYg36bLo4U1hw19q1l05Gehvr6pllQ3cw6GokDDmfH1Gn-m2EaRtZqpNpnRjaeAS6RSZ1hN7aSY1nMsI4Rcb-cuYt9KODvxVgQY-s9OCeZ73Zc2FZ4G6suSy--_Dzoapw5xEvG_0VqDmUToFYubEB0SY9pn1WMG5ZCJ89SnQpYFnTSuKC1krX0bI&sig=Cg0ArKJSzJnQqXRIcUS6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=520&vt=11&dtpt=355&dett=3&cstd=159&cisv=r20221026.01594&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://71b4507ad12a3149750b9661b1b44d14.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 04:52:06 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 28-Oct-2022 05:07:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 Oct 2022 04:52:06 GMT
X-Firefox-Spdy: h2
www.file.io/page-data/login/page-data.json
200 OK 135 B URL HTTP/2 www.file.io/page-data/login/page-data.json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 4f561e1f747160f0e60849c13facafec
49e0da216427249eb4b187e75e026da6d62a4870
62242328d378c674e8a96cf868969dbcb45f278c5750be3981d7bdb2b5a00c68
GET /page-data/login/page-data.json HTTP/1.1
Host: www.file.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.file.io/deleted/
Cookie: _ga=GA1.2.1048497921.1666932722; _gid=GA1.2.37558474.1666932722; _gat=1; __gads=ID=cd677318b5a38399-222d42545ece00b8:T=1666932724:S=ALNI_MY-sojJGm79VjBO87s4lmsmDRZRLQ; __gpi=UID=00000b796a870ed0:T=1666932724:RT=1666932724:S=ALNI_MYdcfIzliX2vVgz_RL7G92Y8MPQew
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 135
x-amz-id-2: 8f+60HMSfNwvJw7kT6UzFRiJG2q4ELPRLybJ2AID558VcubH9zQWd/OHM+9CUmnucpmXeocGto4=
x-amz-request-id: F9JFHZYBE7G934TD
last-modified: Mon, 24 Oct 2022 09:05:44 GMT
accept-ranges: bytes
server: AmazonS3
cache-control: public, max-age=0, s-maxage=86400
date: Thu, 27 Oct 2022 08:56:45 GMT
etag: "4f561e1f747160f0e60849c13facafec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: N1-Shxwyx-m7AmJzQNaV6aOIye3fr4PVsgAXixzPVEAfDZ996xaJVQ==
age: 71723
X-Firefox-Spdy: h2
www.file.io/page-data/about/page-data.json
200 OK 147 B URL HTTP/2 www.file.io/page-data/about/page-data.json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash cfb91ae7cd0473e276a9361907a683fc
755ce847d2d7b20c7d7663c791cc0ac7d109e138
d1517c2eb751a39f79cb9b6746ab739b672ae2100fd588097a6e27817db7fac2
GET /page-data/about/page-data.json HTTP/1.1
Host: www.file.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.file.io/deleted/
Cookie: _ga=GA1.2.1048497921.1666932722; _gid=GA1.2.37558474.1666932722; _gat=1; __gads=ID=cd677318b5a38399-222d42545ece00b8:T=1666932724:S=ALNI_MY-sojJGm79VjBO87s4lmsmDRZRLQ; __gpi=UID=00000b796a870ed0:T=1666932724:RT=1666932724:S=ALNI_MYdcfIzliX2vVgz_RL7G92Y8MPQew
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 147
x-amz-id-2: KSh/lgmJotrOtP5/L+3OG41Tm0i4SnWIvLKO99Rfq7U9DAYG6Z1+sy/+5LKbCiVET35HBccsWtc=
x-amz-request-id: F9J9D5YHVYVCVJPW
last-modified: Mon, 24 Oct 2022 09:05:44 GMT
accept-ranges: bytes
server: AmazonS3
cache-control: public, max-age=0, s-maxage=86400
date: Thu, 27 Oct 2022 08:56:45 GMT
etag: "cfb91ae7cd0473e276a9361907a683fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YdQjRrGZJknWgCAknqzrmqM3MB7_mbZXi2s1POoD-HvMQTJe_WJCng==
age: 71723
X-Firefox-Spdy: h2
s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
302 Found 0 B URL HTTP/2 s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP/1.1
Host: s.ad.smaato.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: CloudFront
date: Fri, 28 Oct 2022 04:52:07 GMT
content-length: 0
cache-control: no-cache, must-revalidate
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.quantumdex.io/setuid?bidder=smaato&uid=635f2ca
set-cookie: SCM=635f2ca; Expires=Fri, 18 Nov 2022 04:52:07 GMT; Domain=.smaato.net; SameSite=None; Path=/; Secure
SCMp=635f2ca; Expires=Mon, 07 Nov 2022 16:52:07 GMT; Domain=.smaato.net; Path=/; SameSite=None; Secure
x-cache: FunctionGeneratedResponse from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3zjtYlykLTBxNNSyL4DrnOS4Jnaina1kHVOd4jCEw4YdXGutX_Fe1Q==
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
200 OK 5.5 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=29958
expires: Fri, 28 Oct 2022 13:11:25 GMT
date: Fri, 28 Oct 2022 04:52:07 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 9cfa2a6bfa0b2596c5a7d3b8150e2873
26808834c8a76b79c495d0c8e8ff546a5609b9df
45e9302313cde6df7716ab2b894081c4191aa4ea4e3ea8d4919eb32db0e62485
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6364
Cache-Control: max-age=172111
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 04:52:07 GMT
Etag: "635b446a-117"
Expires: Sun, 30 Oct 2022 04:40:38 GMT
Last-Modified: Fri, 28 Oct 2022 02:54:34 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
301 Moved Permanently 0 B URL HTTP/2 secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
date: Fri, 28 Oct 2022 04:52:07 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 064d606f4bc1cc6a8cd1458d3eca65de
ca7449628c092d680083c98fe94d6366647bb09c
84810385c7fb9a6f45f0db64690bd74d9fdee349591a42d0ab82000a19320893
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6235
Cache-Control: max-age=159422
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 04:52:07 GMT
Etag: "635b135a-139"
Expires: Sun, 30 Oct 2022 01:09:09 GMT
Last-Modified: Thu, 27 Oct 2022 23:25:14 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 313
sync.quantumdex.io/usersync/pbjs
200 OK 906 B URL HTTP/2 sync.quantumdex.io/usersync/pbjs
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (3653), with no line terminators
Hash a7da28af668350f3d8f51f175107724d
72f1fbe731af5da0fb5d32e7f6df711d52acbb18
b055cbf75c8cce7e2a2638cb2fd7bb1541b481c164a777cb8814fbad16f0875d
GET /usersync/pbjs HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file.io/
Cookie: uid=9b2084a4-d29c-4b24-bb65-7fa5927aef15
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 28 Oct 2022 04:52:07 GMT
content-type: text/html
set-cookie: uid=9b2084a4-d29c-4b24-bb65-7fa5927aef15; expires=Mon, 07 Nov 2022 05:52:07 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76110f6a3b2c09b5-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
onetag-sys.com/usync/?pubId=2bb78272a859ca6
204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?pubId=2bb78272a859ca6
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=2bb78272a859ca6 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 9cfa2a6bfa0b2596c5a7d3b8150e2873
26808834c8a76b79c495d0c8e8ff546a5609b9df
45e9302313cde6df7716ab2b894081c4191aa4ea4e3ea8d4919eb32db0e62485
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6364
Cache-Control: max-age=172111
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 04:52:07 GMT
Etag: "635b446a-117"
Expires: Sun, 30 Oct 2022 04:40:38 GMT
Last-Modified: Fri, 28 Oct 2022 02:54:34 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?p=pbs-valueimpression&endpoint=us-east HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 28 Oct 2022 04:52:07 GMT
Connection: keep-alive
Vary: Accept-Encoding
eus.rubiconproject.com/usync.js
200 OK 9.5 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP
File type ASCII text, with very long lines (18097)
Hash 09cbdf593f98a5ae842782775c542df3
20f0928fb8fc31780e4f321d702a35ae8ace8de4
e104b39def59b5d21865408553817280f48b2b6b6b112520fa8ad8a17e4bf3a0
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Mon, 17 Oct 2022 18:37:59 GMT
Content-Encoding: gzip
Content-Length: 9456
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=81296
Expires: Sat, 29 Oct 2022 03:27:03 GMT
Date: Fri, 28 Oct 2022 04:52:07 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.sectigo.com/
200 OK 471 B IP
Hash 8fea430192c7abe829644910f457c9f3
65029d90bbea6226a9a0be521699ba1d0ae84242
33606f7a6f992ab293cce3443019a170aa18707461fc5c3cc21e40d046d4b316
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 28 Oct 2022 04:52:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 27 Oct 2022 23:23:24 GMT
Expires: Thu, 03 Nov 2022 23:23:23 GMT
Etag: "65029d90bbea6226a9a0be521699ba1d0ae84242"
Cache-Control: max-age=584475,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76110f6bfdb8990f-ARN
sync.quantumdex.io/setuid?bidder=smaato&uid=635f2ca
200 OK 43 B URL HTTP/2 sync.quantumdex.io/setuid?bidder=smaato&uid=635f2ca
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /setuid?bidder=smaato&uid=635f2ca HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Cookie: uid=9b2084a4-d29c-4b24-bb65-7fa5927aef15
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 28 Oct 2022 04:52:07 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76110f6bac5c09b5-ARN
X-Firefox-Spdy: h2
hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E
302 Found 154 B URL HTTP/2 hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 52558d05355ee6e9d14ff3cf8a5a3ef0
52cfd7dd3859dc0578849a7b1c91bb8f91ad84c2
bac5546ea0f819f461c9023592ec2398a45a6c3aab78e55fed8b7c908dce6060
GET /cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP/1.1
Host: hbx.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Apache
content-length: 154
content-type: text/html
location: https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
set-cookie: data-pbs=setstatuscode~~1;Expires=Sat, 28 Oct 2023 04:52:07 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=86400 ; includeSubDomains
x-mnet-hl2: E
expires: Fri, 28 Oct 2022 04:52:07 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 28 Oct 2022 04:52:07 GMT
X-Firefox-Spdy: h2
usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
204 No Content 0 B URL HTTP/2 usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID HTTP/1.1
Host: usermatch.targeting.unrulymedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 28 Oct 2022 04:52:07 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cbd63895b6a4995b158ffa9ac3eafc71
eabd96464634c81e1172e4bb43e392729c579674
2d3226b094616f7abb7a7d6011e64e1b3d6c12e4b70631aa53c0aaa2ef888070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2D3226B094616F7ABB7A7D6011E64E1B3D6C12E4B70631AA53C0AAA2EF888070"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5661
Expires: Fri, 28 Oct 2022 06:26:28 GMT
Date: Fri, 28 Oct 2022 04:52:07 GMT
Connection: keep-alive
ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 28 Oct 2022 04:52:07 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
AN-X-Request-Uuid: d6b90773-7f48-45a8-b5bc-edc36fb2395d
Set-Cookie: uuid2=1161043933189922257; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 26-Jan-2023 04:52:07 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
200 43 B URL HTTP/1.1 id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Fri, 28-Oct-2022 04:57:07 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Fri, 28-Oct-2022 04:57:07 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Fri, 28-Oct-2022 04:57:07 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Fri, 28-Oct-2022 04:57:07 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Fri, 28-Oct-2022 04:57:07 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Fri, 28-Oct-2022 04:57:07 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Fri, 28 Oct 2022 04:52:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.sectigo.com/
200 OK 472 B IP
Hash 60f74419e96998702146a06f13061dfb
4a612e0d20b99fad789dddaffa029b9a935a2363
2bcb14fb13ddd7cc938aeab4b2e126a65a179e9363bbdd8a14ec8e6f1e6f3c57
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 28 Oct 2022 04:52:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 25 Oct 2022 04:09:16 GMT
Expires: Tue, 01 Nov 2022 04:09:15 GMT
Etag: "4a612e0d20b99fad789dddaffa029b9a935a2363"
Cache-Control: max-age=342427,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76110f6cce4d990f-ARN
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Fri, 28 Oct 2022 04:52:07 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=0
AN-X-Request-Uuid: 52fc9df3-05cc-41fc-89e6-3ddeeecb5c58
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
sync.quantumdex.io/setuid?bidder=ix&uid=0
200 OK 43 B URL HTTP/2 sync.quantumdex.io/setuid?bidder=ix&uid=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /setuid?bidder=ix&uid=0 HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ssum-sec.casalemedia.com/
Cookie: uid=9b2084a4-d29c-4b24-bb65-7fa5927aef15
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 28 Oct 2022 04:52:07 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76110f6c8cf709b5-ARN
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 9ea3620767f0599ee95178b572dad19e
d69126b46796ec0b985341dfb80c362bcb98c868
31765679f16b24eb8e641367103c8960381d59ad9fdc519075d9ed4293478975
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=88305
Date: Fri, 28 Oct 2022 04:52:07 GMT
Etag: "635a0268-1d7"
Expires: Sat, 29 Oct 2022 05:23:52 GMT
Last-Modified: Thu, 27 Oct 2022 04:00:40 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: g2AiC4Qxmgux4GcWu5itVMKlk5wKXWSIJpqMxqpgAzrbm-gVrLU9BA==
Age: 4992
sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
200 OK 43 B URL HTTP/2 sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /setuid?bidder=medianet&uid=0000EEA HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Cookie: uid=9b2084a4-d29c-4b24-bb65-7fa5927aef15
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 28 Oct 2022 04:52:07 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76110f6c8cf909b5-ARN
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 28 Oct 2023 04:52:07 GMT; Path=/; Domain=.betweendigital.com
tuuid=69aa5ee6-952a-522d-9ae0-606cf9bb3f9b; Max-Age=31536000; Expires=Sat, 28 Oct 2023 04:52:07 GMT; Path=/; Domain=.betweendigital.com
ut=Y1tf9wANPqC9RkigbLD3InVtsve2P8T_s6icsA==; Max-Age=31536000; Expires=Sat, 28 Oct 2023 04:52:07 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 64019bf85dc0b54cd11f9744c6aaf976
21feb458795ed083a91a87c864df05d073fe3c24
bd6e6eabe9956ad755737df88ec7c3d0364890179074822104897073e534a133
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5976
Cache-Control: max-age=125994
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 04:52:07 GMT
Etag: "635a91c9-1d7"
Expires: Sat, 29 Oct 2022 15:52:01 GMT
Last-Modified: Thu, 27 Oct 2022 14:12:25 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 7dee1e8951c8c17fa26d5b67bf711bf7
631950f324d84c0d318e7259d6d1eccc8091d035
bef369f564cc911e5988cf81abb6a16720ced419fbd481442461c35e58fbbad3
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 28 Oct 2022 04:52:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 27 Oct 2022 20:32:46 GMT
Expires: Fri, 28 Oct 2022 20:32:46 GMT
ETag: "631950f324d84c0d318e7259d6d1eccc8091d035"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
204 No Content 0 B URL HTTP/2 match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 28 Oct 2022 04:52:07 GMT
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 28 Oct 2023 04:52:07 GMT; Path=/; Domain=.betweendigital.com
tuuid=62c454c1-c32e-522d-8a24-0883e97f5774; Max-Age=31536000; Expires=Sat, 28 Oct 2023 04:52:07 GMT; Path=/; Domain=.betweendigital.com
ut=Y1tf9wANy0BcktKLLD1HWmj1XL6G60Ha_51LxQ==; Max-Age=31536000; Expires=Sat, 28 Oct 2023 04:52:07 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58424/occ
302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58424/occ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58424/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 28 Oct 2022 04:52:07 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBPdfW2MCEOTjFLcxZYO9KmsjjJgjIv0FEgEBAQGxXGNlYwAAAAAA_eMAAA&S=AQAAArc8DHRJP1W1UhV-XkgCnYg; Expires=Sat, 28 Oct 2023 10:52:07 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
204 No Content 0 B URL HTTP/1.1 ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
date: Fri, 28 Oct 2022 04:52:07 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
pod: X-Sovrn-Pod: ad_ap7ams1
sync.quantumdex.io/setuid?bidder=appnexus&uid=0
200 OK 43 B URL HTTP/2 sync.quantumdex.io/setuid?bidder=appnexus&uid=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /setuid?bidder=appnexus&uid=0 HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Cookie: uid=9b2084a4-d29c-4b24-bb65-7fa5927aef15
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 28 Oct 2022 04:52:07 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76110f6d2d4c09b5-ARN
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58424/occ?verify=true
204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58424/occ?verify=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58424/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 28 Oct 2022 04:52:07 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBPdfW2MCEJksJgj6CwzCQKKZ8Pn33ocFEgEBAQGxXGNlYwAAAAAA_eMAAA&S=AQAAAraNTiFNg79tNiqksIpPNcg; Expires=Sat, 28 Oct 2023 10:52:07 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 2d6e54f551f1745e4180a12bf319eb68
3150b65c1f8f88303527d8c02e107d1d4dfcb4f9
c67fd7e2d78f0af11e7a3f0c5af5a99949aec3d0a9570a2174a851ea0dd9dace
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=149588
Date: Fri, 28 Oct 2022 04:52:07 GMT
Etag: "635aed32-1d7"
Expires: Sat, 29 Oct 2022 22:25:15 GMT
Last-Modified: Thu, 27 Oct 2022 20:42:26 GMT
Server: ECS (nyb/1D0E)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PgN-32FRbQatYENa2RzSGNPtda2raD0xlKMbdWMePFDzQ27wMw1fHw==
Age: 6169
ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
302 Found 0 B URL HTTP/2 ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP/1.1
Host: ssp.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 28 Oct 2022 04:52:08 GMT
content-length: 0
location: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBhI4AQ==%26buyeruid%3D
vary: origin
cache-control: no-store
pragma: no-cache
expires: 0
set-cookie: zeta-ssp-user-id=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a; Max-Age=31536000; Expires=Sat, 28 Oct 2023 04:52:08 GMT; Path=/; Domain=disqus.com; Secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4271c373081d41bede1b0397ecef6773
521c75f46d0e797fc82b7876f731d4d87ac00e47
5ec681cf40ce938b495c8ed496b4fb42de25dcf862091b959130846dce845d5c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EC681CF40CE938B495C8ED496B4FB42DE25DCF862091B959130846DCE845D5C"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6246
Expires: Fri, 28 Oct 2022 06:36:14 GMT
Date: Fri, 28 Oct 2022 04:52:08 GMT
Connection: keep-alive
prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBhI4AQ==%26buyeruid%3D
302 Found 0 B URL HTTP/2 prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBhI4AQ==%26buyeruid%3D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBhI4AQ==%26buyeruid%3D HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Fri, 28 Oct 2022 04:52:08 GMT
location: https://ssp.disqus.com/match?bidder=6&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBhI4AQ==&buyeruid=468639ae-d8a7-46d7-bb9d-23fac2b03c49&gdpr=0&gdpr_consent=&us_privacy=
server: envoy
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2
ssp.disqus.com/match?bidder=6&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBhI4AQ==&buyeruid=468639ae-d8a7-46d7-bb9d-23fac2b03c49&gdpr=0&gdpr_consent=&us_privacy=
302 Found 0 B URL HTTP/2 ssp.disqus.com/match?bidder=6&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBhI4AQ==&buyeruid=468639ae-d8a7-46d7-bb9d-23fac2b03c49&gdpr=0&gdpr_consent=&us_privacy=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder=6&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBhI4AQ==&buyeruid=468639ae-d8a7-46d7-bb9d-23fac2b03c49&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: ssp.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 28 Oct 2022 04:52:08 GMT
content-length: 0
location: https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBhI4Ag==
vary: origin
cache-control: no-store
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 174f45aab397ffdbd1b9d198083ad587
03e5b4acc0fe41f068990123ce31822f9fae2359
1373fe74c5ad0c3229c68e54a094b25c2e6ebf89d466415eacb14efef41123da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1810
Cache-Control: max-age=157496
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 04:52:08 GMT
Etag: "635b1d1e-1d7"
Expires: Sun, 30 Oct 2022 00:37:04 GMT
Last-Modified: Fri, 28 Oct 2022 00:06:54 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
pixel-us-east.rubiconproject.com/exchange/sync.php?p=pbs-valueimpression
204 No Content 0 B URL HTTP/1.1 pixel-us-east.rubiconproject.com/exchange/sync.php?p=pbs-valueimpression
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=pbs-valueimpression HTTP/1.1
Host: pixel-us-east.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: b9bd3ce43b0f5c29a708abe94979ac15
Content-Type: image/gif
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 8908ed6aaf77ca4bb5b99b797731d9bb
f7301256afb0b4d906aa196577ffdf16af17675f
f588076a62ff532c63f4c5531afc333c218e1ccacb85cbab876289d676daf5ca
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 28 Oct 2022 04:52:08 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 27 Oct 2022 19:40:03 GMT
Expires: Fri, 28 Oct 2022 19:40:03 GMT
ETag: "f7301256afb0b4d906aa196577ffdf16af17675f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBhI4Ag==
302 Found 0 B URL HTTP/1.1 sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBhI4Ag==
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBhI4Ag== HTTP/1.1
Host: sync.go.sonobi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Fri, 28 Oct 2022 04:52:09 GMT
Content-Type: text/plain; charset=utf8
Content-Length: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-73
X-Xss-Protection: 0
Location: https://ssp.disqus.com/match?bidder=18&buyeruid=f7841875-d8d5-4159-9094-a5cd67eac8d8&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBhI4Ag==
Server: sonobi-go
Set-Cookie: __uis=f7841875-d8d5-4159-9094-a5cd67eac8d8; expires=Sun, 27 Nov 2022 04:52:08 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None
HAPLB8S=s8753|Y1tf/; path=/; domain=.go.sonobi.com; SameSite=None; secure
ssp.disqus.com/match?bidder=18&buyeruid=f7841875-d8d5-4159-9094-a5cd67eac8d8&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBhI4Ag==
302 Found 0 B URL HTTP/2 ssp.disqus.com/match?bidder=18&buyeruid=f7841875-d8d5-4159-9094-a5cd67eac8d8&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBhI4Ag==
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder=18&buyeruid=f7841875-d8d5-4159-9094-a5cd67eac8d8&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBhI4Ag== HTTP/1.1
Host: ssp.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 28 Oct 2022 04:52:09 GMT
content-length: 0
location: https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a
vary: origin
cache-control: no-store
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2
sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a
200 OK 43 B URL HTTP/2 sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /setuid?bidder=zeta-global&uid=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Cookie: uid=9b2084a4-d29c-4b24-bb65-7fa5927aef15
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 28 Oct 2022 04:52:09 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76110f77acb809b5-ARN
X-Firefox-Spdy: h2
www.file.io/0eceb729-761e2b4090024f08e2ca.js
200 OK 0 B URL HTTP/2 www.file.io/0eceb729-761e2b4090024f08e2ca.js
IP
GET /0eceb729-761e2b4090024f08e2ca.js HTTP/1.1
Host: www.file.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file.io/deleted
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
x-amz-id-2: 0vxd7UcBCdooku0LFPohMBqYyq8fxYJzkmJvk0ZVB8f4cDX5hSnRqzoNZXg1qRgq9uX2EBxb/ZM=
x-amz-request-id: RDMX3E30Q2YKB6H7
date: Thu, 27 Oct 2022 04:36:58 GMT
last-modified: Mon, 24 Oct 2022 09:05:34 GMT
etag: W/"d8fa3e295945b4065c7adabadd2be99b"
server: AmazonS3
cache-control: public, max-age=31536000
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AJ6q2g0LDBpSFGFqNQBfsYDIRlj9W6qHV6HOSVpilw8jjivw6X7sjA==
age: 87305
X-Firefox-Spdy: h2
www.file.io/e82996df-3c73e38611643c5bb219.js
200 OK 0 B URL HTTP/2 www.file.io/e82996df-3c73e38611643c5bb219.js
IP
GET /e82996df-3c73e38611643c5bb219.js HTTP/1.1
Host: www.file.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file.io/deleted
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
x-amz-id-2: tbFVwHmDl6PIyjM2veQ9XlBQ7NLY7EL6vuloNI8hT9UwcuvFvbPQYDlXBRUSz8cOlwNPk/Fav7c=
x-amz-request-id: SRSCBT94885ZFG0W
date: Mon, 24 Oct 2022 09:08:08 GMT
last-modified: Mon, 24 Oct 2022 09:05:42 GMT
etag: W/"785aafc2bda0f767992456b4ba1b0627"
server: AmazonS3
cache-control: public, max-age=31536000
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ip2_VtcXPHUL-uD1g-D_fSNWsLhh9v53x6leaZWn9GCapMiH2wnHYg==
age: 330236
X-Firefox-Spdy: h2
www.file.io/deleted
200 OK 0 B IP
GET /deleted HTTP/1.1
Host: www.file.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html
x-amz-id-2: 06gcrlhQcci2f9IjfRuMwO2MSSRAFmeYzL1ff6juXsV03hMD7AHNiddPfJ2K/UhLt99Mv/R+N4w=
x-amz-request-id: GPTQS3XNRWBSZQ3W
last-modified: Mon, 24 Oct 2022 09:05:42 GMT
server: AmazonS3
cache-control: public, max-age=0, s-maxage=86400
content-encoding: gzip
date: Fri, 28 Oct 2022 00:35:21 GMT
etag: W/"5889013d7b4e975aa8c41c3b62d44fa9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tMiAbHME8GI2kyd3NNokLhHEQM-Jy4c-rPulpMfGUKwLzvMF8JtwRw==
age: 15403
X-Firefox-Spdy: h2
www.file.io/webpack-runtime-048164bed35c94f5e17a.js
200 OK 0 B URL HTTP/2 www.file.io/webpack-runtime-048164bed35c94f5e17a.js
IP
GET /webpack-runtime-048164bed35c94f5e17a.js HTTP/1.1
Host: www.file.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file.io/deleted
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
x-amz-id-2: VU45pltBY/MukrZU57W0JAeKGZKnxSRqtGnH5wfRnH9we+KjGlFDKMwSlmmg/zwGqC8TIl4N1l0=
x-amz-request-id: MRVE1V48XWWMW8H8
date: Mon, 24 Oct 2022 09:07:31 GMT
last-modified: Mon, 24 Oct 2022 09:05:47 GMT
etag: W/"e0397cf582f6a185758876a8b057cc11"
server: AmazonS3
cache-control: public, max-age=31536000
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YUuMcNgFsp_VlGnQ5J6wKq1yRO18DtIjpLmU6haCEk-qYzy59l_YQw==
age: 330273
X-Firefox-Spdy: h2
www.file.io/6043c7ae7d033d369a2fc1db82212855efeac9f9-77152812dffde4f282dc.js
200 OK 0 B URL HTTP/2 www.file.io/6043c7ae7d033d369a2fc1db82212855efeac9f9-77152812dffde4f282dc.js
IP
GET /6043c7ae7d033d369a2fc1db82212855efeac9f9-77152812dffde4f282dc.js HTTP/1.1
Host: www.file.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file.io/deleted/
Cookie: _ga=GA1.2.1048497921.1666932722; _gid=GA1.2.37558474.1666932722
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
x-amz-id-2: PpWFgMl0mGur71Fgu8M1djCeDik58sepZIqKNI8RUykvw7FUJCXehEhu0llC2N842fTw/TAluKA=
x-amz-request-id: W7FJHG0Z276CEB0H
date: Mon, 24 Oct 2022 09:08:09 GMT
last-modified: Mon, 24 Oct 2022 09:05:35 GMT
etag: W/"28a08914b667bd7d6c376d859bef83e6"
server: AmazonS3
cache-control: public, max-age=31536000
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: INdP7BAHugGHZnceUicqoKhGGyprvF4tXgSQ034e4gtGc-C-G-asrQ==
age: 330235
X-Firefox-Spdy: h2
www.file.io/framework-8fce40ee519418a713c9.js
200 OK 0 B URL HTTP/2 www.file.io/framework-8fce40ee519418a713c9.js
IP
GET /framework-8fce40ee519418a713c9.js HTTP/1.1
Host: www.file.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file.io/deleted
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
x-amz-id-2: VNmiXd+ThilmsnQp4YGWhF4Mq89hCLTOu3B9/0qmCgOfz8SQ90Ms/Zs0P5DDfDniOhD5+WPsL3w=
x-amz-request-id: 45J9ZSR16YBGCCNE
date: Fri, 28 Oct 2022 04:09:09 GMT
last-modified: Mon, 24 Oct 2022 09:05:43 GMT
etag: W/"c4a5f7717ceee6ea81514ff62873ada9"
server: AmazonS3
cache-control: public, max-age=31536000
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: j36N8spxZZoRX-oGDUPndy-ekxqTNgq42vKiYEbJH1T5Hu64OukEBA==
age: 2575
X-Firefox-Spdy: h2
www.file.io/a9a7754c-f1b5f9c5144f62adc766.js
200 OK 0 B URL HTTP/2 www.file.io/a9a7754c-f1b5f9c5144f62adc766.js
IP
GET /a9a7754c-f1b5f9c5144f62adc766.js HTTP/1.1
Host: www.file.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file.io/deleted/
Cookie: _ga=GA1.2.1048497921.1666932722; _gid=GA1.2.37558474.1666932722
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
x-amz-id-2: aBMEd5ZuNqmIoPAu76M55AHelZKLSTOteblTs1nV76N0dFkFM+x393D1YC/08Vn93PrHbp9IGRU=
x-amz-request-id: W7FV1F952NQGEQX5
date: Mon, 24 Oct 2022 09:08:09 GMT
last-modified: Mon, 24 Oct 2022 09:05:36 GMT
etag: W/"4ae04cdf11989fa265bb8cc9b598298f"
server: AmazonS3
cache-control: public, max-age=31536000
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: v583ouQnKgRnbBlQypAzX32rqoYlRbZDd0MLAREinJZYwymKjISitA==
age: 330235
X-Firefox-Spdy: h2
ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
200 OK 0 B URL HTTP/2 ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
IP
GET /usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 28 Oct 2022 04:52:07 GMT
content-type: text/html
cf-ray: 76110f6bf96d15f4-ARN
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.file.io/app-438588750f6b6905c6ff.js
200 OK 0 B URL HTTP/2 www.file.io/app-438588750f6b6905c6ff.js
IP
GET /app-438588750f6b6905c6ff.js HTTP/1.1
Host: www.file.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file.io/deleted
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
x-amz-id-2: MRv5yEpnbL/ghwGbI9U3f9HIIoPF4wmqt5w61T64V58ftr3ybyrSyoT4QzKMuIgtmVok57bgzBY=
x-amz-request-id: SRS7GCGA4YHDF860
date: Mon, 24 Oct 2022 09:08:08 GMT
last-modified: Mon, 24 Oct 2022 09:05:39 GMT
etag: W/"bf53dfdd7a2d5df4ce50d7ce51826663"
server: AmazonS3
cache-control: public, max-age=31536000
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UZy2JaTeoGaiyoKONYoXlI-94yZRwtkvc9v6pqMJN5cXrFHclzhBEA==
age: 330236
X-Firefox-Spdy: h2
www.file.io/d6a9949e-4e9c210da2d83a376ddb.js
200 OK 0 B URL HTTP/2 www.file.io/d6a9949e-4e9c210da2d83a376ddb.js
IP
GET /d6a9949e-4e9c210da2d83a376ddb.js HTTP/1.1
Host: www.file.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file.io/deleted
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
x-amz-id-2: L3LHmssI5k48PAA48H5dihyJAqH4BrKFEt7CjYyYYAjB75SsFBybBYOKyBMXO5BtqfHHeczAYI0=
x-amz-request-id: SRSE0J7DGTDV1TD9
date: Mon, 24 Oct 2022 09:08:08 GMT
last-modified: Mon, 24 Oct 2022 09:05:42 GMT
etag: W/"2feda6389a53a29ad5102ef7918752f6"
server: AmazonS3
cache-control: public, max-age=31536000
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zzETuYlyD_IR-OOO6qrS48RUJaEjw5-EMB6Fj-eQl13vEp1_qn3oag==
age: 330236
X-Firefox-Spdy: h2
www.file.io/cb1608f2-c3c6ab3068acdccdccc5.js
200 OK 0 B URL HTTP/2 www.file.io/cb1608f2-c3c6ab3068acdccdccc5.js
IP
GET /cb1608f2-c3c6ab3068acdccdccc5.js HTTP/1.1
Host: www.file.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file.io/deleted/
Cookie: _ga=GA1.2.1048497921.1666932722; _gid=GA1.2.37558474.1666932722
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
x-amz-id-2: VypVug1DIpGbHsNTadoU0QGmXqpk2R2GxzJzXaYMLpeGu2+YEwiRX4CtA+pfOAWH0UwAGZM/aI8=
x-amz-request-id: W7FN4MK6W17MCM8E
date: Mon, 24 Oct 2022 09:08:09 GMT
last-modified: Mon, 24 Oct 2022 09:05:39 GMT
etag: W/"be2740357851b35d3b50ac372bdc1864"
server: AmazonS3
cache-control: public, max-age=31536000
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sIeDv22twOqUCayNu8ysFPH4_YE5g9CK2Y0Wf3Xsor_KBmwDnRV5aQ==
age: 330235
X-Firefox-Spdy: h2
www.file.io/component---src-pages-deleted-js-7c80fc721d565901864f.js
200 OK 0 B URL HTTP/2 www.file.io/component---src-pages-deleted-js-7c80fc721d565901864f.js
IP
GET /component---src-pages-deleted-js-7c80fc721d565901864f.js HTTP/1.1
Host: www.file.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file.io/deleted/
Cookie: _ga=GA1.2.1048497921.1666932722; _gid=GA1.2.37558474.1666932722
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
x-amz-id-2: KkJPvJg8xCS/bN6hDoRjIPz79Iw+6ytxuc+kFUrBrgdejZj3Jm6uCMyPvJFVE9rwqSSEXWYO1Gg=
x-amz-request-id: TXTRN2PJ3NZ9QTXE
date: Mon, 24 Oct 2022 09:08:23 GMT
last-modified: Mon, 24 Oct 2022 09:05:40 GMT
etag: W/"5e5013749143fdacb7c33f476c692745"
server: AmazonS3
cache-control: public, max-age=31536000
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ani5pinswfoUoxY3vkGbuXr9S7XWlPuqMyZfCMEF7iQpC0v_ZeUYfg==
age: 330221
X-Firefox-Spdy: h2
3.213.81.213
23.38.200.201
104.22.37.96
51.89.9.253
162.19.138.118
104.88.9.101
3.126.56.137
188.42.196.115
147.75.85.234