8.8.8.8:53

8.8.8.8:53

188.114.97.0:443

GET /s9C5b HTTP/2.0
host: filedm.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Thu, 17 Aug 2023 14:52:03 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=dl77083oj2tv9u874sj48sfhi6; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2BL1Vw5mcWPkwqvCvYSlNsP5PvzWQaB5uPZSLBiNN7K45aK80HFtxUBIyzJgaVeLMbAsgNErEwNjjH8jahmUQ3cLPq5UqTZzQNk%2BWoqRFCbcTCBjTHSQWmLP5hpf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f82bd186b320e94-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400

188.114.97.0:443

GET /assets/libs/@fortawesome/fontawesome-free/css/all.min.css HTTP/2.0
host: filedm.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://filedm.com/s9C5b
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=dl77083oj2tv9u874sj48sfhi6

HTTP/2.0 200
date: Thu, 17 Aug 2023 14:52:03 GMT
content-type: text/css
via: 1.1 google
age: 449
last-modified: Fri, 10 Jul 2020 13:21:11 GMT
etag: W/"5f086b47-de0a"
cache-control: public, max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rG5N7uOHfk2k88PYtb7UPMIlI7PvUy29Ale%2Bg5WRvUuE1auQhbNUdvcttGhxgo7VCJlcQ2k7QNHFPxjfkMIaDtxp%2FWNHibvGhrniHntLZPkTjJt5xUJWhxyIpsE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f82bd194c550e94-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400

188.114.97.0:443

GET /assets/css/quick-website.css HTTP/2.0
host: filedm.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://filedm.com/s9C5b
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=dl77083oj2tv9u874sj48sfhi6

HTTP/2.0 200
date: Thu, 17 Aug 2023 14:52:03 GMT
content-type: text/css
via: 1.1 google
age: 449
last-modified: Fri, 10 Jul 2020 13:20:49 GMT
etag: W/"5f086b31-6f11b"
cache-control: public, max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDx7Og6nIEV3qityWyX50Bq7XIBdNpql8wUWx5amvpcTKO7hgzWN%2Fvy5xamK6b9KbXfZmqaHz%2FW%2Bg9MU7GrJL9Ngj7dftf3RIHYUFizsSxivNOf5zy8L6KFKjMnL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f82bd194c580e94-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400

188.114.97.0:443

GET /assets/libs/jquery/dist/jquery.min.js HTTP/2.0
host: filedm.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://filedm.com/s9C5b
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=dl77083oj2tv9u874sj48sfhi6

HTTP/2.0 200
date: Thu, 17 Aug 2023 14:52:03 GMT
content-type: application/javascript
via: 1.1 google
last-modified: Fri, 10 Jul 2020 13:21:03 GMT
etag: W/"5f086b3f-15851"
age: 449
cache-control: public, max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Py0fTVzV17gL9N5ilsj3u3191pur%2Bs35kxJt2MU4%2BmjJELzBJMva1rpQiMIJCG9P8rtLiKgS16miZccniERNS0GrxniEI4sBEv0JHNfrIv1YD5Icwrb4%2FOYI0Oug"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f82bd19dd160e94-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400

188.114.97.0:443

GET /assets/libs/bootstrap/dist/js/bootstrap.bundle.min.js HTTP/2.0
host: filedm.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://filedm.com/s9C5b
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=dl77083oj2tv9u874sj48sfhi6

HTTP/2.0 200
date: Thu, 17 Aug 2023 14:52:03 GMT
content-type: application/javascript
via: 1.1 google
age: 449
last-modified: Fri, 10 Jul 2020 13:21:17 GMT
etag: W/"5f086b4d-13b3a"
cache-control: public, max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGUj5jOKxUBVSOyEhtR5hxwdVlCsGyuOzHZWwkXzu9vMfOYBIA2cn%2FZM9DxekJ9TZKG4x7UY9KgmzzZZT4SIdVa6KYeb1qlZssq%2FZr%2F6kthE%2FuJtBQzheJvwC%2FsM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f82bd19dd190e94-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400

188.114.97.0:443

GET /assets/libs/svg-injector/dist/svg-injector.min.js HTTP/2.0
host: filedm.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://filedm.com/s9C5b
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=dl77083oj2tv9u874sj48sfhi6

HTTP/2.0 200
date: Thu, 17 Aug 2023 14:52:03 GMT
content-type: application/javascript
via: 1.1 google
age: 449
last-modified: Fri, 10 Jul 2020 13:21:08 GMT
etag: W/"5f086b44-11e3"
cache-control: public, max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBMEU9wcRjgs%2ByeiXHPMQ%2Ff%2FObHM0bLQNeOGtdFanC8pKJivnmZAhNnwjpXwdtvDEXCpcfozGE5jv8f7B%2B4fXX0LgdtHapwtMWO16Cp29bAmkHw6YFwzZX7feY9S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f82bd1a4dc50e94-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400

188.114.97.0:443

GET /assets/libs/feather-icons/dist/feather.min.js HTTP/2.0
host: filedm.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://filedm.com/s9C5b
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=dl77083oj2tv9u874sj48sfhi6

HTTP/2.0 200
date: Thu, 17 Aug 2023 14:52:03 GMT
content-type: application/javascript
via: 1.1 google
age: 449
last-modified: Fri, 10 Jul 2020 13:20:59 GMT
etag: W/"5f086b3b-11b29"
cache-control: public, max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6wGJ0YW6gKnYxOQPXldzIDbb8sYMLZbNMXosNziVolKZr5lXQn7tolBdCBjYUvXdeVMN1TTiigBCTLm0%2BU6K79gJD%2BZqJWbFf2knfU3pQkPny8FbOUZr2RBETKOD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f82bd1abe8a0e94-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400

188.114.97.0:443

GET /assets/js/quick-website.js HTTP/2.0
host: filedm.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://filedm.com/s9C5b
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=dl77083oj2tv9u874sj48sfhi6

HTTP/2.0 200
date: Thu, 17 Aug 2023 14:52:03 GMT
content-type: image/png
content-length: 12224
via: 1.1 google
age: 449
last-modified: Fri, 04 Aug 2023 11:15:28 GMT
etag: "64ccddd0-2fc0"
cache-control: public, max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78YkdfGZGcA8%2Fs2PBY44sipUKIh1oVsZdagyzC1QRViPcMQA60YO09nACevh9WTWHYZn4HC1kxTydLHUVVNigJ1D%2B2XGfzx%2BRkOupBVZIbVFzjdQRXJEvI1aDv8l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f82bd1aeeda0e94-AMS
alt-svc: h3=":443"; ma=86400

188.114.97.0:443

GET /assets/img/brand/logo.png HTTP/2.0
host: filedm.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://filedm.com/s9C5b
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=dl77083oj2tv9u874sj48sfhi6

HTTP/2.0 200
date: Thu, 17 Aug 2023 14:52:03 GMT
content-type: image/png
content-length: 1346
via: 1.1 google
age: 449
last-modified: Fri, 10 Jul 2020 13:20:52 GMT
etag: "5f086b34-542"
cache-control: public, max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aED3DIEjQewQy8gsS%2B%2FrKeF1NCtj87iLy1HC2EUn8723dQ1x3hZpBQvVwG9%2BmDt5SK9bePtiAY%2BnTNHCXKnZ%2F1PAbFtVc8MljvJU29WX45pIW1oHOJttOHq9WLRg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f82bd1aeed70e94-AMS
alt-svc: h3=":443"; ma=86400

188.114.97.0:443

GET /assets/img/brand/win.png HTTP/2.0
host: filedm.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://filedm.com/s9C5b
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=dl77083oj2tv9u874sj48sfhi6

HTTP/2.0 200
date: Thu, 17 Aug 2023 14:52:03 GMT
content-type: image/png
content-length: 293
via: 1.1 google
age: 449
last-modified: Wed, 15 Jul 2020 15:04:45 GMT
etag: "5f0f1b0d-125"
cache-control: public, max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aeaSxa8I1IxrplNqK0qAz2H8%2Ftwxdby%2BEkm9JBaOU4xaOyPhKfFaoR03kHE%2BkNyXc%2FgnXWloavsgQkEqVZpzsFudH9%2F4Oui6ODbju9Wbo8rY0AObwmYZgkikL4R7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f82bd1aeed80e94-AMS
alt-svc: h3=":443"; ma=86400

188.114.97.0:443

GET /assets/img/brand/marker_1.png HTTP/2.0
host: filedm.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://filedm.com/s9C5b
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=dl77083oj2tv9u874sj48sfhi6

HTTP/2.0 200
date: Thu, 17 Aug 2023 14:52:03 GMT
content-type: image/png
content-length: 434
via: 1.1 google
age: 449
last-modified: Wed, 15 Jul 2020 15:04:45 GMT
etag: "5f0f1b0d-1b2"
cache-control: public, max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6IxG%2BYLjibD6UxsCqO6G8aCsjm0Hv9IsKZmsKG8RP5J7wJSx3AdA8WQN01eV2N0wJK8uwCLPMHQT2Ay2CxR6Yr%2Ba6rotKeFZHAWjCmc0dNE7TAamMlCPgpWbaoKX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f82bd1aeed90e94-AMS
alt-svc: h3=":443"; ma=86400

188.114.97.0:443

GET /assets/img/next.png HTTP/2.0
host: filedm.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://filedm.com/s9C5b
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=dl77083oj2tv9u874sj48sfhi6

HTTP/2.0 200
date: Thu, 17 Aug 2023 14:52:03 GMT
content-type: application/javascript
via: 1.1 google
age: 449
last-modified: Fri, 10 Jul 2020 13:20:49 GMT
etag: W/"5f086b31-16b8"
cache-control: public, max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u1z6XeF81mPmgVK447o%2FK8pA%2B8KdubccN0SHKoL3za2pdFEKQ%2Fm8sn2KGZaCXdzGpNIEGjmHLMXKttxcQaw%2B2d7DfqnAnkAfwBhsvu0sNYffJgYkEFXJfhkoNeo8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f82bd1aeed50e94-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400

188.114.97.0:443

GET /assets/libs/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2 HTTP/2.0
host: filedm.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://filedm.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://filedm.com/assets/libs/@fortawesome/fontawesome-free/css/all.min.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=dl77083oj2tv9u874sj48sfhi6

HTTP/2.0 200
date: Thu, 17 Aug 2023 14:52:03 GMT
content-length: 75728
last-modified: Fri, 10 Jul 2020 13:21:13 GMT
etag: "127d0-5aa16370b6b60"
via: 1.1 google
cache-control: max-age=14400
cf-cache-status: HIT
age: 2124
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pSRAvPasEZ83vTao8L4vDowHOtA5St77Gg3OIc0jYyn%2FdLOAOlBMdXm%2BduRZvhW3IH%2BrH%2B578zYjDKc0oyGAqmIjksOIiomizMPRfSOKloOLLnbnfO6RA%2FXDbrHG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f82bd1cb9200e94-AMS
alt-svc: h3=":443"; ma=86400

188.114.97.0:443

GET /assets/img/brand/favicon.png HTTP/2.0
host: filedm.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://filedm.com/s9C5b
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=dl77083oj2tv9u874sj48sfhi6
cookie: _ga_MY4YDH2LKP=GS1.1.1692283923.1.0.1692283923.0.0.0
cookie: _ga=GA1.1.2005362499.1692283923
cookie: __gads=ID=7b2f7c0aa1f38e63-22d20b1854de00ee:T=1692283924:RT=1692283924:S=ALNI_MaqkJREct_1-wiCgLuIoIdFajNR9A
cookie: __gpi=UID=00000c620b3e1b35:T=1692283924:RT=1692283924:S=ALNI_MZUlg9nhBDxFNiqgVC4rPs580pKyQ

HTTP/2.0 200
date: Thu, 17 Aug 2023 14:52:07 GMT
content-type: image/png
content-length: 83827
via: 1.1 google
age: 453
last-modified: Fri, 10 Jul 2020 13:20:52 GMT
etag: "5f086b34-14773"
cache-control: public, max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=axGhePg8Y%2FLC9CgY7DfMttkEB3UaqZVtv4fNwSEcgheNbSWKZkb2zwOdXZIMEulspNP5Sai2RDQUjCe7wWCZKmFbjLmMbyaBbPRl2TQ4dU91G1wYfWnUg%2FGYtUnz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f82bd3099220e94-AMS
alt-svc: h3=":443"; ma=86400

8.8.8.8:53

88.221.25.153:80

GET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: apps.identrust.com

HTTP/1.1 200 OK
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15768000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' *.identrust.com
Last-Modified: Wed, 08 Feb 2023 16:52:56 GMT
ETag: "37d-5f433188daa00"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Thu, 17 Aug 2023 15:52:03 GMT
Date: Thu, 17 Aug 2023 14:52:03 GMT
Connection: keep-alive

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

142.250.179.162:443

GET /pagead/html/r20230815/r20190131/zrt_lookup.html HTTP/2.0
host: googleads.g.doubleclick.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://filedm.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

142.250.179.162:443

OPTIONS /pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x83a45f8a812f61710000000000000000%22,%222%22:%220x626a10b0306c7c020000000000000000%22,%225%22:%220x5a653054eef95e2c0000000000000000%22},%22debug_key%22:%222597011442594639183%22,%22debug_reporting%22:true,%22destination%22:%22https://grammarly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22956476927%22],%224%22:[%2208-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211580217851216142337%22}&andc=true HTTP/2.0
host: www.googleadservices.com
accept: */*
access-control-request-method: GET
access-control-request-headers: attribution-reporting-eligible
origin: https://googleads.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

142.251.36.2:443

GET /gampad/cookie.js?domain=filedm.com&callback=_gfp_s_&client=ca-pub-5249810785570428 HTTP/2.0
host: partner.googleadservices.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://filedm.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

8.8.8.8:53

142.251.36.1:443

GET /pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

142.251.36.1:443

GET /simgad/5812785455796822292/14763004658117789537?w=600&h=314 HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

142.251.36.1:443

GET /simgad/2984971332974739170?w=100&h=100 HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

142.251.36.1:443

GET /pagead/js/r20230815/r20110914/client/load_preloaded_resource_fy2021.js HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

142.251.36.1:443

GET /pagead/js/r20230815/r20110914/abg_lite_fy2021.js HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

142.251.36.1:443

GET /pagead/js/r20230815/r20110914/client/window_focus_fy2021.js HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

8.8.8.8:53

142.251.36.34:443

GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/2.0
host: www.googletagservices.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

172.217.23.195:443

GET /v6exp3/redir.html HTTP/2.0
host: p4-htk6kc4kbhmyk-m5oiin5zrfwhyjyv-if-v6exp3-v4.metric.gstatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

104.21.68.145:443

GET /?id=Synapse%20X%20Free%20-%20UWP%202.598_94351 HTTP/2.0
host: freefiledl.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
referer: https://filedm.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Thu, 17 Aug 2023 14:52:16 GMT
content-type: application/octet-stream
content-length: 9844640
x-powered-by: Express
cache-control: no-store
content-disposition: attachment; filename="Synapse X Free - UWP 2.598_94351.exe"
accept-ranges: bytes
last-modified: Thu, 17 Aug 2023 09:10:11 GMT
etag: W/"9637a0-18a02c270ce"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fklfKW8FJezLOniIqiTTE3R59hEYONqFehjmyT9nYvdpXmrie8tGqjpxhp0Lzc0K4KsW48%2BpHOeKUAwsh0BQ4CCubowGcVLIwCBFwM9RjuVVIYxNbY2uppfYSl1jTN89Zg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f82bd689a410a75-AMS
alt-svc: h3=":443"; ma=86400

8.8.8.8:53

8.8.8.8:53

142.251.39.114:443

GET /v6exp3/6.gif HTTP/2.0
host: p4-htk6kc4kbhmyk-m5oiin5zrfwhyjyv-263309-i1-v6exp3.v4.metric.gstatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://p4-htk6kc4kbhmyk-m5oiin5zrfwhyjyv-if-v6exp3-v4.metric.gstatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

8.8.8.8:53

142.250.179.146:443

GET /v6exp3/6.gif HTTP/2.0
host: p4-htk6kc4kbhmyk-m5oiin5zrfwhyjyv-263309-i2-v6exp3.ds.metric.gstatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://p4-htk6kc4kbhmyk-m5oiin5zrfwhyjyv-if-v6exp3-v4.metric.gstatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

35.190.60.70:80

GET /callback/info.php?id=94351 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: sciter 4.3.0.0; Windows-8; www.sciter.com)
Host: dlsft.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 17 Aug 2023 14:52:36 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 283
Vary: Accept-Encoding
Content-Encoding: gzip
Via: 1.1 google

35.190.60.70:80

GET /callback/offers.php HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: sciter 4.3.0.0; Windows-8; www.sciter.com)
Host: dlsft.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 17 Aug 2023 14:52:36 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 17
Via: 1.1 google

35.190.60.70:80

POST /callback/geo/geo.php HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded;charset=utf-8
User-Agent: sciter 4.3.0.0; Windows-8; www.sciter.com)
Host: dlsft.com
Content-Length: 0
Connection: Keep-Alive
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 17 Aug 2023 14:52:36 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 18
Via: 1.1 google

35.190.60.70:80

POST /callback/?channel=s9C5b&id=94351&action=started HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded;charset=utf-8
User-Agent: sciter 4.3.0.0; Windows-8; www.sciter.com)
Host: dlsft.com
Content-Length: 0
Connection: Keep-Alive
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 17 Aug 2023 14:52:36 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Via: 1.1 google

35.190.60.70:80

POST /callback/?channel=s9C5b&id=94351&action=completed HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded;charset=utf-8
User-Agent: sciter 4.3.0.0; Windows-8; www.sciter.com)
Host: dlsft.com
Content-Length: 0
Connection: Keep-Alive
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 17 Aug 2023 14:53:03 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Via: 1.1 google

8.8.8.8:53

8.8.8.8:53

35.190.60.70:80

POST /callback/geo/geo.php HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded;charset=utf-8
User-Agent: sciter 4.3.0.0; Windows-8; www.sciter.com)
Host: dlsft.com
Content-Length: 0
Connection: Keep-Alive
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 17 Aug 2023 14:52:36 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 18
Via: 1.1 google

8.8.8.8:53

35.190.60.70:80

POST /callback/?channel=s9C5b&id=94351&action=started HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded;charset=utf-8
User-Agent: sciter 4.3.0.0; Windows-8; www.sciter.com)
Host: dlsft.com
Content-Length: 0
Connection: Keep-Alive
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 17 Aug 2023 14:52:36 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Via: 1.1 google

35.190.60.70:80

POST /callback/?channel=s9C5b&id=94351&action=completed HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded;charset=utf-8
User-Agent: sciter 4.3.0.0; Windows-8; www.sciter.com)
Host: dlsft.com
Content-Length: 0
Connection: Keep-Alive
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 17 Aug 2023 14:52:45 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Via: 1.1 google

8.8.8.8:53

23.222.33.142:80

GET / HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: x2.c.lencr.org

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/pkix-crl
Last-Modified: Fri, 04 Aug 2023 20:57:56 GMT
ETag: "64cd6654-12c"
Cache-Control: max-age=3600
Expires: Thu, 17 Aug 2023 15:52:37 GMT
Date: Thu, 17 Aug 2023 14:52:37 GMT
Content-Length: 300
Connection: keep-alive

23.222.33.142:80

GET / HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: x2.c.lencr.org

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/pkix-crl
Last-Modified: Fri, 04 Aug 2023 20:57:56 GMT
ETag: "64cd6654-12c"
Cache-Control: max-age=3600
Expires: Thu, 17 Aug 2023 15:52:37 GMT
Date: Thu, 17 Aug 2023 14:52:37 GMT
Content-Length: 300
Connection: keep-alive

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

104.17.9.52:443

POST /v1/event-stat/?ProductID=IS&Type=BundleInstallStart HTTP/1.1
User-Agent: .NET Framework (Microsoft Windows NT 10.0.19041.0; x64; H2O/7.14.2.0)
Referer: https://www.adaware.com
Content-Type: application/json;charset=utf-8
Host: flow.lavasoft.com
installid: 8239bada-629c-4622-b536-832799c1d553
Content-Length: 2243
Connection: Keep-Alive

HTTP/1.1 200 OK
Date: Thu, 17 Aug 2023 14:52:39 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
Access-Control-Expose-Headers: Content-Length,Content-Range
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7f82bdfc494fb987-AMS

104.17.9.52:443

POST /v1/event-stat/?ProductID=IS&Type=PageShown HTTP/1.1
User-Agent: .NET Framework (Microsoft Windows NT 10.0.19041.0; x64; H2O/7.14.2.0)
Referer: https://www.adaware.com
Content-Type: application/json;charset=utf-8
Host: flow.lavasoft.com
installid: 8239bada-629c-4622-b536-832799c1d553
Content-Length: 273

HTTP/1.1 200 OK
Date: Thu, 17 Aug 2023 14:52:40 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
Access-Control-Expose-Headers: Content-Length,Content-Range
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7f82be0238cdb987-AMS

104.17.9.52:443

POST /v1/event-stat/?ProductID=IS&Type=BundleProposedOffers HTTP/1.1
User-Agent: .NET Framework (Microsoft Windows NT 10.0.19041.0; x64; H2O/7.14.2.0)
Referer: https://www.adaware.com
Content-Type: application/json;charset=utf-8
Host: flow.lavasoft.com
installid: 8239bada-629c-4622-b536-832799c1d553
Content-Length: 33034

HTTP/1.1 200 OK
Date: Thu, 17 Aug 2023 14:52:41 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
Access-Control-Expose-Headers: Content-Length,Content-Range
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7f82be049bb5b987-AMS

104.17.9.52:443

POST /v1/event-stat/?ProductID=IS&Type=BundleOfferRejected HTTP/1.1
User-Agent: .NET Framework (Microsoft Windows NT 10.0.19041.0; x64; H2O/7.14.2.0)
Referer: https://www.adaware.com
Content-Type: application/json;charset=utf-8
Host: flow.lavasoft.com
installid: 8239bada-629c-4622-b536-832799c1d553
Content-Length: 468

HTTP/1.1 200 OK
Date: Thu, 17 Aug 2023 14:52:41 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
Access-Control-Expose-Headers: Content-Length,Content-Range
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7f82be087fc5b987-AMS

104.17.9.52:443

POST /v1/event-stat/?ProductID=IS&Type=BundleOfferRejected HTTP/1.1
User-Agent: .NET Framework (Microsoft Windows NT 10.0.19041.0; x64; H2O/7.14.2.0)
Referer: https://www.adaware.com
Content-Type: application/json;charset=utf-8
Host: flow.lavasoft.com
installid: 8239bada-629c-4622-b536-832799c1d553
Content-Length: 456

HTTP/1.1 200 OK
Date: Thu, 17 Aug 2023 14:52:41 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
Access-Control-Expose-Headers: Content-Length,Content-Range
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7f82be097900b987-AMS

104.17.9.52:443

POST /v1/event-stat/?ProductID=IS&Type=BundleOfferRejected HTTP/1.1
User-Agent: .NET Framework (Microsoft Windows NT 10.0.19041.0; x64; H2O/7.14.2.0)
Referer: https://www.adaware.com
Content-Type: application/json;charset=utf-8
Host: flow.lavasoft.com
installid: 8239bada-629c-4622-b536-832799c1d553
Content-Length: 473

HTTP/1.1 200 OK
Date: Thu, 17 Aug 2023 14:52:42 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
Access-Control-Expose-Headers: Content-Length,Content-Range
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7f82be0a5ad4b987-AMS

104.17.9.52:443

POST /v1/event-stat/?ProductID=IS&Type=BundleOfferRejected HTTP/1.1
User-Agent: .NET Framework (Microsoft Windows NT 10.0.19041.0; x64; H2O/7.14.2.0)
Referer: https://www.adaware.com
Content-Type: application/json;charset=utf-8
Host: flow.lavasoft.com
installid: 8239bada-629c-4622-b536-832799c1d553
Content-Length: 458

HTTP/1.1 200 OK
Date: Thu, 17 Aug 2023 14:52:42 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
Access-Control-Expose-Headers: Content-Length,Content-Range
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7f82be0b5c37b987-AMS

104.17.9.52:443

POST /v1/event-stat/?ProductID=IS&Type=OfferDetailsReceived HTTP/1.1
User-Agent: .NET Framework (Microsoft Windows NT 10.0.19041.0; x64; H2O/7.14.2.0)
Referer: https://www.adaware.com
Content-Type: application/json;charset=utf-8
Host: flow.lavasoft.com
installid: 8239bada-629c-4622-b536-832799c1d553
Content-Length: 405

HTTP/1.1 200 OK
Date: Thu, 17 Aug 2023 14:52:42 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
Access-Control-Expose-Headers: Content-Length,Content-Range
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7f82be0c2d6fb987-AMS

104.17.9.52:443

POST /v1/event-stat/?ProductID=IS&Type=OfferDetailsReceived HTTP/1.1
User-Agent: .NET Framework (Microsoft Windows NT 10.0.19041.0; x64; H2O/7.14.2.0)
Referer: https://www.adaware.com
Content-Type: application/json;charset=utf-8
Host: flow.lavasoft.com
installid: 8239bada-629c-4622-b536-832799c1d553
Content-Length: 443

HTTP/1.1 200 OK
Date: Thu, 17 Aug 2023 14:52:42 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
Access-Control-Expose-Headers: Content-Length,Content-Range
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7f82be0daf03b987-AMS

104.17.9.52:443

POST /v1/event-stat/?ProductID=IS&Type=OfferDetailsReceived HTTP/1.1
User-Agent: .NET Framework (Microsoft Windows NT 10.0.19041.0; x64; H2O/7.14.2.0)
Referer: https://www.adaware.com
Content-Type: application/json;charset=utf-8
Host: flow.lavasoft.com
installid: 8239bada-629c-4622-b536-832799c1d553
Content-Length: 434

HTTP/1.1 200 OK
Date: Thu, 17 Aug 2023 14:52:42 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
Access-Control-Expose-Headers: Content-Length,Content-Range
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7f82be0f6947b987-AMS

104.17.9.52:443

POST /v1/event-stat/?ProductID=IS&Type=OfferDetailsReceived HTTP/1.1
User-Agent: .NET Framework (Microsoft Windows NT 10.0.19041.0; x64; H2O/7.14.2.0)
Referer: https://www.adaware.com
Content-Type: application/json;charset=utf-8
Host: flow.lavasoft.com
installid: 8239bada-629c-4622-b536-832799c1d553
Content-Length: 433

HTTP/1.1 200 OK
Date: Thu, 17 Aug 2023 14:52:43 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
Access-Control-Expose-Headers: Content-Length,Content-Range
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7f82be125c92b987-AMS

104.17.9.52:443

POST /v1/event-stat/?ProductID=IS&Type=OfferDetailsReceived HTTP/1.1
User-Agent: .NET Framework (Microsoft Windows NT 10.0.19041.0; x64; H2O/7.14.2.0)
Referer: https://www.adaware.com
Content-Type: application/json;charset=utf-8
Host: flow.lavasoft.com
installid: 8239bada-629c-4622-b536-832799c1d553
Content-Length: 448

HTTP/1.1 200 OK
Date: Thu, 17 Aug 2023 14:52:44 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
Access-Control-Expose-Headers: Content-Length,Content-Range
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7f82be18cbbdb987-AMS

104.17.9.52:443

POST /v1/event-stat/?ProductID=IS&Type=OfferDetailsReceived HTTP/1.1
User-Agent: .NET Framework (Microsoft Windows NT 10.0.19041.0; x64; H2O/7.14.2.0)
Referer: https://www.adaware.com
Content-Type: application/json;charset=utf-8
Host: flow.lavasoft.com
installid: 8239bada-629c-4622-b536-832799c1d553
Content-Length: 428

HTTP/1.1 200 OK
Date: Thu, 17 Aug 2023 14:52:44 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
Access-Control-Expose-Headers: Content-Length,Content-Range
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7f82be1a7d8fb987-AMS

104.17.9.52:443

POST /v1/event-stat/?ProductID=IS&Type=OfferDetailsReceived HTTP/1.1
User-Agent: .NET Framework (Microsoft Windows NT 10.0.19041.0; x64; H2O/7.14.2.0)
Referer: https://www.adaware.com
Content-Type: application/json;charset=utf-8
Host: flow.lavasoft.com
installid: 8239bada-629c-4622-b536-832799c1d553
Content-Length: 420

HTTP/1.1 200 OK
Date: Thu, 17 Aug 2023 14:52:44 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
Access-Control-Expose-Headers: Content-Length,Content-Range
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7f82be1b6ec3b987-AMS

104.17.9.52:443

POST /v1/event-stat/?ProductID=IS&Type=OfferDetailsReceived HTTP/1.1
User-Agent: .NET Framework (Microsoft Windows NT 10.0.19041.0; x64; H2O/7.14.2.0)
Referer: https://www.adaware.com
Content-Type: application/json;charset=utf-8
Host: flow.lavasoft.com
installid: 8239bada-629c-4622-b536-832799c1d553
Content-Length: 420

HTTP/1.1 200 OK
Date: Thu, 17 Aug 2023 14:52:44 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
Access-Control-Expose-Headers: Content-Length,Content-Range
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7f82be1c680bb987-AMS