infogojekbdg.blogspot.kr/
172.217.21.161302 Moved Temporarily 181 B URL HTTP/1.1 infogojekbdg.blogspot.kr/
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash b4b81d1473e75ff010be809d12f55fa2
771b0b5ac2dc0ed69e09c12676d82f20a78df854
43f8ab53a9bc6a240b85d529ec3170ba13b5686ae0b9ade1a556b4f5c48354b4
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: infogojekbdg.blogspot.kr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://infogojekbdg.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Wed, 30 Nov 2022 07:05:20 GMT
Expires: Wed, 30 Nov 2022 07:05:20 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 181
Server: GSE
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2638
Expires: Wed, 30 Nov 2022 07:49:18 GMT
Date: Wed, 30 Nov 2022 07:05:20 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3208
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:20 GMT
Last-Modified: Wed, 30 Nov 2022 06:11:52 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 06:19:40 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2740
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8905
Expires: Wed, 30 Nov 2022 09:33:45 GMT
Date: Wed, 30 Nov 2022 07:05:20 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Ika6kKNABzGMRWFbF2xGRhQPZXR+vhgo4Ft8cctgWxgUUY0AK2cF7dLHWce7hhaoS5eaTYkfSfA=
x-amz-request-id: TT5K1Q96HF4TG047
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 06:45:07 GMT
age: 1213
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 07:05:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 06:11:14 GMT
cache-control: public,max-age=3600
age: 3246
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3198
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:20 GMT
Last-Modified: Wed, 30 Nov 2022 06:12:02 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.148.53.106101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.53.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: avq1nmcJ877+OGyBAVxUkg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: aMdz62sSx2n0slwFHVdgZOqf2cQ=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 663d7a15e6575b4513f2f419c6c7c091
c8a76ecc119f9b4b81a192720713377d2e521b34
ee7ad65e8b239c9f51bab0e58e8495bc6bc7144e40f55503f1084da047462ef8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
216.58.207.233200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 14:01:43 GMT
expires: Wed, 29 Nov 2023 14:01:43 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 14:50:39 GMT
content-type: text/css
age: 61418
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
infogojekbdg.blogspot.com/
172.217.21.161200 OK 50 kB URL HTTP/1.1 infogojekbdg.blogspot.com/
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (12587)
Hash eef07f43543a48d2fc8baa218b3ec8bc
82f048be47fef1768e31cf88663b2f9bd4eaf5d0
ca1443fc12db136e688cd4cb9e0564c75f419ffb92a38e19d086b76ea2748c07
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: infogojekbdg.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Wed, 30 Nov 2022 07:05:21 GMT
Date: Wed, 30 Nov 2022 07:05:21 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 08 Nov 2022 01:00:24 GMT
ETag: W/"454dc63ede778c64aa52cfcf430da1ff90bb49fcf03bc751c7f2fa8cc80ecbb1"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 49872
Server: GSE
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.98200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.98:0
File type ASCII text, with very long lines (4885)
Hash 7615a0f576487229442cb198dd86de51
7dc39f74e5261f0f478274e40e20bb5257fddec3
5061d9e3dfb1aece4490e808d9196a044abce478dc1c5750be34e906c13f1581
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 30 Nov 2022 07:05:21 GMT
expires: Wed, 30 Nov 2022 07:05:21 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 5778220974456079269
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49134
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
142.250.74.106200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (65483)
Hash a54a444f20643b131117dc2112cca05f
074964746b12ff1d30f7656310d6154ae1cc98b5
aa3ca8485dd777d4d880b38c1cf3bc2fc290d28a79ba3e3e43cba1f653132830
GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33593
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 22:01:48 GMT
expires: Wed, 29 Nov 2023 22:01:48 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 32613
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 663d7a15e6575b4513f2f419c6c7c091
c8a76ecc119f9b4b81a192720713377d2e521b34
ee7ad65e8b239c9f51bab0e58e8495bc6bc7144e40f55503f1084da047462ef8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
infogojekbdg.blogspot.com/js/cookienotice.js
172.217.21.161200 OK 2.0 kB URL HTTP/1.1 infogojekbdg.blogspot.com/js/cookienotice.js
IP 172.217.21.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: infogojekbdg.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Wed, 30 Nov 2022 07:05:21 GMT
Expires: Wed, 07 Dec 2022 07:05:21 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 29 Nov 2022 18:54:36 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
1.bp.blogspot.com/-NeNP4QQN30w/Vg9J9ZV3_oI/AAAAAAAAEi8/vDIT66zOagA/w72-h72-p-k-no-nu/IMG-20150926-WA009MM%2Bcopy.jpg
142.250.74.161200 OK 4.4 kB URL HTTP/1.1 1.bp.blogspot.com/-NeNP4QQN30w/Vg9J9ZV3_oI/AAAAAAAAEi8/vDIT66zOagA/w72-h72-p-k-no-nu/IMG-20150926-WA009MM%2Bcopy.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash a862bcccb311bd571f3ce47e946e1647
6a14ca3cb94e08ff0654b23b26b2dc26357bb2f3
07cb818535204224564481f24d5b14e57a7e32bc1af16bab9f9e70225cda5abe
GET /-NeNP4QQN30w/Vg9J9ZV3_oI/AAAAAAAAEi8/vDIT66zOagA/w72-h72-p-k-no-nu/IMG-20150926-WA009MM%2Bcopy.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="IMG-20150926-WA009MM copy.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4362
X-XSS-Protection: 0
Date: Wed, 30 Nov 2022 07:05:21 GMT
Expires: Thu, 01 Dec 2022 00:18:28 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1230"
Content-Type: image/jpeg
Age: 0
2.bp.blogspot.com/-pJV3kTKciwc/VgWYTtNpLYI/AAAAAAAAEas/six4pMzDvb8/w72-h72-p-k-no-nu/REKENING%2BPONEL%2BDAN%2BGOJEK.jpg
142.250.74.161200 OK 3.4 kB URL HTTP/1.1 2.bp.blogspot.com/-pJV3kTKciwc/VgWYTtNpLYI/AAAAAAAAEas/six4pMzDvb8/w72-h72-p-k-no-nu/REKENING%2BPONEL%2BDAN%2BGOJEK.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 7d610fa298d827e32a6d7e8b4747dcb8
7314e359917dfb296c45ea01364e0a055b9a82d9
9316a237e8541c29554edee2080abe04a62704aa7a01517bf624037d23ab4bd0
GET /-pJV3kTKciwc/VgWYTtNpLYI/AAAAAAAAEas/six4pMzDvb8/w72-h72-p-k-no-nu/REKENING%2BPONEL%2BDAN%2BGOJEK.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="REKENING PONEL DAN GOJEK.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3364
X-XSS-Protection: 0
Date: Wed, 30 Nov 2022 07:05:21 GMT
Expires: Thu, 01 Dec 2022 00:18:28 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v11ac"
Content-Type: image/jpeg
Age: 0
3.bp.blogspot.com/-cCzjaAz8sBg/VhPaFzPKSfI/AAAAAAAAElA/6eyBGgKCf9c/s794/slide-gomart%2BWEB%2BGOJEK%2BBANDUNG.jpg
142.250.74.161200 OK 80 kB URL HTTP/1.1 3.bp.blogspot.com/-cCzjaAz8sBg/VhPaFzPKSfI/AAAAAAAAElA/6eyBGgKCf9c/s794/slide-gomart%2BWEB%2BGOJEK%2BBANDUNG.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 794x303, components 3\012- data
Hash ca1580dd4e452037b751f4248c97962c
7b5d90f4257cb3f9665573f1273ad6ea6c624024
a9395781e172f42c9614f4c3fdbc768eb09b6b41b8921806b33bd7602ee890ec
GET /-cCzjaAz8sBg/VhPaFzPKSfI/AAAAAAAAElA/6eyBGgKCf9c/s794/slide-gomart%2BWEB%2BGOJEK%2BBANDUNG.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1251"
Expires: Thu, 01 Dec 2022 07:05:21 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="slide-gomart WEB GOJEK BANDUNG.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 07:05:21 GMT
Server: fife
Content-Length: 79952
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8c7740729b3e689d0f033aae372325c2
c6daa75cb90188534367ab0a3ef263a7f8b15ff8
077d3bf6932d231023142ad1deb36203e7f59f0fa3e3838f56852c781b1b959c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-bFiWbrrgi1Y/VhPbJaIe6QI/AAAAAAAAElM/hhU7u3FFsiw/s1600-r/LOGO%2BWEB%2BGOJEK2.png
142.250.74.161200 OK 221 kB URL HTTP/1.1 1.bp.blogspot.com/-bFiWbrrgi1Y/VhPbJaIe6QI/AAAAAAAAElM/hhU7u3FFsiw/s1600-r/LOGO%2BWEB%2BGOJEK2.png
IP 142.250.74.161:0
File type PNG image data, 511 x 677, 8-bit/color RGB, non-interlaced\012- data
Size 221 kB (221148 bytes)
Hash f839b4b3bef1a8c858a7304fba649cf5
4b3652f26955dc4292bc7dad99f88fb960844633
3933b83c6a95b5e999aee3217951f5c1bc780c2ad57b1a5ef14c4007b9a979ac
GET /-bFiWbrrgi1Y/VhPbJaIe6QI/AAAAAAAAElM/hhU7u3FFsiw/s1600-r/LOGO%2BWEB%2BGOJEK2.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="LOGO WEB GOJEK2.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 221148
X-XSS-Protection: 0
Date: Wed, 30 Nov 2022 07:05:21 GMT
Expires: Thu, 01 Dec 2022 00:18:28 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1254"
Content-Type: image/png
Age: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-aqqFdoDqjq0/WIXOY-i01NI/AAAAAAAAFqs/mmyJTQQbmkYGZ8HCjqlgVMSRvgDSkecugCLcB/w72-h72-p-k-no-nu/cara%2Bmendapatkan%2Borderan%2Bgojek%2Bdengan%2Bmudah%2B2017.jpg
142.250.74.161200 OK 4.4 kB URL HTTP/2 4.bp.blogspot.com/-aqqFdoDqjq0/WIXOY-i01NI/AAAAAAAAFqs/mmyJTQQbmkYGZ8HCjqlgVMSRvgDSkecugCLcB/w72-h72-p-k-no-nu/cara%2Bmendapatkan%2Borderan%2Bgojek%2Bdengan%2Bmudah%2B2017.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash a862bcccb311bd571f3ce47e946e1647
6a14ca3cb94e08ff0654b23b26b2dc26357bb2f3
07cb818535204224564481f24d5b14e57a7e32bc1af16bab9f9e70225cda5abe
GET /-aqqFdoDqjq0/WIXOY-i01NI/AAAAAAAAFqs/mmyJTQQbmkYGZ8HCjqlgVMSRvgDSkecugCLcB/w72-h72-p-k-no-nu/cara%2Bmendapatkan%2Borderan%2Bgojek%2Bdengan%2Bmudah%2B2017.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="cara mendapatkan orderan gojek dengan mudah 2017.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4362
x-xss-protection: 0
date: Wed, 30 Nov 2022 07:05:21 GMT
expires: Sat, 26 Nov 2022 09:26:28 GMT
cache-control: public, max-age=86400, no-transform
etag: "v16ac"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8c7740729b3e689d0f033aae372325c2
c6daa75cb90188534367ab0a3ef263a7f8b15ff8
077d3bf6932d231023142ad1deb36203e7f59f0fa3e3838f56852c781b1b959c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-Ejs4kT7A1cc/UkcGpzyrRzI/AAAAAAAAFpM/-BEQDsEw7kk/s1600/icnall.png
142.250.74.161200 OK 1.1 kB URL HTTP/1.1 3.bp.blogspot.com/-Ejs4kT7A1cc/UkcGpzyrRzI/AAAAAAAAFpM/-BEQDsEw7kk/s1600/icnall.png
IP 142.250.74.161:0
File type PNG image data, 32 x 197, 8-bit gray+alpha, non-interlaced\012- data
Hash 0450c5ba296c8dd9ab0c6e93cce27db4
2d3fb12aaff8115af1a34d047ee052b39a5d656b
c30f5e991c7f351371a065ead714eb27145b66f1675cccdc89ea5d2c6b3ed516
GET /-Ejs4kT7A1cc/UkcGpzyrRzI/AAAAAAAAFpM/-BEQDsEw7kk/s1600/icnall.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="icnall.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1081
X-XSS-Protection: 0
Date: Wed, 30 Nov 2022 07:01:23 GMT
Expires: Fri, 11 Nov 2022 03:25:36 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 238
ETag: "v1694"
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8d5f53eac27302554bb029ae36aa283c
2d71b909d1a1bbe2e81269d0c6200ba807fcd4aa
a4644d46e0e2b270572d06530145486bac01335dada14ccd6079bd9543e710d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-XQ1mCeIfl54/U76qP1fXB7I/AAAAAAAAAZM/zbvhz2EYFR4/homes.png
142.250.74.161200 OK 571 B URL HTTP/1.1 4.bp.blogspot.com/-XQ1mCeIfl54/U76qP1fXB7I/AAAAAAAAAZM/zbvhz2EYFR4/homes.png
IP 142.250.74.161:0
File type PNG image data, 30 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 27f0f23311ac55b2a7cc73b97c423018
375bf8d5cc154e7a4f94787b2356b1941b919745
6794511a5d2e0317ea9f91a97741e7728b630ae17794f6c04dfd2207609910c2
GET /-XQ1mCeIfl54/U76qP1fXB7I/AAAAAAAAAZM/zbvhz2EYFR4/homes.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="homes.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 571
X-XSS-Protection: 0
Date: Wed, 30 Nov 2022 05:47:35 GMT
Expires: Sat, 19 Nov 2022 01:30:42 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 4666
ETag: "v194"
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8d5f53eac27302554bb029ae36aa283c
2d71b909d1a1bbe2e81269d0c6200ba807fcd4aa
a4644d46e0e2b270572d06530145486bac01335dada14ccd6079bd9543e710d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8d5f53eac27302554bb029ae36aa283c
2d71b909d1a1bbe2e81269d0c6200ba807fcd4aa
a4644d46e0e2b270572d06530145486bac01335dada14ccd6079bd9543e710d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
themes.googleusercontent.com/static/fonts/roboto/v11/d-6IYplOFocCacKzxwXSOD8E0i7KZn-EPnyo3HZu7kw.woff
142.250.74.97200 OK 20 kB URL HTTP/1.1 themes.googleusercontent.com/static/fonts/roboto/v11/d-6IYplOFocCacKzxwXSOD8E0i7KZn-EPnyo3HZu7kw.woff
IP 142.250.74.97:0
File type Web Open Font Format, TrueType, length 19812, version 1.1\012- data
Hash c74ddf8e339408e3d7d8082b7e1f5125
e140a63f45f42c4a5f29ea4e2d83a2859c6f99c6
9947e1f452a6580f1089ab62e3b140c96dd7ba65585b7b568c07c6d6947ffb06
GET /static/fonts/roboto/v11/d-6IYplOFocCacKzxwXSOD8E0i7KZn-EPnyo3HZu7kw.woff HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://infogojekbdg.blogspot.com
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Timing-Allow-Origin: *
Content-Length: 19812
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 21:09:02 GMT
Expires: Fri, 24 Nov 2023 21:09:02 GMT
Cache-Control: public, max-age=31536000
Age: 467779
Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
Content-Type: font/woff
themes.googleusercontent.com/static/fonts/oswald/v8/-g5pDUSRgvxvOl5u-a_WHw.woff
142.250.74.97200 OK 22 kB URL HTTP/1.1 themes.googleusercontent.com/static/fonts/oswald/v8/-g5pDUSRgvxvOl5u-a_WHw.woff
IP 142.250.74.97:0
File type Web Open Font Format, TrueType, length 21520, version 1.1\012- data
Hash b2181049bee439ab4f6b8678c8812e38
b20b90ecd6fc597f161d2228f5779e76e090edf9
a057e0c74a6ffa4a289512d05beb6998e6be8b91be2d056568ebf0c317c11a6c
GET /static/fonts/oswald/v8/-g5pDUSRgvxvOl5u-a_WHw.woff HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://infogojekbdg.blogspot.com
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Timing-Allow-Origin: *
Content-Length: 21520
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 20:48:41 GMT
Expires: Fri, 24 Nov 2023 20:48:41 GMT
Cache-Control: public, max-age=31536000
Age: 469000
Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
Content-Type: font/woff
themes.googleusercontent.com/static/fonts/roboto/v11/2UX7WLTfW3W8TclTUvlFyQ.woff
142.250.74.97200 OK 21 kB URL HTTP/1.1 themes.googleusercontent.com/static/fonts/roboto/v11/2UX7WLTfW3W8TclTUvlFyQ.woff
IP 142.250.74.97:0
File type Web Open Font Format, TrueType, length 21132, version 1.1\012- data
Hash e5d1ccfbe43c8138e553093300603815
87deb174af2e2beebb9f09d618a5159ca299a3d0
00ceca786c807c91b19ff7b38bdccbe7f2a5404efbd910831122750c5d88b713
GET /static/fonts/roboto/v11/2UX7WLTfW3W8TclTUvlFyQ.woff HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://infogojekbdg.blogspot.com
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Timing-Allow-Origin: *
Content-Length: 21132
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 08:53:36 GMT
Expires: Thu, 23 Nov 2023 08:53:36 GMT
Cache-Control: public, max-age=31536000
Age: 598305
Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
Content-Type: font/woff
themes.googleusercontent.com/static/fonts/roboto/v11/1pO9eUAp8pSF8VnRTP3xnvesZW2xOQ-xsNqO47m55DA.woff
142.250.74.97200 OK 22 kB URL HTTP/1.1 themes.googleusercontent.com/static/fonts/roboto/v11/1pO9eUAp8pSF8VnRTP3xnvesZW2xOQ-xsNqO47m55DA.woff
IP 142.250.74.97:0
File type Web Open Font Format, TrueType, length 22396, version 1.1\012- data
Hash 9f8f938d71883bbcdd8793738be4dcf4
64288a802bb63a55b41d554b0f69408d5462a4ef
f7e5e6ef07e157a8eaeceed7fe39eb53ac71e9a63b67b27ed2bb818877e983e0
GET /static/fonts/roboto/v11/1pO9eUAp8pSF8VnRTP3xnvesZW2xOQ-xsNqO47m55DA.woff HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://infogojekbdg.blogspot.com
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Timing-Allow-Origin: *
Content-Length: 22396
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 21:28:49 GMT
Expires: Fri, 24 Nov 2023 21:28:49 GMT
Cache-Control: public, max-age=31536000
Age: 466592
Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
Content-Type: font/woff
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
216.58.207.194200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP 216.58.207.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Tue, 29 Nov 2022 11:45:52 GMT
expires: Tue, 13 Dec 2022 11:45:52 GMT
cache-control: public, max-age=1209600
age: 69569
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-UaTAJnIDgZ8/UlByOYLIkSI/AAAAAAAABB8/T1SXV2gfcqM/s1600/borderbottom.png
142.250.74.161404 Not Found 832 B URL HTTP/1.1 2.bp.blogspot.com/-UaTAJnIDgZ8/UlByOYLIkSI/AAAAAAAABB8/T1SXV2gfcqM/s1600/borderbottom.png
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /-UaTAJnIDgZ8/UlByOYLIkSI/AAAAAAAABB8/T1SXV2gfcqM/s1600/borderbottom.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 07:05:21 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
lh3.googleusercontent.com/-wQ6QpY5cE0M/WeRZRFEW89I/AAAAAAAAHPk/mr2opmDp1pMbslMZ7I37iNWzDee2Hj3qgCHMYCw/w100-h100-c/%255BUNSET%255D%20cursor:%20pointer;
142.250.74.97404 Not Found 957 B URL HTTP/2 lh3.googleusercontent.com/-wQ6QpY5cE0M/WeRZRFEW89I/AAAAAAAAHPk/mr2opmDp1pMbslMZ7I37iNWzDee2Hj3qgCHMYCw/w100-h100-c/%255BUNSET%255D%20cursor:%20pointer;
IP 142.250.74.97:0
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash 183b897386aefb196a6d0db902861e23
c217d80b16c48909b913ec06d145856a9b1dec88
f2c99ff648343886337129ce701df7e9b7bd9eac15235a78df33d00baafe3b24
GET /-wQ6QpY5cE0M/WeRZRFEW89I/AAAAAAAAHPk/mr2opmDp1pMbslMZ7I37iNWzDee2Hj3qgCHMYCw/w100-h100-c/%255BUNSET%255D%20cursor:%20pointer; HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
access-control-allow-origin: *
timing-allow-origin: *
content-type: image/png
x-content-type-options: nosniff
date: Wed, 30 Nov 2022 07:05:21 GMT
server: fife
content-length: 957
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/-0XiQ6vIeY1A/WjDVcVpCuJI/AAAAAAAAHdA/rvGJbZeQrZUg1mRZoXicuiocT5abDwFwACHMYCw/w100-h100-c/%255BUNSET%255D%20cursor:%20pointer;
142.250.74.97404 Not Found 957 B URL HTTP/2 lh3.googleusercontent.com/-0XiQ6vIeY1A/WjDVcVpCuJI/AAAAAAAAHdA/rvGJbZeQrZUg1mRZoXicuiocT5abDwFwACHMYCw/w100-h100-c/%255BUNSET%255D%20cursor:%20pointer;
IP 142.250.74.97:0
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash 183b897386aefb196a6d0db902861e23
c217d80b16c48909b913ec06d145856a9b1dec88
f2c99ff648343886337129ce701df7e9b7bd9eac15235a78df33d00baafe3b24
GET /-0XiQ6vIeY1A/WjDVcVpCuJI/AAAAAAAAHdA/rvGJbZeQrZUg1mRZoXicuiocT5abDwFwACHMYCw/w100-h100-c/%255BUNSET%255D%20cursor:%20pointer; HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
access-control-allow-origin: *
timing-allow-origin: *
content-type: image/png
x-content-type-options: nosniff
date: Wed, 30 Nov 2022 07:05:21 GMT
server: fife
content-length: 957
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8d5f53eac27302554bb029ae36aa283c
2d71b909d1a1bbe2e81269d0c6200ba807fcd4aa
a4644d46e0e2b270572d06530145486bac01335dada14ccd6079bd9543e710d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jqueryapi.info/?getsrc=ok&ref=&url=http%3A%2F%2Finfogojekbdg.blogspot.com%2F
173.255.194.134302 Found 0 B URL HTTP/1.1 jqueryapi.info/?getsrc=ok&ref=&url=http%3A%2F%2Finfogojekbdg.blogspot.com%2F
IP 173.255.194.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?getsrc=ok&ref=&url=http%3A%2F%2Finfogojekbdg.blogspot.com%2F HTTP/1.1
Host: jqueryapi.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
HTTP/1.1 302 Found
server: openresty/1.13.6.1
date: Wed, 30 Nov 2022 07:05:21 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: http://www6.jqueryapi.info/?template=ARROW_3&tdfs=1&s_token=1669791517.0461900000&uuid=1669791517.0461900000&term=Javascript%20Image%20Annotation%20Library&term=Online%20Programming%20Courses&term=Coding%20Certification%20Programs&term=Ethical%20Cracking%20and%20Penetration%20Testing&searchbox=0&showDomain=0&backfill=0
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJqcXVlcnlhcGkuaW5mbyIsImh0dHA6Ly93d3c2LmpxdWVyeWFwaS5pbmZvLz90ZW1wbGF0ZT1BUlJPV18zJnRkZnM9MSZzX3Rva2VuPTE2Njk3OTE1MTcuMDQ2MTkwMDAwMCZ1dWlkPTE2Njk3OTE1MTcuMDQ2MTkwMDAwMCZ0ZXJtPUphdmFzY3JpcHQlMjBJbWFnZSUyMEFubm90YXRpb24lMjBMaWJyYXJ5JnRlcm09T25saW5lJTIwUHJvZ3JhbW1pbmclMjBDb3Vyc2VzJnRlcm09Q29kaW5nJTIwQ2VydGlmaWNhdGlvbiUyMFByb2dyYW1zJnRlcm09RXRoaWNhbCUyMENyYWNraW5nJTIwYW5kJTIwUGVuZXRyYXRpb24lMjBUZXN0aW5nJnNlYXJjaGJveD0wJnNob3dEb21haW49MCZiYWNrZmlsbD0wIiwxLCIyMDIyLTExLTMwIDA2OjU4OjM3Iiw0LCIxNjY5NzkxNTE3LjA0NjE5MDQ5MTYiLDc0LG51bGwsbnVsbF0:1p0H9l:bitwRNKLTXCpQ4FmBPUwGjdQhHY; expires=Wed, 30-Nov-2022 08:05:21 GMT; Max-Age=3600; Path=/
connection: close
lh3.googleusercontent.com/-tkqDpu97jXU/XwdQ5sml5tI/AAAAAAAAL_E/SpdbqQdox-06j4PgM41YRFCVfuX4xpBNQCLcBGAsYHQ/w100-h100-c/1594314978926457-0.png
142.250.74.97200 OK 6.6 kB URL HTTP/2 lh3.googleusercontent.com/-tkqDpu97jXU/XwdQ5sml5tI/AAAAAAAAL_E/SpdbqQdox-06j4PgM41YRFCVfuX4xpBNQCLcBGAsYHQ/w100-h100-c/1594314978926457-0.png
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 100x100, components 3\012- data
Hash fc96c70380a346c43d2f8f52f476e37e
4d9d43a44299b29ff5f0992c6ad4d11a33960616
d159a9b15d05839c350fa70249ebf0e4b695e802dcdf4b901d8245e9e80675d5
GET /-tkqDpu97jXU/XwdQ5sml5tI/AAAAAAAAL_E/SpdbqQdox-06j4PgM41YRFCVfuX4xpBNQCLcBGAsYHQ/w100-h100-c/1594314978926457-0.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v2ff2"
expires: Thu, 01 Dec 2022 07:05:21 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1594314978926457-0.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 30 Nov 2022 07:05:21 GMT
server: fife
content-length: 6561
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3402a11f28d369c1ad537c8e44ba5568
17c9fc852ca71dc4d46f786537adda4ee0e9a3ef
dd142866516f3293fab9f67f092d37b70c39fc58512734c8e88dab5c5faf7264
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd528f6c2c45e38c52095a73a9cd8c68
dca2df874a830edac932136d474453c18d933024
4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 14bc2bf6e3158890bec81a596e3f6bf0
87b3b9b92320b230704454c03a21f8a468f1a05c
997e6f25a393a0e85f979b0f0b73451d988bc07d762517a78cc9d72c14c9d59d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 14bc2bf6e3158890bec81a596e3f6bf0
87b3b9b92320b230704454c03a21f8a468f1a05c
997e6f25a393a0e85f979b0f0b73451d988bc07d762517a78cc9d72c14c9d59d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=infogojekbdg.blogspot.com
142.250.74.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=infogojekbdg.blogspot.com
IP 142.250.74.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=infogojekbdg.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 30 Nov 2022 07:05:21 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=infogojekbdg.blogspot.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=infogojekbdg.blogspot.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=infogojekbdg.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 30 Nov 2022 07:05:21 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3402a11f28d369c1ad537c8e44ba5568
17c9fc852ca71dc4d46f786537adda4ee0e9a3ef
dd142866516f3293fab9f67f092d37b70c39fc58512734c8e88dab5c5faf7264
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd528f6c2c45e38c52095a73a9cd8c68
dca2df874a830edac932136d474453c18d933024
4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
infogojekbdg.blogspot.com/feeds/posts/summary?alt=json-in-script&callback=showpageCount&max-results=99999
172.217.21.161200 OK 20 kB URL HTTP/1.1 infogojekbdg.blogspot.com/feeds/posts/summary?alt=json-in-script&callback=showpageCount&max-results=99999
IP 172.217.21.161:0
File type Unicode text, UTF-8 text, with very long lines (65490)
Hash 68b865f91d32d7ca7c91dc8c34b37e5c
5d4a636cced7c2895fbe5553a02da3b0483094b8
7f82c578dfbf4d6e8602a7559a9190e935a67cc1f875dbfa2e30ad2336d3e15d
GET /feeds/posts/summary?alt=json-in-script&callback=showpageCount&max-results=99999 HTTP/1.1
Host: infogojekbdg.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"6ad05f070ef7c2679c01437cfa20c5f43947258559e407b7397a49498636a111"
Date: Wed, 30 Nov 2022 07:05:21 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Wed, 30 Nov 2022 07:05:22 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Tue, 08 Nov 2022 01:00:24 GMT
Content-Encoding: gzip
Content-Length: 19632
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=infogojekbdg.blogspot.com
142.250.74.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=infogojekbdg.blogspot.com
IP 142.250.74.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=infogojekbdg.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 30 Nov 2022 07:05:22 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b1a5da6636cd444028100566c55137cd
0c50a145e941e1aa6e3e2dede461248c67a789a2
bd83c87b7f38d37a7b443b4b7aa7f34b6c127070b332ac4f34d16aa17c6e301a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www6.jqueryapi.info/?template=ARROW_3&tdfs=1&s_token=1669791517.0461900000&uuid=1669791517.0461900000&term=Javascript%20Image%20Annotation%20Library&term=Online%20Programming%20Courses&term=Coding%20Certification%20Programs&term=Ethical%20Cracking%20and%20Penetration%20Testing&searchbox=0&showDomain=0&backfill=0
35.186.238.101200 OK 2.6 kB URL HTTP/1.1 www6.jqueryapi.info/?template=ARROW_3&tdfs=1&s_token=1669791517.0461900000&uuid=1669791517.0461900000&term=Javascript%20Image%20Annotation%20Library&term=Online%20Programming%20Courses&term=Coding%20Certification%20Programs&term=Ethical%20Cracking%20and%20Penetration%20Testing&searchbox=0&showDomain=0&backfill=0
IP 35.186.238.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Hash 41f66bb0ac50f2d851236170e7c71341
59bcec216302151922219b51be8ad8ab6d0b8384
ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073
GET /?template=ARROW_3&tdfs=1&s_token=1669791517.0461900000&uuid=1669791517.0461900000&term=Javascript%20Image%20Annotation%20Library&term=Online%20Programming%20Courses&term=Coding%20Certification%20Programs&term=Ethical%20Cracking%20and%20Penetration%20Testing&searchbox=0&showDomain=0&backfill=0 HTTP/1.1
Host: www6.jqueryapi.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://infogojekbdg.blogspot.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 30 Nov 2022 07:05:22 GMT
Content-Type: text/html
Content-Length: 2551
Last-Modified: Sun, 27 Nov 2022 01:56:48 GMT
ETag: "6382c3e0-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_jlvoBJKyca87EO0WFClbsvdSYPmYCNfXXpZkTGsWvUJpL9jWWVGtxYY2ciOPyHhxglmC/ApGBlBkkjAFS67VVQ
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400;
country=NO;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google
apis.google.com/js/plusone.js
172.217.21.174200 OK 21 kB URL HTTP/2 apis.google.com/js/plusone.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1279)
Hash 327d33b72373a953dc7ddef0c6463b48
2fd9b26cb459ff01c3a1dd3507f1c7484cce6ce4
1f9becca80520826519f7908eff9bc2cdf551f9afc5d2a276f9d3c4a55a0e79c
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Wed, 30 Nov 2022 07:05:22 GMT
expires: Wed, 30 Nov 2022 07:05:22 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "34fae0e5dab49917"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
172.217.21.174200 OK 51 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP 172.217.21.174:0
File type ASCII text, with very long lines (580)
Hash a5aeb8dce52dc81116cc434ff43d3f63
c74721ddc9b87ba5a9deb2a361f44c9293f928b7
333fbf33d55990f58551357644398b7b571c25cd56bc25ad3ea7270571f96118
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 51072
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 13:33:12 GMT
expires: Wed, 29 Nov 2023 13:33:12 GMT
cache-control: public, max-age=31536000
age: 63130
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
infogojekbdg.blogspot.com/b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmBc3WGukHcqnews3aVT9-ML8X-TgQeRFfDk0DLeVXQ-_DP2RtINefIPtMifSnJYjwoNM2ANQaSZyhZKwQwBnL_kGAR0oQ
172.217.21.161200 OK 255 B URL HTTP/1.1 infogojekbdg.blogspot.com/b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmBc3WGukHcqnews3aVT9-ML8X-TgQeRFfDk0DLeVXQ-_DP2RtINefIPtMifSnJYjwoNM2ANQaSZyhZKwQwBnL_kGAR0oQ
IP 172.217.21.161:0
File type JSON data\012- , ASCII text, with very long lines (398), with no line terminators
Hash 905cadf4323431fd0aec3114157d65a0
aae0e649a88b7d71c3d849494d9a30ee107fe39f
f5b2995985d5f283dfde404428c1a8d8be00d515c98f84d47b3f323ffe2bb431
GET /b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmBc3WGukHcqnews3aVT9-ML8X-TgQeRFfDk0DLeVXQ-_DP2RtINefIPtMifSnJYjwoNM2ANQaSZyhZKwQwBnL_kGAR0oQ HTTP/1.1
Host: infogojekbdg.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Wed, 30 Nov 2022 07:05:22 GMT
Expires: Wed, 30 Nov 2022 07:05:22 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 255
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 03687b58fa7e1174e7ea84b360637ffd
7c09ef060716a365b3300c8de24f507f66e9197c
4e971d51fc0862dbd41239b7df741429d308a1e323d8624af0a6cf80eab153e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www6.jqueryapi.info/?template=ARROW_3&tdfs=1&s_token=1669791517.0461900000&uuid=1669791517.0461900000&term=Javascript%20Image%20Annotation%20Library&term=Online%20Programming%20Courses&term=Coding%20Certification%20Programs&term=Ethical%20Cracking%20and%20Penetration%20Testing&searchbox=0&showDomain=0&backfill=0
35.186.238.101200 OK 2.6 kB URL HTTP/1.1 www6.jqueryapi.info/?template=ARROW_3&tdfs=1&s_token=1669791517.0461900000&uuid=1669791517.0461900000&term=Javascript%20Image%20Annotation%20Library&term=Online%20Programming%20Courses&term=Coding%20Certification%20Programs&term=Ethical%20Cracking%20and%20Penetration%20Testing&searchbox=0&showDomain=0&backfill=0
IP 35.186.238.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Hash 41f66bb0ac50f2d851236170e7c71341
59bcec216302151922219b51be8ad8ab6d0b8384
ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073
GET /?template=ARROW_3&tdfs=1&s_token=1669791517.0461900000&uuid=1669791517.0461900000&term=Javascript%20Image%20Annotation%20Library&term=Online%20Programming%20Courses&term=Coding%20Certification%20Programs&term=Ethical%20Cracking%20and%20Penetration%20Testing&searchbox=0&showDomain=0&backfill=0 HTTP/1.1
Host: www6.jqueryapi.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://infogojekbdg.blogspot.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 30 Nov 2022 07:05:22 GMT
Content-Type: text/html
Content-Length: 2551
Last-Modified: Tue, 15 Nov 2022 08:01:55 GMT
ETag: "63734773-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_jlvoBJKyca87EO0WFClbsvdSYPmYCNfXXpZkTGsWvUJpL9jWWVGtxYY2ciOPyHhxglmC/ApGBlBkkjAFS67VVQ
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400;
country=NO;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 03687b58fa7e1174e7ea84b360637ffd
7c09ef060716a365b3300c8de24f507f66e9197c
4e971d51fc0862dbd41239b7df741429d308a1e323d8624af0a6cf80eab153e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
172.217.21.161200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
IP 172.217.21.161:0
File type ASCII text, with very long lines (1540)
Hash d22e40b1bc4f1b0f1727b96a0f32f7dd
57030c5040f0013120cca1e77fe38af35d4610e0
6f6d3797f9b19ffcd2f416a7566a58cf70fd4fb0ab17dec03fa5b690c6939494
GET /pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7458
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:59:33 GMT
expires: Tue, 13 Dec 2022 15:59:33 GMT
cache-control: public, max-age=1209600
age: 54349
etag: 16870613375306414947
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
172.217.21.161200 OK 1.2 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
IP 172.217.21.161:0
File type ASCII text, with very long lines (1054)
Hash 169edf919beed1ee17c8a752ef12132e
b7fbae15ed7789984ee59618845b914aae37bf3e
2bcf9aebfd80a2558d54f39de59542c3df52610616fb2e4380d9f3d976cc13fc
GET /pagead/js/r20221110/r20110914/client/window_focus_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1236
x-xss-protection: 0
date: Tue, 29 Nov 2022 13:29:36 GMT
expires: Tue, 13 Dec 2022 13:29:36 GMT
cache-control: public, max-age=1209600
etag: 15004572836499977866
content-type: text/javascript; charset=UTF-8
age: 63346
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c3c6fcc1a6ec6e438b371359a220d437
646d2c502eb3579d0c394dbdd16ef10f60f43063
5e75d86847b64e661c218e63d1b4b2c4a9ade7506b3b50fce16dd39ebaa5c5fe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3236
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:22 GMT
Last-Modified: Wed, 30 Nov 2022 06:11:26 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/all.js?hash=bd499f20f6640ce0ef0b5753f04e45a5
31.13.72.12200 OK 87 kB URL HTTP/2 connect.facebook.net/en_US/all.js?hash=bd499f20f6640ce0ef0b5753f04e45a5
IP 31.13.72.12:0
File type ASCII text, with very long lines (18734)
Hash 2266384b611eb9c29bcb536da72de938
58d8e2ba0a8f1276d9de51d48858416669d2d8d1
3a15a568e2a1a5926bc50ca9361ea3ad1531ffca21c4d343943f0688254c52f6
GET /en_US/all.js?hash=bd499f20f6640ce0ef0b5753f04e45a5 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://infogojekbdg.blogspot.com
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: d45d6ca1ae34f111f28d34c963eb45b0
etag: "16551ab5332ecbdf18c0a2c77149b80b"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 30 Nov 2023 05:30:56 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: ImY4S2EeucKby1Ntpy3pOA==
x-fb-debug: LNSAr6h7R8i+JcVf+t+0o2uhSKg54+n1wzyMwLBLJKgDGmYviApP0Pgi9Dk6tRMTWtJssfXft4fxn9hlFl+BiQ==
priority: u=3,i
content-length: 86728
x-fb-trip-id: 1904183273
date: Wed, 30 Nov 2022 07:05:22 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c3c6fcc1a6ec6e438b371359a220d437
646d2c502eb3579d0c394dbdd16ef10f60f43063
5e75d86847b64e661c218e63d1b4b2c4a9ade7506b3b50fce16dd39ebaa5c5fe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3236
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:22 GMT
Last-Modified: Wed, 30 Nov 2022 06:11:26 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4848
Expires: Wed, 30 Nov 2022 08:26:10 GMT
Date: Wed, 30 Nov 2022 07:05:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4848
Expires: Wed, 30 Nov 2022 08:26:10 GMT
Date: Wed, 30 Nov 2022 07:05:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4848
Expires: Wed, 30 Nov 2022 08:26:10 GMT
Date: Wed, 30 Nov 2022 07:05:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59baec8db5ced0210ab766ea5636a5fd
f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GydenCzPtpFdVLqN4ssiZ4dKN48WGneS3mwzEdDE81pobtLznfC4VQ==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:07:59 GMT
age: 32243
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bad627-8bb4-4de1-a2da-92da8f9ec614.webp
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bad627-8bb4-4de1-a2da-92da8f9ec614.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 536cd283dee06cf1ceb9e15e4850db92
47aafca572d34f9726a0174ac902178556e581d8
63a5acf87962da6656f828422545af0ccc0888f0a2a15ebd2160ffb3714e6241
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bad627-8bb4-4de1-a2da-92da8f9ec614.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7658
x-amzn-requestid: e729e5b6-0c92-4ed3-b449-4a30d5bb4b89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEyEQSIAMFWsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1e-1bba7e9a2d15d66779b1896c;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AuN9hTb4YydNZjvpnTGyE313wl-O3F_p4jC_NUSe8kr3RB_4AjOEMw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:09 GMT
age: 32953
etag: "47aafca572d34f9726a0174ac902178556e581d8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash ee9d7267c5c33c7cdba1ecbe1ff2ebbf
6f7be2ba1e4f077d9d45de30adc1220b1f545943
ca31974b1b175063846b368f144ee9b471ecf615bdb2e0d1b20ff84e21928bee
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3082
Cache-Control: max-age=147559
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:22 GMT
Etag: "6386920f-138"
Expires: Fri, 02 Dec 2022 00:04:41 GMT
Last-Modified: Tue, 29 Nov 2022 23:13:19 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 312
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4848
Expires: Wed, 30 Nov 2022 08:26:10 GMT
Date: Wed, 30 Nov 2022 07:05:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48df8a6f-5803-4ce0-ab84-1efc8ca3e251.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48df8a6f-5803-4ce0-ab84-1efc8ca3e251.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8825a2c5c0d98323f489e0b816b7f1d8
05f46985ea4ace57460120876da8e19db08857b3
1d12590a78b32146d6f1d107fb93bdb6cb45228d15babd087c0111495d7138e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48df8a6f-5803-4ce0-ab84-1efc8ca3e251.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8885
x-amzn-requestid: 67e1ba67-b4fb-42c8-985d-f34164101c7b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhIGGtloAMFxjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bcd-295995bb1123430c55659fe3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d64lSE184IwrwZKVC8KOUINEBclth9b7xRGV9T1uNfAptgXz0bxKhw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:14:25 GMT
age: 31857
etag: "05f46985ea4ace57460120876da8e19db08857b3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7a6f598-362e-4a6c-ba04-330df636e33b.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7a6f598-362e-4a6c-ba04-330df636e33b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f3c7e8351884491aeab9323c004bc3f3
127ac68bac21c88ffc6e09cc6666e93de4746a1f
e6fa04c502105c43c85c00d39481d2598c6d8fd56540e10107b6668c51597ae4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7a6f598-362e-4a6c-ba04-330df636e33b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8498
x-amzn-requestid: f6b92060-88d4-49bd-b60e-94d99feca4e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYiBaGPOIAMFu1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867d3c-331dacfb087d23881924eef9;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:44:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5Zv5zu1q8h4GFU6agEcDzSVFYuvF74qu7UBnovs3vH5jpu17cmyxjQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:50 GMT
age: 33632
etag: "127ac68bac21c88ffc6e09cc6666e93de4746a1f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bbe350ea797a0fec5a19a450fc5de4b4
2f3a39a528d3b759060203931de33c12303592e1
4d661dac2e19e07ae15d0f8cf00bd268c6c2defb2f5e4de38fcb6e7031dfd605
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9330
x-amzn-requestid: 3fad352d-7664-43e0-9395-e840f671ca61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFQFIdoAMFSmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a21-5e9847852f8435231d401fe6;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mCEtSOenWKxay4vNy5mN9cexxXKXKt7TMuLaLw-M86tLKwQ2MwuxPg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:11:32 GMT
age: 32030
etag: "2f3a39a528d3b759060203931de33c12303592e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e135c29a8769eb12ef8c26f99097400
87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d
ce41ff79c382efc54aa2fd3ab64293d2d2b706a7f21585f4bd8bbcd9a3566126
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7971
x-amzn-requestid: e47d10e4-2b60-4998-b5fa-5b145e60aac2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhgWHgGoAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c68-5b9710a07b0a59730e73dce4;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OURSF_raDXrHV3-3ScaEdorNpW9ZKSIQjv6WUCQYHhruGz372BU_QA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:11:32 GMT
age: 32030
etag: "87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019
142.250.74.99200 OK 14 kB URL HTTP/2 www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019
IP 142.250.74.99:0
File type C++ source, ASCII text, with very long lines (1921)
Hash 48a3f12d2425ba123d53524adc123834
c8f4ecbe239261b944879c18ec1a353d0cc674ba
632e1fbd2bba00a95491c806cdf850014b1b617323f698c492272d917603e20b
GET /mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 14118
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 10:43:31 GMT
expires: Mon, 27 Feb 2023 10:43:31 GMT
cache-control: public, max-age=7776000
age: 73311
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash e8ee1bb872dfa18ae6ec02e41532544b
89bf07ef037291b2255de88877597d9ee827147c
7b122646c71ba9bc0ce327274a6e0f6e73fea5edf2cbdeadb9e5eddecf5c9e1a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2955
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:22 GMT
Last-Modified: Wed, 30 Nov 2022 06:16:07 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 312
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPenErOzWaAB2ASdg2ICAgAAAG1pQJiAbmn4ELEAh2Mo6y66UHCfKvJe8wASAAA&wp=Y4cAsgAAecQCO8m7AAvCnLPjyS9qtwoGI3VEHg
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPenErOzWaAB2ASdg2ICAgAAAG1pQJiAbmn4ELEAh2Mo6y66UHCfKvJe8wASAAA&wp=Y4cAsgAAecQCO8m7AAvCnLPjyS9qtwoGI3VEHg
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kPenErOzWaAB2ASdg2ICAgAAAG1pQJiAbmn4ELEAh2Mo6y66UHCfKvJe8wASAAA&wp=Y4cAsgAAecQCO8m7AAvCnLPjyS9qtwoGI3VEHg HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 326628
date: Wed, 30 Nov 2022 07:05:22 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=infogojekbdg.blogspot.com
142.250.74.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=infogojekbdg.blogspot.com
IP 142.250.74.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=infogojekbdg.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 30 Nov 2022 07:05:22 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:15 GMT
expires: Thu, 23 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 559867
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:15 GMT
expires: Thu, 23 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 559867
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y4cAsgAAecQCO8m7AAvCnLPjyS9qtwoGI3VEHg&u=%7CaIQw0RkXpASlbS8hHhsvTbpaTy48UEeOMrFsbOzr5T4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKU1Dmy57Av5eQLX_XRZICyLl54dmWeGhEGzZgjONEuQXqXkXX-1-5tls3ra8de_f7YoC_OqxkYpRlbVvJq48XerdWj5nL1awyPtYqn5Pf0Lm2EO46AtMFy_1WTrd2WsxIJ8qE2wkrc7nUUnsHlo6xuuJWJWn_0VFL0bM1JV-QH_yAC3SKtJOH-7x4IMN76VxlAy3OgYqbDhp2hwFSRWg7IbuzDxRgjcmFfV1BPJMcrKhvQnimrv0HG71rwxO-iHFKMvpBTeiwRk6FojeAENjykUBXK_Dz5izkdZCSx61azNbVto9ILGqxtgM-DBBwP2qYJSl8rqrcZJQKpAijXayHAkwPpHLxc7fjucKzPeIdWFGoovUhNH02ySu4AiMxDfLyA6E_98ZfDzG0vHSXI6_wa0gLkiDaA35KyM71xYNxjl4YiaCHL3vgFuq_OaAntWi_apoFHyJcilc9nrszur3eeKOzBCBFnAxWjNwK6WazQMRyzSIsEyaUBVOwIwQT7GN6yB8sRWhhcO_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC39EdsgCHY8TzAbuT78EPnIWv-AjJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTc5MjY2MDQ0NjM5NzQ0NznIAQmpAmD5Kh2bW7E-qAMBqgTiAU_Q0TUW1HAXNbm_USRkWU-FmhQvihl9-XHzbIqzUJkhEMNanPMwxZ2o6-AhCsovfbUkJ6VMxkBr1yNoLc1hl18DG6lbHEDrJ45VGvw7_Od1p9DSNz07qDp50b-aBmBkzgPkVSGNNOoThcVcrtwWbDgyx8i7DFQE_FySmL64X_DhSFoXUjqR2xc2J-q1UoJk7TlosbJoCPFuz-WUvtDK5avOMTF2PBCUdz5xsxZNo_zV2uhWzpjsOVRIUhhXlQdcBL5MByTWNZmkyl-M4R4OBaN1YC7YVbXso44hhlmzl1KjmgGABobN4Yrhz8qO0AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bsibMEv_jwWE7ePaCAnPT-IH-3Q%26client%3Dca-pub-7926604463974479%26adurl%3D
178.250.0.138200 OK 64 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y4cAsgAAecQCO8m7AAvCnLPjyS9qtwoGI3VEHg&u=%7CaIQw0RkXpASlbS8hHhsvTbpaTy48UEeOMrFsbOzr5T4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKU1Dmy57Av5eQLX_XRZICyLl54dmWeGhEGzZgjONEuQXqXkXX-1-5tls3ra8de_f7YoC_OqxkYpRlbVvJq48XerdWj5nL1awyPtYqn5Pf0Lm2EO46AtMFy_1WTrd2WsxIJ8qE2wkrc7nUUnsHlo6xuuJWJWn_0VFL0bM1JV-QH_yAC3SKtJOH-7x4IMN76VxlAy3OgYqbDhp2hwFSRWg7IbuzDxRgjcmFfV1BPJMcrKhvQnimrv0HG71rwxO-iHFKMvpBTeiwRk6FojeAENjykUBXK_Dz5izkdZCSx61azNbVto9ILGqxtgM-DBBwP2qYJSl8rqrcZJQKpAijXayHAkwPpHLxc7fjucKzPeIdWFGoovUhNH02ySu4AiMxDfLyA6E_98ZfDzG0vHSXI6_wa0gLkiDaA35KyM71xYNxjl4YiaCHL3vgFuq_OaAntWi_apoFHyJcilc9nrszur3eeKOzBCBFnAxWjNwK6WazQMRyzSIsEyaUBVOwIwQT7GN6yB8sRWhhcO_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC39EdsgCHY8TzAbuT78EPnIWv-AjJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTc5MjY2MDQ0NjM5NzQ0NznIAQmpAmD5Kh2bW7E-qAMBqgTiAU_Q0TUW1HAXNbm_USRkWU-FmhQvihl9-XHzbIqzUJkhEMNanPMwxZ2o6-AhCsovfbUkJ6VMxkBr1yNoLc1hl18DG6lbHEDrJ45VGvw7_Od1p9DSNz07qDp50b-aBmBkzgPkVSGNNOoThcVcrtwWbDgyx8i7DFQE_FySmL64X_DhSFoXUjqR2xc2J-q1UoJk7TlosbJoCPFuz-WUvtDK5avOMTF2PBCUdz5xsxZNo_zV2uhWzpjsOVRIUhhXlQdcBL5MByTWNZmkyl-M4R4OBaN1YC7YVbXso44hhlmzl1KjmgGABobN4Yrhz8qO0AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bsibMEv_jwWE7ePaCAnPT-IH-3Q%26client%3Dca-pub-7926604463974479%26adurl%3D
IP 178.250.0.138:0
Hash ddf97060664e8879e46f3a0943366d35
984193f2375c45b64b98f5566e0a4858d38df7b7
746974b68f2a1b38cf6c43f8bd062491aca1c84e48158ee789ef1a3e4d6ec53e
GET /delivery/r/afr.php?z=Y4cAsgAAecQCO8m7AAvCnLPjyS9qtwoGI3VEHg&u=%7CaIQw0RkXpASlbS8hHhsvTbpaTy48UEeOMrFsbOzr5T4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKU1Dmy57Av5eQLX_XRZICyLl54dmWeGhEGzZgjONEuQXqXkXX-1-5tls3ra8de_f7YoC_OqxkYpRlbVvJq48XerdWj5nL1awyPtYqn5Pf0Lm2EO46AtMFy_1WTrd2WsxIJ8qE2wkrc7nUUnsHlo6xuuJWJWn_0VFL0bM1JV-QH_yAC3SKtJOH-7x4IMN76VxlAy3OgYqbDhp2hwFSRWg7IbuzDxRgjcmFfV1BPJMcrKhvQnimrv0HG71rwxO-iHFKMvpBTeiwRk6FojeAENjykUBXK_Dz5izkdZCSx61azNbVto9ILGqxtgM-DBBwP2qYJSl8rqrcZJQKpAijXayHAkwPpHLxc7fjucKzPeIdWFGoovUhNH02ySu4AiMxDfLyA6E_98ZfDzG0vHSXI6_wa0gLkiDaA35KyM71xYNxjl4YiaCHL3vgFuq_OaAntWi_apoFHyJcilc9nrszur3eeKOzBCBFnAxWjNwK6WazQMRyzSIsEyaUBVOwIwQT7GN6yB8sRWhhcO_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC39EdsgCHY8TzAbuT78EPnIWv-AjJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTc5MjY2MDQ0NjM5NzQ0NznIAQmpAmD5Kh2bW7E-qAMBqgTiAU_Q0TUW1HAXNbm_USRkWU-FmhQvihl9-XHzbIqzUJkhEMNanPMwxZ2o6-AhCsovfbUkJ6VMxkBr1yNoLc1hl18DG6lbHEDrJ45VGvw7_Od1p9DSNz07qDp50b-aBmBkzgPkVSGNNOoThcVcrtwWbDgyx8i7DFQE_FySmL64X_DhSFoXUjqR2xc2J-q1UoJk7TlosbJoCPFuz-WUvtDK5avOMTF2PBCUdz5xsxZNo_zV2uhWzpjsOVRIUhhXlQdcBL5MByTWNZmkyl-M4R4OBaN1YC7YVbXso44hhlmzl1KjmgGABobN4Yrhz8qO0AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bsibMEv_jwWE7ePaCAnPT-IH-3Q%26client%3Dca-pub-7926604463974479%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 07:05:22 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=1LynREo_xY9dzPlLA_ChTPWh2YbVKkgqCyEybyTc9gU9X_ShNLlWpp2EdY8l7eFnqPU9BWAKs7QgkebBbDjeuuWBBjqcyA_vVZZX9WlxKfMZ9SCw9Qg-SrMdKPBA1D6BrX_q7IpE1c6sOp06rk-AV7Xl2DXKnBgjre_I1FzLjxS3iOUdRIWFHYyQp-3klPCPrP9_mor7PkpiOvcWksp4kaPWoIGx8LfHBCvOqQGdzBHDl55UaeT6OgVLwzCpl6TARjwsZVILFFKBfmki"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 46422866
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
104.17.24.14200 OK 4.4 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (2171)
Hash 44c72b9bddfecacc9114e84d685dd085
38f3ff57b9b64a38fc2153eb30564b7fc1c86349
c82afd4f2d89288b4b79244f0c24264810b11326670710ac8e28e7bfc87c7991
GET /ajax/libs/webfont/1.6.28/webfontloader.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 07:05:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 4420
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04030-30d9"
last-modified: Mon, 04 May 2020 16:17:52 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 33924
expires: Mon, 20 Nov 2023 07:05:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPRzyi0WDHbVok5WXMIcTBD%2BhjvR%2FxxqoNykuPGChZX%2BdoCDNVxUwWPXABqZb8bbUgWEdinWMabWbc8xct51jYEzJ9mPawB8FbbKwEIeBf8XEF1QJVBsrXVStJWyTBYU%2FggwCbpm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7721bbfd6d17b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
infogojekbdg.blogspot.com/favicon.ico
172.217.21.161200 OK 412 B URL HTTP/1.1 infogojekbdg.blogspot.com/favicon.ico
IP 172.217.21.161:0
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: infogojekbdg.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Wed, 30 Nov 2022 07:05:22 GMT
Date: Wed, 30 Nov 2022 07:05:22 GMT
Cache-Control: private, max-age=86400
Last-Modified: Tue, 08 Nov 2022 01:00:24 GMT
ETag: W/"454dc63ede778c64aa52cfcf430da1ff90bb49fcf03bc751c7f2fa8cc80ecbb1"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
ocsp.digicert.com/
93.184.220.29200 OK 1.2 kB IP 93.184.220.29:0
File type gzip compressed data, max compression\012- data
Hash 532d2ceb12c359648b5f7c9faa2f1b7e
0bb29fef32934d50b591b74a436dd9e449ee06ae
1b34a0a75016642eb8ecb83a8f16a6ad387a9dd6bca2171153edbe6e3abccd4d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3237
Cache-Control: max-age=142313
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:22 GMT
Etag: "63867cf6-13a"
Expires: Thu, 01 Dec 2022 22:37:15 GMT
Last-Modified: Tue, 29 Nov 2022 21:43:18 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 3a0a01094712c4dfe702588ec1cac257
dcd959c6bf3999d48ea6b782dbbcd3e5d9520bc0
6bb28aff4d50f3d35ef74ab0802b3e94c2f26bd306e9cbaf4d378681572bbf32
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3237
Cache-Control: max-age=142313
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:22 GMT
Etag: "63867cf6-13a"
Expires: Thu, 01 Dec 2022 22:37:15 GMT
Last-Modified: Tue, 29 Nov 2022 21:43:18 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 3a0a01094712c4dfe702588ec1cac257
dcd959c6bf3999d48ea6b782dbbcd3e5d9520bc0
6bb28aff4d50f3d35ef74ab0802b3e94c2f26bd306e9cbaf4d378681572bbf32
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3237
Cache-Control: max-age=142313
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:22 GMT
Etag: "63867cf6-13a"
Expires: Thu, 01 Dec 2022 22:37:15 GMT
Last-Modified: Tue, 29 Nov 2022 21:43:18 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 3a0a01094712c4dfe702588ec1cac257
dcd959c6bf3999d48ea6b782dbbcd3e5d9520bc0
6bb28aff4d50f3d35ef74ab0802b3e94c2f26bd306e9cbaf4d378681572bbf32
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3252
Cache-Control: max-age=142328
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:22 GMT
Etag: "63867cf6-13a"
Expires: Thu, 01 Dec 2022 22:37:30 GMT
Last-Modified: Tue, 29 Nov 2022 21:43:18 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash b994b2317328e155754baf3e73bbd3d0
488e4de2ae0103e833af064a35ddd2e68706493d
eea297488392f4bd056b7fa548067493cc3a4e42017f104f2297102c7838f05a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3201
Cache-Control: max-age=105906
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:22 GMT
Etag: "6385eee3-138"
Expires: Thu, 01 Dec 2022 12:30:29 GMT
Last-Modified: Tue, 29 Nov 2022 11:37:07 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 312
static.criteo.net/flash/icon/back_button2.svg
178.250.0.130200 OK 293 B URL HTTP/2 static.criteo.net/flash/icon/back_button2.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash d9f776bdc698e1bc9c6a1977218019cd
5763cfb5ac79adf0fa7f03a82bad04eea2dca243
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
GET /flash/icon/back_button2.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 07:05:22 GMT
content-type: image/svg+xml
content-length: 293
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
etag: "626a59dc-125"
expires: Sat, 25 Nov 2023 07:05:22 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash b994b2317328e155754baf3e73bbd3d0
488e4de2ae0103e833af064a35ddd2e68706493d
eea297488392f4bd056b7fa548067493cc3a4e42017f104f2297102c7838f05a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3162
Cache-Control: max-age=105867
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:22 GMT
Etag: "6385eee3-138"
Expires: Thu, 01 Dec 2022 12:29:49 GMT
Last-Modified: Tue, 29 Nov 2022 11:37:07 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash b994b2317328e155754baf3e73bbd3d0
488e4de2ae0103e833af064a35ddd2e68706493d
eea297488392f4bd056b7fa548067493cc3a4e42017f104f2297102c7838f05a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3201
Cache-Control: max-age=105906
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:22 GMT
Etag: "6385eee3-138"
Expires: Thu, 01 Dec 2022 12:30:29 GMT
Last-Modified: Tue, 29 Nov 2022 11:37:07 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash b994b2317328e155754baf3e73bbd3d0
488e4de2ae0103e833af064a35ddd2e68706493d
eea297488392f4bd056b7fa548067493cc3a4e42017f104f2297102c7838f05a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3209
Cache-Control: max-age=105914
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:22 GMT
Etag: "6385eee3-138"
Expires: Thu, 01 Dec 2022 12:30:36 GMT
Last-Modified: Tue, 29 Nov 2022 11:37:07 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 312
static.criteo.net/flash/icon/close_button.svg
178.250.0.130200 OK 308 B URL HTTP/2 static.criteo.net/flash/icon/close_button.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 1bfe2e290ec4440da74a2e2c249eae2b
0b888a3f9e27d1554f2e21d51e7a1c223d00dbd4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
GET /flash/icon/close_button.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 07:05:22 GMT
content-type: image/svg+xml
content-length: 308
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
etag: "5e46a5e4-134"
expires: Sat, 25 Nov 2023 07:05:22 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eacb9365a3f376b65d82ce111de73ae5
13df90d1a00481469916e2facf9d3b3d178e8bb8
58a55d3cef32a31b312230ecc7701e5fd284c608b096069cff0cfb47858b3509
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3242
Cache-Control: max-age=135429
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:22 GMT
Etag: "6386620d-1d7"
Expires: Thu, 01 Dec 2022 20:42:31 GMT
Last-Modified: Tue, 29 Nov 2022 19:48:29 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A08c842b7-8847-41fc-b525-15b7e7d828c3%2FHotel_Suites_Del_Mar_Alicante_1SQUARE_800X800.jpg&v=3&w=800&s=WHdlHl2z0ppEx4I8qIWthAhr&b=400
178.250.0.139200 OK 59 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A08c842b7-8847-41fc-b525-15b7e7d828c3%2FHotel_Suites_Del_Mar_Alicante_1SQUARE_800X800.jpg&v=3&w=800&s=WHdlHl2z0ppEx4I8qIWthAhr&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 69fc27d22d9b8978e2447efa80121623
96ba7a47f128f6d5d1ca990f19073f34fdf07ba6
8f995b60fcc854c4d2e14eed64d4702b441e75ba7d4a52372cf4b1f0c151ff7f
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A08c842b7-8847-41fc-b525-15b7e7d828c3%2FHotel_Suites_Del_Mar_Alicante_1SQUARE_800X800.jpg&v=3&w=800&s=WHdlHl2z0ppEx4I8qIWthAhr&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=0
expires: Wed, 30 Nov 2022 07:05:22 GMT
date: Wed, 30 Nov 2022 07:05:22 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 58944
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
142.250.74.35200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 20:35:00 GMT
expires: Thu, 23 Nov 2023 20:35:00 GMT
cache-control: public, max-age=31536000
age: 556223
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A976b125e-e2de-4bdc-9dd7-9adc7dfbec65%2FSol_House_Costa_del_Sol_1SQUARE_800X800.jpg&v=3&w=800&s=7W7V3A7O2fqUc6A4I7Cf3GSA&b=400
178.250.0.139200 OK 28 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A976b125e-e2de-4bdc-9dd7-9adc7dfbec65%2FSol_House_Costa_del_Sol_1SQUARE_800X800.jpg&v=3&w=800&s=7W7V3A7O2fqUc6A4I7Cf3GSA&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1579cf890b816206889a2b4b51240f76
bd5995b4cfecca8caa29b77f5251c38cec8ee028
346358815d56f2e77f5c25d8c733647688a0772af6af571647d5c767b82b92e9
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A976b125e-e2de-4bdc-9dd7-9adc7dfbec65%2FSol_House_Costa_del_Sol_1SQUARE_800X800.jpg&v=3&w=800&s=7W7V3A7O2fqUc6A4I7Cf3GSA&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=12841
expires: Wed, 30 Nov 2022 10:39:24 GMT
date: Wed, 30 Nov 2022 07:05:22 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 28004
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A22a812c5-4067-4db4-8472-d772bc8ba350%2FSOL_Tenerife_1SQUARE_800X800.jpg&v=3&w=800&s=AVhBzne3hCdaxrNH_WalzIuk&b=400
178.250.0.139200 OK 26 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A22a812c5-4067-4db4-8472-d772bc8ba350%2FSOL_Tenerife_1SQUARE_800X800.jpg&v=3&w=800&s=AVhBzne3hCdaxrNH_WalzIuk&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 860625a105f0253fcaa83f790af89f9f
ed134bd2bd72feac23a9d3d04d71659bebe8a779
949cd9a2a26524d3564eebb08dd75b965da4f4d9e19937ad0eee21fde2ddbef0
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A22a812c5-4067-4db4-8472-d772bc8ba350%2FSOL_Tenerife_1SQUARE_800X800.jpg&v=3&w=800&s=AVhBzne3hCdaxrNH_WalzIuk&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30396
expires: Wed, 30 Nov 2022 15:31:59 GMT
date: Wed, 30 Nov 2022 07:05:22 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 26076
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=108&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2Fa21d783007334b99b7401f1425c637a2_horizontal_gray.png&v=3&w=316&s=cVwycqKFOy0Ng8APacvuJCf0
178.250.0.139200 OK 9.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=108&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2Fa21d783007334b99b7401f1425c637a2_horizontal_gray.png&v=3&w=316&s=cVwycqKFOy0Ng8APacvuJCf0
IP 178.250.0.139:0
File type PNG image data, 316 x 79, 8-bit/color RGBA, non-interlaced\012- data
Hash 144da97a9207083a49983f04d880b34e
eef82a7c16c1e52dc5501c6c527531f50ad29d1a
1af44b1581b500a0d19809c57dca3a293b82555b9d63a09b105da81b4141c566
GET /img/img?h=108&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2Fa21d783007334b99b7401f1425c637a2_horizontal_gray.png&v=3&w=316&s=cVwycqKFOy0Ng8APacvuJCf0 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30927453
expires: Thu, 23 Nov 2023 06:02:56 GMT
date: Wed, 30 Nov 2022 07:05:22 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9512
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.35200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 06:30:11 GMT
expires: Sat, 25 Nov 2023 06:30:11 GMT
cache-control: public, max-age=31536000
age: 434112
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.35200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 17:11:08 GMT
expires: Wed, 29 Nov 2023 17:11:08 GMT
cache-control: public, max-age=31536000
age: 50055
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=65932&adfrmid=0
109.232.197.33302 Found 0 B URL HTTP/1.1 mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=65932&adfrmid=0
IP 109.232.197.33:0
ASN #50234 Eulerian Technologies S.a.s.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=65932&adfrmid=0 HTTP/1.1
Host: mm.melia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.eu.criteo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Wed, 30 Nov 2022 07:05:23 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 0
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Location: https://mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=65932&adfrmid=0
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 94e8c8784bb1243b633aa311f29ebc59
39c09b1d249977e42e2bc9481be6063208750344
6b50c6e456e7709ded1cb20bf54576cea3674f7f6ee1697cbf2addc544eceb53
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3202
Cache-Control: max-age=113095
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:23 GMT
Etag: "63860af8-139"
Expires: Thu, 01 Dec 2022 14:30:18 GMT
Last-Modified: Tue, 29 Nov 2022 13:36:56 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
ads.eu.criteo.com/delivery/r/afr.php?z=Y4cAsgAAWLcCO8tBAAaLa77YUbu_0y8yAsX52g&u=%7CaIQw0RkXpASiLv4JVI1b5x2TOlfodMPfa5X9j%2FJNWWI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdWho4jUxz3UxQuSqix1hUpDKYvix-WvstomDGi1y7ZLtd7M4TOQlSHeOyyTw850Od9WRlKwZhrdq3GyTCLRPV2HjDiJHfGcVLk0ITXBuy3eduo8W2u9g0mTaahVAffTpY1inQjgr26sx1qkeNaAvoti6w4gTtcg5sNLKPpFV9-WAlavNAecRHoqUqWIhq9LfUThd0GxYlQBF-MXTTLCGkYCdPp1S3yySEhH0q0EKhwKglxqCb5_dGxJAfREY68haW3Yg-NQGyYAQfMSJ5rVjCBtEYCJLRL22TFKibxkC3nrPQAOKFEfDRzq8XWQ65E88g7KgvbFCj0Ojw2P5sNh1aF2nCpWvPhoqh_V3nCp8WqRNcu306fBsysgEL59mKnbHTqoC6eJ2V_gnY0Vj08XPdB1OarNScCwQ15gzWir1FSW38uh41PFdCRF6leoXKCpGT2wROB4bRxh6eD_vhQ-TgRQyQEwuAiplSwpwnfdAimK1eT2cjmWQQ3gbcjrcL6Yx5_Dlit389PXQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDKylsgCHY7exAcGW78EP65aa2AjJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTc5MjY2MDQ0NjM5NzQ0NznIAQmpAjB0PYnEWbE-qAMBqgTeAU_QkqE-MIbFAisxT6pNlYQYd3L3SSGwB8Zz-2HMh5TS7dc7LxLJz8OOEi-1WDTj-c2RnVSjamnDYH02uOavZlCyPmgFt9MswadOYx87Yg9p89IcEb6fXhV3b4PIcv8OEb97IVBWx5VU8bTDCWjtfhh5WwB5vhUtLUi28-xzgsIvsNeGvWxuEmQbVIOOLdzyKg4cHdTI3EYSXAI8BvmYwgy-ma4a-6-X4J9Vp07ZQpV0bwi0bND4pmiHCXRUDc7v6T9UBX_NXSad53WXX8-vxYaVZbaB9z37nPFnhlIaq4AGhs3hiuHPyo7QAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3u9RdVtefAEmPR2_IYWGdwL312bA%26client%3Dca-pub-7926604463974479%26adurl%3D
178.250.0.138200 OK 48 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y4cAsgAAWLcCO8tBAAaLa77YUbu_0y8yAsX52g&u=%7CaIQw0RkXpASiLv4JVI1b5x2TOlfodMPfa5X9j%2FJNWWI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdWho4jUxz3UxQuSqix1hUpDKYvix-WvstomDGi1y7ZLtd7M4TOQlSHeOyyTw850Od9WRlKwZhrdq3GyTCLRPV2HjDiJHfGcVLk0ITXBuy3eduo8W2u9g0mTaahVAffTpY1inQjgr26sx1qkeNaAvoti6w4gTtcg5sNLKPpFV9-WAlavNAecRHoqUqWIhq9LfUThd0GxYlQBF-MXTTLCGkYCdPp1S3yySEhH0q0EKhwKglxqCb5_dGxJAfREY68haW3Yg-NQGyYAQfMSJ5rVjCBtEYCJLRL22TFKibxkC3nrPQAOKFEfDRzq8XWQ65E88g7KgvbFCj0Ojw2P5sNh1aF2nCpWvPhoqh_V3nCp8WqRNcu306fBsysgEL59mKnbHTqoC6eJ2V_gnY0Vj08XPdB1OarNScCwQ15gzWir1FSW38uh41PFdCRF6leoXKCpGT2wROB4bRxh6eD_vhQ-TgRQyQEwuAiplSwpwnfdAimK1eT2cjmWQQ3gbcjrcL6Yx5_Dlit389PXQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDKylsgCHY7exAcGW78EP65aa2AjJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTc5MjY2MDQ0NjM5NzQ0NznIAQmpAjB0PYnEWbE-qAMBqgTeAU_QkqE-MIbFAisxT6pNlYQYd3L3SSGwB8Zz-2HMh5TS7dc7LxLJz8OOEi-1WDTj-c2RnVSjamnDYH02uOavZlCyPmgFt9MswadOYx87Yg9p89IcEb6fXhV3b4PIcv8OEb97IVBWx5VU8bTDCWjtfhh5WwB5vhUtLUi28-xzgsIvsNeGvWxuEmQbVIOOLdzyKg4cHdTI3EYSXAI8BvmYwgy-ma4a-6-X4J9Vp07ZQpV0bwi0bND4pmiHCXRUDc7v6T9UBX_NXSad53WXX8-vxYaVZbaB9z37nPFnhlIaq4AGhs3hiuHPyo7QAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3u9RdVtefAEmPR2_IYWGdwL312bA%26client%3Dca-pub-7926604463974479%26adurl%3D
IP 178.250.0.138:0
File type Unicode text, UTF-8 text, with very long lines (16820), with CRLF, LF line terminators
Hash 8ea061a09f333d9aa9ac6297318b813d
d84df469c23a1c40c564fe20b2670c74a64c918a
0a2691aeb6835cbce5a26f92e41700318e0d776cfb799195056d13ca66a8e324
GET /delivery/r/afr.php?z=Y4cAsgAAWLcCO8tBAAaLa77YUbu_0y8yAsX52g&u=%7CaIQw0RkXpASiLv4JVI1b5x2TOlfodMPfa5X9j%2FJNWWI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdWho4jUxz3UxQuSqix1hUpDKYvix-WvstomDGi1y7ZLtd7M4TOQlSHeOyyTw850Od9WRlKwZhrdq3GyTCLRPV2HjDiJHfGcVLk0ITXBuy3eduo8W2u9g0mTaahVAffTpY1inQjgr26sx1qkeNaAvoti6w4gTtcg5sNLKPpFV9-WAlavNAecRHoqUqWIhq9LfUThd0GxYlQBF-MXTTLCGkYCdPp1S3yySEhH0q0EKhwKglxqCb5_dGxJAfREY68haW3Yg-NQGyYAQfMSJ5rVjCBtEYCJLRL22TFKibxkC3nrPQAOKFEfDRzq8XWQ65E88g7KgvbFCj0Ojw2P5sNh1aF2nCpWvPhoqh_V3nCp8WqRNcu306fBsysgEL59mKnbHTqoC6eJ2V_gnY0Vj08XPdB1OarNScCwQ15gzWir1FSW38uh41PFdCRF6leoXKCpGT2wROB4bRxh6eD_vhQ-TgRQyQEwuAiplSwpwnfdAimK1eT2cjmWQQ3gbcjrcL6Yx5_Dlit389PXQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDKylsgCHY7exAcGW78EP65aa2AjJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTc5MjY2MDQ0NjM5NzQ0NznIAQmpAjB0PYnEWbE-qAMBqgTeAU_QkqE-MIbFAisxT6pNlYQYd3L3SSGwB8Zz-2HMh5TS7dc7LxLJz8OOEi-1WDTj-c2RnVSjamnDYH02uOavZlCyPmgFt9MswadOYx87Yg9p89IcEb6fXhV3b4PIcv8OEb97IVBWx5VU8bTDCWjtfhh5WwB5vhUtLUi28-xzgsIvsNeGvWxuEmQbVIOOLdzyKg4cHdTI3EYSXAI8BvmYwgy-ma4a-6-X4J9Vp07ZQpV0bwi0bND4pmiHCXRUDc7v6T9UBX_NXSad53WXX8-vxYaVZbaB9z37nPFnhlIaq4AGhs3hiuHPyo7QAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3u9RdVtefAEmPR2_IYWGdwL312bA%26client%3Dca-pub-7926604463974479%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 07:05:22 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=kpmUWko_xY9dzPlLlKtweM1M6ZkC3edAdcGf4dbSwia_l-eQKBJQKZITjpXZjacbLMeWTYYU-NlGIN-uYs40XavD2qxKZZiCZr5JV5OeZO76QGHsjR58WqSZQ_I3lPHqxa07PuuGe9k5nPHmXXCGoUKPMmp-s67Y1K28jp-UVrGyjUSnu6ultp0j4u92U7ruzXxUNmJf08PdnpWz-BjqVRQN9kTPJ1YHC1MuKyywqWdBJxYl9UkV6vYVhd-ypPLmEB05zQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 46732563
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=1LynREo_xY9dzPlLA_ChTPWh2YbVKkgqCyEybyTc9gU9X_ShNLlWpp2EdY8l7eFnqPU9BWAKs7QgkebBbDjeuuWBBjqcyA_vVZZX9WlxKfMZ9SCw9Qg-SrMdKPBA1D6BrX_q7IpE1c6sOp06rk-AV7Xl2DXKnBgjre_I1FzLjxS3iOUdRIWFHYyQp-3klPCPrP9_mor7PkpiOvcWksp4kaPWoIGx8LfHBCvOqQGdzBHDl55UaeT6OgVLwzCpl6TARjwsZVILFFKBfmki&sds=2&rev=83599&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=1LynREo_xY9dzPlLA_ChTPWh2YbVKkgqCyEybyTc9gU9X_ShNLlWpp2EdY8l7eFnqPU9BWAKs7QgkebBbDjeuuWBBjqcyA_vVZZX9WlxKfMZ9SCw9Qg-SrMdKPBA1D6BrX_q7IpE1c6sOp06rk-AV7Xl2DXKnBgjre_I1FzLjxS3iOUdRIWFHYyQp-3klPCPrP9_mor7PkpiOvcWksp4kaPWoIGx8LfHBCvOqQGdzBHDl55UaeT6OgVLwzCpl6TARjwsZVILFFKBfmki&sds=2&rev=83599&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=1LynREo_xY9dzPlLA_ChTPWh2YbVKkgqCyEybyTc9gU9X_ShNLlWpp2EdY8l7eFnqPU9BWAKs7QgkebBbDjeuuWBBjqcyA_vVZZX9WlxKfMZ9SCw9Qg-SrMdKPBA1D6BrX_q7IpE1c6sOp06rk-AV7Xl2DXKnBgjre_I1FzLjxS3iOUdRIWFHYyQp-3klPCPrP9_mor7PkpiOvcWksp4kaPWoIGx8LfHBCvOqQGdzBHDl55UaeT6OgVLwzCpl6TARjwsZVILFFKBfmki&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 07:05:22 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=65932&adfrmid=0
109.232.197.110200 OK 43 B URL HTTP/1.1 mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=65932&adfrmid=0
IP 109.232.197.110:0
ASN #50234 Eulerian Technologies S.a.s.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 718e8bd317b47c1018a861f423615c1c
874d28c9586324d5d16558065197cea533f10b67
11e3a37194c2691ff2eb5c2237cb14a9269c30e844dc48047f9324391477f11f
GET /dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=65932&adfrmid=0 HTTP/1.1
Host: mml1.melia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.eu.criteo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 07:05:23 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 43
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Content-Type: image/gif
Set-Cookie: etuix=dybSQoUENwYLb9dH0p6ydY1.x6..uh1loicWLuQRTRbYho.fz.q3qg--; expires=Thu, 28 Dec 2023 07:05:23 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
et0=e6skSg26lnIUekenSWn8WidyaNERS9LR2anscWPhkC52ZK73wb0_EzkW7LNMOowDgm1CNH5AmkN7jySos7UL4BEBxWfkInY.5OwMsTTMK_7MM2c4JZKbhSfschMBEeMDhd8-; expires=Thu, 28 Dec 2023 07:05:23 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
et=1; expires=Thu, 28 Dec 2023 07:05:23 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
pix.eu.criteo.net/img/img?h=244&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=196&s=_0VlK9q82TmthCuW5OnxfCPJ
178.250.0.139200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=244&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=196&s=_0VlK9q82TmthCuW5OnxfCPJ
IP 178.250.0.139:0
File type PNG image data, 196 x 111, 8-bit/color RGBA, non-interlaced\012- data
Hash bc381116221b106493d972a9262c65e3
980f03704c3d56409200806ffc1b8269240383a4
391ed2f12f92968f164c061b48e5421254b9aae4dfce080b727d60dd6c1cb72e
GET /img/img?h=244&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=196&s=_0VlK9q82TmthCuW5OnxfCPJ HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29558260
expires: Tue, 07 Nov 2023 09:43:03 GMT
date: Wed, 30 Nov 2022 07:05:23 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10921
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=VbxHjyPcXEEotVk8xXoJnxpbKa8BOO60aWhAum_dJaEav5XyEhDtCfcbCPbq0dTxesTt3HnakIFajhWivMGEINnaEPfXVATyfCwaITBBMnRVVE1EYuTZlJ9tRlKCiSZ1bjMKr2E1IGW-9htLDYvEuhBRlFHcoeZrrW0SZMYgU5_8qmiaRCJ7RahVd7iiv3UU5RuihF-nczLQxTKbH-J2eR9I-CqEh4C8j8MxyJKt9Gy67LEV47t4PEVzEElwgb9pD0pWNwsjjWx7aHQ2VyKggJDToclSiql7ojDqfvapSZU44AU00k8MdSXA8f8Faae6X50pGOV_8FcdMhO9KYYxlgvZ39WkH7COUNubSG8aQHz3TAFZoDunK_slDX53neslWFQ-5yxXQxP55eoEnH1rpvoEQ-_L7xcWj_RLOgPhnmucY6pTDzfb27451VIPsW3-5cMjVQ
178.250.0.160200 OK 27 kB URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=VbxHjyPcXEEotVk8xXoJnxpbKa8BOO60aWhAum_dJaEav5XyEhDtCfcbCPbq0dTxesTt3HnakIFajhWivMGEINnaEPfXVATyfCwaITBBMnRVVE1EYuTZlJ9tRlKCiSZ1bjMKr2E1IGW-9htLDYvEuhBRlFHcoeZrrW0SZMYgU5_8qmiaRCJ7RahVd7iiv3UU5RuihF-nczLQxTKbH-J2eR9I-CqEh4C8j8MxyJKt9Gy67LEV47t4PEVzEElwgb9pD0pWNwsjjWx7aHQ2VyKggJDToclSiql7ojDqfvapSZU44AU00k8MdSXA8f8Faae6X50pGOV_8FcdMhO9KYYxlgvZ39WkH7COUNubSG8aQHz3TAFZoDunK_slDX53neslWFQ-5yxXQxP55eoEnH1rpvoEQ-_L7xcWj_RLOgPhnmucY6pTDzfb27451VIPsW3-5cMjVQ
IP 178.250.0.160:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a3dd0b426e500601ad9129656b643a8
681518dfb6c3f501a28ee9173083e5306a874b03
4486d90a6def36adcf9a007fa6aaac26ca0e3bb48ec8f02ba7c846cfd97facb0
GET /delivery/lg.php?cppv=3&cpp=VbxHjyPcXEEotVk8xXoJnxpbKa8BOO60aWhAum_dJaEav5XyEhDtCfcbCPbq0dTxesTt3HnakIFajhWivMGEINnaEPfXVATyfCwaITBBMnRVVE1EYuTZlJ9tRlKCiSZ1bjMKr2E1IGW-9htLDYvEuhBRlFHcoeZrrW0SZMYgU5_8qmiaRCJ7RahVd7iiv3UU5RuihF-nczLQxTKbH-J2eR9I-CqEh4C8j8MxyJKt9Gy67LEV47t4PEVzEElwgb9pD0pWNwsjjWx7aHQ2VyKggJDToclSiql7ojDqfvapSZU44AU00k8MdSXA8f8Faae6X50pGOV_8FcdMhO9KYYxlgvZ39WkH7COUNubSG8aQHz3TAFZoDunK_slDX53neslWFQ-5yxXQxP55eoEnH1rpvoEQ-_L7xcWj_RLOgPhnmucY6pTDzfb27451VIPsW3-5cMjVQ HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 07:05:23 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3043503
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy_small.svg
178.250.0.130200 OK 37 kB URL HTTP/2 static.criteo.net/flash/icon/privacy_small.svg
IP 178.250.0.130:0
Hash cabd2e3dee7afec05ea69c77a8992867
a4adc1d16a71531bb706ff98d615d032748594df
d4f1d5f9c4a52fda1bb8b07823eb665d87458dbe26b40983e0c41932f9a72fbe
GET /flash/icon/privacy_small.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 07:05:22 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
etag: W/"5e42ba84-6aa"
expires: Sat, 25 Nov 2023 07:05:22 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=638700b2549b52fa176ad0f937433d73
37.157.6.254302 Found 497 B URL HTTP/2 a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=638700b2549b52fa176ad0f937433d73
IP 37.157.6.254:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (425), with CRLF line terminators
Hash 740e27876365607382d4dd976f92a20c
7c1a8b5e4699b3bb73822b9c46836cfc11ccce1a
58906028e2a6cb3b05b58716f380a13a10f781c1715b7e82d08e7297bbd9d4c7
GET /adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=638700b2549b52fa176ad0f937433d73 HTTP/1.1
Host: a1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 07:05:23 GMT
content-type: text/html; charset=utf-8
location: https://mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=84796&adfrmid=0
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=84796&adfrmid=0
109.232.197.110200 OK 43 B URL HTTP/1.1 mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=84796&adfrmid=0
IP 109.232.197.110:0
ASN #50234 Eulerian Technologies S.a.s.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 718e8bd317b47c1018a861f423615c1c
874d28c9586324d5d16558065197cea533f10b67
11e3a37194c2691ff2eb5c2237cb14a9269c30e844dc48047f9324391477f11f
GET /dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=84796&adfrmid=0 HTTP/1.1
Host: mml1.melia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.eu.criteo.com/
Connection: keep-alive
Cookie: etuix=dybSQoUENwYLb9dH0p6ydY1.x6..uh1loicWLuQRTRbYho.fz.q3qg--; et0=e6skSg26lnIUekenSWn8WidyaNERS9LR2anscWPhkC52ZK73wb0_EzkW7LNMOowDgm1CNH5AmkN7jySos7UL4BEBxWfkInY.5OwMsTTMK_7MM2c4JZKbhSfschMBEeMDhd8-; et=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 07:05:23 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 43
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Content-Type: image/gif
Set-Cookie: et0=cSJIqlE3UWRqXz.mJF2avcZ6wu1vnXM7RssgrSk1RNYiGiVnLNnuEpR2zaZMUfbhKaFuF.YTIvotttz2vyE3WgpG1_xGsXfRs3dmBOwP2gibkbW4Dnsubk9GpCgJmWvp7MQ-; expires=Thu, 28 Dec 2023 07:05:23 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
et=1; expires=Thu, 28 Dec 2023 07:05:23 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe81e3e6db6aa8%26domain%3Dinfogojekbdg.blogspot.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Finfogojekbdg.blogspot.com%252Ff198a4c73953aac%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Finfogojekbandung&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=false
31.13.72.36302 Found 0 B URL HTTP/2 www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe81e3e6db6aa8%26domain%3Dinfogojekbdg.blogspot.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Finfogojekbdg.blogspot.com%252Ff198a4c73953aac%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Finfogojekbandung&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=false
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe81e3e6db6aa8%26domain%3Dinfogojekbdg.blogspot.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Finfogojekbdg.blogspot.com%252Ff198a4c73953aac%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Finfogojekbandung&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=false HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfe81e3e6db6aa8%2526domain%253Dinfogojekbdg.blogspot.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Finfogojekbdg.blogspot.com%25252Ff198a4c73953aac%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Finfogojekbandung%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 8pGltqdGuUMqq72t/mCBPBfsoIOtzMRFa2qv9CecpJ0iXjZ9Jig9vSwJgqX80BhjnPUHFoElpGRvoffriCxgug==
content-length: 0
date: Wed, 30 Nov 2022 07:05:24 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f58cd30443a495eed3ec0d9827550c1
fd0f53d2acc63ae015b7b42155136ade5841ebc7
333a3cae36081ea37371e32dc9587faacfda5970daa476b3b36cd6f587ce1594
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:05:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 7c1e8c627a676104a7505208909d1f9b
de27d48201ba51a657302fd2386efb39953b2532
1d02facf064f85102f47ddbeaba7becf220a190317d3e57755c107cb0562d044
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 30 Nov 2022 07:05:24 GMT
date: Wed, 30 Nov 2022 07:05:24 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-dJc8W4SPkdSowKU-dWjXGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=kpmUWko_xY9dzPlLlKtweM1M6ZkC3edAdcGf4dbSwia_l-eQKBJQKZITjpXZjacbLMeWTYYU-NlGIN-uYs40XavD2qxKZZiCZr5JV5OeZO76QGHsjR58WqSZQ_I3lPHqxa07PuuGe9k5nPHmXXCGoUKPMmp-s67Y1K28jp-UVrGyjUSnu6ultp0j4u92U7ruzXxUNmJf08PdnpWz-BjqVRQN9kTPJ1YHC1MuKyywqWdBJxYl9UkV6vYVhd-ypPLmEB05zQ&sds=2&rev=83599&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=kpmUWko_xY9dzPlLlKtweM1M6ZkC3edAdcGf4dbSwia_l-eQKBJQKZITjpXZjacbLMeWTYYU-NlGIN-uYs40XavD2qxKZZiCZr5JV5OeZO76QGHsjR58WqSZQ_I3lPHqxa07PuuGe9k5nPHmXXCGoUKPMmp-s67Y1K28jp-UVrGyjUSnu6ultp0j4u92U7ruzXxUNmJf08PdnpWz-BjqVRQN9kTPJ1YHC1MuKyywqWdBJxYl9UkV6vYVhd-ypPLmEB05zQ&sds=2&rev=83599&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=kpmUWko_xY9dzPlLlKtweM1M6ZkC3edAdcGf4dbSwia_l-eQKBJQKZITjpXZjacbLMeWTYYU-NlGIN-uYs40XavD2qxKZZiCZr5JV5OeZO76QGHsjR58WqSZQ_I3lPHqxa07PuuGe9k5nPHmXXCGoUKPMmp-s67Y1K28jp-UVrGyjUSnu6ultp0j4u92U7ruzXxUNmJf08PdnpWz-BjqVRQN9kTPJ1YHC1MuKyywqWdBJxYl9UkV6vYVhd-ypPLmEB05zQ&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 07:05:23 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfe81e3e6db6aa8%2526domain%253Dinfogojekbdg.blogspot.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Finfogojekbdg.blogspot.com%25252Ff198a4c73953aac%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Finfogojekbandung%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse
31.13.72.36200 OK 5.0 kB URL HTTP/2 www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfe81e3e6db6aa8%2526domain%253Dinfogojekbdg.blogspot.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Finfogojekbdg.blogspot.com%25252Ff198a4c73953aac%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Finfogojekbandung%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse
IP 31.13.72.36:0
Hash 7fab532ebd19ee00639cdb5ef1057cd0
d77d88d43d0366453251354e025b08ba9ae9d350
a8d614ca38e60efb9070cf0172d120545730cbe4b6a38e1317499ed1aa8dd6a0
GET /login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfe81e3e6db6aa8%2526domain%253Dinfogojekbdg.blogspot.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Finfogojekbdg.blogspot.com%25252Ff198a4c73953aac%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Finfogojekbandung%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://infogojekbdg.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: fUbzh/ZMsRUKldtiX7elTF44lccJC3vVMh0OgoKkPqMMpBI99p84TMjutEGmLnPXV6WTuEkY/ri9pQ8X6l+eMQ==
date: Wed, 30 Nov 2022 07:05:24 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=kpmUWko_xY9dzPlLlKtweM1M6ZkC3edAdcGf4dbSwia_l-eQKBJQKZITjpXZjacbLMeWTYYU-NlGIN-uYs40XavD2qxKZZiCZr5JV5OeZO76QGHsjR58WqSZQ_I3lPHqxa07PuuGe9k5nPHmXXCGoUKPMmp-s67Y1K28jp-UVrGyjUSnu6ultp0j4u92U7ruzXxUNmJf08PdnpWz-BjqVRQN9kTPJ1YHC1MuKyywqWdBJxYl9UkV6vYVhd-ypPLmEB05zQ&sds=2&rev=83599&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=kpmUWko_xY9dzPlLlKtweM1M6ZkC3edAdcGf4dbSwia_l-eQKBJQKZITjpXZjacbLMeWTYYU-NlGIN-uYs40XavD2qxKZZiCZr5JV5OeZO76QGHsjR58WqSZQ_I3lPHqxa07PuuGe9k5nPHmXXCGoUKPMmp-s67Y1K28jp-UVrGyjUSnu6ultp0j4u92U7ruzXxUNmJf08PdnpWz-BjqVRQN9kTPJ1YHC1MuKyywqWdBJxYl9UkV6vYVhd-ypPLmEB05zQ&sds=2&rev=83599&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=kpmUWko_xY9dzPlLlKtweM1M6ZkC3edAdcGf4dbSwia_l-eQKBJQKZITjpXZjacbLMeWTYYU-NlGIN-uYs40XavD2qxKZZiCZr5JV5OeZO76QGHsjR58WqSZQ_I3lPHqxa07PuuGe9k5nPHmXXCGoUKPMmp-s67Y1K28jp-UVrGyjUSnu6ultp0j4u92U7ruzXxUNmJf08PdnpWz-BjqVRQN9kTPJ1YHC1MuKyywqWdBJxYl9UkV6vYVhd-ypPLmEB05zQ&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 07:05:25 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/criteo_logo_2021.svg
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/criteo_logo_2021.svg
IP 178.250.0.130:0
GET /flash/icon/criteo_logo_2021.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 07:05:22 GMT
content-type: image/svg+xml
last-modified: Thu, 27 May 2021 13:21:59 GMT
etag: W/"60af9cf7-891"
expires: Sat, 25 Nov 2023 07:05:22 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy.svg
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy.svg
IP 178.250.0.130:0
GET /flash/icon/privacy.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 07:05:22 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
etag: W/"5e4d1491-646"
expires: Sat, 25 Nov 2023 07:05:22 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/animejs/animejs.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/animejs/animejs.js
IP 178.250.0.130:0
GET /animejs/animejs.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 07:05:22 GMT
content-type: text/javascript
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
etag: W/"5c9a64eb-3181"
expires: Sat, 25 Nov 2023 07:05:22 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/adchoices_en.svg
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/adchoices_en.svg
IP 178.250.0.130:0
GET /flash/icon/adchoices_en.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 07:05:22 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
etag: W/"5e42b9ee-759"
expires: Sat, 25 Nov 2023 07:05:22 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=638700b26a40ae38a5eef08a620c0320
37.157.6.254302 Found 0 B URL HTTP/2 a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=638700b26a40ae38a5eef08a620c0320
IP 37.157.6.254:0
GET /adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=638700b26a40ae38a5eef08a620c0320 HTTP/1.1
Host: a1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 07:05:23 GMT
content-type: text/html; charset=utf-8
location: https://mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=65932&adfrmid=0
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=hS62iPnTBSVdD-mFds6_mLz8BV_e_3eu7gXwqztIld3GP0JtQ3I3ixgKxY5JZgcwprhnfS5mafZb89JH7yQEuG-qsLdXWF3sJ4dDupY2TpFhRZsdyuJ2xs6d3KjIWI4a7UU6W5dS5t4DtiCMrB7Ay5Vdq6AwgtfntSougC3-Fj6mTgaPY-rurb1zszrAJZqkA3VD_Eh0VpqK8cniSi2JHqH5Zt-l_pPMHQzd5fiTGU92mt0TBuj-tq6bzct-ugq098Y3rHVGASD0e-eHEgHo0hYOJAn5NyvcaYwfcyZfUqlde0Bqbl77U_sE7QSIehl30CBkvGULAq3Idoly1L8fFNuamm2sNMydR7eRzyRmHP5kIvRp5l73WIglM1uTq6HhI5uDKGXlkRUKMUWh9v51ZVAj--9C8v1RE8J24iDV5xypuBtddpLWfGCaDvEUJKIaq8oB3A
178.250.0.160200 OK 0 B URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=hS62iPnTBSVdD-mFds6_mLz8BV_e_3eu7gXwqztIld3GP0JtQ3I3ixgKxY5JZgcwprhnfS5mafZb89JH7yQEuG-qsLdXWF3sJ4dDupY2TpFhRZsdyuJ2xs6d3KjIWI4a7UU6W5dS5t4DtiCMrB7Ay5Vdq6AwgtfntSougC3-Fj6mTgaPY-rurb1zszrAJZqkA3VD_Eh0VpqK8cniSi2JHqH5Zt-l_pPMHQzd5fiTGU92mt0TBuj-tq6bzct-ugq098Y3rHVGASD0e-eHEgHo0hYOJAn5NyvcaYwfcyZfUqlde0Bqbl77U_sE7QSIehl30CBkvGULAq3Idoly1L8fFNuamm2sNMydR7eRzyRmHP5kIvRp5l73WIglM1uTq6HhI5uDKGXlkRUKMUWh9v51ZVAj--9C8v1RE8J24iDV5xypuBtddpLWfGCaDvEUJKIaq8oB3A
IP 178.250.0.160:0
GET /delivery/lg.php?cppv=3&cpp=hS62iPnTBSVdD-mFds6_mLz8BV_e_3eu7gXwqztIld3GP0JtQ3I3ixgKxY5JZgcwprhnfS5mafZb89JH7yQEuG-qsLdXWF3sJ4dDupY2TpFhRZsdyuJ2xs6d3KjIWI4a7UU6W5dS5t4DtiCMrB7Ay5Vdq6AwgtfntSougC3-Fj6mTgaPY-rurb1zszrAJZqkA3VD_Eh0VpqK8cniSi2JHqH5Zt-l_pPMHQzd5fiTGU92mt0TBuj-tq6bzct-ugq098Y3rHVGASD0e-eHEgHo0hYOJAn5NyvcaYwfcyZfUqlde0Bqbl77U_sE7QSIehl30CBkvGULAq3Idoly1L8fFNuamm2sNMydR7eRzyRmHP5kIvRp5l73WIglM1uTq6HhI5uDKGXlkRUKMUWh9v51ZVAj--9C8v1RE8J24iDV5xypuBtddpLWfGCaDvEUJKIaq8oB3A HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 07:05:21 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3187476
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2