r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3296
Expires: Mon, 28 Nov 2022 17:14:08 GMT
Date: Mon, 28 Nov 2022 16:19:12 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2278
Cache-Control: max-age=154207
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:12 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 11:09:19 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12085
Expires: Mon, 28 Nov 2022 19:40:37 GMT
Date: Mon, 28 Nov 2022 16:19:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 15:19:32 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3580
alt-svc: clear
X-Firefox-Spdy: h2
bdeeli-m.blogspot.com/2022/11/blog-post.html
301 Moved Permanently 193 B URL HTTP/1.1 bdeeli-m.blogspot.com/2022/11/blog-post.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 134adc2a81ccba4ddd7441ee6e116cdd
429e396f6b6a0d89edd09006261febae38bdf4ab
15557f3d2eb9f519d84bda7acf586d827fb45e169c01c94af77c397c644ee7dc
Analyzer Verdict Alert fortinet Phishing
GET /2022/11/blog-post.html HTTP/1.1
Host: bdeeli-m.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://bdeeli-m.blogspot.com/2022/11/blog-post.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 28 Nov 2022 16:19:12 GMT
Expires: Mon, 28 Nov 2022 16:19:12 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 193
Server: GSE
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 163SXTS2aGantm1hobyj5Z0i9C9onfOZmebA5djjPZaYsHL1T+D2fdcckSrZHqXJ3V0jNoBLeNM=
x-amz-request-id: 82VPK256A9YTJC3A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 15:42:07 GMT
age: 2225
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 636ab52e8412c404c27b203b7dde8958
adcaadc8107cf64e0bf312f21b78cf0db5a8d72a
8551d69b33cdb90d88ac0f282c8c1e3fd7a28f697d326ecf68627a5ac7761060
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 16:19:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 16:08:55 GMT
cache-control: public,max-age=3600
age: 618
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3431
Cache-Control: max-age=150293
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:13 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:04:06 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
bdeeli-m.blogspot.com/2022/11/blog-post.html
200 OK 36 kB URL HTTP/2 bdeeli-m.blogspot.com/2022/11/blog-post.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (15221)
Hash a81541e547be04947dfaba3c9d627feb
c6730cd5bb83cedb63a1ea883ac070dfbe314506
32b38939e01d329a08df45d1d5544c3ce494538b59b4133e5a9d8df2eeca891b
Analyzer Verdict Alert fortinet Phishing
GET /2022/11/blog-post.html HTTP/1.1
Host: bdeeli-m.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Mon, 28 Nov 2022 16:19:13 GMT
date: Mon, 28 Nov 2022 16:19:13 GMT
cache-control: private, max-age=0
last-modified: Fri, 25 Nov 2022 11:04:46 GMT
etag: W/"5d78c912c9117dc6ec2e25f2e32db1265b9f31247282bebd4cbc9c0c4c2f494e"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 36309
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 636ab52e8412c404c27b203b7dde8958
adcaadc8107cf64e0bf312f21b78cf0db5a8d72a
8551d69b33cdb90d88ac0f282c8c1e3fd7a28f697d326ecf68627a5ac7761060
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 278 B IP
Hash 6b4620c230107c4a41a550936ae73d30
41c55d76d7fec5f9e9b6b41c63be76039ab51d7b
84323dcb2bf41d37624d351e7102832e267b2af6772e06575f52012d510ebacb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5050
Cache-Control: max-age=144373
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:13 GMT
Etag: "63845cbd-116"
Expires: Wed, 30 Nov 2022 08:25:26 GMT
Last-Modified: Mon, 28 Nov 2022 07:01:17 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash ceb3a8bccf939f7ee4a32a543a108f30
2b21c654e3821deb2ed696b4ade8701e3d7ca0c6
8efb4a1307410f10a56c1382c5e3808fc08f43a22a20cf237a59845f0e9d660e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3562
Cache-Control: max-age=118727
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:13 GMT
Etag: "6383fe5e-117"
Expires: Wed, 30 Nov 2022 01:18:00 GMT
Last-Modified: Mon, 28 Nov 2022 00:18:38 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 13c870f9d0256a3e5dd72fc47aea94e9
55b39d22353b9f020626c9ad5067adbb4e0a4761
a7af66142920ccb78d06c97456b0c48fc4596b853bf3f5eef60940857bcd6fd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP
File type ASCII text, with very long lines (32077)
Hash fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec
GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdeeli-m.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:51:00 GMT
expires: Thu, 23 Nov 2023 18:51:00 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 422893
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 278 B IP
Hash 6b4620c230107c4a41a550936ae73d30
41c55d76d7fec5f9e9b6b41c63be76039ab51d7b
84323dcb2bf41d37624d351e7102832e267b2af6772e06575f52012d510ebacb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5050
Cache-Control: max-age=144373
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:13 GMT
Etag: "63845cbd-116"
Expires: Wed, 30 Nov 2022 08:25:26 GMT
Last-Modified: Mon, 28 Nov 2022 07:01:17 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 278
www.blogger.com/static/v1/widgets/2342155703-widgets.js
200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdeeli-m.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 16:02:03 GMT
expires: Tue, 28 Nov 2023 16:02:03 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 27 Nov 2022 15:52:40 GMT
content-type: text/javascript
age: 1030
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
File type ASCII text, with very long lines (4885)
Hash 74840cdabc8dd59d4f01dc6f90d3e6a7
5b3e4f04a7b6a3f32259c6d088961aff428bab0b
a21fdee9f51b8084c414b3fdc91928910a013c3fe480dae890319b680764069a
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdeeli-m.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 28 Nov 2022 16:19:13 GMT
expires: Mon, 28 Nov 2022 16:19:13 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 3580439600618186570
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49285
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 13c870f9d0256a3e5dd72fc47aea94e9
55b39d22353b9f020626c9ad5067adbb4e0a4761
a7af66142920ccb78d06c97456b0c48fc4596b853bf3f5eef60940857bcd6fd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/dyn-css/authorization.css?targetBlogID=1757124595800395012&zx=71f0eb00-994b-443d-8abe-e0a5a5631be9
200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=1757124595800395012&zx=71f0eb00-994b-443d-8abe-e0a5a5631be9
IP
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=1757124595800395012&zx=71f0eb00-994b-443d-8abe-e0a5a5631be9 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdeeli-m.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 16:19:13 GMT
last-modified: Mon, 28 Nov 2022 16:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2
200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 10584, version 1.0\012- data
Hash 316fa1995ea53f41426fa3a7f3b2df39
0bda75704bc7d985f7b934b74f433c53299e06b2
00241262004f96088a827ad4c5d423dbbc0648224e1cd990e5e5ff8e912157c9
GET /s/tajawal/v9/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bdeeli-m.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10584
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 01:47:34 GMT
expires: Wed, 22 Nov 2023 01:47:34 GMT
cache-control: public, max-age=31536000
age: 570699
last-modified: Wed, 27 Apr 2022 16:02:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4GBYLjUhKnH+YS+Uo3SFVQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZLNkfjk0x9qbPw+lVZ3pGWgRmJI=
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2
200 OK 9.0 kB URL HTTP/2 fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 9032, version 1.0\012- data
Hash 1420b4cb8aaedb5607ef10763bd4f608
430ab060799bb992c542d7f0d262cb685d3b921b
f35be424a435340fa1b6bf36b2482ed2178092f777824f6b00f03cad010fd44f
GET /s/tajawal/v9/Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bdeeli-m.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9032
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:58:14 GMT
expires: Thu, 23 Nov 2023 19:58:14 GMT
cache-control: public, max-age=31536000
age: 418859
last-modified: Wed, 27 Apr 2022 16:02:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i|Poppins:400,600,700
200 OK 1.5 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i|Poppins:400,600,700
IP
Hash e4a455ccb938f39698f326e77fb68980
a1434809794c296487c035ae8be4e8f5dba27e9c
0e16f2fd5422ac2dd43028769f28dcfe228ed8164e82a7cc1632b12226eeb2f7
GET /css?family=Open+Sans:400,400i,600,600i,700,700i|Poppins:400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdeeli-m.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 16:19:13 GMT
date: Mon, 28 Nov 2022 16:19:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash d13b6ca145b6bfa9baa5db70293808a3
167738d30b97c7f7e35d07c829ec2686a27f54ce
642b51cdb55f4743dd5ce32f242bcfe90ed647f9a2884b0fa3c40b869598422f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2277
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:13 GMT
Last-Modified: Mon, 28 Nov 2022 15:41:16 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 278
fonts.googleapis.com/css?family=Tajawal:800
200 OK 120 kB URL HTTP/2 fonts.googleapis.com/css?family=Tajawal:800
IP
Size 120 kB (119933 bytes)
Hash c81318a077d8791a52d93ac8a69eb0cb
88728b48b97117b62667e9f6769969ab62e0e818
e977f0741b1fdbb2548b0a9bd35bebe7b81897c2b3a16eca60c1106d89df4e04
GET /css?family=Tajawal:800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdeeli-m.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 16:19:13 GMT
date: Mon, 28 Nov 2022 16:19:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 80423577bb8ca66350f796c228ae9152
39a9a538873e91016bec486f0a39a8f5decf276c
b97b4d704efc28d3c9e1839cc5d08b9663f3f56654d42124e0ec19377a1a9084
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1135
Cache-Control: max-age=111285
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:13 GMT
Etag: "6383eac7-1d7"
Expires: Tue, 29 Nov 2022 23:13:59 GMT
Last-Modified: Sun, 27 Nov 2022 22:55:03 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js
200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP
File type ASCII text, with very long lines (1957)
Hash 82b203f400521009a8f93973f1aab75b
757ecbaf5f41c01d8e7ab7edf92425fbebc16c9c
5e1b40e58ae9a0d01139b43288b1894d6cb639683d8b88bd85fdadbd0d8373d4
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdeeli-m.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 126109fc12c06037f727a2400aa55a1a
etag: "097da4b6ba2f2504cdf07098ecbbdead"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 28 Nov 2022 16:24:13 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: grID9ABSEAmo+Tlz8aq3Ww==
x-fb-debug: 3UIQ/TPJ7QZgDx4xO9K9vlSjqTlMVmy+7l1Q0b+2exzADs+8GbAopAFdafAhXydUCNFE9qmvkk3qp1BkeKvBzg==
content-length: 1688
x-fb-trip-id: 1904183273
date: Mon, 28 Nov 2022 16:19:13 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 80423577bb8ca66350f796c228ae9152
39a9a538873e91016bec486f0a39a8f5decf276c
b97b4d704efc28d3c9e1839cc5d08b9663f3f56654d42124e0ec19377a1a9084
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1135
Cache-Control: max-age=111285
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:13 GMT
Etag: "6383eac7-1d7"
Expires: Tue, 29 Nov 2022 23:13:59 GMT
Last-Modified: Sun, 27 Nov 2022 22:55:03 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
widget-v4.tidiochat.com//tururu.mp3
206 Partial Content 7.2 kB URL HTTP/2 widget-v4.tidiochat.com//tururu.mp3
IP
File type MPEG ADTS, layer III, v1, 64 kbps, 44.1 kHz, Monaural\012- data
Hash 5061b4d134a7b4d5d744f9a127b757a8
c5e240ac60d3914cb3836ba6652105c67720b845
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
GET //tururu.mp3 HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Mon, 28 Nov 2022 16:19:13 GMT
content-type: audio/mpeg
content-length: 7224
last-modified: Mon, 07 Nov 2022 08:15:48 GMT
etag: "6368beb4-1c38"
expires: Thu, 24 Nov 2022 02:08:23 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 1606250
content-range: bytes 0-7223/7224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4P9jAQmpoMdQoysGcRhopP9od7feMMMfCpUryQAWGhOi5RlunR9xQuFw7ZqcOyBkYKerfRh4n%2Bn8BDOoV2FaV5pczIzUmgwaozmtUE%2BEkCcgXY7%2BPaPZQA%2FGqtKjMblsREJZCpMxqVf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77146c8bbf99fac0-OSL
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js?hash=56f8f806ad1946188debf18437980d57
200 OK 87 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=56f8f806ad1946188debf18437980d57
IP
File type ASCII text, with very long lines (13192)
Hash db245d9f2d1a0cd62112a54e6a83ace9
3ce4214c134842b73f6bac77142142600be3d3ed
011aaea90adab974ec451eec62fff5dde1462ada07ab39119c20eaa91d4e188d
GET /en_US/sdk.js?hash=56f8f806ad1946188debf18437980d57 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bdeeli-m.blogspot.com
Connection: keep-alive
Referer: https://bdeeli-m.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 0c60f1489a2d69ab4d3346aa77b745ec
etag: "b4bc76271bb61cd27062da4057b0ef3c"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 28 Nov 2023 13:46:51 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 2yRdny0aDNYhEqVOaoOs6Q==
x-fb-debug: wYgfU3FdbQ6XQemDeBdlVnhSHCVc9T8OldmskZWhVaUCJHDlQwX7wnf0E1axzKr0zDhyD7VIoJTXxmC/aZNmIQ==
priority: u=3,i
content-length: 86898
x-fb-trip-id: 1904183273
date: Mon, 28 Nov 2022 16:19:13 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a857eec26a095f97806facc4251f4048
21bcf238687fd5f4fbefaf9704786f7c498f305e
b44b50b7e234fd05080699152a9bc0055a703a93ec2642ecb6b1f717effe7933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=bdeeli-m.blogspot.com&callback=_gfp_s_&client=ca-pub-2696894962570528&gpid_exp=1
200 OK 251 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=bdeeli-m.blogspot.com&callback=_gfp_s_&client=ca-pub-2696894962570528&gpid_exp=1
IP
File type ASCII text, with very long lines (391), with no line terminators
Hash 3bd56b4cc8eabbe8f177d2d3769191c7
82c58ab81cd62a97cb516b799c395430cbeb6d6c
8bb9dc88be66daf28c69f26ddebd472bc8e3138a29580254320ffcdb64b34d1d
GET /gampad/cookie.js?domain=bdeeli-m.blogspot.com&callback=_gfp_s_&client=ca-pub-2696894962570528&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdeeli-m.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 28 Nov 2022 16:19:13 GMT
server: cafe
cache-control: private
content-length: 251
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7207a5076b63fb5f39b9436ced9fb18f
cdd84ecfe85882601e81f11783d9f63b30084de3
6d4543402df8135d5860ecd47dd52d96d66d2e1ac6feec11accb5f43f2da7d0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 879cba431d8b6f2717a750acd5ca7156
1d4eb23583d48dd6801a104aa20046b34acd0efe
31223aada310e8d8e3fa41e22ee23019a07b362b3b062ccdc10600c22071bd78
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=bdeeli-m.blogspot.com
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=bdeeli-m.blogspot.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=bdeeli-m.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdeeli-m.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 28 Nov 2022 16:19:14 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=bdeeli-m.blogspot.com
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=bdeeli-m.blogspot.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=bdeeli-m.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdeeli-m.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 28 Nov 2022 16:19:14 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a857eec26a095f97806facc4251f4048
21bcf238687fd5f4fbefaf9704786f7c498f305e
b44b50b7e234fd05080699152a9bc0055a703a93ec2642ecb6b1f717effe7933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 879cba431d8b6f2717a750acd5ca7156
1d4eb23583d48dd6801a104aa20046b34acd0efe
31223aada310e8d8e3fa41e22ee23019a07b362b3b062ccdc10600c22071bd78
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 8a14f6c5d316b7adc3e9f8bc5f61cef7
421c1cf0330e1a2c51b390e9a664b5c1a3f852a5
1b3ff47437e0c29edb578258e423a0978a64b6613d90fdf5695d8515e9dd6be2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=155773
Date: Mon, 28 Nov 2022 16:19:14 GMT
Etag: "63848df4-1d7"
Expires: Wed, 30 Nov 2022 11:35:27 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:16 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1iSykVdHnP-1tOWtpHd9Sagy6FWCJI5CQEF0_wYLDHs5w6QCzZEHvQ==
Age: 3851
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash afdcfc5f3bd741d114596300d607f4cc
e82ea5829078ad9268cdf9c576c780b1c40c3696
1c80e7d28c6303b65a17bfa822163c5af3d6d5c480ee9f2e404b23119520eeb5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash afdcfc5f3bd741d114596300d607f4cc
e82ea5829078ad9268cdf9c576c780b1c40c3696
1c80e7d28c6303b65a17bfa822163c5af3d6d5c480ee9f2e404b23119520eeb5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
socket.tidio.co/socket.io/?ppk=lzpapzyvaqij3qrvwdz4evwtnckjp6wz&device=desktop&EIO=3&transport=websocket
101 Switching Protocols 0 B URL HTTP/1.1 socket.tidio.co/socket.io/?ppk=lzpapzyvaqij3qrvwdz4evwtnckjp6wz&device=desktop&EIO=3&transport=websocket
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?ppk=lzpapzyvaqij3qrvwdz4evwtnckjp6wz&device=desktop&EIO=3&transport=websocket HTTP/1.1
Host: socket.tidio.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://bdeeli-m.blogspot.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AhGcDeuEN8kHRQSuDyYtcw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Mon, 28 Nov 2022 16:19:14 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9WwD4b5tlNHnTGKpQHpjtiVv4vk=
Sec-WebSocket-Extensions: permessage-deflate
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
IP
File type ASCII text, with very long lines (1540)
Hash d22e40b1bc4f1b0f1727b96a0f32f7dd
57030c5040f0013120cca1e77fe38af35d4610e0
6f6d3797f9b19ffcd2f416a7566a58cf70fd4fb0ab17dec03fa5b690c6939494
GET /pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7458
x-xss-protection: 0
date: Mon, 28 Nov 2022 05:12:02 GMT
expires: Mon, 12 Dec 2022 05:12:02 GMT
cache-control: public, max-age=1209600
etag: 16870613375306414947
content-type: text/javascript; charset=UTF-8
age: 40032
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
200 OK 1.2 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
IP
File type ASCII text, with very long lines (1054)
Hash 169edf919beed1ee17c8a752ef12132e
b7fbae15ed7789984ee59618845b914aae37bf3e
2bcf9aebfd80a2558d54f39de59542c3df52610616fb2e4380d9f3d976cc13fc
GET /pagead/js/r20221110/r20110914/client/window_focus_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1236
x-xss-protection: 0
date: Mon, 28 Nov 2022 05:12:16 GMT
expires: Mon, 12 Dec 2022 05:12:16 GMT
cache-control: public, max-age=1209600
etag: 15004572836499977866
content-type: text/javascript; charset=UTF-8
age: 40018
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js
200 OK 738 B URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js
IP
File type ASCII text, with very long lines (689)
Hash 967ef6a57e8b77199566733e307ed863
2a53e944b3e713cc785dcd64c8a1c114082c7caf
a16bd3409e52b93408e8ca34af1f6c0bf03ad36d44979db141c777ba0f1199e1
GET /pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 738
x-xss-protection: 0
date: Mon, 28 Nov 2022 05:12:16 GMT
expires: Mon, 12 Dec 2022 05:12:16 GMT
cache-control: public, max-age=1209600
etag: 1394486882873449110
content-type: text/javascript; charset=UTF-8
age: 40018
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
200 OK 10 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
IP
Hash 9710d345052e7cdec53e8be182114d70
eb175e76bc8d1b1b907556e067d7c5155d685ab3
a4ecd11dee793ebec08b2218a71b5e2adb02d2ba40e324d2ca6d2581cf7b05ec
GET /pagead/js/r20221110/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 9428
x-xss-protection: 0
date: Mon, 28 Nov 2022 05:12:02 GMT
expires: Mon, 12 Dec 2022 05:12:02 GMT
cache-control: public, max-age=1209600
etag: 246362764157784863
content-type: text/javascript; charset=UTF-8
age: 40032
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8094
Expires: Mon, 28 Nov 2022 18:34:08 GMT
Date: Mon, 28 Nov 2022 16:19:14 GMT
Connection: keep-alive
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/interstitial_ad_frame_fy2021.js
200 OK 8.1 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/interstitial_ad_frame_fy2021.js
IP
File type ASCII text, with very long lines (2235)
Hash 07348a8c4f5798070d4dec3668ac24e9
411c3a3ace0be6cdda18ab10616473ffef6df857
f1ef63af2866fe379944c4fcbd07596edc56e79e92944cd01bbfdf3f849b5340
GET /pagead/js/r20221110/r20110914/elements/html/interstitial_ad_frame_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 8086
x-xss-protection: 0
date: Sun, 27 Nov 2022 18:34:05 GMT
expires: Sun, 11 Dec 2022 18:34:05 GMT
cache-control: public, max-age=1209600
age: 78309
etag: 7427986489964165156
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8094
Expires: Mon, 28 Nov 2022 18:34:08 GMT
Date: Mon, 28 Nov 2022 16:19:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8094
Expires: Mon, 28 Nov 2022 18:34:08 GMT
Date: Mon, 28 Nov 2022 16:19:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8094
Expires: Mon, 28 Nov 2022 18:34:08 GMT
Date: Mon, 28 Nov 2022 16:19:14 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 314 B IP
Hash 374112250ce430c0bc0fe3eb5b3e11a3
2f8ff5ae9aa97751ed28ac3d527b820d7bf6c1de
8592c3111f4c4bb98dbcc9e14a97fb78e7a45dd994001f213ff8b0547cca4ec7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2199
Cache-Control: max-age=113453
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:14 GMT
Etag: "6383ef18-13a"
Expires: Tue, 29 Nov 2022 23:50:07 GMT
Last-Modified: Sun, 27 Nov 2022 23:13:28 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 314
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa78e81d9-dbc4-4911-9711-219f64026531.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa78e81d9-dbc4-4911-9711-219f64026531.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e586c141835f4ac8819c55dcb811b4d
a23fd98701ac35cd8740d1f7a832118c770e20c8
4296f391f755a649897a2211f9072c69a0510e43a313674908bb0a771b12650e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa78e81d9-dbc4-4911-9711-219f64026531.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10944
x-amzn-requestid: 8f48c27c-bbec-46f5-9c08-1cc804b9aff7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIbJ_FyvIAMFhrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63800bd9-2ffa8521241a5e5b0afc0935;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 00:27:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4YiBUU3kS0VrcVOwKXUHgIRygLLeXGp1TjBYDi6WwWWm6WMKktzfHg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:36:32 GMT
age: 63762
etag: "a23fd98701ac35cd8740d1f7a832118c770e20c8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 314 B IP
Hash 374112250ce430c0bc0fe3eb5b3e11a3
2f8ff5ae9aa97751ed28ac3d527b820d7bf6c1de
8592c3111f4c4bb98dbcc9e14a97fb78e7a45dd994001f213ff8b0547cca4ec7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3044
Cache-Control: max-age=114298
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:14 GMT
Etag: "6383ef18-13a"
Expires: Wed, 30 Nov 2022 00:04:12 GMT
Last-Modified: Sun, 27 Nov 2022 23:13:28 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 314
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 741ddfb19764ac9a77509e7e87cfbfb2
308c08784ce4a0757cbd112807555b83e17a1d56
e9271a76da94d8b655860c3b00d111396c5d3a227fd2f19e0ef400fd5e84d87e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8817
x-amzn-requestid: 31bd21c7-1d75-4159-af51-52035da16da4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-krGE6AIAMF2Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c1b13-32a7b9c6642592c70783a0cf;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 00:42:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZJu4cMNnQTavxqB1MnRFluzfZC59BcUnIHgXh9h6LJWYgsFL83rHoQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 16:15:25 GMT
age: 229
etag: "308c08784ce4a0757cbd112807555b83e17a1d56"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:43 GMT
age: 66451
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78b1389f425425d0450c94d900404dc4
53b12a8702f7c5b7cc697e2a24da824d9434be65
0c1659ab3afc6e45f9e3acb12f8865bb99e4668f7df4501b1cc740e53f5b62ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6376
x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KGeaoAMFb_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:26 GMT
age: 65868
etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg
200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3a1a4e00f1f15827cf651f373863c379
70c2a238f06ca7e56ef80c83738e081bf0de3330
3d936e1f0c96297f121faece12d6f8173e12eed5087165cd4eefc0fab368419f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8885
x-amzn-requestid: 71b8367f-f79f-42a7-bcb8-c441a154babf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGDTEFSeIAMF3rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f18e0-631b775d3430a8c30c3b4420;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jsmd6yxjJxLMEgv1jDa87iEoZXL2OuALsmUZ9Nxx1rUN-xOTdtN1-A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 08:11:39 GMT
age: 29255
etag: "70c2a238f06ca7e56ef80c83738e081bf0de3330"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019
200 OK 14 kB URL HTTP/2 www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019
IP
File type C++ source, ASCII text, with very long lines (1921)
Hash 48a3f12d2425ba123d53524adc123834
c8f4ecbe239261b944879c18ec1a353d0cc674ba
632e1fbd2bba00a95491c806cdf850014b1b617323f698c492272d917603e20b
GET /mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 14118
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 10:43:31 GMT
expires: Mon, 20 Feb 2023 10:43:31 GMT
cache-control: public, max-age=7776000
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
content-type: text/javascript
age: 538543
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
200 OK 205 B URL HTTP/2 www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
IP
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 4087858e2c9db9aa8f6a840aedcfb533
d1ffe861da6bd0e95fd1a365b0c3d3ceb6cd58a3
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
GET /images/icons/material/system/2x/feedback_grey600_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 205
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 12:48:11 GMT
expires: Tue, 28 Nov 2023 12:48:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 12663
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:16 GMT
age: 65878
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
200 OK 604 B URL HTTP/2 www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
IP
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 7bd42e5a35b5fb3ff852d6ea9191ca83
8a141eb392a05a2dea3dcd83b97940ef70a81ebc
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
GET /images/icons/material/system/2x/settings_grey600_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 14:57:51 GMT
expires: Tue, 28 Nov 2023 14:57:51 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 4883
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 369b12c7ace3e11b4d11351546084b31
e833bb478e8bee5e7d890a159a336e183dd91c4d
353a68050006b3f29e2a3f04d3d19679658f9fc97dffa71feb45b06112219e3f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4781
Cache-Control: max-age=167843
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:15 GMT
Etag: "6384b979-139"
Expires: Wed, 30 Nov 2022 14:56:38 GMT
Last-Modified: Mon, 28 Nov 2022 13:36:57 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 313 B IP
Hash 369b12c7ace3e11b4d11351546084b31
e833bb478e8bee5e7d890a159a336e183dd91c4d
353a68050006b3f29e2a3f04d3d19679658f9fc97dffa71feb45b06112219e3f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1671
Cache-Control: max-age=164733
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:15 GMT
Etag: "6384b979-139"
Expires: Wed, 30 Nov 2022 14:04:48 GMT
Last-Modified: Mon, 28 Nov 2022 13:36:57 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 314 B IP
Hash 8e096645e87f8252e492ae834264e466
23ced7038a372dbf15a24975da6ecbcd40a949e9
655733a95297eb649af1040ca27861b4a792adcfe118d7c2e9be533f7d02a109
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3749
Cache-Control: max-age=143782
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:15 GMT
Etag: "63845f84-13a"
Expires: Wed, 30 Nov 2022 08:15:37 GMT
Last-Modified: Mon, 28 Nov 2022 07:13:08 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 314
ads.eu.criteo.com/delivery/r/afr.php?z=Y4TfggACJTUGrQUAAA_ptBAEmpAXcRB-LccV2A&u=%7Cu8zkl1AM%2Bxupd6tlG7DWdTQ6X55C4VoxTahpR8DcB2c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMbjgW_pkGOYsQFZZ-sQUgigPlN5V2sGi4jEkpgj1jQwDJodKG5sAKpBXK0DPQV9oL9lhE85wxSApg-XoraRgFvYuAyWPwK7f2zmCLyCgKgGVfrrgOl86_PQOg1m1NYeXpZCCGjXPYWIp8Ypod0Kj9Ap0fGYhplDPQpWOu1IOQ3vAaesbTkZtL1hmgs_923aum-LSfa8hgCK-UAYGciGpc-sVGurR5Q-5lzgZjrNB12UT71AYshZHK5Q9pegWgN6gBXEb4izSOOHt9laGe1_qPcwGNlcMBsTxtHCnR3_-DJING9jfcV5lC8Mm5A_gspDA-rM5vmDIP9aQxNqo2bDpmU4WJT1B3wi0dC5FoJnDrZgF47Y4sVvRsNG5EwFI7wLDnn-XuBHEWg03hV2WJapDSXEpcMAYGfsUBihMFSCKexUVZLuE4PkRR7IA658w6ROyNvjoqZhdBwDQH36Zdf0rlyJtdNa9bozG6dthFZ-0k-4nQ1vKlWsbY_rS_6oTxh7ZHCRwCDFQqV8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-MhDgt-EY7XKCICKtOUPtNO_-ATJntKxXI3w4taTAcCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0yNjk2ODk0OTYyNTcwNTI4yAEJqQKUorr71oWxPqgDAaoEgwJP0OohTRT435RkSa7Z_ZzKjqfmSpEo3ojcH2yRDM8D7YXZeMdYTSFu3uEL0T5ekhwxdsCeiZMDIaE7FalUlEZc86Gjjgxq9ypeCeRymOLt2rykMjH98BIyQL59kdaoVR--EICdsB7O-Zj8NtnckVm-kSt20pcAgRpE0oRaTEB9lfe6-TBzceQhvXB0nU3jnbFSQsw2IlTojx4EtT6pMaqWrzarkrW15N_Eh2KbG1Jlxxq3L56UliD6T3cFc4RpprMZh-W6tpF5MT6MsPQXKLRVa6mI3ZJLw3wJor1s65T-34ibijP4lE2-MBAhSf9_Lk1d5792MOH4aZNpEpDQLiBZrVIqgAaGzeGK4c_KjtABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1dFYLwl3IlS37WlvmxLWSOftlexQ%26client%3Dca-pub-2696894962570528%26adurl%3D
200 OK 48 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y4TfggACJTUGrQUAAA_ptBAEmpAXcRB-LccV2A&u=%7Cu8zkl1AM%2Bxupd6tlG7DWdTQ6X55C4VoxTahpR8DcB2c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMbjgW_pkGOYsQFZZ-sQUgigPlN5V2sGi4jEkpgj1jQwDJodKG5sAKpBXK0DPQV9oL9lhE85wxSApg-XoraRgFvYuAyWPwK7f2zmCLyCgKgGVfrrgOl86_PQOg1m1NYeXpZCCGjXPYWIp8Ypod0Kj9Ap0fGYhplDPQpWOu1IOQ3vAaesbTkZtL1hmgs_923aum-LSfa8hgCK-UAYGciGpc-sVGurR5Q-5lzgZjrNB12UT71AYshZHK5Q9pegWgN6gBXEb4izSOOHt9laGe1_qPcwGNlcMBsTxtHCnR3_-DJING9jfcV5lC8Mm5A_gspDA-rM5vmDIP9aQxNqo2bDpmU4WJT1B3wi0dC5FoJnDrZgF47Y4sVvRsNG5EwFI7wLDnn-XuBHEWg03hV2WJapDSXEpcMAYGfsUBihMFSCKexUVZLuE4PkRR7IA658w6ROyNvjoqZhdBwDQH36Zdf0rlyJtdNa9bozG6dthFZ-0k-4nQ1vKlWsbY_rS_6oTxh7ZHCRwCDFQqV8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-MhDgt-EY7XKCICKtOUPtNO_-ATJntKxXI3w4taTAcCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0yNjk2ODk0OTYyNTcwNTI4yAEJqQKUorr71oWxPqgDAaoEgwJP0OohTRT435RkSa7Z_ZzKjqfmSpEo3ojcH2yRDM8D7YXZeMdYTSFu3uEL0T5ekhwxdsCeiZMDIaE7FalUlEZc86Gjjgxq9ypeCeRymOLt2rykMjH98BIyQL59kdaoVR--EICdsB7O-Zj8NtnckVm-kSt20pcAgRpE0oRaTEB9lfe6-TBzceQhvXB0nU3jnbFSQsw2IlTojx4EtT6pMaqWrzarkrW15N_Eh2KbG1Jlxxq3L56UliD6T3cFc4RpprMZh-W6tpF5MT6MsPQXKLRVa6mI3ZJLw3wJor1s65T-34ibijP4lE2-MBAhSf9_Lk1d5792MOH4aZNpEpDQLiBZrVIqgAaGzeGK4c_KjtABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1dFYLwl3IlS37WlvmxLWSOftlexQ%26client%3Dca-pub-2696894962570528%26adurl%3D
IP
Hash b596130f9cc9f1e7f4cb89f34d8823ba
1e883b4b92a4d5556b37f1198d2a65a153df73a5
8febad9a6c3b57324c5e7c3c7fc84f2cbc81de7d30f52ff975fbe29ab92c9d2e
GET /delivery/r/afr.php?z=Y4TfggACJTUGrQUAAA_ptBAEmpAXcRB-LccV2A&u=%7Cu8zkl1AM%2Bxupd6tlG7DWdTQ6X55C4VoxTahpR8DcB2c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMbjgW_pkGOYsQFZZ-sQUgigPlN5V2sGi4jEkpgj1jQwDJodKG5sAKpBXK0DPQV9oL9lhE85wxSApg-XoraRgFvYuAyWPwK7f2zmCLyCgKgGVfrrgOl86_PQOg1m1NYeXpZCCGjXPYWIp8Ypod0Kj9Ap0fGYhplDPQpWOu1IOQ3vAaesbTkZtL1hmgs_923aum-LSfa8hgCK-UAYGciGpc-sVGurR5Q-5lzgZjrNB12UT71AYshZHK5Q9pegWgN6gBXEb4izSOOHt9laGe1_qPcwGNlcMBsTxtHCnR3_-DJING9jfcV5lC8Mm5A_gspDA-rM5vmDIP9aQxNqo2bDpmU4WJT1B3wi0dC5FoJnDrZgF47Y4sVvRsNG5EwFI7wLDnn-XuBHEWg03hV2WJapDSXEpcMAYGfsUBihMFSCKexUVZLuE4PkRR7IA658w6ROyNvjoqZhdBwDQH36Zdf0rlyJtdNa9bozG6dthFZ-0k-4nQ1vKlWsbY_rS_6oTxh7ZHCRwCDFQqV8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-MhDgt-EY7XKCICKtOUPtNO_-ATJntKxXI3w4taTAcCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0yNjk2ODk0OTYyNTcwNTI4yAEJqQKUorr71oWxPqgDAaoEgwJP0OohTRT435RkSa7Z_ZzKjqfmSpEo3ojcH2yRDM8D7YXZeMdYTSFu3uEL0T5ekhwxdsCeiZMDIaE7FalUlEZc86Gjjgxq9ypeCeRymOLt2rykMjH98BIyQL59kdaoVR--EICdsB7O-Zj8NtnckVm-kSt20pcAgRpE0oRaTEB9lfe6-TBzceQhvXB0nU3jnbFSQsw2IlTojx4EtT6pMaqWrzarkrW15N_Eh2KbG1Jlxxq3L56UliD6T3cFc4RpprMZh-W6tpF5MT6MsPQXKLRVa6mI3ZJLw3wJor1s65T-34ibijP4lE2-MBAhSf9_Lk1d5792MOH4aZNpEpDQLiBZrVIqgAaGzeGK4c_KjtABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1dFYLwl3IlS37WlvmxLWSOftlexQ%26client%3Dca-pub-2696894962570528%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 16:19:14 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=KNZgcMYMtgpShq0gDTh17oF3Z-1eqMSZp3WwBzrjqpAkUDEanPRAiBDwzTfpggqMC0eGKnVPa9BqnorEiUS5IDomXzTa2GukjjuswJ1VbV2rIMr1M2jDLyjyQjAM9pBqw1pkX4l7ZaUe2eDb18_-pIuawRHUA8XFb2xJZXpPZCdr7NqML-TUfJ1CJf2Q_XKa4UGaVUwy0yAAuncFd0bJTNntwXGyeCITS0Gkezqocpp-ArBbicRs7Mrro32GiI3buL3nIQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 63372451
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kvenErOzWb8FsAGdg2ICAgAAANDvAc-tiuEd49rIJxCB34Rj3me2Wk1DWzwA7kMAEgAA&wp=Y4TfggACJTUGrQUAAA_ptBAEmpAXcRB-LccV2A
200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kvenErOzWb8FsAGdg2ICAgAAANDvAc-tiuEd49rIJxCB34Rj3me2Wk1DWzwA7kMAEgAA&wp=Y4TfggACJTUGrQUAAA_ptBAEmpAXcRB-LccV2A
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kvenErOzWb8FsAGdg2ICAgAAANDvAc-tiuEd49rIJxCB34Rj3me2Wk1DWzwA7kMAEgAA&wp=Y4TfggACJTUGrQUAAA_ptBAEmpAXcRB-LccV2A HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 233887
date: Mon, 28 Nov 2022 16:19:14 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kvenErOzWegCmAKdg2ICAgAAANSK8R_TAegQ49rIJxCC34Rjngypyl1nak2m7DAAEgAA&wp=Y4TfggACP1UGrSoIAANOE2211mGimbJgnXp2bw
200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kvenErOzWegCmAKdg2ICAgAAANSK8R_TAegQ49rIJxCC34Rjngypyl1nak2m7DAAEgAA&wp=Y4TfggACP1UGrSoIAANOE2211mGimbJgnXp2bw
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kvenErOzWegCmAKdg2ICAgAAANSK8R_TAegQ49rIJxCC34Rjngypyl1nak2m7DAAEgAA&wp=Y4TfggACP1UGrSoIAANOE2211mGimbJgnXp2bw HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 277461
date: Mon, 28 Nov 2022 16:19:15 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
200 OK 4.4 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
IP
File type ASCII text, with very long lines (2171)
Hash 44c72b9bddfecacc9114e84d685dd085
38f3ff57b9b64a38fc2153eb30564b7fc1c86349
c82afd4f2d89288b4b79244f0c24264810b11326670710ac8e28e7bfc87c7991
GET /ajax/libs/webfont/1.6.28/webfontloader.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 16:19:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 4420
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04030-30d9"
last-modified: Mon, 04 May 2020 16:17:52 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 388997
expires: Sat, 18 Nov 2023 16:19:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bld3JerDzetZRPZQmlzWpl%2BbNhcB6boIdxmT%2B1uLLXHj6a70gc2p7hKtrn%2B57b2%2ByyFfO7bulAbol0eKMN0NuvUSupz3nMIc%2FEGiwVmjwvLRxglAWuqU4IzpHEGbRvD9OPMlzEhK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77146c93992d1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kvenErOzWb8FsAGdg2ICAgAAAGNgVecklop949rIJxCB34RjACyAJxQENT_DeNYAEgAA&wp=Y4TfggACKXYGrRrRAAYiP_7jksYSK0rJE-1SAA
200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kvenErOzWb8FsAGdg2ICAgAAAGNgVecklop949rIJxCB34RjACyAJxQENT_DeNYAEgAA&wp=Y4TfggACKXYGrRrRAAYiP_7jksYSK0rJE-1SAA
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kvenErOzWb8FsAGdg2ICAgAAAGNgVecklop949rIJxCB34RjACyAJxQENT_DeNYAEgAA&wp=Y4TfggACKXYGrRrRAAYiP_7jksYSK0rJE-1SAA HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 251395
date: Mon, 28 Nov 2022 16:19:14 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash c621d4c62f1b73d7db42f083617dc8db
1a78ba537afba7aea6308288c5c41c90de74b3ba
d7b3c5b2e9ea4ad8e5c33649a912d471545651f643b62238beb7d33188146322
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5022
Cache-Control: max-age=106172
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:15 GMT
Etag: "6383c7a1-118"
Expires: Tue, 29 Nov 2022 21:48:47 GMT
Last-Modified: Sun, 27 Nov 2022 20:25:05 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 471 B IP
Hash 4dc8061e012690f41cc8e3b60e976494
6e3f3e9a22bf7348c5ecb244cceec16cfcd86cf5
b74d15f2e5d547246f74a267925085cd15fac8a259b0a91029b189c8f24b1b6d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5138
Cache-Control: max-age=104093
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:15 GMT
Etag: "6383bf0e-1d7"
Expires: Tue, 29 Nov 2022 21:14:08 GMT
Last-Modified: Sun, 27 Nov 2022 19:48:30 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 313 B IP
Hash 75d97500fe879daf61bf2c67d36f02ed
fd298eb14510dd7805bb297c273f53891bc35eb7
146967f865b3e264713fb722c281abf207ab603ce6623c40ea49b9a3e657246b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1037
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:15 GMT
Last-Modified: Mon, 28 Nov 2022 16:01:58 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 313 B IP
Hash 75d97500fe879daf61bf2c67d36f02ed
fd298eb14510dd7805bb297c273f53891bc35eb7
146967f865b3e264713fb722c281abf207ab603ce6623c40ea49b9a3e657246b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1072
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:15 GMT
Last-Modified: Mon, 28 Nov 2022 16:01:23 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 313 B IP
Hash 75d97500fe879daf61bf2c67d36f02ed
fd298eb14510dd7805bb297c273f53891bc35eb7
146967f865b3e264713fb722c281abf207ab603ce6623c40ea49b9a3e657246b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1037
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:15 GMT
Last-Modified: Mon, 28 Nov 2022 16:01:58 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 313
static.criteo.net/flash/icon/back_button2.svg
200 OK 293 B URL HTTP/2 static.criteo.net/flash/icon/back_button2.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash d9f776bdc698e1bc9c6a1977218019cd
5763cfb5ac79adf0fa7f03a82bad04eea2dca243
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
GET /flash/icon/back_button2.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 16:19:15 GMT
content-type: image/svg+xml
content-length: 293
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
etag: "626a59dc-125"
expires: Thu, 23 Nov 2023 16:19:15 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/close_button.svg
200 OK 308 B URL HTTP/2 static.criteo.net/flash/icon/close_button.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 1bfe2e290ec4440da74a2e2c249eae2b
0b888a3f9e27d1554f2e21d51e7a1c223d00dbd4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
GET /flash/icon/close_button.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 16:19:15 GMT
content-type: image/svg+xml
content-length: 308
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
etag: "5e46a5e4-134"
expires: Thu, 23 Nov 2023 16:19:15 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 71f2a51ee2e5ea297cb3c2c5c86f8d8b
d848e4f0eebf3e28ae130f5b113217f5a2a7724a
425ed92ae87f6b16af109f097629af45bbbab61e65d8e6aad93e23019079ce7a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6054
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:15 GMT
Last-Modified: Mon, 28 Nov 2022 14:38:21 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 313 B IP
Hash 71f2a51ee2e5ea297cb3c2c5c86f8d8b
d848e4f0eebf3e28ae130f5b113217f5a2a7724a
425ed92ae87f6b16af109f097629af45bbbab61e65d8e6aad93e23019079ce7a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3152
Cache-Control: max-age=159021
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:15 GMT
Etag: "63849d60-139"
Expires: Wed, 30 Nov 2022 12:29:36 GMT
Last-Modified: Mon, 28 Nov 2022 11:37:04 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 313 B IP
Hash 71f2a51ee2e5ea297cb3c2c5c86f8d8b
d848e4f0eebf3e28ae130f5b113217f5a2a7724a
425ed92ae87f6b16af109f097629af45bbbab61e65d8e6aad93e23019079ce7a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6054
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:15 GMT
Last-Modified: Mon, 28 Nov 2022 14:38:21 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
pix.eu.criteo.net/img/img?h=348&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=196&s=HI5Dr5NL1tGa1BrVdEaADwAE
200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=348&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=196&s=HI5Dr5NL1tGa1BrVdEaADwAE
IP
File type PNG image data, 196 x 111, 8-bit/color RGBA, non-interlaced\012- data
Hash bc381116221b106493d972a9262c65e3
980f03704c3d56409200806ffc1b8269240383a4
391ed2f12f92968f164c061b48e5421254b9aae4dfce080b727d60dd6c1cb72e
GET /img/img?h=348&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=196&s=HI5Dr5NL1tGa1BrVdEaADwAE HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30794104
expires: Mon, 20 Nov 2023 02:14:20 GMT
date: Mon, 28 Nov 2022 16:19:14 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10921
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A059cd130-9bcc-4a9c-906d-ae23de9a26b1%2FThe_Level_Melia_Villaitana_1SQUARE_800X800.jpg&v=3&w=400&s=_GoV2hHbGtfaKyb_AG0YHWUI&b=400
200 OK 30 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A059cd130-9bcc-4a9c-906d-ae23de9a26b1%2FThe_Level_Melia_Villaitana_1SQUARE_800X800.jpg&v=3&w=400&s=_GoV2hHbGtfaKyb_AG0YHWUI&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b278d9802472c7b7a11ba8fa8be45b27
b0c590f15539d7051a0c077b42c46ee600e883de
ae464e83e149321f396a4df6ee50236765aedd00e37616bf7b00b65c15942676
GET /img/img?c=3&cq=256&h=400&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A059cd130-9bcc-4a9c-906d-ae23de9a26b1%2FThe_Level_Melia_Villaitana_1SQUARE_800X800.jpg&v=3&w=400&s=_GoV2hHbGtfaKyb_AG0YHWUI&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=17399
expires: Mon, 28 Nov 2022 21:09:15 GMT
date: Mon, 28 Nov 2022 16:19:15 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 30152
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=116&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2Fa21d783007334b99b7401f1425c637a2_horizontal_gray.png&v=3&w=716&s=AYU5GSM5yVwj0rHHvx9PgojP
200 OK 17 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=116&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2Fa21d783007334b99b7401f1425c637a2_horizontal_gray.png&v=3&w=716&s=AYU5GSM5yVwj0rHHvx9PgojP
IP
File type gzip compressed data, max compression\012- data
Hash b5d4cfaf5279818738e7529dc8aa9d33
35f746a3afbc49ea6cd6ce0cf1a7b8b26f1392f1
9edc84b5769932fecff0a304125389b9bc2c36b666025708cfcd607433905b74
GET /img/img?h=116&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2Fa21d783007334b99b7401f1425c637a2_horizontal_gray.png&v=3&w=716&s=AYU5GSM5yVwj0rHHvx9PgojP HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30786615
expires: Mon, 20 Nov 2023 00:09:30 GMT
date: Mon, 28 Nov 2022 16:19:14 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 16356
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Ad73c8379-bf91-4d74-864a-b86b2031c722%2FHotel_SPA_Porta_Maris_1SQUARE_800X800.jpg&v=3&w=800&s=4X0X-Nu4RfmYu4fZ7RRnlTf1
200 OK 119 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Ad73c8379-bf91-4d74-864a-b86b2031c722%2FHotel_SPA_Porta_Maris_1SQUARE_800X800.jpg&v=3&w=800&s=4X0X-Nu4RfmYu4fZ7RRnlTf1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 119 kB (119138 bytes)
Hash d4583915e8f0f477e3d0f3d574178d04
9d108ebad48bd9c2cab219ceb9f672c6df3bc4f5
8dcada67312cc34fc712ef9177721a44169eb6a6d2a709f2d22aa294248ccbf5
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Ad73c8379-bf91-4d74-864a-b86b2031c722%2FHotel_SPA_Porta_Maris_1SQUARE_800X800.jpg&v=3&w=800&s=4X0X-Nu4RfmYu4fZ7RRnlTf1 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=9846
expires: Mon, 28 Nov 2022 19:03:22 GMT
date: Mon, 28 Nov 2022 16:19:15 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 119138
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Ad73c8379-bf91-4d74-864a-b86b2031c722%2FHotel_SPA_Porta_Maris_1SQUARE_800X800.jpg&v=3&w=800&s=4X0X-Nu4RfmYu4fZ7RRnlTf1&b=400
200 OK 44 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Ad73c8379-bf91-4d74-864a-b86b2031c722%2FHotel_SPA_Porta_Maris_1SQUARE_800X800.jpg&v=3&w=800&s=4X0X-Nu4RfmYu4fZ7RRnlTf1&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c8ff08c075236ba4e925d1faf40802e8
3d431faaea572b190081a95caa024ccf30441bc3
fb8c3d12c4bbeef1c1e5ba9b9bdd31d8b2f9de9a51e4449b140eec52ea6266bb
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Ad73c8379-bf91-4d74-864a-b86b2031c722%2FHotel_SPA_Porta_Maris_1SQUARE_800X800.jpg&v=3&w=800&s=4X0X-Nu4RfmYu4fZ7RRnlTf1&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=0
expires: Mon, 28 Nov 2022 16:19:15 GMT
date: Mon, 28 Nov 2022 16:19:15 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 44252
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Afa2c6acf-9635-4512-b793-48a3855208dd%2FMelia-Puerto-Vallarta_1-SQUARE_800X800.jpg&v=3&w=800&s=daUTaBg4CtGKY1qDYF7FZorD&b=400
200 OK 36 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Afa2c6acf-9635-4512-b793-48a3855208dd%2FMelia-Puerto-Vallarta_1-SQUARE_800X800.jpg&v=3&w=800&s=daUTaBg4CtGKY1qDYF7FZorD&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0bf18cd98dbd602e442357088b3f4299
b6e2b5999c0510e8215415d1ce305fae089dd37c
a1fb4fda9e1911d5a065cc0e9320c136cd455301ebcb481fb906a89dbf29c08b
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Afa2c6acf-9635-4512-b793-48a3855208dd%2FMelia-Puerto-Vallarta_1-SQUARE_800X800.jpg&v=3&w=800&s=daUTaBg4CtGKY1qDYF7FZorD&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29801
expires: Tue, 29 Nov 2022 00:35:56 GMT
date: Mon, 28 Nov 2022 16:19:15 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 35588
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=tHxmcvnTBSVdD-mFds6_mLz8BV8Laxn_iFar599E-RXwHiUuF9Hn0BbV8AMv-o_L34U0c_1Sdb6YLM1eLQWwOmIngATl2v3v9zpVvn3IllhHSecFJV3FT33HFYiKfAW6K0Z9p7bvAyTeTNjZS4-pWsH5PCtv0ehrdJsegfZNi3bW4j3ANK278PKygJU5VO2a-LMBephTobi5dVwwDwj12-FfAklaBt38m_IPUM4oRjW5MwJrf2l3splyBhJZ8hcHe_JxElWAQlHK18KhCBh4GeizXulHg6acGqtqZaETV4mB_jeP-ovt50MLMxJt4fJ8r9w2A2kvTu4NJyL7-p2PcAFrBfeMvjtPXvwD8CQnQYmAqs4Zs76EyW_HHTkOih05kQPAory1-K3VbNL2QyPv0sHCt4vtVSCeydMYI-2tBIKxKn6_
200 OK 28 kB URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=tHxmcvnTBSVdD-mFds6_mLz8BV8Laxn_iFar599E-RXwHiUuF9Hn0BbV8AMv-o_L34U0c_1Sdb6YLM1eLQWwOmIngATl2v3v9zpVvn3IllhHSecFJV3FT33HFYiKfAW6K0Z9p7bvAyTeTNjZS4-pWsH5PCtv0ehrdJsegfZNi3bW4j3ANK278PKygJU5VO2a-LMBephTobi5dVwwDwj12-FfAklaBt38m_IPUM4oRjW5MwJrf2l3splyBhJZ8hcHe_JxElWAQlHK18KhCBh4GeizXulHg6acGqtqZaETV4mB_jeP-ovt50MLMxJt4fJ8r9w2A2kvTu4NJyL7-p2PcAFrBfeMvjtPXvwD8CQnQYmAqs4Zs76EyW_HHTkOih05kQPAory1-K3VbNL2QyPv0sHCt4vtVSCeydMYI-2tBIKxKn6_
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash c239610c03b69538f4e128ef3588973d
01ecd73921643a33b67207d03e7c6d836dd393c7
4f2ecc7d8c1a3d987c1561a2c39618ffefaadd9e2666cc589fa423a6329d6faa
GET /delivery/lg.php?cppv=3&cpp=tHxmcvnTBSVdD-mFds6_mLz8BV8Laxn_iFar599E-RXwHiUuF9Hn0BbV8AMv-o_L34U0c_1Sdb6YLM1eLQWwOmIngATl2v3v9zpVvn3IllhHSecFJV3FT33HFYiKfAW6K0Z9p7bvAyTeTNjZS4-pWsH5PCtv0ehrdJsegfZNi3bW4j3ANK278PKygJU5VO2a-LMBephTobi5dVwwDwj12-FfAklaBt38m_IPUM4oRjW5MwJrf2l3splyBhJZ8hcHe_JxElWAQlHK18KhCBh4GeizXulHg6acGqtqZaETV4mB_jeP-ovt50MLMxJt4fJ8r9w2A2kvTu4NJyL7-p2PcAFrBfeMvjtPXvwD8CQnQYmAqs4Zs76EyW_HHTkOih05kQPAory1-K3VbNL2QyPv0sHCt4vtVSCeydMYI-2tBIKxKn6_ HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 16:19:15 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2545057
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2
200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 27428, version 1.0\012- data
Hash e6d08c334958c128b793b570a7dce066
081111500e97a7663ff936f847e050fee6b8be2b
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
GET /s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bdeeli-m.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27428
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 01:13:04 GMT
expires: Wed, 22 Nov 2023 01:13:04 GMT
cache-control: public, max-age=31536000
age: 572771
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=6384df8201b5a51156fce15bd6e1c5d1
302 Found 642 B URL HTTP/2 a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=6384df8201b5a51156fce15bd6e1c5d1
IP
Hash 330f72776fdda252e0e30d22727afad1
93ebb8d588797a16b24cd9e4dc70dde2bbe97f6b
73ad587cb34f69e57f7243fd1aeaf36c0a30534e253e26a8102d20e40a984b94
GET /adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=6384df8201b5a51156fce15bd6e1c5d1 HTTP/1.1
Host: a1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Mon, 28 Nov 2022 16:19:15 GMT
content-type: text/html; charset=utf-8
location: https://mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=65827&adfrmid=0
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Abd13271e-ae26-449f-8e1c-10cec2ab78e1%2FSOL_Arona_Tenerife_1SQUARE_800X800.jpg&v=3&w=800&s=ItS5aLbXhn1V8aXgQ3RtRBzS&b=400
200 OK 43 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Abd13271e-ae26-449f-8e1c-10cec2ab78e1%2FSOL_Arona_Tenerife_1SQUARE_800X800.jpg&v=3&w=800&s=ItS5aLbXhn1V8aXgQ3RtRBzS&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ccfee84049e617e3b6ca9660568800a5
4ebce0bac7a28ea7dda484b91024b762fcec570c
2bf34f48c5f959f54e292b9fbca320061733f1b50b5fcb6b83c849605f47a4fb
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Abd13271e-ae26-449f-8e1c-10cec2ab78e1%2FSOL_Arona_Tenerife_1SQUARE_800X800.jpg&v=3&w=800&s=ItS5aLbXhn1V8aXgQ3RtRBzS&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29686
expires: Tue, 29 Nov 2022 00:34:01 GMT
date: Mon, 28 Nov 2022 16:19:14 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 43190
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A6fc1481b-50a0-4b62-b38e-424fd88492d5%2FSOL_Don_Pablo_1SQUARE_800X800.jpg&v=3&w=800&s=Y9Jmalm7VaEETEF974lV7M37
200 OK 76 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A6fc1481b-50a0-4b62-b38e-424fd88492d5%2FSOL_Don_Pablo_1SQUARE_800X800.jpg&v=3&w=800&s=Y9Jmalm7VaEETEF974lV7M37
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 885e39ea5406a439734fdd6bfd9cbae2
94c2272d1daba1545dcae31b0ff0b150ccb676ed
01540e895f50f00f62665377176afcd77c7cc7dafdf96dbeb47dfe56cb87554d
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A6fc1481b-50a0-4b62-b38e-424fd88492d5%2FSOL_Don_Pablo_1SQUARE_800X800.jpg&v=3&w=800&s=Y9Jmalm7VaEETEF974lV7M37 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1079
expires: Mon, 28 Nov 2022 16:37:15 GMT
date: Mon, 28 Nov 2022 16:19:14 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 76248
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Afa2c6acf-9635-4512-b793-48a3855208dd%2FMelia-Puerto-Vallarta_1-SQUARE_800X800.jpg&v=3&w=800&s=daUTaBg4CtGKY1qDYF7FZorD
200 OK 100 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Afa2c6acf-9635-4512-b793-48a3855208dd%2FMelia-Puerto-Vallarta_1-SQUARE_800X800.jpg&v=3&w=800&s=daUTaBg4CtGKY1qDYF7FZorD
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b745c08def12ea760efb72c5cfb7792b
59c8af0e64e4247bbf21b92609df9cccbf4f850e
267812239fc0ca2436a8bd718031465f790d2a41a7743318d7a385c36914e651
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Afa2c6acf-9635-4512-b793-48a3855208dd%2FMelia-Puerto-Vallarta_1-SQUARE_800X800.jpg&v=3&w=800&s=daUTaBg4CtGKY1qDYF7FZorD HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29801
expires: Tue, 29 Nov 2022 00:35:56 GMT
date: Mon, 28 Nov 2022 16:19:15 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 99712
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 16:40:18 GMT
expires: Fri, 24 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 344337
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Abd13271e-ae26-449f-8e1c-10cec2ab78e1%2FSOL_Arona_Tenerife_1SQUARE_800X800.jpg&v=3&w=800&s=ItS5aLbXhn1V8aXgQ3RtRBzS
200 OK 129 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Abd13271e-ae26-449f-8e1c-10cec2ab78e1%2FSOL_Arona_Tenerife_1SQUARE_800X800.jpg&v=3&w=800&s=ItS5aLbXhn1V8aXgQ3RtRBzS
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 129 kB (128844 bytes)
Hash 13eb2b206cf79e1bf4274e7c20b0d750
4e5b8b477bbc3dd9fe20f0e2a5f9cd9173f193ab
980d44e986aa7498c303b6bcf378068c452e328718d4c11da5ee12dd037ec61c
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Abd13271e-ae26-449f-8e1c-10cec2ab78e1%2FSOL_Arona_Tenerife_1SQUARE_800X800.jpg&v=3&w=800&s=ItS5aLbXhn1V8aXgQ3RtRBzS HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29686
expires: Tue, 29 Nov 2022 00:34:01 GMT
date: Mon, 28 Nov 2022 16:19:15 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 128844
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 17:10:21 GMT
expires: Wed, 22 Nov 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 515334
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=f8ML2PnTBSVdD-mFds6_mLz8BV97wTIBrLyX5iwcDuAiE7-CibVw2iNcpa04hDpKIojGDw2EHoPPDNRTO79H4phHGiySeoqrJYMpPgCYRQbWi-R1X2q5j_Set9n70NmavdZdCtxVTcTiDRY1aIGC0sejnpLUxTesIL35zbiB1SSpJH_WDR6ABVAUx0Y6Y4nsgh79GTti6kLUyu1LXwSIHpLVYFxvMpeDcEkhhoB2rymit9vQlVcWXQJd-jsCQz4X4fExJ-_zd1basqtOav91PsZP1xwIHsKJwFUz11NPhGLAOW-TLSLPaHSvuSy8mdYkGCd4xcF8ygGeo3bGo1to-z36BdQCidxrVIygsvV41-31xkFrwE-x7HPgy6DZAxiG0r3RjJI7UnpY3mw6rluKBTda3V-Fsax7P_HgBlZCatehKQ6TH6m8_0UJO-jQ5hIbQd0GBQ
200 OK 540 B URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=f8ML2PnTBSVdD-mFds6_mLz8BV97wTIBrLyX5iwcDuAiE7-CibVw2iNcpa04hDpKIojGDw2EHoPPDNRTO79H4phHGiySeoqrJYMpPgCYRQbWi-R1X2q5j_Set9n70NmavdZdCtxVTcTiDRY1aIGC0sejnpLUxTesIL35zbiB1SSpJH_WDR6ABVAUx0Y6Y4nsgh79GTti6kLUyu1LXwSIHpLVYFxvMpeDcEkhhoB2rymit9vQlVcWXQJd-jsCQz4X4fExJ-_zd1basqtOav91PsZP1xwIHsKJwFUz11NPhGLAOW-TLSLPaHSvuSy8mdYkGCd4xcF8ygGeo3bGo1to-z36BdQCidxrVIygsvV41-31xkFrwE-x7HPgy6DZAxiG0r3RjJI7UnpY3mw6rluKBTda3V-Fsax7P_HgBlZCatehKQ6TH6m8_0UJO-jQ5hIbQd0GBQ
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 10b0fae6f066d92a985c31a2955f7ead
e6754db421a54efa2c48015d59f4cc650bca0fa7
31a4d1150954fe8f03002a1de96281718cb26c8277473d35b06a55a80e961022
GET /delivery/lg.php?cppv=3&cpp=f8ML2PnTBSVdD-mFds6_mLz8BV97wTIBrLyX5iwcDuAiE7-CibVw2iNcpa04hDpKIojGDw2EHoPPDNRTO79H4phHGiySeoqrJYMpPgCYRQbWi-R1X2q5j_Set9n70NmavdZdCtxVTcTiDRY1aIGC0sejnpLUxTesIL35zbiB1SSpJH_WDR6ABVAUx0Y6Y4nsgh79GTti6kLUyu1LXwSIHpLVYFxvMpeDcEkhhoB2rymit9vQlVcWXQJd-jsCQz4X4fExJ-_zd1basqtOav91PsZP1xwIHsKJwFUz11NPhGLAOW-TLSLPaHSvuSy8mdYkGCd4xcF8ygGeo3bGo1to-z36BdQCidxrVIygsvV41-31xkFrwE-x7HPgy6DZAxiG0r3RjJI7UnpY3mw6rluKBTda3V-Fsax7P_HgBlZCatehKQ6TH6m8_0UJO-jQ5hIbQd0GBQ HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 16:19:14 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2750924
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=10842&adfrmid=0
302 Found 0 B URL HTTP/1.1 mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=10842&adfrmid=0
IP
ASN #50234 Eulerian Technologies S.a.s.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=10842&adfrmid=0 HTTP/1.1
Host: mm.melia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.eu.criteo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 16:19:15 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 0
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Location: https://mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=10842&adfrmid=0
mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=38945&adfrmid=0
302 Found 0 B URL HTTP/1.1 mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=38945&adfrmid=0
IP
ASN #50234 Eulerian Technologies S.a.s.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=38945&adfrmid=0 HTTP/1.1
Host: mm.melia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.eu.criteo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 16:19:15 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 0
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Location: https://mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=38945&adfrmid=0
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 03ad9fc0b00b5df3165dc2fb1e3b0a3e
f8243335a8bc24d989bddd346048a055e1d0bdeb
366b28d491f7fd632e31c1ce97f939555f7dcee14bb6875737ed2d3e96fa32ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/drt/ui
302 Found 0 B URL HTTP/2 www.google.com/pagead/drt/ui
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/drt/ui HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 16:19:15 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=dUBgfcYMtgpShq0gO6M4bp8D3TrIe0mtr77vGKrTkCwQKGcZ9qTbkLGougFbdkfTC2MAVL9ErBIGPYMLxBiYanEs5CpZLkcIUUJmXxmUxhXHvlTFPLmGU3cZk2QG11GdC3U3_yHoDozWhLBijrVDb_J2ZkTzmG9gCOC4QI_z8CsOqUlPj8sk4o9xAEWCcNjHeL1VCKvA_wgQp7EWcSRbYAWrg-0AzBqbouNHLFISa_yiaJNl7JkczIzEpmxo2sQMEdUDuA&sds=2&rev=83599&sendBeacon=true
200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=dUBgfcYMtgpShq0gO6M4bp8D3TrIe0mtr77vGKrTkCwQKGcZ9qTbkLGougFbdkfTC2MAVL9ErBIGPYMLxBiYanEs5CpZLkcIUUJmXxmUxhXHvlTFPLmGU3cZk2QG11GdC3U3_yHoDozWhLBijrVDb_J2ZkTzmG9gCOC4QI_z8CsOqUlPj8sk4o9xAEWCcNjHeL1VCKvA_wgQp7EWcSRbYAWrg-0AzBqbouNHLFISa_yiaJNl7JkczIzEpmxo2sQMEdUDuA&sds=2&rev=83599&sendBeacon=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=dUBgfcYMtgpShq0gO6M4bp8D3TrIe0mtr77vGKrTkCwQKGcZ9qTbkLGougFbdkfTC2MAVL9ErBIGPYMLxBiYanEs5CpZLkcIUUJmXxmUxhXHvlTFPLmGU3cZk2QG11GdC3U3_yHoDozWhLBijrVDb_J2ZkTzmG9gCOC4QI_z8CsOqUlPj8sk4o9xAEWCcNjHeL1VCKvA_wgQp7EWcSRbYAWrg-0AzBqbouNHLFISa_yiaJNl7JkczIzEpmxo2sQMEdUDuA&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 16:19:15 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=10842&adfrmid=0
200 OK 43 B URL HTTP/1.1 mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=10842&adfrmid=0
IP
ASN #50234 Eulerian Technologies S.a.s.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 718e8bd317b47c1018a861f423615c1c
874d28c9586324d5d16558065197cea533f10b67
11e3a37194c2691ff2eb5c2237cb14a9269c30e844dc48047f9324391477f11f
GET /dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=10842&adfrmid=0 HTTP/1.1
Host: mml1.melia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.eu.criteo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 16:19:16 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 43
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Content-Type: image/gif
Set-Cookie: etuix=azo_i1hTliaGHCKi73zmgoQU9HUOvWxPUI_2QcI2UwGpos060m.WzA--; expires=Tue, 26 Dec 2023 16:19:16 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=65827&adfrmid=0
200 OK 43 B URL HTTP/1.1 mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=65827&adfrmid=0
IP
ASN #50234 Eulerian Technologies S.a.s.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 718e8bd317b47c1018a861f423615c1c
874d28c9586324d5d16558065197cea533f10b67
11e3a37194c2691ff2eb5c2237cb14a9269c30e844dc48047f9324391477f11f
GET /dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=65827&adfrmid=0 HTTP/1.1
Host: mml1.melia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.eu.criteo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 16:19:16 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 43
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Content-Type: image/gif
Set-Cookie: etuix=K.D9VWn00rdnBDRdHsbySxsg4AwrXoDa1EJedfGi56y3_H5ZSw3Tbg--; expires=Tue, 26 Dec 2023 16:19:16 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
et0=x6MW_rSXUe3GV3ga9VQYS3E2hFsXEJ41gsstiovEtPHYUVAjCU5mbJUV1G8Lp.vtrcvEKL8aHD3O4YLRQTI2ocCVvaOAA6FW0LcU.BqST1CwYj_2zeWepgcbvy_Qrq9wU0Y-; expires=Tue, 26 Dec 2023 16:19:16 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
et=1; expires=Tue, 26 Dec 2023 16:19:16 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=38945&adfrmid=0
200 OK 43 B URL HTTP/1.1 mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=38945&adfrmid=0
IP
ASN #50234 Eulerian Technologies S.a.s.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 718e8bd317b47c1018a861f423615c1c
874d28c9586324d5d16558065197cea533f10b67
11e3a37194c2691ff2eb5c2237cb14a9269c30e844dc48047f9324391477f11f
GET /dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=38945&adfrmid=0 HTTP/1.1
Host: mml1.melia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.eu.criteo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 16:19:16 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 43
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Content-Type: image/gif
Set-Cookie: etuix=M2BmJzCQlXOy.HxsqHo4rIsmC0Ski5QeVsI5zXg0PhLL_id15VcFBg--; expires=Tue, 26 Dec 2023 16:19:16 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
et0=H5fPvAqiiC8NzOVovumO5JQja9h4GFSTYFCFyuGN44v0WxZq25IZCYTPLT9eKdCauC1ywHDzGHFUKi7t8OdYR25osaY9L5vW7PzXG5BsyZf9ckFskmCHsWHpq1ZlHxxIxrw-; expires=Tue, 26 Dec 2023 16:19:16 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
et=1; expires=Tue, 26 Dec 2023 16:19:16 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
csm.eu.criteo.net/all?cppv=3&cpp=AMawj8YMtgpShq0gs17zcieWEHYEXu0MQ6oW1gbfxxkW3xpp9HG3N0gy0s1I3moIVrZn3s9rTU9AJiRVH8iJvR9cm3dKOC4T-IHNDKWgdFTR6tDW8S2vBQRyPGAq_Y0CBK_q8DPE82Kch4oRpZO-49vcCaOO9i1FZKbDBS7ly28j_c-nHIiCQ_VhQTkqUoGDkrMYyfSC9-xce-FsQCtJddhv2pWzWhyzhmCpKO8VUf7LH1bPeAoNACJLXj0YTyxSHzDnIg&sds=2&rev=83599&sendBeacon=true
200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=AMawj8YMtgpShq0gs17zcieWEHYEXu0MQ6oW1gbfxxkW3xpp9HG3N0gy0s1I3moIVrZn3s9rTU9AJiRVH8iJvR9cm3dKOC4T-IHNDKWgdFTR6tDW8S2vBQRyPGAq_Y0CBK_q8DPE82Kch4oRpZO-49vcCaOO9i1FZKbDBS7ly28j_c-nHIiCQ_VhQTkqUoGDkrMYyfSC9-xce-FsQCtJddhv2pWzWhyzhmCpKO8VUf7LH1bPeAoNACJLXj0YTyxSHzDnIg&sds=2&rev=83599&sendBeacon=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=AMawj8YMtgpShq0gs17zcieWEHYEXu0MQ6oW1gbfxxkW3xpp9HG3N0gy0s1I3moIVrZn3s9rTU9AJiRVH8iJvR9cm3dKOC4T-IHNDKWgdFTR6tDW8S2vBQRyPGAq_Y0CBK_q8DPE82Kch4oRpZO-49vcCaOO9i1FZKbDBS7ly28j_c-nHIiCQ_VhQTkqUoGDkrMYyfSC9-xce-FsQCtJddhv2pWzWhyzhmCpKO8VUf7LH1bPeAoNACJLXj0YTyxSHzDnIg&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 16:19:15 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=KNZgcMYMtgpShq0gDTh17oF3Z-1eqMSZp3WwBzrjqpAkUDEanPRAiBDwzTfpggqMC0eGKnVPa9BqnorEiUS5IDomXzTa2GukjjuswJ1VbV2rIMr1M2jDLyjyQjAM9pBqw1pkX4l7ZaUe2eDb18_-pIuawRHUA8XFb2xJZXpPZCdr7NqML-TUfJ1CJf2Q_XKa4UGaVUwy0yAAuncFd0bJTNntwXGyeCITS0Gkezqocpp-ArBbicRs7Mrro32GiI3buL3nIQ&sds=2&rev=83599&sendBeacon=true
200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=KNZgcMYMtgpShq0gDTh17oF3Z-1eqMSZp3WwBzrjqpAkUDEanPRAiBDwzTfpggqMC0eGKnVPa9BqnorEiUS5IDomXzTa2GukjjuswJ1VbV2rIMr1M2jDLyjyQjAM9pBqw1pkX4l7ZaUe2eDb18_-pIuawRHUA8XFb2xJZXpPZCdr7NqML-TUfJ1CJf2Q_XKa4UGaVUwy0yAAuncFd0bJTNntwXGyeCITS0Gkezqocpp-ArBbicRs7Mrro32GiI3buL3nIQ&sds=2&rev=83599&sendBeacon=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=KNZgcMYMtgpShq0gDTh17oF3Z-1eqMSZp3WwBzrjqpAkUDEanPRAiBDwzTfpggqMC0eGKnVPa9BqnorEiUS5IDomXzTa2GukjjuswJ1VbV2rIMr1M2jDLyjyQjAM9pBqw1pkX4l7ZaUe2eDb18_-pIuawRHUA8XFb2xJZXpPZCdr7NqML-TUfJ1CJf2Q_XKa4UGaVUwy0yAAuncFd0bJTNntwXGyeCITS0Gkezqocpp-ArBbicRs7Mrro32GiI3buL3nIQ&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 16:19:15 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 727 B IP
Hash 2555f15814ffb0243d41fdc25f41acf5
16ca187a6a2bf36c5f8c81f16c4acca70925a647
b616fa6885146170e2508c8854cc198df3050a6d661621f2ab58aaec03f66613
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4402
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:19:16 GMT
Last-Modified: Mon, 28 Nov 2022 15:05:54 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 727
twemoji.maxcdn.com/v/13.0.1/72x72/1f44b.png
200 OK 1.3 kB URL HTTP/2 twemoji.maxcdn.com/v/13.0.1/72x72/1f44b.png
IP
File type PNG image data, 72 x 72, 8-bit colormap, non-interlaced\012- data
Hash 8c685a701d36f492ecc566a4c879fbfd
bbfb15f5fdfd47a20122556975dba73b9d035d95
dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910
GET /v/13.0.1/72x72/1f44b.png HTTP/1.1
Host: twemoji.maxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdeeli-m.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 16:19:16 GMT
content-type: image/png
content-length: 1285
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 31 Mar 2022 03:24:17 GMT
access-control-allow-origin: *
etag: "62451ee1-505"
expires: Wed, 28 Dec 2022 16:19:16 GMT
cache-control: max-age=2592000
x-proxy-cache: MISS
x-github-request-id: 4D72:C389:2B64CBA:2C90374:63814BB2
vary: Accept-Encoding
x-fastly-request-id: e0622c0cbd226a20cc7de85c807e442bebae9cb7
server: NetDNA-cache/2.2
powered-by: MaxCDN
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=AMawj8YMtgpShq0gs17zcieWEHYEXu0MQ6oW1gbfxxkW3xpp9HG3N0gy0s1I3moIVrZn3s9rTU9AJiRVH8iJvR9cm3dKOC4T-IHNDKWgdFTR6tDW8S2vBQRyPGAq_Y0CBK_q8DPE82Kch4oRpZO-49vcCaOO9i1FZKbDBS7ly28j_c-nHIiCQ_VhQTkqUoGDkrMYyfSC9-xce-FsQCtJddhv2pWzWhyzhmCpKO8VUf7LH1bPeAoNACJLXj0YTyxSHzDnIg&sds=2&rev=83599&sendBeacon=true
200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=AMawj8YMtgpShq0gs17zcieWEHYEXu0MQ6oW1gbfxxkW3xpp9HG3N0gy0s1I3moIVrZn3s9rTU9AJiRVH8iJvR9cm3dKOC4T-IHNDKWgdFTR6tDW8S2vBQRyPGAq_Y0CBK_q8DPE82Kch4oRpZO-49vcCaOO9i1FZKbDBS7ly28j_c-nHIiCQ_VhQTkqUoGDkrMYyfSC9-xce-FsQCtJddhv2pWzWhyzhmCpKO8VUf7LH1bPeAoNACJLXj0YTyxSHzDnIg&sds=2&rev=83599&sendBeacon=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=AMawj8YMtgpShq0gs17zcieWEHYEXu0MQ6oW1gbfxxkW3xpp9HG3N0gy0s1I3moIVrZn3s9rTU9AJiRVH8iJvR9cm3dKOC4T-IHNDKWgdFTR6tDW8S2vBQRyPGAq_Y0CBK_q8DPE82Kch4oRpZO-49vcCaOO9i1FZKbDBS7ly28j_c-nHIiCQ_VhQTkqUoGDkrMYyfSC9-xce-FsQCtJddhv2pWzWhyzhmCpKO8VUf7LH1bPeAoNACJLXj0YTyxSHzDnIg&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 16:19:16 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=KNZgcMYMtgpShq0gDTh17oF3Z-1eqMSZp3WwBzrjqpAkUDEanPRAiBDwzTfpggqMC0eGKnVPa9BqnorEiUS5IDomXzTa2GukjjuswJ1VbV2rIMr1M2jDLyjyQjAM9pBqw1pkX4l7ZaUe2eDb18_-pIuawRHUA8XFb2xJZXpPZCdr7NqML-TUfJ1CJf2Q_XKa4UGaVUwy0yAAuncFd0bJTNntwXGyeCITS0Gkezqocpp-ArBbicRs7Mrro32GiI3buL3nIQ&sds=2&rev=83599&sendBeacon=true
200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=KNZgcMYMtgpShq0gDTh17oF3Z-1eqMSZp3WwBzrjqpAkUDEanPRAiBDwzTfpggqMC0eGKnVPa9BqnorEiUS5IDomXzTa2GukjjuswJ1VbV2rIMr1M2jDLyjyQjAM9pBqw1pkX4l7ZaUe2eDb18_-pIuawRHUA8XFb2xJZXpPZCdr7NqML-TUfJ1CJf2Q_XKa4UGaVUwy0yAAuncFd0bJTNntwXGyeCITS0Gkezqocpp-ArBbicRs7Mrro32GiI3buL3nIQ&sds=2&rev=83599&sendBeacon=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=KNZgcMYMtgpShq0gDTh17oF3Z-1eqMSZp3WwBzrjqpAkUDEanPRAiBDwzTfpggqMC0eGKnVPa9BqnorEiUS5IDomXzTa2GukjjuswJ1VbV2rIMr1M2jDLyjyQjAM9pBqw1pkX4l7ZaUe2eDb18_-pIuawRHUA8XFb2xJZXpPZCdr7NqML-TUfJ1CJf2Q_XKa4UGaVUwy0yAAuncFd0bJTNntwXGyeCITS0Gkezqocpp-ArBbicRs7Mrro32GiI3buL3nIQ&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 16:19:16 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
widget-v4.tidiochat.com/1_130_0/static/js/render.1cc153e1b0983c8869e6.js
200 OK 0 B URL HTTP/2 widget-v4.tidiochat.com/1_130_0/static/js/render.1cc153e1b0983c8869e6.js
IP
GET /1_130_0/static/js/render.1cc153e1b0983c8869e6.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bdeeli-m.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 16:19:13 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 13:58:11 GMT
vary: Accept-Encoding
etag: W/"637f7873-5713"
cache-control: max-age=691200
cf-cache-status: HIT
age: 2126
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1FlouFHFC1BpjPtJcRb4bpwlisw8acz34dX%2FRtwLlpd0Na%2FrsrccyetiRsOQqOT%2Bm8ih32Z%2BJmuCHV6YUId4U5VdfEPkwMsUA4%2F4S9%2FX4dmW7Yqcm1lnW3QopSP8YtQPkNpajiJo7oEw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77146c8abe41fac0-OSL
content-encoding: br
X-Firefox-Spdy: h2
widget-v4.tidiochat.com/1_130_0/static/js/chunk-WidgetIframe-1cc153e1b0983c8869e6.js
200 OK 0 B URL HTTP/2 widget-v4.tidiochat.com/1_130_0/static/js/chunk-WidgetIframe-1cc153e1b0983c8869e6.js
IP
GET /1_130_0/static/js/chunk-WidgetIframe-1cc153e1b0983c8869e6.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 16:19:13 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 13:58:11 GMT
vary: Accept-Encoding
etag: W/"637f7873-556da"
cache-control: max-age=691200
cf-cache-status: HIT
age: 2092
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6zcKjZRb7ipzxl1IUOBNDgGUa1ifZlFQlkQOlqYeUfu8%2F8u4QfhVnZDvhjgF5hNJr36XR8K32RrqxwV1hu8FfkfXGpeYBgVq50pLwbbhLBE47PujSrPkGJzz3tR9a2yJ%2FWyDCITdkCL3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77146c8bbf88fac0-OSL
content-encoding: br
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y4TfggACKXYGrRrRAAYiP_7jksYSK0rJE-1SAA&u=%7Cu8zkl1AM%2BxsmiPuhKhMLkvZf17F9%2FZmsDG6PUUAgvSU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMbjgW_pkGOYsQFZZ-sQUgigPlN5V2sGi4LnV0HL9hsLR9HxXU3ZvpG29D5hwHYtUD8INe77KB7mjO-Os2e075_B0w05pcH45YpL1XtQPxmrHDvl6jnqqAgUgrX9tP0cfXkN9fwz2tWzuA0zZyinSrRdc_N90emXnoqKgbtCZdGQ7jUUKlkbGXkap0iMu7gREtLQb-piGj7QXBzb4ca4GiuemwAUOLmYf0R1pjTwY-1Ddcm5H9BqD45rjSm9SQJm38wJbH54VMdjQa_axfzRtKmpB0H3ToUFKsraemSpGfefkNXPWY0uDSaRp7Sy1u4ot4E-p3lyT7skH2LLn--T1oqAmlxG8_hK4HyfTtxI94jZ0daSgXLwVmmQwvrAt2HKpIj5qK-QoxIv6pHuiMM3j3tRF8xQbkP6owJPjCVTeb3YDaos7XQVexvVRP3MeRhfXA_njF07Q5FeZ8JjeYuIoXs5uYf4WRL2Iox8paiAoRCgpU1BFwzs3p2NAYkRuxfJOs6iVwPQeneRA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8XhLgt-EY_bSCNG1tOUPv8SYkAjJntKxXM2G49aTAcCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0yNjk2ODk0OTYyNTcwNTI4yAEJqQI7kYTcwpKxPqgDAaoEiQJP0GexRWhbzZTTQE9D4C_d3nr_IoX0WZ5YOURqtDu6IVq-sgPr6R2KGKagwfurv0u4wsWHOhJNqJpC1qIzxOU8jduSvvoG_IrjDBj64_r-hYKoL-0eKjsrcc8Rrs0WYYpCwFwyHcUQ-GM8KzuHjp0P7CRni35pqzpcP2RNFPSMepHKJnW0YNObucWnwVbZ4XB2MVQ7jO4e-IrvCABtA6WfDowE5mZ7PeFO1BlXk1qOdhTjcGPMKymDrJK-135OPtIXC5MaCje37I7Aw0dt-GhpcnWOsAXAzMwlKUxHz1Z64v6qNDXCxuPbe354b_MVPLXc15fg0UOlQxP0jz3b4TW5ex3Okg2-YViZgAaGzeGK4c_KjtABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1d1hFWuiSoy-IOyFUuvVdrjdKMDg%26client%3Dca-pub-2696894962570528%26adurl%3D
200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y4TfggACKXYGrRrRAAYiP_7jksYSK0rJE-1SAA&u=%7Cu8zkl1AM%2BxsmiPuhKhMLkvZf17F9%2FZmsDG6PUUAgvSU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMbjgW_pkGOYsQFZZ-sQUgigPlN5V2sGi4LnV0HL9hsLR9HxXU3ZvpG29D5hwHYtUD8INe77KB7mjO-Os2e075_B0w05pcH45YpL1XtQPxmrHDvl6jnqqAgUgrX9tP0cfXkN9fwz2tWzuA0zZyinSrRdc_N90emXnoqKgbtCZdGQ7jUUKlkbGXkap0iMu7gREtLQb-piGj7QXBzb4ca4GiuemwAUOLmYf0R1pjTwY-1Ddcm5H9BqD45rjSm9SQJm38wJbH54VMdjQa_axfzRtKmpB0H3ToUFKsraemSpGfefkNXPWY0uDSaRp7Sy1u4ot4E-p3lyT7skH2LLn--T1oqAmlxG8_hK4HyfTtxI94jZ0daSgXLwVmmQwvrAt2HKpIj5qK-QoxIv6pHuiMM3j3tRF8xQbkP6owJPjCVTeb3YDaos7XQVexvVRP3MeRhfXA_njF07Q5FeZ8JjeYuIoXs5uYf4WRL2Iox8paiAoRCgpU1BFwzs3p2NAYkRuxfJOs6iVwPQeneRA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8XhLgt-EY_bSCNG1tOUPv8SYkAjJntKxXM2G49aTAcCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0yNjk2ODk0OTYyNTcwNTI4yAEJqQI7kYTcwpKxPqgDAaoEiQJP0GexRWhbzZTTQE9D4C_d3nr_IoX0WZ5YOURqtDu6IVq-sgPr6R2KGKagwfurv0u4wsWHOhJNqJpC1qIzxOU8jduSvvoG_IrjDBj64_r-hYKoL-0eKjsrcc8Rrs0WYYpCwFwyHcUQ-GM8KzuHjp0P7CRni35pqzpcP2RNFPSMepHKJnW0YNObucWnwVbZ4XB2MVQ7jO4e-IrvCABtA6WfDowE5mZ7PeFO1BlXk1qOdhTjcGPMKymDrJK-135OPtIXC5MaCje37I7Aw0dt-GhpcnWOsAXAzMwlKUxHz1Z64v6qNDXCxuPbe354b_MVPLXc15fg0UOlQxP0jz3b4TW5ex3Okg2-YViZgAaGzeGK4c_KjtABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1d1hFWuiSoy-IOyFUuvVdrjdKMDg%26client%3Dca-pub-2696894962570528%26adurl%3D
IP
GET /delivery/r/afr.php?z=Y4TfggACKXYGrRrRAAYiP_7jksYSK0rJE-1SAA&u=%7Cu8zkl1AM%2BxsmiPuhKhMLkvZf17F9%2FZmsDG6PUUAgvSU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMbjgW_pkGOYsQFZZ-sQUgigPlN5V2sGi4LnV0HL9hsLR9HxXU3ZvpG29D5hwHYtUD8INe77KB7mjO-Os2e075_B0w05pcH45YpL1XtQPxmrHDvl6jnqqAgUgrX9tP0cfXkN9fwz2tWzuA0zZyinSrRdc_N90emXnoqKgbtCZdGQ7jUUKlkbGXkap0iMu7gREtLQb-piGj7QXBzb4ca4GiuemwAUOLmYf0R1pjTwY-1Ddcm5H9BqD45rjSm9SQJm38wJbH54VMdjQa_axfzRtKmpB0H3ToUFKsraemSpGfefkNXPWY0uDSaRp7Sy1u4ot4E-p3lyT7skH2LLn--T1oqAmlxG8_hK4HyfTtxI94jZ0daSgXLwVmmQwvrAt2HKpIj5qK-QoxIv6pHuiMM3j3tRF8xQbkP6owJPjCVTeb3YDaos7XQVexvVRP3MeRhfXA_njF07Q5FeZ8JjeYuIoXs5uYf4WRL2Iox8paiAoRCgpU1BFwzs3p2NAYkRuxfJOs6iVwPQeneRA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8XhLgt-EY_bSCNG1tOUPv8SYkAjJntKxXM2G49aTAcCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0yNjk2ODk0OTYyNTcwNTI4yAEJqQI7kYTcwpKxPqgDAaoEiQJP0GexRWhbzZTTQE9D4C_d3nr_IoX0WZ5YOURqtDu6IVq-sgPr6R2KGKagwfurv0u4wsWHOhJNqJpC1qIzxOU8jduSvvoG_IrjDBj64_r-hYKoL-0eKjsrcc8Rrs0WYYpCwFwyHcUQ-GM8KzuHjp0P7CRni35pqzpcP2RNFPSMepHKJnW0YNObucWnwVbZ4XB2MVQ7jO4e-IrvCABtA6WfDowE5mZ7PeFO1BlXk1qOdhTjcGPMKymDrJK-135OPtIXC5MaCje37I7Aw0dt-GhpcnWOsAXAzMwlKUxHz1Z64v6qNDXCxuPbe354b_MVPLXc15fg0UOlQxP0jz3b4TW5ex3Okg2-YViZgAaGzeGK4c_KjtABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1d1hFWuiSoy-IOyFUuvVdrjdKMDg%26client%3Dca-pub-2696894962570528%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 16:19:14 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=dUBgfcYMtgpShq0gO6M4bp8D3TrIe0mtr77vGKrTkCwQKGcZ9qTbkLGougFbdkfTC2MAVL9ErBIGPYMLxBiYanEs5CpZLkcIUUJmXxmUxhXHvlTFPLmGU3cZk2QG11GdC3U3_yHoDozWhLBijrVDb_J2ZkTzmG9gCOC4QI_z8CsOqUlPj8sk4o9xAEWCcNjHeL1VCKvA_wgQp7EWcSRbYAWrg-0AzBqbouNHLFISa_yiaJNl7JkczIzEpmxo2sQMEdUDuA"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 49272201
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy.svg
200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy.svg
IP
GET /flash/icon/privacy.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 16:19:15 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
etag: W/"5e4d1491-646"
expires: Thu, 23 Nov 2023 16:19:15 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/adchoices_en.svg
200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/adchoices_en.svg
IP
GET /flash/icon/adchoices_en.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 16:19:15 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
etag: W/"5e42b9ee-759"
expires: Thu, 23 Nov 2023 16:19:15 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy_small.svg
200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy_small.svg
IP
GET /flash/icon/privacy_small.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 16:19:15 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
etag: W/"5e42ba84-6aa"
expires: Thu, 23 Nov 2023 16:19:15 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdeeli-m.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Mon, 28 Nov 2022 05:11:33 GMT
expires: Mon, 12 Dec 2022 05:11:33 GMT
cache-control: public, max-age=1209600
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
age: 40060
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=6384df823f9c858ac84d87482350256d
302 Found 0 B URL HTTP/2 a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=6384df823f9c858ac84d87482350256d
IP
GET /adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=6384df823f9c858ac84d87482350256d HTTP/1.1
Host: a1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 28 Nov 2022 16:19:15 GMT
content-type: text/html; charset=utf-8
location: https://mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=38945&adfrmid=0
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y4TfggACP1UGrSoIAANOE2211mGimbJgnXp2bw&u=%7Cu8zkl1AM%2BxvuRiHJ%2FDZCuA5BAbVa%2FyBA7ZGvCKgGxEc%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy1Gxh_Y1T0kGp8aQwGxYqgNeTWOcFqdZfeMSd1iLdk2oloLX9It6OrAz3sWppWkvwGy500PObjPV7XYtaGSyQPjvKt6xjaxonNxnCbqZbKIOpuFFq9SRNPVskxcH2emtIVA-FZPgxg78kz7P7jxGJ-zlLxgyqjkzJIKjmDKwbSAeF6kPjAvZn2iv8dJAVWgu5NCU9biBjHy3fFEuzzg-g-PUhqvcs2IkYfFwa3YCkM8RcBSRZ33A5ff9Ashlh8VjxNmd_Lp88MNSoPtVxlPFeAYTc_RUkKTnYckebOQ9EWqdN8lGndTPM4TnvCzyaHc0b4wb0Dc5-aJaBWo_odZWSYkJilZqizJY8OhEVA4cpvbG95HbKUyfT8uFuv-BEqPsJkB98g4SQyWoCUR3ggIZ136YpKwewTIAJV6-WwKQALOosG2PZDmB7VDaFesetlLLhIVyu2USKKdes_y112brRxNcUx8yZF0QrA6TIfzh0nAIPPFhvHCMA-yAv_4SDlh4-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQmeCgt-EY9X-CIjUtOUPk5yNsAbJntKxXNX24taTAcCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0yNjk2ODk0OTYyNTcwNTI4yAEJqQKUorr71oWxPqgDAaoEiQJP0Gg7fCA78sG4aSdGdElgpZYkmdzZS_GIkgzTepG98gOXhHxXilvP2ft2TTpm_Pgi7wYW0IbKNzGedny_YJEWupOhMNYXFVL01z_HgNvGWVj-dibm2B_5lxChvVwgqmWMC1_fAa8ZdI1OWcYkKlEnsErzIIs8ynP-rE03lo8rUf0NsxQuebFIF7OezGACH_3siBU4B6AhWWw_fjJB4pELZETpnemroOmFwvPZI1IBoWTVhTwM1z5jwQck9xGrwNzS8hTsjOVjYx2DG8X0NSXDswif_2isyLfe7M1YVLB1BDI_hZroi-yLrzAH2mVIdaJDmFdEvYrBvetQu4oFVdJUWrm1hw4tgvbpgAaGzeGK4c_KjtABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lkzXxqfUpYzecHU6oOgrqL2bkzQ%26client%3Dca-pub-2696894962570528%26adurl%3D
200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y4TfggACP1UGrSoIAANOE2211mGimbJgnXp2bw&u=%7Cu8zkl1AM%2BxvuRiHJ%2FDZCuA5BAbVa%2FyBA7ZGvCKgGxEc%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy1Gxh_Y1T0kGp8aQwGxYqgNeTWOcFqdZfeMSd1iLdk2oloLX9It6OrAz3sWppWkvwGy500PObjPV7XYtaGSyQPjvKt6xjaxonNxnCbqZbKIOpuFFq9SRNPVskxcH2emtIVA-FZPgxg78kz7P7jxGJ-zlLxgyqjkzJIKjmDKwbSAeF6kPjAvZn2iv8dJAVWgu5NCU9biBjHy3fFEuzzg-g-PUhqvcs2IkYfFwa3YCkM8RcBSRZ33A5ff9Ashlh8VjxNmd_Lp88MNSoPtVxlPFeAYTc_RUkKTnYckebOQ9EWqdN8lGndTPM4TnvCzyaHc0b4wb0Dc5-aJaBWo_odZWSYkJilZqizJY8OhEVA4cpvbG95HbKUyfT8uFuv-BEqPsJkB98g4SQyWoCUR3ggIZ136YpKwewTIAJV6-WwKQALOosG2PZDmB7VDaFesetlLLhIVyu2USKKdes_y112brRxNcUx8yZF0QrA6TIfzh0nAIPPFhvHCMA-yAv_4SDlh4-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQmeCgt-EY9X-CIjUtOUPk5yNsAbJntKxXNX24taTAcCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0yNjk2ODk0OTYyNTcwNTI4yAEJqQKUorr71oWxPqgDAaoEiQJP0Gg7fCA78sG4aSdGdElgpZYkmdzZS_GIkgzTepG98gOXhHxXilvP2ft2TTpm_Pgi7wYW0IbKNzGedny_YJEWupOhMNYXFVL01z_HgNvGWVj-dibm2B_5lxChvVwgqmWMC1_fAa8ZdI1OWcYkKlEnsErzIIs8ynP-rE03lo8rUf0NsxQuebFIF7OezGACH_3siBU4B6AhWWw_fjJB4pELZETpnemroOmFwvPZI1IBoWTVhTwM1z5jwQck9xGrwNzS8hTsjOVjYx2DG8X0NSXDswif_2isyLfe7M1YVLB1BDI_hZroi-yLrzAH2mVIdaJDmFdEvYrBvetQu4oFVdJUWrm1hw4tgvbpgAaGzeGK4c_KjtABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lkzXxqfUpYzecHU6oOgrqL2bkzQ%26client%3Dca-pub-2696894962570528%26adurl%3D
IP
GET /delivery/r/afr.php?z=Y4TfggACP1UGrSoIAANOE2211mGimbJgnXp2bw&u=%7Cu8zkl1AM%2BxvuRiHJ%2FDZCuA5BAbVa%2FyBA7ZGvCKgGxEc%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy1Gxh_Y1T0kGp8aQwGxYqgNeTWOcFqdZfeMSd1iLdk2oloLX9It6OrAz3sWppWkvwGy500PObjPV7XYtaGSyQPjvKt6xjaxonNxnCbqZbKIOpuFFq9SRNPVskxcH2emtIVA-FZPgxg78kz7P7jxGJ-zlLxgyqjkzJIKjmDKwbSAeF6kPjAvZn2iv8dJAVWgu5NCU9biBjHy3fFEuzzg-g-PUhqvcs2IkYfFwa3YCkM8RcBSRZ33A5ff9Ashlh8VjxNmd_Lp88MNSoPtVxlPFeAYTc_RUkKTnYckebOQ9EWqdN8lGndTPM4TnvCzyaHc0b4wb0Dc5-aJaBWo_odZWSYkJilZqizJY8OhEVA4cpvbG95HbKUyfT8uFuv-BEqPsJkB98g4SQyWoCUR3ggIZ136YpKwewTIAJV6-WwKQALOosG2PZDmB7VDaFesetlLLhIVyu2USKKdes_y112brRxNcUx8yZF0QrA6TIfzh0nAIPPFhvHCMA-yAv_4SDlh4-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQmeCgt-EY9X-CIjUtOUPk5yNsAbJntKxXNX24taTAcCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0yNjk2ODk0OTYyNTcwNTI4yAEJqQKUorr71oWxPqgDAaoEiQJP0Gg7fCA78sG4aSdGdElgpZYkmdzZS_GIkgzTepG98gOXhHxXilvP2ft2TTpm_Pgi7wYW0IbKNzGedny_YJEWupOhMNYXFVL01z_HgNvGWVj-dibm2B_5lxChvVwgqmWMC1_fAa8ZdI1OWcYkKlEnsErzIIs8ynP-rE03lo8rUf0NsxQuebFIF7OezGACH_3siBU4B6AhWWw_fjJB4pELZETpnemroOmFwvPZI1IBoWTVhTwM1z5jwQck9xGrwNzS8hTsjOVjYx2DG8X0NSXDswif_2isyLfe7M1YVLB1BDI_hZroi-yLrzAH2mVIdaJDmFdEvYrBvetQu4oFVdJUWrm1hw4tgvbpgAaGzeGK4c_KjtABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lkzXxqfUpYzecHU6oOgrqL2bkzQ%26client%3Dca-pub-2696894962570528%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 16:19:14 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=AMawj8YMtgpShq0gs17zcieWEHYEXu0MQ6oW1gbfxxkW3xpp9HG3N0gy0s1I3moIVrZn3s9rTU9AJiRVH8iJvR9cm3dKOC4T-IHNDKWgdFTR6tDW8S2vBQRyPGAq_Y0CBK_q8DPE82Kch4oRpZO-49vcCaOO9i1FZKbDBS7ly28j_c-nHIiCQ_VhQTkqUoGDkrMYyfSC9-xce-FsQCtJddhv2pWzWhyzhmCpKO8VUf7LH1bPeAoNACJLXj0YTyxSHzDnIg"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 57559354
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
widget-v4.tidiochat.com/1_130_0/static/js/widget.1cc153e1b0983c8869e6.js
200 OK 0 B URL HTTP/2 widget-v4.tidiochat.com/1_130_0/static/js/widget.1cc153e1b0983c8869e6.js
IP
GET /1_130_0/static/js/widget.1cc153e1b0983c8869e6.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 16:19:14 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 13:58:11 GMT
vary: Accept-Encoding
etag: W/"637f7873-83636"
cache-control: max-age=691200
cf-cache-status: HIT
age: 2093
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnLNxwvDAFzHm%2Fl94GclwgSNrVAK8ocyiwClJFEQvT9KAYiTol%2B%2FcGzXjSN6rR0Zo3DbCPX0DH7eAmq6ExIo8m6psf30%2B8AW7E7LTq3HgwErhn9wIw62fYU50h1IDx2JWc2FZTdQ2Vsp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77146c8c98bffac0-OSL
content-encoding: br
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdeeli-m.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 16:19:13 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 15099107
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 77146c890baafac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Eo4tKPnTBSVdD-mFds6_mLz8BV_ZON914lbD-yK-kd2SDz5Og8P1AJ3RJKHJpwpcA7ruPP3j-MjHf7cJRKcFsd1zHxjY1mQpDMLoE-j2FLNprCqZSyx9JYUV8pdIMcBD-DSmsthrmoeBfux9KRzuWWWmM82dCYFz-uabwz1Cew6lSqtb_PPU7Ud8E9GZgEjgfawunDfmZQIcXIbdqgteRh7wwMrGAWWhACahjr3n_CzxJ3bY_CNPLv9iMgChyrTHPM7fo7nB33InKQl82Kh80PZRUxZnT6tEuZkFNzWBTfLuoGqrmdEeTVUCjAahFYq2Ca3o8B4SzZbCMMMtQM4ZqCMqUn3fzq-lFHgdgZRBVq5aVrxFJ7pZqOKd4Vs_exkcNpxiH99uF9akOD7FDDVDG-v6lohzQ_ZFDU3M3ZalirV_ak-m
200 OK 0 B URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Eo4tKPnTBSVdD-mFds6_mLz8BV_ZON914lbD-yK-kd2SDz5Og8P1AJ3RJKHJpwpcA7ruPP3j-MjHf7cJRKcFsd1zHxjY1mQpDMLoE-j2FLNprCqZSyx9JYUV8pdIMcBD-DSmsthrmoeBfux9KRzuWWWmM82dCYFz-uabwz1Cew6lSqtb_PPU7Ud8E9GZgEjgfawunDfmZQIcXIbdqgteRh7wwMrGAWWhACahjr3n_CzxJ3bY_CNPLv9iMgChyrTHPM7fo7nB33InKQl82Kh80PZRUxZnT6tEuZkFNzWBTfLuoGqrmdEeTVUCjAahFYq2Ca3o8B4SzZbCMMMtQM4ZqCMqUn3fzq-lFHgdgZRBVq5aVrxFJ7pZqOKd4Vs_exkcNpxiH99uF9akOD7FDDVDG-v6lohzQ_ZFDU3M3ZalirV_ak-m
IP
GET /delivery/lg.php?cppv=3&cpp=Eo4tKPnTBSVdD-mFds6_mLz8BV_ZON914lbD-yK-kd2SDz5Og8P1AJ3RJKHJpwpcA7ruPP3j-MjHf7cJRKcFsd1zHxjY1mQpDMLoE-j2FLNprCqZSyx9JYUV8pdIMcBD-DSmsthrmoeBfux9KRzuWWWmM82dCYFz-uabwz1Cew6lSqtb_PPU7Ud8E9GZgEjgfawunDfmZQIcXIbdqgteRh7wwMrGAWWhACahjr3n_CzxJ3bY_CNPLv9iMgChyrTHPM7fo7nB33InKQl82Kh80PZRUxZnT6tEuZkFNzWBTfLuoGqrmdEeTVUCjAahFYq2Ca3o8B4SzZbCMMMtQM4ZqCMqUn3fzq-lFHgdgZRBVq5aVrxFJ7pZqOKd4Vs_exkcNpxiH99uF9akOD7FDDVDG-v6lohzQ_ZFDU3M3ZalirV_ak-m HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 16:19:14 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1988928
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/criteo_logo_2021.svg
200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/criteo_logo_2021.svg
IP
GET /flash/icon/criteo_logo_2021.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 16:19:15 GMT
content-type: image/svg+xml
last-modified: Thu, 27 May 2021 13:21:59 GMT
etag: W/"60af9cf7-891"
expires: Thu, 23 Nov 2023 16:19:15 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/animejs/animejs.js
200 OK 0 B URL HTTP/2 static.criteo.net/animejs/animejs.js
IP
GET /animejs/animejs.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 16:19:15 GMT
content-type: text/javascript
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
etag: W/"5c9a64eb-3181"
expires: Thu, 23 Nov 2023 16:19:15 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
code.tidio.co/lzpapzyvaqij3qrvwdz4evwtnckjp6wz.js
302 Found 0 B URL HTTP/2 code.tidio.co/lzpapzyvaqij3qrvwdz4evwtnckjp6wz.js
IP
GET /lzpapzyvaqij3qrvwdz4evwtnckjp6wz.js HTTP/1.1
Host: code.tidio.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdeeli-m.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 28 Nov 2022 16:19:13 GMT
content-type: text/html
location: https://widget-v4.tidiochat.com/1_130_0/static/js/render.1cc153e1b0983c8869e6.js
cache-control: private, no-cache, no-store, must-revalidate
widget-cache-status: HIT
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rop97xN6MET4jlqnIgXs3%2BWiCZSpcAa0SnFNCOe8WKNxSwQDD987SM21Mwd4XqgFebkGHm6laYJxkdNi1CuVSFLbCqi793X4tVqKJ4WzvoipaJFOxFpWjNv%2FSkNa948%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77146c8929390b02-OSL
X-Firefox-Spdy: h2
142.250.74.161
31.13.72.12
178.250.2.129
104.17.24.14
37.157.5.142
54.217.91.75
23.36.76.226
93.184.220.29