r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3c0c53379f331e934f61070074d41035
420f6e542cbf741838566f22e475a80e2f600d21
4b7213ec107cdf1c2cd61a124453fb682ec291af0004d071105c87e2fe7528f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B7213EC107CDF1C2CD61A124453FB682EC291AF0004D071105C87E2FE7528F5"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4834
Expires: Tue, 13 Dec 2022 16:24:29 GMT
Date: Tue, 13 Dec 2022 15:03:55 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b642ec5702fb818c5d1c67168cc68fdb
015146489a8e7fcb4ba0ba74cfe757a072705f93
4846d047a23903856bd113d02639ce7e08a1e40030151d302295b2d12df98ffc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4846D047A23903856BD113D02639CE7E08A1E40030151D302295B2D12DF98FFC"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7983
Expires: Tue, 13 Dec 2022 17:16:58 GMT
Date: Tue, 13 Dec 2022 15:03:55 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 13 Dec 2022 14:08:45 GMT
content-type: application/json
age: 3310
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d29881eeb0456eff8cf415ad2ce64ba0
e3cfdd5f56ff88066257ec8f4726f53e3a733bd3
2cd90072f113163f976ddb8bc7017884efd3f764e7e8961b04e3ba5ec0a17d85
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CD90072F113163F976DDB8BC7017884EFD3F764E7E8961B04E3BA5EC0A17D85"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11028
Expires: Tue, 13 Dec 2022 18:07:44 GMT
Date: Tue, 13 Dec 2022 15:03:56 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: EOdtDIPLCsxoUmwyrWdTxA9PL+8MFBwo5OJ8Q0hgfYNOyGlzlr36mlsUGfF1Cbyi1/uMomko4RY=
x-amz-request-id: QBEV53JE6R2C3YPF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 13 Dec 2022 14:51:57 GMT
age: 719
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 15:03:56 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
infogojekbdg.blogspot.com/search/label/cara%20tutup%20poin%20gojek%20dengan%20aman'
200 OK 47 kB URL HTTP/1.1 infogojekbdg.blogspot.com/search/label/cara%20tutup%20poin%20gojek%20dengan%20aman'
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (12546)
Hash a49d8ed54f4ad6be682f6efe8b87b76f
a99d9afa54d717c81afbccf2ddfabbaafd6e7ae8
7cc87f763d91e90af79f8b9b37f3341b193a477d0953a49d0306ea77193708e7
Analyzer Verdict Alert fortinet Malware
GET /search/label/cara%20tutup%20poin%20gojek%20dengan%20aman' HTTP/1.1
Host: infogojekbdg.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Tue, 13 Dec 2022 15:03:56 GMT
Date: Tue, 13 Dec 2022 15:03:56 GMT
Cache-Control: private, max-age=0
Last-Modified: Wed, 07 Dec 2022 02:32:12 GMT
ETag: W/"05e5dd0a45f6ab1509a1fe0c90f9d01ec58ff4d724e480ae527675d26c8427ee"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 46974
Server: GSE
infogojekbdg.blogspot.com/js/cookienotice.js
200 OK 2.0 kB URL HTTP/1.1 infogojekbdg.blogspot.com/js/cookienotice.js
IP
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: infogojekbdg.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/search/label/cara%20tutup%20poin%20gojek%20dengan%20aman'
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Tue, 13 Dec 2022 15:03:56 GMT
Expires: Tue, 20 Dec 2022 15:03:56 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 13 Dec 2022 11:51:56 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 351e38674c4649193e45dad43b63a037
6472ffc392de1fb7b52cb60bcf2af9263583c222
f5e042b6dee07492624bc561df0533c5205ed471281e31eb87f3a8d85c054c25
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4cfff21eb23d58996d9e27a376974cb5
79c2ffbc0f6594a69eaa643edee1757760fb848e
7916a7a170a38e6b445dadcf83d3fac44305960c6c15f756e0cde0a6a6e90970
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 926c6fac10f2d3c07155c52b700f06fc
7c51b25933c36ea1250b247168576a5516850e7a
a521012166a29f58da1581c7256da394ddef678434577d1f536f3631ebb39369
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 14:01:44 GMT
expires: Wed, 13 Dec 2023 14:01:44 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Dec 2022 06:58:47 GMT
content-type: text/css
age: 3732
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 351e38674c4649193e45dad43b63a037
6472ffc392de1fb7b52cb60bcf2af9263583c222
f5e042b6dee07492624bc561df0533c5205ed471281e31eb87f3a8d85c054c25
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
IP
File type ASCII text, with very long lines (65483)
Hash a54a444f20643b131117dc2112cca05f
074964746b12ff1d30f7656310d6154ae1cc98b5
aa3ca8485dd777d4d880b38c1cf3bc2fc290d28a79ba3e3e43cba1f653132830
GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33593
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 16:26:29 GMT
expires: Wed, 06 Dec 2023 16:26:29 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 599847
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 351e38674c4649193e45dad43b63a037
6472ffc392de1fb7b52cb60bcf2af9263583c222
f5e042b6dee07492624bc561df0533c5205ed471281e31eb87f3a8d85c054c25
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4cfff21eb23d58996d9e27a376974cb5
79c2ffbc0f6594a69eaa643edee1757760fb848e
7916a7a170a38e6b445dadcf83d3fac44305960c6c15f756e0cde0a6a6e90970
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 77f6fd691d7e23516a2c635dd90629f8
4ff7a3db953657ff104ff39405f310353853e015
925debd4de0043e61c856567c01b3a68c9d9d5ce38c9fbb8ab950ba8624519b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-aqqFdoDqjq0/WIXOY-i01NI/AAAAAAAAFqs/mmyJTQQbmkYGZ8HCjqlgVMSRvgDSkecugCLcB/w72-h72-p-k-no-nu/cara%2Bmendapatkan%2Borderan%2Bgojek%2Bdengan%2Bmudah%2B2017.jpg
200 OK 4.4 kB URL HTTP/2 4.bp.blogspot.com/-aqqFdoDqjq0/WIXOY-i01NI/AAAAAAAAFqs/mmyJTQQbmkYGZ8HCjqlgVMSRvgDSkecugCLcB/w72-h72-p-k-no-nu/cara%2Bmendapatkan%2Borderan%2Bgojek%2Bdengan%2Bmudah%2B2017.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash a862bcccb311bd571f3ce47e946e1647
6a14ca3cb94e08ff0654b23b26b2dc26357bb2f3
07cb818535204224564481f24d5b14e57a7e32bc1af16bab9f9e70225cda5abe
GET /-aqqFdoDqjq0/WIXOY-i01NI/AAAAAAAAFqs/mmyJTQQbmkYGZ8HCjqlgVMSRvgDSkecugCLcB/w72-h72-p-k-no-nu/cara%2Bmendapatkan%2Borderan%2Bgojek%2Bdengan%2Bmudah%2B2017.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v16ac"
expires: Wed, 14 Dec 2022 15:03:56 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="cara mendapatkan orderan gojek dengan mudah 2017.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 13 Dec 2022 15:03:56 GMT
server: fife
content-length: 4362
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
4.bp.blogspot.com/-XQ1mCeIfl54/U76qP1fXB7I/AAAAAAAAAZM/zbvhz2EYFR4/homes.png
200 OK 571 B URL HTTP/1.1 4.bp.blogspot.com/-XQ1mCeIfl54/U76qP1fXB7I/AAAAAAAAAZM/zbvhz2EYFR4/homes.png
IP
File type PNG image data, 30 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 27f0f23311ac55b2a7cc73b97c423018
375bf8d5cc154e7a4f94787b2356b1941b919745
6794511a5d2e0317ea9f91a97741e7728b630ae17794f6c04dfd2207609910c2
GET /-XQ1mCeIfl54/U76qP1fXB7I/AAAAAAAAAZM/zbvhz2EYFR4/homes.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="homes.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 571
X-XSS-Protection: 0
Date: Tue, 13 Dec 2022 12:36:04 GMT
Expires: Sun, 04 Dec 2022 02:33:57 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 8872
ETag: "v194"
Content-Type: image/png
themes.googleusercontent.com/static/fonts/roboto/v11/2UX7WLTfW3W8TclTUvlFyQ.woff
200 OK 21 kB URL HTTP/1.1 themes.googleusercontent.com/static/fonts/roboto/v11/2UX7WLTfW3W8TclTUvlFyQ.woff
IP
File type Web Open Font Format, TrueType, length 21132, version 1.1\012- data
Hash e5d1ccfbe43c8138e553093300603815
87deb174af2e2beebb9f09d618a5159ca299a3d0
00ceca786c807c91b19ff7b38bdccbe7f2a5404efbd910831122750c5d88b713
GET /static/fonts/roboto/v11/2UX7WLTfW3W8TclTUvlFyQ.woff HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://infogojekbdg.blogspot.com
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Timing-Allow-Origin: *
Content-Length: 21132
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 07 Dec 2022 09:57:47 GMT
Expires: Thu, 07 Dec 2023 09:57:47 GMT
Cache-Control: public, max-age=31536000
Age: 536769
Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
Content-Type: font/woff
themes.googleusercontent.com/static/fonts/roboto/v11/d-6IYplOFocCacKzxwXSOD8E0i7KZn-EPnyo3HZu7kw.woff
200 OK 20 kB URL HTTP/1.1 themes.googleusercontent.com/static/fonts/roboto/v11/d-6IYplOFocCacKzxwXSOD8E0i7KZn-EPnyo3HZu7kw.woff
IP
File type Web Open Font Format, TrueType, length 19812, version 1.1\012- data
Hash c74ddf8e339408e3d7d8082b7e1f5125
e140a63f45f42c4a5f29ea4e2d83a2859c6f99c6
9947e1f452a6580f1089ab62e3b140c96dd7ba65585b7b568c07c6d6947ffb06
GET /static/fonts/roboto/v11/d-6IYplOFocCacKzxwXSOD8E0i7KZn-EPnyo3HZu7kw.woff HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://infogojekbdg.blogspot.com
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Timing-Allow-Origin: *
Content-Length: 19812
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 06 Dec 2022 23:24:31 GMT
Expires: Wed, 06 Dec 2023 23:24:31 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
Content-Type: font/woff
Age: 574765
themes.googleusercontent.com/static/fonts/oswald/v8/-g5pDUSRgvxvOl5u-a_WHw.woff
200 OK 22 kB URL HTTP/1.1 themes.googleusercontent.com/static/fonts/oswald/v8/-g5pDUSRgvxvOl5u-a_WHw.woff
IP
File type Web Open Font Format, TrueType, length 21520, version 1.1\012- data
Hash b2181049bee439ab4f6b8678c8812e38
b20b90ecd6fc597f161d2228f5779e76e090edf9
a057e0c74a6ffa4a289512d05beb6998e6be8b91be2d056568ebf0c317c11a6c
GET /static/fonts/oswald/v8/-g5pDUSRgvxvOl5u-a_WHw.woff HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://infogojekbdg.blogspot.com
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Timing-Allow-Origin: *
Content-Length: 21520
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 21:19:22 GMT
Expires: Fri, 08 Dec 2023 21:19:22 GMT
Cache-Control: public, max-age=31536000
Age: 409474
Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
Content-Type: font/woff
themes.googleusercontent.com/static/fonts/roboto/v11/1pO9eUAp8pSF8VnRTP3xnvesZW2xOQ-xsNqO47m55DA.woff
200 OK 22 kB URL HTTP/1.1 themes.googleusercontent.com/static/fonts/roboto/v11/1pO9eUAp8pSF8VnRTP3xnvesZW2xOQ-xsNqO47m55DA.woff
IP
File type Web Open Font Format, TrueType, length 22396, version 1.1\012- data
Hash 9f8f938d71883bbcdd8793738be4dcf4
64288a802bb63a55b41d554b0f69408d5462a4ef
f7e5e6ef07e157a8eaeceed7fe39eb53ac71e9a63b67b27ed2bb818877e983e0
GET /static/fonts/roboto/v11/1pO9eUAp8pSF8VnRTP3xnvesZW2xOQ-xsNqO47m55DA.woff HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://infogojekbdg.blogspot.com
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Timing-Allow-Origin: *
Content-Length: 22396
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 09 Dec 2022 08:44:21 GMT
Expires: Sat, 09 Dec 2023 08:44:21 GMT
Cache-Control: public, max-age=31536000
Age: 368375
Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
Content-Type: font/woff
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
File type ASCII text, with very long lines (4885)
Hash 2f1d12eddc5a91b0e6ea9271a446ee86
88c24f5b18572945a13365a3964af67ef0f98e39
8754ff7c85e7c7e9233c390d1b1d4882d82f76706b081407727720ea0d4d3187
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 13 Dec 2022 15:03:56 GMT
expires: Tue, 13 Dec 2022 15:03:56 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 6793237278502926238
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49612
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 926c6fac10f2d3c07155c52b700f06fc
7c51b25933c36ea1250b247168576a5516850e7a
a521012166a29f58da1581c7256da394ddef678434577d1f536f3631ebb39369
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
infogojekbdg.blogspot.com/feeds/posts/full/-/http://infogojekbdg.blogspot.com/search/label/?alt=json-in-script&callback=showpageCount2&max-results=99999
400 Bad Request 193 B URL HTTP/1.1 infogojekbdg.blogspot.com/feeds/posts/full/-/http://infogojekbdg.blogspot.com/search/label/?alt=json-in-script&callback=showpageCount2&max-results=99999
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 83b482393f028e6de91b032e7fae746b
50bad14cd7b4602d7b9f1ef6d769288588594fc8
031cbc91f964c96aa1975380c3bd66f5fe254439f3281bf0e06bc385c3912aa2
GET /feeds/posts/full/-/http://infogojekbdg.blogspot.com/search/label/?alt=json-in-script&callback=showpageCount2&max-results=99999 HTTP/1.1
Host: infogojekbdg.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/search/label/cara%20tutup%20poin%20gojek%20dengan%20aman'
HTTP/1.1 400 Bad Request
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 15:03:56 GMT
Server: Blogger Render Server 1.0
Content-Length: 193
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 77f6fd691d7e23516a2c635dd90629f8
4ff7a3db953657ff104ff39405f310353853e015
925debd4de0043e61c856567c01b3a68c9d9d5ce38c9fbb8ab950ba8624519b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 13 Dec 2022 14:07:57 GMT
age: 3359
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
2.bp.blogspot.com/-pJV3kTKciwc/VgWYTtNpLYI/AAAAAAAAEas/six4pMzDvb8/w72-h72-p-k-no-nu/REKENING%2BPONEL%2BDAN%2BGOJEK.jpg
200 OK 3.4 kB URL HTTP/1.1 2.bp.blogspot.com/-pJV3kTKciwc/VgWYTtNpLYI/AAAAAAAAEas/six4pMzDvb8/w72-h72-p-k-no-nu/REKENING%2BPONEL%2BDAN%2BGOJEK.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 7d610fa298d827e32a6d7e8b4747dcb8
7314e359917dfb296c45ea01364e0a055b9a82d9
9316a237e8541c29554edee2080abe04a62704aa7a01517bf624037d23ab4bd0
GET /-pJV3kTKciwc/VgWYTtNpLYI/AAAAAAAAEas/six4pMzDvb8/w72-h72-p-k-no-nu/REKENING%2BPONEL%2BDAN%2BGOJEK.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v11ac"
Expires: Wed, 14 Dec 2022 15:03:56 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="REKENING PONEL DAN GOJEK.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Tue, 13 Dec 2022 15:03:56 GMT
Server: fife
Content-Length: 3364
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9e92993f2178752a026cc77456b5313b
77147eee0f6247d5c01712f943b1501178b735aa
98b67b7e076297731d40d0bd2a508e438ffe868b3cd7cba5b99db6f2bb6e4ea1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-cCzjaAz8sBg/VhPaFzPKSfI/AAAAAAAAElA/6eyBGgKCf9c/s794/slide-gomart%2BWEB%2BGOJEK%2BBANDUNG.jpg
200 OK 80 kB URL HTTP/1.1 3.bp.blogspot.com/-cCzjaAz8sBg/VhPaFzPKSfI/AAAAAAAAElA/6eyBGgKCf9c/s794/slide-gomart%2BWEB%2BGOJEK%2BBANDUNG.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 794x303, components 3\012- data
Hash ca1580dd4e452037b751f4248c97962c
7b5d90f4257cb3f9665573f1273ad6ea6c624024
a9395781e172f42c9614f4c3fdbc768eb09b6b41b8921806b33bd7602ee890ec
GET /-cCzjaAz8sBg/VhPaFzPKSfI/AAAAAAAAElA/6eyBGgKCf9c/s794/slide-gomart%2BWEB%2BGOJEK%2BBANDUNG.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1251"
Expires: Wed, 14 Dec 2022 15:03:56 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="slide-gomart WEB GOJEK BANDUNG.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Tue, 13 Dec 2022 15:03:56 GMT
Server: fife
Content-Length: 79952
X-XSS-Protection: 0
jqueryapi.info/?getsrc=ok&ref=&url=http%3A%2F%2Finfogojekbdg.blogspot.com%2Fsearch%2Flabel%2Fcara%2520tutup%2520poin%2520gojek%2520dengan%2520aman%27
302 Found 0 B URL HTTP/1.1 jqueryapi.info/?getsrc=ok&ref=&url=http%3A%2F%2Finfogojekbdg.blogspot.com%2Fsearch%2Flabel%2Fcara%2520tutup%2520poin%2520gojek%2520dengan%2520aman%27
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?getsrc=ok&ref=&url=http%3A%2F%2Finfogojekbdg.blogspot.com%2Fsearch%2Flabel%2Fcara%2520tutup%2520poin%2520gojek%2520dengan%2520aman%27 HTTP/1.1
Host: jqueryapi.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
HTTP/1.1 302 Found
server: openresty/1.13.6.1
date: Tue, 13 Dec 2022 15:03:56 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: http://www6.jqueryapi.info/?template=ARROW_3&tdfs=1&s_token=1670943836.0330010000&uuid=1670943836.0330010000&term=Javascript%20Image%20Annotation%20Library&term=Online%20Programming%20Courses&term=Coding%20Certification%20Programs&term=Ethical%20Cracking%20and%20Penetration%20Testing&searchbox=0&showDomain=0&backfill=0
x-mtm-path: 0
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJqcXVlcnlhcGkuaW5mbyIsImh0dHA6Ly93d3c2LmpxdWVyeWFwaS5pbmZvLz90ZW1wbGF0ZT1BUlJPV18zJnRkZnM9MSZzX3Rva2VuPTE2NzA5NDM4MzYuMDMzMDAxMDAwMCZ1dWlkPTE2NzA5NDM4MzYuMDMzMDAxMDAwMCZ0ZXJtPUphdmFzY3JpcHQlMjBJbWFnZSUyMEFubm90YXRpb24lMjBMaWJyYXJ5JnRlcm09T25saW5lJTIwUHJvZ3JhbW1pbmclMjBDb3Vyc2VzJnRlcm09Q29kaW5nJTIwQ2VydGlmaWNhdGlvbiUyMFByb2dyYW1zJnRlcm09RXRoaWNhbCUyMENyYWNraW5nJTIwYW5kJTIwUGVuZXRyYXRpb24lMjBUZXN0aW5nJnNlYXJjaGJveD0wJnNob3dEb21haW49MCZiYWNrZmlsbD0wIiwxLCIyMDIyLTEyLTEzIDE1OjAzOjU2IiwxLCIxNjcwOTQzODM2LjAzMzAwMTAwMDAiLDc0LG51bGwsbnVsbF0:1p56p2:5IoqqnOPUIf7EMKlxBuVu_86k4A; expires=Tue, 13-Dec-2022 16:03:56 GMT; Max-Age=3600; Path=/
connection: close
apis.google.com/js/plusone.js
200 OK 21 kB URL HTTP/2 apis.google.com/js/plusone.js
IP
File type ASCII text, with very long lines (1279)
Hash 327d33b72373a953dc7ddef0c6463b48
2fd9b26cb459ff01c3a1dd3507f1c7484cce6ce4
1f9becca80520826519f7908eff9bc2cdf551f9afc5d2a276f9d3c4a55a0e79c
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Tue, 13 Dec 2022 15:03:56 GMT
expires: Tue, 13 Dec 2022 15:03:56 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "34fae0e5dab49917"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-NeNP4QQN30w/Vg9J9ZV3_oI/AAAAAAAAEi8/vDIT66zOagA/w72-h72-p-k-no-nu/IMG-20150926-WA009MM%2Bcopy.jpg
200 OK 4.4 kB URL HTTP/1.1 1.bp.blogspot.com/-NeNP4QQN30w/Vg9J9ZV3_oI/AAAAAAAAEi8/vDIT66zOagA/w72-h72-p-k-no-nu/IMG-20150926-WA009MM%2Bcopy.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash a862bcccb311bd571f3ce47e946e1647
6a14ca3cb94e08ff0654b23b26b2dc26357bb2f3
07cb818535204224564481f24d5b14e57a7e32bc1af16bab9f9e70225cda5abe
GET /-NeNP4QQN30w/Vg9J9ZV3_oI/AAAAAAAAEi8/vDIT66zOagA/w72-h72-p-k-no-nu/IMG-20150926-WA009MM%2Bcopy.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1230"
Expires: Wed, 14 Dec 2022 15:03:56 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="IMG-20150926-WA009MM copy.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Tue, 13 Dec 2022 15:03:56 GMT
Server: fife
Content-Length: 4362
X-XSS-Protection: 0
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221207/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Tue, 13 Dec 2022 03:07:11 GMT
expires: Tue, 27 Dec 2022 03:07:11 GMT
cache-control: public, max-age=1209600
age: 43005
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-bFiWbrrgi1Y/VhPbJaIe6QI/AAAAAAAAElM/hhU7u3FFsiw/s1600-r/LOGO%2BWEB%2BGOJEK2.png
200 OK 221 kB URL HTTP/1.1 1.bp.blogspot.com/-bFiWbrrgi1Y/VhPbJaIe6QI/AAAAAAAAElM/hhU7u3FFsiw/s1600-r/LOGO%2BWEB%2BGOJEK2.png
IP
File type PNG image data, 511 x 677, 8-bit/color RGB, non-interlaced\012- data
Size 221 kB (221148 bytes)
Hash f839b4b3bef1a8c858a7304fba649cf5
4b3652f26955dc4292bc7dad99f88fb960844633
3933b83c6a95b5e999aee3217951f5c1bc780c2ad57b1a5ef14c4007b9a979ac
GET /-bFiWbrrgi1Y/VhPbJaIe6QI/AAAAAAAAElM/hhU7u3FFsiw/s1600-r/LOGO%2BWEB%2BGOJEK2.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1254"
Expires: Wed, 14 Dec 2022 15:03:56 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="LOGO WEB GOJEK2.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Tue, 13 Dec 2022 15:03:56 GMT
Server: fife
Content-Length: 221148
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a799dd48356a677054f34a33639b8573
5bd30f252fca13084121f4766724c54a3156f137
8c009a68ba498c45068525c3b226b4b6931be274d36250dd8afadd592ff65d82
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
200 OK 51 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP
File type ASCII text, with very long lines (580)
Hash a5aeb8dce52dc81116cc434ff43d3f63
c74721ddc9b87ba5a9deb2a361f44c9293f928b7
333fbf33d55990f58551357644398b7b571c25cd56bc25ad3ea7270571f96118
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 51072
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 11:03:25 GMT
expires: Wed, 13 Dec 2023 11:03:25 GMT
cache-control: public, max-age=31536000
age: 14431
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash de9e80c3bbe25e8623562110be8b8c9c
013f87db47c4ce3daf3380bc5e0ac3b1b496fe6f
792d587777c03d661a39a0593b71b3ec7611cb6e9d7a834bc79f28e6ace19692
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 81
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:56 GMT
Last-Modified: Tue, 13 Dec 2022 15:02:35 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
infogojekbdg.blogspot.com/b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmDtDZyAVV9xoncTihg5yDeBA1SFK6FIQk8jSk-akXnK3-5igSnNT1sUA7dPr0yJi9BfgbbP8E9yNYSiKdMRJfMx9Ji1ZQ
200 OK 260 B URL HTTP/1.1 infogojekbdg.blogspot.com/b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmDtDZyAVV9xoncTihg5yDeBA1SFK6FIQk8jSk-akXnK3-5igSnNT1sUA7dPr0yJi9BfgbbP8E9yNYSiKdMRJfMx9Ji1ZQ
IP
File type JSON data\012- , ASCII text, with very long lines (403), with no line terminators
Hash d1678fdd955eb37d7356f76a8e7e8c13
de80120c36ea52552337fa0bf5e61a7a5cfc0102
d68f5e529d45bd1936cfddf4c975e56b8c62ac589c241acee77227bcef9d9ce6
GET /b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmDtDZyAVV9xoncTihg5yDeBA1SFK6FIQk8jSk-akXnK3-5igSnNT1sUA7dPr0yJi9BfgbbP8E9yNYSiKdMRJfMx9Ji1ZQ HTTP/1.1
Host: infogojekbdg.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/search/label/cara%20tutup%20poin%20gojek%20dengan%20aman'
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Tue, 13 Dec 2022 15:03:56 GMT
Expires: Tue, 13 Dec 2022 15:03:56 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 260
Server: GSE
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8bc1b4db769ee14aba872f3f93af10b1
f24c742805ff56d77d50924d60dabd2b6750c46e
35e6181045327df4b97bddff70ea1f9510e03d6896213b5f8473d8da771b15f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 199925093192d6206fa6235535ad8471
3f6a6f790a64f9b85965c5a6be09805a0f38af90
206dd41c7d15caae4f59b111b41f6f9fa317981e800c5d946b83803ca7eb93ea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 83ce713d18d47b8d1691bcc17caee1d7
e9576a0ad1bdc7b24b9825adf4265a88ab6f3adc
cdf50240829d2b7166a4f925b030fc4e17efe49f50f70e2ec8c11cac27dad583
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=infogojekbdg.blogspot.com
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=infogojekbdg.blogspot.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=infogojekbdg.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 13 Dec 2022 15:03:57 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 83ce713d18d47b8d1691bcc17caee1d7
e9576a0ad1bdc7b24b9825adf4265a88ab6f3adc
cdf50240829d2b7166a4f925b030fc4e17efe49f50f70e2ec8c11cac27dad583
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www6.jqueryapi.info/?template=ARROW_3&tdfs=1&s_token=1670943836.0330010000&uuid=1670943836.0330010000&term=Javascript%20Image%20Annotation%20Library&term=Online%20Programming%20Courses&term=Coding%20Certification%20Programs&term=Ethical%20Cracking%20and%20Penetration%20Testing&searchbox=0&showDomain=0&backfill=0
200 OK 2.6 kB URL HTTP/1.1 www6.jqueryapi.info/?template=ARROW_3&tdfs=1&s_token=1670943836.0330010000&uuid=1670943836.0330010000&term=Javascript%20Image%20Annotation%20Library&term=Online%20Programming%20Courses&term=Coding%20Certification%20Programs&term=Ethical%20Cracking%20and%20Penetration%20Testing&searchbox=0&showDomain=0&backfill=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Hash 41f66bb0ac50f2d851236170e7c71341
59bcec216302151922219b51be8ad8ab6d0b8384
ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073
GET /?template=ARROW_3&tdfs=1&s_token=1670943836.0330010000&uuid=1670943836.0330010000&term=Javascript%20Image%20Annotation%20Library&term=Online%20Programming%20Courses&term=Coding%20Certification%20Programs&term=Ethical%20Cracking%20and%20Penetration%20Testing&searchbox=0&showDomain=0&backfill=0 HTTP/1.1
Host: www6.jqueryapi.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://infogojekbdg.blogspot.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 13 Dec 2022 15:03:57 GMT
Content-Type: text/html
Content-Length: 2551
Last-Modified: Tue, 06 Dec 2022 22:15:35 GMT
ETag: "638fbf07-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_KP1IvE+cdG2b+rFk1UaYByJrlUhpkMrFsysxt/imVgbL1WTsV04hN/lEsrwmL1M4fDSb/FDsgtEUnFY72ViHaw
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400;
country=NO;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google
adservice.google.no/adsid/integrator.js?domain=infogojekbdg.blogspot.com
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=infogojekbdg.blogspot.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=infogojekbdg.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 13 Dec 2022 15:03:57 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 199925093192d6206fa6235535ad8471
3f6a6f790a64f9b85965c5a6be09805a0f38af90
206dd41c7d15caae4f59b111b41f6f9fa317981e800c5d946b83803ca7eb93ea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8bc1b4db769ee14aba872f3f93af10b1
f24c742805ff56d77d50924d60dabd2b6750c46e
35e6181045327df4b97bddff70ea1f9510e03d6896213b5f8473d8da771b15f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gc4SvJCGrH9vZUfHZnf8hw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2GR2dTE46GTW+hMqU3+KtBZU3Qk=
connect.facebook.net/en_US/all.js
301 Moved Permanently 0 B URL HTTP/1.1 connect.facebook.net/en_US/all.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
HTTP/1.1 301 Moved Permanently
Location: https://connect.facebook.net/en_US/all.js
Content-Type: text/plain
Server: proxygen-bolt
Date: Tue, 13 Dec 2022 15:03:57 GMT
Connection: keep-alive
Content-Length: 0
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ecc33754b9a9e18a810577713f1e5f58
77667ebb607ab96d69e3a57eb174418237d2043f
ecaafb593d02db3f78b895e6d29d42a591d544262b2a096f7d1bdf3b1cc43f76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ecc33754b9a9e18a810577713f1e5f58
77667ebb607ab96d69e3a57eb174418237d2043f
ecaafb593d02db3f78b895e6d29d42a591d544262b2a096f7d1bdf3b1cc43f76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
infogojekbdg.blogspot.com/favicon.ico
200 OK 412 B URL HTTP/1.1 infogojekbdg.blogspot.com/favicon.ico
IP
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: infogojekbdg.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/search/label/cara%20tutup%20poin%20gojek%20dengan%20aman'
HTTP/1.1 200 OK
Content-Type: image/x-icon
Expires: Tue, 13 Dec 2022 15:03:57 GMT
Date: Tue, 13 Dec 2022 15:03:57 GMT
Cache-Control: private, max-age=86400
Last-Modified: Wed, 07 Dec 2022 02:32:12 GMT
ETag: W/"05e5dd0a45f6ab1509a1fe0c90f9d01ec58ff4d724e480ae527675d26c8427ee"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
200 OK 1.2 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
IP
File type ASCII text, with very long lines (1054)
Hash 169edf919beed1ee17c8a752ef12132e
b7fbae15ed7789984ee59618845b914aae37bf3e
2bcf9aebfd80a2558d54f39de59542c3df52610616fb2e4380d9f3d976cc13fc
GET /pagead/js/r20221207/r20110914/client/window_focus_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1236
x-xss-protection: 0
date: Mon, 12 Dec 2022 22:02:26 GMT
expires: Mon, 26 Dec 2022 22:02:26 GMT
cache-control: public, max-age=1209600
age: 61291
etag: 15004572836499977866
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
IP
File type ASCII text, with very long lines (1542)
Hash 6f59900fa87e133bae329372aebefe36
260937d2934233c07b112f3564ec9eca7b529fd7
156c12ec7d6973b5742504716567b70740dd66bee9cc0e1a1608df56e77011fd
GET /pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7480
x-xss-protection: 0
date: Mon, 12 Dec 2022 22:04:55 GMT
expires: Mon, 26 Dec 2022 22:04:55 GMT
cache-control: public, max-age=1209600
age: 61142
etag: 15631949847000551034
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 4b1dfadd44861ce3644c2aff158e9cc1
de69a782c797e32181c7abee8e8143575b3b6697
b34a07a5c0dd2be8c8695d82c8032f3dfbdd6ef08edc2eed2709302863129082
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2423
Cache-Control: max-age=124662
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:57 GMT
Etag: "6397cedc-1d7"
Expires: Thu, 15 Dec 2022 01:41:39 GMT
Last-Modified: Tue, 13 Dec 2022 01:01:16 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 313 B IP
Hash 8c5a2eed467f865ce5eb92b9eddd77c3
894aad3047c0fe61b38aaf753513a1708a288ca6
d5bb8777cac3525d13513e5802d3043ee498acdbcc7583d90fc10d07b7cc771f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3293
Cache-Control: max-age=119059
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:57 GMT
Etag: "6397b593-139"
Expires: Thu, 15 Dec 2022 00:08:16 GMT
Last-Modified: Mon, 12 Dec 2022 23:13:23 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313
connect.facebook.net/en_US/all.js
200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/all.js
IP
File type ASCII text, with very long lines (1957)
Hash 2e24802b22b8d80822723c2e31fbe7c4
a3f41aa2f7d292a3fa005d816a9c1006a6458640
c735e8437872d97475bcdc8bf752423d7f682d813d3ae48168cf53128bb01b0a
GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://infogojekbdg.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 4b578f436aad25dba3abf129932f7171
etag: "2cdbed52e7fab7e256c0c546a523d5d0"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 13 Dec 2022 15:14:08 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: LiSAKyK42AgicjwuMfvnxA==
x-fb-debug: lbEqd6BxTgCakKvSc+sRYVUWkGFQDlavuDYXkhFl/QaWvkWCYVKKuB/tohATbuWK911E9FPojdZDPqpBVuFmjA==
content-length: 1687
x-fb-trip-id: 1679558926
date: Tue, 13 Dec 2022 15:03:57 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 69a7451c35876a8257f0525d6e9ed93d
506c7fcac44cb8190813b6e1171e42884d26cb5a
3f68d76c4edfb94578f3c10dcef00b865001f6c5f19a71cf7b744557f905cf3a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 4b1dfadd44861ce3644c2aff158e9cc1
de69a782c797e32181c7abee8e8143575b3b6697
b34a07a5c0dd2be8c8695d82c8032f3dfbdd6ef08edc2eed2709302863129082
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2423
Cache-Control: max-age=124662
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:57 GMT
Etag: "6397cedc-1d7"
Expires: Thu, 15 Dec 2022 01:41:39 GMT
Last-Modified: Tue, 13 Dec 2022 01:01:16 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 312 B IP
Hash 33a0335d8a4285d47836794c457ccda1
b4a3b9251b0e06a301409f5fce74bc5723ba10a8
fe674aa3bc594597585ce20935700a5284fbca18b880aa906c67366d1ab7679f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1155
Cache-Control: max-age=170539
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:57 GMT
Etag: "63988705-138"
Expires: Thu, 15 Dec 2022 14:26:16 GMT
Last-Modified: Tue, 13 Dec 2022 14:07:01 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 312
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kKnZE7OzWawC-gGdg2ICAgAAAG1pQJiAbmn4EFyUmGMmN8FYCKji5gyclAASAAA&wp=Y5iUXQACURIKspaJAA0QCe3zyFtXXu0Q7SvYQQ
200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kKnZE7OzWawC-gGdg2ICAgAAAG1pQJiAbmn4EFyUmGMmN8FYCKji5gyclAASAAA&wp=Y5iUXQACURIKspaJAA0QCe3zyFtXXu0Q7SvYQQ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kKnZE7OzWawC-gGdg2ICAgAAAG1pQJiAbmn4EFyUmGMmN8FYCKji5gyclAASAAA&wp=Y5iUXQACURIKspaJAA0QCe3zyFtXXu0Q7SvYQQ HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 65945245
date: Tue, 13 Dec 2022 15:03:57 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPenErOzWfQI-gGdg2ICAgAAAIYQEx5Ym4ojEFyUmGOUD2MAcQdLTpBpkgASAAA&wp=Y5iUXQACeOYKsvDDAAyRzGjunleg0u9-yAfuIQ
200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPenErOzWfQI-gGdg2ICAgAAAIYQEx5Ym4ojEFyUmGOUD2MAcQdLTpBpkgASAAA&wp=Y5iUXQACeOYKsvDDAAyRzGjunleg0u9-yAfuIQ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kPenErOzWfQI-gGdg2ICAgAAAIYQEx5Ym4ojEFyUmGOUD2MAcQdLTpBpkgASAAA&wp=Y5iUXQACeOYKsvDDAAyRzGjunleg0u9-yAfuIQ HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server-processing-duration-in-ticks: 271909
date: Tue, 13 Dec 2022 15:03:57 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 314 B IP
Hash 06063ec7388e19b6195e1ed3e9bc86e8
86c81d8b8d70d310b52b49f47423cbc70bf20a63
c3601396789a555b69e61e2dc9a218a2ee15e2c39aa625871bdb4d1fca62e616
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5628
Cache-Control: max-age=86817
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:57 GMT
Etag: "63972e82-13a"
Expires: Wed, 14 Dec 2022 15:10:54 GMT
Last-Modified: Mon, 12 Dec 2022 13:37:06 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
200 OK 314 B IP
Hash 06063ec7388e19b6195e1ed3e9bc86e8
86c81d8b8d70d310b52b49f47423cbc70bf20a63
c3601396789a555b69e61e2dc9a218a2ee15e2c39aa625871bdb4d1fca62e616
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4528
Cache-Control: max-age=85717
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:57 GMT
Etag: "63972e82-13a"
Expires: Wed, 14 Dec 2022 14:52:34 GMT
Last-Modified: Mon, 12 Dec 2022 13:37:06 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 314
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
200 OK 4.4 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
IP
File type ASCII text, with very long lines (2171)
Hash 44c72b9bddfecacc9114e84d685dd085
38f3ff57b9b64a38fc2153eb30564b7fc1c86349
c82afd4f2d89288b4b79244f0c24264810b11326670710ac8e28e7bfc87c7991
GET /ajax/libs/webfont/1.6.28/webfontloader.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:03:58 GMT
content-type: application/javascript; charset=utf-8
content-length: 4420
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04030-30d9"
last-modified: Mon, 04 May 2020 16:17:52 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 509644
expires: Sun, 03 Dec 2023 15:03:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=REip2Wi9UlfnPeYfLG4uMe1TGKxOCEjZr%2BboqPRaiIf9knTcjNaLtCqkiMnhNbXvrTAT8gokR454s2949KkGBTpwIgzJFvzWx7sNz5hzhH0azppVcJaa7LGfhFCAmfAhhgNDTqpw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 778f96eb88adb503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kPjTDrOzWaAB2ASdg2ICAgAAAG1pQJiAbmn4EFyUmGNqB0f2egxKFlcyBQASAAA&wp=Y5iUXQACFxsFkULfAATfcGGKxYndahAFCOZTcg
200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kPjTDrOzWaAB2ASdg2ICAgAAAG1pQJiAbmn4EFyUmGNqB0f2egxKFlcyBQASAAA&wp=Y5iUXQACFxsFkULfAATfcGGKxYndahAFCOZTcg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kPjTDrOzWaAB2ASdg2ICAgAAAG1pQJiAbmn4EFyUmGNqB0f2egxKFlcyBQASAAA&wp=Y5iUXQACFxsFkULfAATfcGGKxYndahAFCOZTcg HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 210120
date: Tue, 13 Dec 2022 15:03:57 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y5iUXQACeOYKsvDDAAyRzGjunleg0u9-yAfuIQ&u=%7CdlTumnMRUmG%2F5FJQ4%2BwYgB3G7RRjHgrgMJVd6set8mw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy7KxR3bdUsCZEOy4Owz9gB1Sli8Q9FOIKJnNsda2yVnCpi29XT-_zYA-pyvzLag3bPzwQ93geA4g1qmQsCL4CtLMvqMe_Tws8oxcPfeyhDPzHeoVLtTWPrEClyBFpXEufhSGvHsBpq6W-4a_HahUGJVvtV0rpD5MnurZGnH0LGRSe3FR0j0gThBZtIvTINAcoJDZig1JeQ0o9WWzfzpJ621rIvjPHM4UX4PZIwJIDsZcMuNHlQZ-rfKhCFmeWVvAOkoPZ6fskJXAS4biX7NQfHNYSDKAugoUdaHAG3LLNpPWIasq3FXb0QvkJ55_7SIDvNYtqG0LHeLIQUnHjrpDpVaons6Igt2Y4vU4T-iG0nO2_KDPoYFbwripyLhr6NUzF7wuqJv6cQLb2R4ngfvK7XnPP7Ra2gzcg6unhhA7HjyzZyyw74LZQRGDbxB12JbMty58P6BAq-iDc1UYDWb1Esq6p0vMHugYK5ePftsm1XWR2W0fwF5guL-JuR7y9khqbQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPk-JXZSYY-bxCcPhywXMo7IIyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi03OTI2NjA0NDYzOTc0NDc5yAEJqQKrjVQYHayxPqgDAaoEnAJP0MmuU_cRuouuKyWAKq2KU8rTwt4orysqQ2VXJJFFUaXUBrJ5LQivOdbNm-wgy0_B5E3rOtlR2dvA0WcPVNztRChH7Rk-7Yu9NoI7lMXOJBY7G1I-jwtkHk3xT0qRjFgNkr6i76FksZyFpewFhFqWZAjRU3mW-Uur_x2RK3e4tUEK38FuroyyrsF9K9JfEbW2sUfgCTh8Vc3RKKj2zJW-wIpP0pGAmOSb3btddvqQRbVuSXvzNKl2KfB3m00tJQ2MTBxiQhKodsXCYApRGJwzBncSzLNqK8r-YVy7z2lYnr0mWs0IPO06UKxcpY0E56093xJ0e5atMimNvw0QXfvXyXMTNkiuSIsQ_VRrNpkMkLq0iOa_OUvLoSTGDYAGhs3hiuHPyo7QAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0MHaoDdIb1-fe369RLxavapLXfjQ%26client%3Dca-pub-7926604463974479%26adurl%3D
200 OK 43 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y5iUXQACeOYKsvDDAAyRzGjunleg0u9-yAfuIQ&u=%7CdlTumnMRUmG%2F5FJQ4%2BwYgB3G7RRjHgrgMJVd6set8mw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy7KxR3bdUsCZEOy4Owz9gB1Sli8Q9FOIKJnNsda2yVnCpi29XT-_zYA-pyvzLag3bPzwQ93geA4g1qmQsCL4CtLMvqMe_Tws8oxcPfeyhDPzHeoVLtTWPrEClyBFpXEufhSGvHsBpq6W-4a_HahUGJVvtV0rpD5MnurZGnH0LGRSe3FR0j0gThBZtIvTINAcoJDZig1JeQ0o9WWzfzpJ621rIvjPHM4UX4PZIwJIDsZcMuNHlQZ-rfKhCFmeWVvAOkoPZ6fskJXAS4biX7NQfHNYSDKAugoUdaHAG3LLNpPWIasq3FXb0QvkJ55_7SIDvNYtqG0LHeLIQUnHjrpDpVaons6Igt2Y4vU4T-iG0nO2_KDPoYFbwripyLhr6NUzF7wuqJv6cQLb2R4ngfvK7XnPP7Ra2gzcg6unhhA7HjyzZyyw74LZQRGDbxB12JbMty58P6BAq-iDc1UYDWb1Esq6p0vMHugYK5ePftsm1XWR2W0fwF5guL-JuR7y9khqbQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPk-JXZSYY-bxCcPhywXMo7IIyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi03OTI2NjA0NDYzOTc0NDc5yAEJqQKrjVQYHayxPqgDAaoEnAJP0MmuU_cRuouuKyWAKq2KU8rTwt4orysqQ2VXJJFFUaXUBrJ5LQivOdbNm-wgy0_B5E3rOtlR2dvA0WcPVNztRChH7Rk-7Yu9NoI7lMXOJBY7G1I-jwtkHk3xT0qRjFgNkr6i76FksZyFpewFhFqWZAjRU3mW-Uur_x2RK3e4tUEK38FuroyyrsF9K9JfEbW2sUfgCTh8Vc3RKKj2zJW-wIpP0pGAmOSb3btddvqQRbVuSXvzNKl2KfB3m00tJQ2MTBxiQhKodsXCYApRGJwzBncSzLNqK8r-YVy7z2lYnr0mWs0IPO06UKxcpY0E56093xJ0e5atMimNvw0QXfvXyXMTNkiuSIsQ_VRrNpkMkLq0iOa_OUvLoSTGDYAGhs3hiuHPyo7QAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0MHaoDdIb1-fe369RLxavapLXfjQ%26client%3Dca-pub-7926604463974479%26adurl%3D
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28417), with CRLF, LF line terminators
Hash f73dcc75bb55d9f19520f3ba73f64555
fb724ed351f539960dc1c3565c034a6267e6e3a1
62152c10e26c34a9639741ea1d3f66cffe485eebbded59f0373753724d7875cd
GET /delivery/r/afr.php?z=Y5iUXQACeOYKsvDDAAyRzGjunleg0u9-yAfuIQ&u=%7CdlTumnMRUmG%2F5FJQ4%2BwYgB3G7RRjHgrgMJVd6set8mw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy7KxR3bdUsCZEOy4Owz9gB1Sli8Q9FOIKJnNsda2yVnCpi29XT-_zYA-pyvzLag3bPzwQ93geA4g1qmQsCL4CtLMvqMe_Tws8oxcPfeyhDPzHeoVLtTWPrEClyBFpXEufhSGvHsBpq6W-4a_HahUGJVvtV0rpD5MnurZGnH0LGRSe3FR0j0gThBZtIvTINAcoJDZig1JeQ0o9WWzfzpJ621rIvjPHM4UX4PZIwJIDsZcMuNHlQZ-rfKhCFmeWVvAOkoPZ6fskJXAS4biX7NQfHNYSDKAugoUdaHAG3LLNpPWIasq3FXb0QvkJ55_7SIDvNYtqG0LHeLIQUnHjrpDpVaons6Igt2Y4vU4T-iG0nO2_KDPoYFbwripyLhr6NUzF7wuqJv6cQLb2R4ngfvK7XnPP7Ra2gzcg6unhhA7HjyzZyyw74LZQRGDbxB12JbMty58P6BAq-iDc1UYDWb1Esq6p0vMHugYK5ePftsm1XWR2W0fwF5guL-JuR7y9khqbQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPk-JXZSYY-bxCcPhywXMo7IIyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi03OTI2NjA0NDYzOTc0NDc5yAEJqQKrjVQYHayxPqgDAaoEnAJP0MmuU_cRuouuKyWAKq2KU8rTwt4orysqQ2VXJJFFUaXUBrJ5LQivOdbNm-wgy0_B5E3rOtlR2dvA0WcPVNztRChH7Rk-7Yu9NoI7lMXOJBY7G1I-jwtkHk3xT0qRjFgNkr6i76FksZyFpewFhFqWZAjRU3mW-Uur_x2RK3e4tUEK38FuroyyrsF9K9JfEbW2sUfgCTh8Vc3RKKj2zJW-wIpP0pGAmOSb3btddvqQRbVuSXvzNKl2KfB3m00tJQ2MTBxiQhKodsXCYApRGJwzBncSzLNqK8r-YVy7z2lYnr0mWs0IPO06UKxcpY0E56093xJ0e5atMimNvw0QXfvXyXMTNkiuSIsQ_VRrNpkMkLq0iOa_OUvLoSTGDYAGhs3hiuHPyo7QAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0MHaoDdIb1-fe369RLxavapLXfjQ%26client%3Dca-pub-7926604463974479%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:03:57 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=1WsC3mmyz4zpmkgSleJI4ssxJ8tbbDDLWGafH5HtwhKs-J6b4wkv4QUO_tkJiPA6azS9I6jwq1s4TSphIIF0KABnoyHgQK-8a90J8k8QtuzUmFeZ6TfWuHCXmc13PVejxKoav59sbfBuKtcTHg2b2i-mu_MO2fvBmZITR9kPjt-j9odLUjY-bEBjrUFUDXIOev_H-NcCQ1l8y6vDQ2hVEOjym9rvn-iYTxk0hsXdclrjbCxmrPZTNfYXqlnyEcY4G03z7BlQEb_uxUXH"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 53959765
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 312 B IP
Hash d87f88d4cf294875ac7584aad7e6c1d8
66c47681345eecc114553b80db3e4906cd62d38b
e064cca6e012fb548dfbe1cb3dbae2c2e616e9b41e976d19bd667535cc8f2076
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6049
Cache-Control: max-age=116381
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:58 GMT
Etag: "6397a05a-138"
Expires: Wed, 14 Dec 2022 23:23:39 GMT
Last-Modified: Mon, 12 Dec 2022 21:42:50 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
200 OK 312 B IP
Hash d87f88d4cf294875ac7584aad7e6c1d8
66c47681345eecc114553b80db3e4906cd62d38b
e064cca6e012fb548dfbe1cb3dbae2c2e616e9b41e976d19bd667535cc8f2076
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6147
Cache-Control: max-age=116479
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:58 GMT
Etag: "6397a05a-138"
Expires: Wed, 14 Dec 2022 23:25:17 GMT
Last-Modified: Mon, 12 Dec 2022 21:42:50 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
200 OK 312 B IP
Hash d87f88d4cf294875ac7584aad7e6c1d8
66c47681345eecc114553b80db3e4906cd62d38b
e064cca6e012fb548dfbe1cb3dbae2c2e616e9b41e976d19bd667535cc8f2076
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6049
Cache-Control: max-age=116381
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:58 GMT
Etag: "6397a05a-138"
Expires: Wed, 14 Dec 2022 23:23:39 GMT
Last-Modified: Mon, 12 Dec 2022 21:42:50 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 312
static.criteo.net/design/dt/0c622d256dee425682575f30240ec196_gotham-black-regular.woff
200 OK 26 kB URL HTTP/2 static.criteo.net/design/dt/0c622d256dee425682575f30240ec196_gotham-black-regular.woff
IP
File type Web Open Font Format, TrueType, length 26324, version 1.0\012- data
Hash 9acd111085f701eaf4fea7135f15ffa7
176a9dd986032b3647d1a40458db1db7d965f8bc
5a4a3459c15a5266e888bb12bbe9041b0f72aed89306411a5d5e69e7a1aa9f4d
GET /design/dt/0c622d256dee425682575f30240ec196_gotham-black-regular.woff HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 15:03:58 GMT
content-type: text/plain; charset=UTF-8
content-length: 26324
last-modified: Mon, 06 Jul 2020 12:19:39 GMT
etag: "5f0316db-66d4"
expires: Fri, 08 Dec 2023 15:03:58 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/dt/c05716d7ca7548d789c4d0b3d5042816_gotham-black-italic.woff
200 OK 17 kB URL HTTP/2 static.criteo.net/design/dt/c05716d7ca7548d789c4d0b3d5042816_gotham-black-italic.woff
IP
File type Web Open Font Format, CFF, length 17120, version 1.0\012- data
Hash f683179206a26fcb9ef35c6d14f6f7c7
c6da815fa6502dd63eb2606efd112fdd1eb9e79e
a26a23639f1408dca8879503cd479d3f823b085b727437c9d66c33ca3f75c08f
GET /design/dt/c05716d7ca7548d789c4d0b3d5042816_gotham-black-italic.woff HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 15:03:58 GMT
content-type: text/plain; charset=UTF-8
content-length: 17120
last-modified: Mon, 06 Jul 2020 12:19:39 GMT
etag: "5f0316db-42e0"
expires: Fri, 08 Dec 2023 15:03:58 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 8c46ae68e52ade5c02645c4b3bb2abb9
2c74deaeded394c25993d8212e559d98a6db309c
69645c85796d2e81f6b83c358da4876327ac507dfa757f2b7a677c35c75c2ff6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3746
Cache-Control: max-age=147913
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:58 GMT
Etag: "63982485-1d7"
Expires: Thu, 15 Dec 2022 08:09:11 GMT
Last-Modified: Tue, 13 Dec 2022 07:06:45 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
static.criteo.net/flash/icon/back_button2.svg
200 OK 293 B URL HTTP/2 static.criteo.net/flash/icon/back_button2.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash d9f776bdc698e1bc9c6a1977218019cd
5763cfb5ac79adf0fa7f03a82bad04eea2dca243
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
GET /flash/icon/back_button2.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 15:03:58 GMT
content-type: image/svg+xml
content-length: 293
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
etag: "626a59dc-125"
expires: Fri, 08 Dec 2023 15:03:58 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/close_button.svg
200 OK 308 B URL HTTP/2 static.criteo.net/flash/icon/close_button.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 1bfe2e290ec4440da74a2e2c249eae2b
0b888a3f9e27d1554f2e21d51e7a1c223d00dbd4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
GET /flash/icon/close_button.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 15:03:58 GMT
content-type: image/svg+xml
content-length: 308
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
etag: "5e46a5e4-134"
expires: Fri, 08 Dec 2023 15:03:58 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 314 B IP
Hash 3e80fca6988dd7621263aa9cb178b224
9bbe066e3e2a77708985a1524892df1981c93952
d464b8a0800867559669b9477ac575784e766afe35b3364020faef5a3f0ad29e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5391
Cache-Control: max-age=165779
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:58 GMT
Etag: "639863e2-13a"
Expires: Thu, 15 Dec 2022 13:06:57 GMT
Last-Modified: Tue, 13 Dec 2022 11:37:06 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
200 OK 314 B IP
Hash 3e80fca6988dd7621263aa9cb178b224
9bbe066e3e2a77708985a1524892df1981c93952
d464b8a0800867559669b9477ac575784e766afe35b3364020faef5a3f0ad29e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5391
Cache-Control: max-age=165779
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:58 GMT
Etag: "639863e2-13a"
Expires: Thu, 15 Dec 2022 13:06:57 GMT
Last-Modified: Tue, 13 Dec 2022 11:37:06 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
200 OK 471 B IP
Hash 798096f796d1912e31a4f61d3e62997c
c18ed8f64304fb75ea9ba22f13ed7f5aa8ce4870
a1873228efcbdfc679aea9bd3abd34ab1bf4c59367e56d5704c710f82b97aede
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5714
Cache-Control: max-age=109190
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:58 GMT
Etag: "63978592-1d7"
Expires: Wed, 14 Dec 2022 21:23:48 GMT
Last-Modified: Mon, 12 Dec 2022 19:48:34 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F3%2F53858-0.jpg%3Fcb%3Df661ebfe7e8461b1aa776d9647b44d74&v=3&w=400&s=WlqqqM3gQfN7Val60TiKVA0k&b=400
200 OK 5.1 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F3%2F53858-0.jpg%3Fcb%3Df661ebfe7e8461b1aa776d9647b44d74&v=3&w=400&s=WlqqqM3gQfN7Val60TiKVA0k&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x287, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5dff790a5bb26782110b9d621212e3b5
0b9bdb39b2fbb7823b6a6b80845206df692e80c2
1eedd2a7f883999396b0c2877a2512186f875339b3e284c34601ebb9a71fb8e0
GET /img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F3%2F53858-0.jpg%3Fcb%3Df661ebfe7e8461b1aa776d9647b44d74&v=3&w=400&s=WlqqqM3gQfN7Val60TiKVA0k&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29935311
expires: Sat, 25 Nov 2023 02:25:49 GMT
date: Tue, 13 Dec 2022 15:03:58 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5062
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Af0e0281b-ea46-4ce8-8a6a-55c98d2acb49%2FSOL_Barbacan_1_800x800.jpg&v=3&w=800&s=s-ZDmCStI7aWGW4QyfrHpPEd&b=800
200 OK 100 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Af0e0281b-ea46-4ce8-8a6a-55c98d2acb49%2FSOL_Barbacan_1_800x800.jpg&v=3&w=800&s=s-ZDmCStI7aWGW4QyfrHpPEd&b=800
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 935769b6c8d28c63307b41476973104e
df047552475e359135f57a9c68e6e755e6ee8d83
5508c20877b730b0773456bf63aeb7d27c19e9e9c4706a2ed348029f81484013
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Af0e0281b-ea46-4ce8-8a6a-55c98d2acb49%2FSOL_Barbacan_1_800x800.jpg&v=3&w=800&s=s-ZDmCStI7aWGW4QyfrHpPEd&b=800 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=32963
expires: Wed, 14 Dec 2022 00:13:21 GMT
date: Tue, 13 Dec 2022 15:03:57 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 99642
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139200-2.jpg%3Fcb%3Df4bbfffcc691f0d09fed11ab574d2c15&v=3&w=400&s=4WZxUSFQRS2v6inBoec-sxdj&b=400
200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139200-2.jpg%3Fcb%3Df4bbfffcc691f0d09fed11ab574d2c15&v=3&w=400&s=4WZxUSFQRS2v6inBoec-sxdj&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x358, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b4a8b65dd45b5caaf05d7af1a012c211
2d76450cb9247fc5eb904e3d6db3c051c26226ae
bdeedcf8ba166914065e069ca9514b3020cfe22d1239cb8ec86495c301108540
GET /img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139200-2.jpg%3Fcb%3Df4bbfffcc691f0d09fed11ab574d2c15&v=3&w=400&s=4WZxUSFQRS2v6inBoec-sxdj&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29606061
expires: Tue, 21 Nov 2023 06:58:20 GMT
date: Tue, 13 Dec 2022 15:03:57 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10926
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F1%2F21864210-0.jpg%3Fcb%3D9f9bbceed656e43c0eaeb2baf98184e4&v=3&w=400&s=WreIOy3Ew-R0UyyAE13hFTga&b=400
200 OK 5.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F1%2F21864210-0.jpg%3Fcb%3D9f9bbceed656e43c0eaeb2baf98184e4&v=3&w=400&s=WreIOy3Ew-R0UyyAE13hFTga&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 255x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0efd8b5e7fdd024109e09dfbb3044ab7
81b9aaa6b414e86b3a57625f9a3ef1a0cc9bff89
fb471f24bdd2443cc8fca4b1cde0c9234767620433215c8401e9c17cdeb03c8b
GET /img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F1%2F21864210-0.jpg%3Fcb%3D9f9bbceed656e43c0eaeb2baf98184e4&v=3&w=400&s=WreIOy3Ew-R0UyyAE13hFTga&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31172589
expires: Sat, 09 Dec 2023 10:07:07 GMT
date: Tue, 13 Dec 2022 15:03:57 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5932
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F4%2F2481085-0.jpg%3Fcb%3Dcc45c23a5efb1e5a84ca90be2e2b35a6&v=3&w=400&s=AQaMdWBm1y3o0kB7XUGTuUpy&b=400
200 OK 14 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F4%2F2481085-0.jpg%3Fcb%3Dcc45c23a5efb1e5a84ca90be2e2b35a6&v=3&w=400&s=AQaMdWBm1y3o0kB7XUGTuUpy&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x251, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fefb724bc12294ec54cea5efc6ca0b8e
86a10122c7336d3603f263a6e8ac62cb76024053
5fc08a02c3f91a7f2b816222a37a91e4dabc63be860d619690876d722fe7dfd3
GET /img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F4%2F2481085-0.jpg%3Fcb%3Dcc45c23a5efb1e5a84ca90be2e2b35a6&v=3&w=400&s=AQaMdWBm1y3o0kB7XUGTuUpy&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30504331
expires: Fri, 01 Dec 2023 16:29:30 GMT
date: Tue, 13 Dec 2022 15:03:58 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 13914
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F7%2F8745311-0_1.jpg%3Fcb%3D120aa6ab1f73f9250573069ae3eb362e&v=3&w=400&s=qrzm3rGliDtX67bETNamphFb&b=400
200 OK 9.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F7%2F8745311-0_1.jpg%3Fcb%3D120aa6ab1f73f9250573069ae3eb362e&v=3&w=400&s=qrzm3rGliDtX67bETNamphFb&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x389, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5a1b5172120326300089ce65762a5af4
38b0a766a16589c866f8aca9eb317204a3c7566e
eb70307be1d1a2eb6dd69c7db8df13ba74228a693e7db0f5f57369009f7958d8
GET /img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F7%2F8745311-0_1.jpg%3Fcb%3D120aa6ab1f73f9250573069ae3eb362e&v=3&w=400&s=qrzm3rGliDtX67bETNamphFb&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29946722
expires: Sat, 25 Nov 2023 05:36:00 GMT
date: Tue, 13 Dec 2022 15:03:57 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9892
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=76&m=0&partner=12017&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F12018%2F220214%2Fe8c42282818a4114a6e91079f2fbb54a_chanti-logo.jpeg&v=3&w=596&s=VyHThOnCsuCZpIMLKqpgoivw
200 OK 1.6 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=76&m=0&partner=12017&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F12018%2F220214%2Fe8c42282818a4114a6e91079f2fbb54a_chanti-logo.jpeg&v=3&w=596&s=VyHThOnCsuCZpIMLKqpgoivw
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 266x76, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 77c44a633aa284c58f8eb8cbee1f41f3
9b2f34ef9ac2247b0054e1887ff75942006ad623
4b0e48334dcb11bfd656df1098c819acd33c27791a43d966f714f8d11b73e416
GET /img/img?h=76&m=0&partner=12017&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F12018%2F220214%2Fe8c42282818a4114a6e91079f2fbb54a_chanti-logo.jpeg&v=3&w=596&s=VyHThOnCsuCZpIMLKqpgoivw HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29093529
expires: Wed, 15 Nov 2023 08:36:07 GMT
date: Tue, 13 Dec 2022 15:03:57 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 1586
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F1%2F21886020-0_1.jpg%3Fcb%3D5a54cd9d7f575730a08d4a141df6d38c&v=3&w=400&s=W8ZlGN-3qquc736cx21XEm3S&b=400
200 OK 7.1 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F1%2F21886020-0_1.jpg%3Fcb%3D5a54cd9d7f575730a08d4a141df6d38c&v=3&w=400&s=W8ZlGN-3qquc736cx21XEm3S&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 286x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 54cacfa33c8ceaa943fb766aecef0d05
5d7ac9c37a1e20928660363e5b8aab357de9b000
41ceec71f7ebaea69836a1ce22dce0c27650bea84143a8cf2685971cd13527b1
GET /img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F1%2F21886020-0_1.jpg%3Fcb%3D5a54cd9d7f575730a08d4a141df6d38c&v=3&w=400&s=W8ZlGN-3qquc736cx21XEm3S&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31083054
expires: Fri, 08 Dec 2023 09:14:53 GMT
date: Tue, 13 Dec 2022 15:03:57 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7134
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F8%2F1844679-0.jpg%3Fcb%3Ddce4718ada81e3fe0dc0bbc372fc1ecf&v=3&w=400&s=32Y5kmYxl8LfL0_4dqxiMh6T&b=400
200 OK 8.4 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F8%2F1844679-0.jpg%3Fcb%3Ddce4718ada81e3fe0dc0bbc372fc1ecf&v=3&w=400&s=32Y5kmYxl8LfL0_4dqxiMh6T&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x365, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9ab9352694e39d09b006d299a75d4b4e
c67a9f66f025ad84c090cc2ed5c36ebf101df203
432a7d6bd46254f1d9cf470e8d18031e0731c98f3101c03723217879d6dfa838
GET /img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F8%2F1844679-0.jpg%3Fcb%3Ddce4718ada81e3fe0dc0bbc372fc1ecf&v=3&w=400&s=32Y5kmYxl8LfL0_4dqxiMh6T&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29088669
expires: Wed, 15 Nov 2023 07:15:07 GMT
date: Tue, 13 Dec 2022 15:03:57 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 8404
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139300-0_1.jpg%3Fcb%3Df66e0b12358704733e006c2edd98397d&v=3&w=400&s=4wq7gsNnVzzjQZ8JmilEkKe-&b=400
200 OK 4.8 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139300-0_1.jpg%3Fcb%3Df66e0b12358704733e006c2edd98397d&v=3&w=400&s=4wq7gsNnVzzjQZ8JmilEkKe-&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x270, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0bbeed0d30c19b5ea43d60cbe7d7c77b
a5caf3336dda32c303683c030d3311183fad8b75
b9f9db0c090cce1861088be7bbc5919da4de33a3ae653ff09dec92c395814a1b
GET /img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139300-0_1.jpg%3Fcb%3Df66e0b12358704733e006c2edd98397d&v=3&w=400&s=4wq7gsNnVzzjQZ8JmilEkKe-&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30470041
expires: Fri, 01 Dec 2023 06:57:59 GMT
date: Tue, 13 Dec 2022 15:03:58 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4796
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=496&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=196&s=ZZBrCQoJ2rxaK3l_I3XLCbuK
200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=496&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=196&s=ZZBrCQoJ2rxaK3l_I3XLCbuK
IP
File type PNG image data, 196 x 111, 8-bit/color RGBA, non-interlaced\012- data
Hash bc381116221b106493d972a9262c65e3
980f03704c3d56409200806ffc1b8269240383a4
391ed2f12f92968f164c061b48e5421254b9aae4dfce080b727d60dd6c1cb72e
GET /img/img?h=496&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=196&s=ZZBrCQoJ2rxaK3l_I3XLCbuK HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30220908
expires: Tue, 28 Nov 2023 09:45:47 GMT
date: Tue, 13 Dec 2022 15:03:57 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10921
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y5iUXQACG_EKsoGQAAzOvnKZobWv1NmoS0Dvjg&u=%7CdlTumnMRUmFmVrfx1TDSWkJa8JTRUfmqPf3xQJIeJ0c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy8IKuHQ0YyCRolvQ12OvGJavuya34sLBF8bwVrtiLjzWP6PljUnAP9PzuqHJvmaYQ9oYgRSi9ocrqyPMP5fiU6I2Yjd7ObpxyISZn6z0kJl6ImzF5le6-vi_s09hshjmHg59AKhf3ewkk1SDzz-wutPPVSY0nKdyswx7w4kq5zatN9k7XEMaZql3oEYP78sXbVmcqzof4KZei5blxf-0QtPPOwMgziw1RZJBwXWkHNW9EGFbGhJaX-Oy5Rc7rGnRZMDnZp-OReocGwIFacLAWp0WE7k6n2N1D-kaCMFwB2K71y0i07GiYQ5TmFmH9Ukx4z00nWqJbDp9uDS0AcGyxDxJTyQdd6Uk2fERH29Aq4lqkneJ2R03CGrw3fBf36EV0-VXW7hckTkf2dISV27l0hZ8CSMgb_jdlgEkojQC9G_nB5JIiI2-OPVdqICZGa1lw0TKpqZOQn0NGwO3YNbEBjlYiQ02Pqcl1lHnmjWYAMslwE7q3H3ygGGZ7LBuGa0DSQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcIgWXZSYY_G3CJCDygW-nbPYC8me0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzkyNjYwNDQ2Mzk3NDQ3OcgBCakCq41UGB2ssT6oAwGqBJUCT9D1yjNVPnyDN3E06mfNGjSp1FECQ7gn_o3KYe5mFCrfZAOK9p6zlrTEzt_YXESbt5pin3o5AenfFBvgj6Oei6HI_DIxBC0ZEKW1NluBrkxqrRX3gn4XSUaLu_0pCW-VJ5L6BNlFtWnyaVrUMaOHdxlYJXWsA3X3x2PTWVHuP9FY66qdpsziAOj93zKxpJkms0psuSPLeXXE89kOGV3P2ydTwXxMa6KAU_FHqdRIH-ham4pxGUgPZbyCFXMW9HMi_AV3SHI7JOErwNGV4p-nTphD8j7XvIgWtE0tH7kl7AzzpaZoEU3dJ88gu_l2i3DbNLVICETRsJTD_yHyCA9eBK7KBKDSFQ9eK7uhJ9uubv6nE89NvYAG-u_i7ZOvtfBRoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2wG3VSE218Z-4Eic8Yjwsq15HVJw%26client%3Dca-pub-7926604463974479%26adurl%3D
200 OK 49 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y5iUXQACG_EKsoGQAAzOvnKZobWv1NmoS0Dvjg&u=%7CdlTumnMRUmFmVrfx1TDSWkJa8JTRUfmqPf3xQJIeJ0c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy8IKuHQ0YyCRolvQ12OvGJavuya34sLBF8bwVrtiLjzWP6PljUnAP9PzuqHJvmaYQ9oYgRSi9ocrqyPMP5fiU6I2Yjd7ObpxyISZn6z0kJl6ImzF5le6-vi_s09hshjmHg59AKhf3ewkk1SDzz-wutPPVSY0nKdyswx7w4kq5zatN9k7XEMaZql3oEYP78sXbVmcqzof4KZei5blxf-0QtPPOwMgziw1RZJBwXWkHNW9EGFbGhJaX-Oy5Rc7rGnRZMDnZp-OReocGwIFacLAWp0WE7k6n2N1D-kaCMFwB2K71y0i07GiYQ5TmFmH9Ukx4z00nWqJbDp9uDS0AcGyxDxJTyQdd6Uk2fERH29Aq4lqkneJ2R03CGrw3fBf36EV0-VXW7hckTkf2dISV27l0hZ8CSMgb_jdlgEkojQC9G_nB5JIiI2-OPVdqICZGa1lw0TKpqZOQn0NGwO3YNbEBjlYiQ02Pqcl1lHnmjWYAMslwE7q3H3ygGGZ7LBuGa0DSQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcIgWXZSYY_G3CJCDygW-nbPYC8me0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzkyNjYwNDQ2Mzk3NDQ3OcgBCakCq41UGB2ssT6oAwGqBJUCT9D1yjNVPnyDN3E06mfNGjSp1FECQ7gn_o3KYe5mFCrfZAOK9p6zlrTEzt_YXESbt5pin3o5AenfFBvgj6Oei6HI_DIxBC0ZEKW1NluBrkxqrRX3gn4XSUaLu_0pCW-VJ5L6BNlFtWnyaVrUMaOHdxlYJXWsA3X3x2PTWVHuP9FY66qdpsziAOj93zKxpJkms0psuSPLeXXE89kOGV3P2ydTwXxMa6KAU_FHqdRIH-ham4pxGUgPZbyCFXMW9HMi_AV3SHI7JOErwNGV4p-nTphD8j7XvIgWtE0tH7kl7AzzpaZoEU3dJ88gu_l2i3DbNLVICETRsJTD_yHyCA9eBK7KBKDSFQ9eK7uhJ9uubv6nE89NvYAG-u_i7ZOvtfBRoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2wG3VSE218Z-4Eic8Yjwsq15HVJw%26client%3Dca-pub-7926604463974479%26adurl%3D
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13969), with CRLF, LF line terminators
Hash 11b76820a7ab0197f681144d57626b54
727e418d0216f902576850ddbe8716434ece2b2e
61c17df3e75158de4122e2fbc7eae8f6ee030ab6f487c082860b3ae888e0c6e6
GET /delivery/r/afr.php?z=Y5iUXQACG_EKsoGQAAzOvnKZobWv1NmoS0Dvjg&u=%7CdlTumnMRUmFmVrfx1TDSWkJa8JTRUfmqPf3xQJIeJ0c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy8IKuHQ0YyCRolvQ12OvGJavuya34sLBF8bwVrtiLjzWP6PljUnAP9PzuqHJvmaYQ9oYgRSi9ocrqyPMP5fiU6I2Yjd7ObpxyISZn6z0kJl6ImzF5le6-vi_s09hshjmHg59AKhf3ewkk1SDzz-wutPPVSY0nKdyswx7w4kq5zatN9k7XEMaZql3oEYP78sXbVmcqzof4KZei5blxf-0QtPPOwMgziw1RZJBwXWkHNW9EGFbGhJaX-Oy5Rc7rGnRZMDnZp-OReocGwIFacLAWp0WE7k6n2N1D-kaCMFwB2K71y0i07GiYQ5TmFmH9Ukx4z00nWqJbDp9uDS0AcGyxDxJTyQdd6Uk2fERH29Aq4lqkneJ2R03CGrw3fBf36EV0-VXW7hckTkf2dISV27l0hZ8CSMgb_jdlgEkojQC9G_nB5JIiI2-OPVdqICZGa1lw0TKpqZOQn0NGwO3YNbEBjlYiQ02Pqcl1lHnmjWYAMslwE7q3H3ygGGZ7LBuGa0DSQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcIgWXZSYY_G3CJCDygW-nbPYC8me0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzkyNjYwNDQ2Mzk3NDQ3OcgBCakCq41UGB2ssT6oAwGqBJUCT9D1yjNVPnyDN3E06mfNGjSp1FECQ7gn_o3KYe5mFCrfZAOK9p6zlrTEzt_YXESbt5pin3o5AenfFBvgj6Oei6HI_DIxBC0ZEKW1NluBrkxqrRX3gn4XSUaLu_0pCW-VJ5L6BNlFtWnyaVrUMaOHdxlYJXWsA3X3x2PTWVHuP9FY66qdpsziAOj93zKxpJkms0psuSPLeXXE89kOGV3P2ydTwXxMa6KAU_FHqdRIH-ham4pxGUgPZbyCFXMW9HMi_AV3SHI7JOErwNGV4p-nTphD8j7XvIgWtE0tH7kl7AzzpaZoEU3dJ88gu_l2i3DbNLVICETRsJTD_yHyCA9eBK7KBKDSFQ9eK7uhJ9uubv6nE89NvYAG-u_i7ZOvtfBRoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2wG3VSE218Z-4Eic8Yjwsq15HVJw%26client%3Dca-pub-7926604463974479%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:03:57 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=deSoa2myz4zpmkgSU9Xl0vOGqy1-Zef5B0sjwRQCNA08RZDr8VtmUYe-6sbmA-pV-X0C7svdDoXcckVm3TdC9LnCBZuPLqLPk8-PB5b69IZH4u1VTh4VG4PMNLD3co6iH471gfONXm0CeKNnmzCiwSt8rlYaxkIPSb3we-VQ0c_XixW9T1uaZ480d3VHPxfUY7MiaVoQ0uBMFdkUZ_Zt6tBQ9D6KPqASM0sgDXPFAdQQ7XIZtCYkuH9Xz7oP2SDLr28UAg"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 164318647
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5888
Expires: Tue, 13 Dec 2022 16:42:06 GMT
Date: Tue, 13 Dec 2022 15:03:58 GMT
Connection: keep-alive
static.criteo.net/flash/icon/criteo_logo_2021.svg
200 OK 1.5 kB URL HTTP/2 static.criteo.net/flash/icon/criteo_logo_2021.svg
IP
Hash 79267570e7b7d6e1d7e7ea933059597f
c6d4ccd909219b311682f132e5eac308f44e6fd7
fcc191286c587301f109d0107466427e5fd5f72cb5043ac99b2f877bc8f7f064
GET /flash/icon/criteo_logo_2021.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 15:03:58 GMT
content-type: image/svg+xml
last-modified: Thu, 27 May 2021 13:21:59 GMT
etag: W/"60af9cf7-891"
expires: Fri, 08 Dec 2023 15:03:58 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5888
Expires: Tue, 13 Dec 2022 16:42:06 GMT
Date: Tue, 13 Dec 2022 15:03:58 GMT
Connection: keep-alive
ads.eu.criteo.com/delivery/r/afr.php?z=Y5iUXQACFxsFkULfAATfcGGKxYndahAFCOZTcg&u=%7CdlTumnMRUmEdcyQ8x0UFgTzYtpX2IZZg7GO%2Fj5xVwl4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm0xI9yR5IIJj44kawt1k4WAa78kR3dbkHmXQRiGXndwVMCSpU4wqJUT2pDb7TFS_IPKwueaXQwqIecvHnRwQV1fKkNZLXK8MS2UDh4nzvs78s7HxPXxb-m9iB43flItLJuUNg6uEH9aMfos3gYskICvTRMGWLA2BbqvjL9b3M3nOhLPoZKgUF8nBB46wIle56tgYKxjgjZBcy_uPlLO86QQi70S_VU7kumuHRBsC3nLrO3onFxuEdIjbey0GyBGQQV-PVBaF23AzekECfHv2bdxw-03KZVJOmMQhV3VTGlKFQDQ1z-9Rerfy_Hoi6BSN-_yGlgk1SdgVXBAII9jFzlPFv5BkOWLnAjb8egTsWRUdw6AXC4n_zyXkvVHCjPlWJbF3J-hmVRoWdmjO6wyCa4GIAholKVRdxySdojahUEQhaEFW0oCb43XrKxtqxYhSzh9lyA0RxhJBgzGi_U2qsOR2VQo1N05ppk3EVEX-U0ocYXiUNQUMlazZXmjQfYkMwXX_6FfHwZXFQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7cZ9XZSYY5uuCN-FxdwP8L6TqA7JntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTc5MjY2MDQ0NjM5NzQ0NznIAQmpAjSmC2Z_rrE-qAMBqgSbAk_Quqmxio6kkxW2zMkI_1KJUSV-C47BrjEoUaquTZrqPfPzhDpEtP5JUuNrQ_w4tablpJ9BhnzttWJ6Y2mvveOxyJKjySKnlu1qJDWPyL4Zk03hTH_tYH4RENg7VlbcU426lAiNGSoOZ2QSi-Hry9MD9z_NB3rX2ORFwIcAS2mWbU-dZzF2EzBvIaTI98CNGrHIBFsCPF-RuKfcpfX1Kwx8UXU_5ipe4uSZMXhey8puA3zWFB-3_r3550n3Lnqmi-CHGxNtBH5We_7-NM7yI-MzaeluCTGGdeW2EJftGsmL6yMgDcrfQ6OpiK0TrqVTJh2Q3YppWHlvWbn_3knNj6mDKn45_ypkVp-eP12n3_Gd2SnUHKVcjJR04lGABv6718udj_-0a6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2FR4vJsQFdplEARe0iZlyCyQDQOA%26client%3Dca-pub-7926604463974479%26adurl%3D
200 OK 58 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y5iUXQACFxsFkULfAATfcGGKxYndahAFCOZTcg&u=%7CdlTumnMRUmEdcyQ8x0UFgTzYtpX2IZZg7GO%2Fj5xVwl4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm0xI9yR5IIJj44kawt1k4WAa78kR3dbkHmXQRiGXndwVMCSpU4wqJUT2pDb7TFS_IPKwueaXQwqIecvHnRwQV1fKkNZLXK8MS2UDh4nzvs78s7HxPXxb-m9iB43flItLJuUNg6uEH9aMfos3gYskICvTRMGWLA2BbqvjL9b3M3nOhLPoZKgUF8nBB46wIle56tgYKxjgjZBcy_uPlLO86QQi70S_VU7kumuHRBsC3nLrO3onFxuEdIjbey0GyBGQQV-PVBaF23AzekECfHv2bdxw-03KZVJOmMQhV3VTGlKFQDQ1z-9Rerfy_Hoi6BSN-_yGlgk1SdgVXBAII9jFzlPFv5BkOWLnAjb8egTsWRUdw6AXC4n_zyXkvVHCjPlWJbF3J-hmVRoWdmjO6wyCa4GIAholKVRdxySdojahUEQhaEFW0oCb43XrKxtqxYhSzh9lyA0RxhJBgzGi_U2qsOR2VQo1N05ppk3EVEX-U0ocYXiUNQUMlazZXmjQfYkMwXX_6FfHwZXFQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7cZ9XZSYY5uuCN-FxdwP8L6TqA7JntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTc5MjY2MDQ0NjM5NzQ0NznIAQmpAjSmC2Z_rrE-qAMBqgSbAk_Quqmxio6kkxW2zMkI_1KJUSV-C47BrjEoUaquTZrqPfPzhDpEtP5JUuNrQ_w4tablpJ9BhnzttWJ6Y2mvveOxyJKjySKnlu1qJDWPyL4Zk03hTH_tYH4RENg7VlbcU426lAiNGSoOZ2QSi-Hry9MD9z_NB3rX2ORFwIcAS2mWbU-dZzF2EzBvIaTI98CNGrHIBFsCPF-RuKfcpfX1Kwx8UXU_5ipe4uSZMXhey8puA3zWFB-3_r3550n3Lnqmi-CHGxNtBH5We_7-NM7yI-MzaeluCTGGdeW2EJftGsmL6yMgDcrfQ6OpiK0TrqVTJh2Q3YppWHlvWbn_3knNj6mDKn45_ypkVp-eP12n3_Gd2SnUHKVcjJR04lGABv6718udj_-0a6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2FR4vJsQFdplEARe0iZlyCyQDQOA%26client%3Dca-pub-7926604463974479%26adurl%3D
IP
Hash 9a19d5f1420fd56445cffcb02470ae9b
8fd95a100dd93b8ae3dccd8acc6a7d20ae19a385
dbd17ae7a1f325ddf57eccd1476d5b5fb38d7691060b2a95641700034d71767a
GET /delivery/r/afr.php?z=Y5iUXQACFxsFkULfAATfcGGKxYndahAFCOZTcg&u=%7CdlTumnMRUmEdcyQ8x0UFgTzYtpX2IZZg7GO%2Fj5xVwl4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm0xI9yR5IIJj44kawt1k4WAa78kR3dbkHmXQRiGXndwVMCSpU4wqJUT2pDb7TFS_IPKwueaXQwqIecvHnRwQV1fKkNZLXK8MS2UDh4nzvs78s7HxPXxb-m9iB43flItLJuUNg6uEH9aMfos3gYskICvTRMGWLA2BbqvjL9b3M3nOhLPoZKgUF8nBB46wIle56tgYKxjgjZBcy_uPlLO86QQi70S_VU7kumuHRBsC3nLrO3onFxuEdIjbey0GyBGQQV-PVBaF23AzekECfHv2bdxw-03KZVJOmMQhV3VTGlKFQDQ1z-9Rerfy_Hoi6BSN-_yGlgk1SdgVXBAII9jFzlPFv5BkOWLnAjb8egTsWRUdw6AXC4n_zyXkvVHCjPlWJbF3J-hmVRoWdmjO6wyCa4GIAholKVRdxySdojahUEQhaEFW0oCb43XrKxtqxYhSzh9lyA0RxhJBgzGi_U2qsOR2VQo1N05ppk3EVEX-U0ocYXiUNQUMlazZXmjQfYkMwXX_6FfHwZXFQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7cZ9XZSYY5uuCN-FxdwP8L6TqA7JntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTc5MjY2MDQ0NjM5NzQ0NznIAQmpAjSmC2Z_rrE-qAMBqgSbAk_Quqmxio6kkxW2zMkI_1KJUSV-C47BrjEoUaquTZrqPfPzhDpEtP5JUuNrQ_w4tablpJ9BhnzttWJ6Y2mvveOxyJKjySKnlu1qJDWPyL4Zk03hTH_tYH4RENg7VlbcU426lAiNGSoOZ2QSi-Hry9MD9z_NB3rX2ORFwIcAS2mWbU-dZzF2EzBvIaTI98CNGrHIBFsCPF-RuKfcpfX1Kwx8UXU_5ipe4uSZMXhey8puA3zWFB-3_r3550n3Lnqmi-CHGxNtBH5We_7-NM7yI-MzaeluCTGGdeW2EJftGsmL6yMgDcrfQ6OpiK0TrqVTJh2Q3YppWHlvWbn_3knNj6mDKn45_ypkVp-eP12n3_Gd2SnUHKVcjJR04lGABv6718udj_-0a6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2FR4vJsQFdplEARe0iZlyCyQDQOA%26client%3Dca-pub-7926604463974479%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:03:57 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=CvCyX2myz4zpmkgSYWv29RcAsqrTM5uQ1sqww1t7aTDRZeaKzwgIAr9fiDpIUEVRmX2mFiopJPIMcKJufgkgsH4Ira7kxKnwlC7fRIU6E22LNVtMPezPf239f--3OM4Z784Wr1-ukdQMuWeO2c7fceLMEoUBtshXNnr1WOd5fPfrnQBidw-iReYrxJKuVNIiRpD7p8q6mSAgNyAQwIoGFUkjbObh6_voSS1qyh3fPTmB05q0FEzjhpPrHBoXFPE-X_VHgzVnqyD4BmFO"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 134595241
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5846
Expires: Tue, 13 Dec 2022 16:41:24 GMT
Date: Tue, 13 Dec 2022 15:03:58 GMT
Connection: keep-alive
pix.eu.criteo.net/img/img?h=108&m=0&partner=23519&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F23519%2F221201%2F78224789e70d41118d050b40be08cca7_sledstore-logo.png&v=3&w=316&s=KhsM2v7Hmt7jyb0bw5NNU4P1
200 OK 7.3 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=108&m=0&partner=23519&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F23519%2F221201%2F78224789e70d41118d050b40be08cca7_sledstore-logo.png&v=3&w=316&s=KhsM2v7Hmt7jyb0bw5NNU4P1
IP
File type PNG image data, 316 x 91, 8-bit/color RGBA, non-interlaced\012- data
Hash 6e2b8b70bd167e89b456e9c2036e8034
b28a4842dcbd2af2047a4ffd6d32c2af0e583b34
dd37516a4133ee83e158fcd5652f07ceaea8d9ae422e6c8e0b3293b30b933354
GET /img/img?h=108&m=0&partner=23519&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F23519%2F221201%2F78224789e70d41118d050b40be08cca7_sledstore-logo.png&v=3&w=316&s=KhsM2v7Hmt7jyb0bw5NNU4P1 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30076134
expires: Sun, 26 Nov 2023 17:32:52 GMT
date: Tue, 13 Dec 2022 15:03:57 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7290
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F9%2F9%2F3%2Fc%2F993c78120a1d0fa7722ab72c50dc5abbfa87280e_3_PIA_175728_0_20ab.png%3Fcb%3D202250&v=3&w=800&s=QWs5Drv9HPNECQYtu8XhQuJV&b=400
200 OK 23 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F9%2F9%2F3%2Fc%2F993c78120a1d0fa7722ab72c50dc5abbfa87280e_3_PIA_175728_0_20ab.png%3Fcb%3D202250&v=3&w=800&s=QWs5Drv9HPNECQYtu8XhQuJV&b=400
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5d6c0ba93cbc75838395f85a49deb8b8
d2bbfaad975096c3cf2fccc5bd263ee6573a2fcd
3b5f1d58eb4a0171834485b4eb23b745e9cae1cdfffded44cc0508b7562790ea
GET /img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F9%2F9%2F3%2Fc%2F993c78120a1d0fa7722ab72c50dc5abbfa87280e_3_PIA_175728_0_20ab.png%3Fcb%3D202250&v=3&w=800&s=QWs5Drv9HPNECQYtu8XhQuJV&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31422329
expires: Tue, 12 Dec 2023 07:29:27 GMT
date: Tue, 13 Dec 2022 15:03:57 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 23074
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2Fd%2F6%2Fa%2F1%2Fd6a1cd0ae8f66971c14753f24e7d5439714d3edb_3_PIA_175702_0_10ab.png%3Fcb%3D202250&v=3&w=800&s=OxxmZsDvLVBKask5zGS7wyfP&b=400
200 OK 23 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2Fd%2F6%2Fa%2F1%2Fd6a1cd0ae8f66971c14753f24e7d5439714d3edb_3_PIA_175702_0_10ab.png%3Fcb%3D202250&v=3&w=800&s=OxxmZsDvLVBKask5zGS7wyfP&b=400
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash dd0a1c840e987576c4524c173f5ba558
661ab4b71e1ccdd618b4273038c2952415caa5c9
ed06f20190828ef63326ca239cfd61cf4049a1c7162640d1059427a5c97f11e2
GET /img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2Fd%2F6%2Fa%2F1%2Fd6a1cd0ae8f66971c14753f24e7d5439714d3edb_3_PIA_175702_0_10ab.png%3Fcb%3D202250&v=3&w=800&s=OxxmZsDvLVBKask5zGS7wyfP&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31422312
expires: Tue, 12 Dec 2023 07:29:11 GMT
date: Tue, 13 Dec 2022 15:03:57 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 23428
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F4%2F2%2F6%2F4%2F42642ea66879e0d4c870132d155dcf6b6c8af83b_3_PIA_175715_0_30ab.png%3Fcb%3D202250&v=3&w=800&s=uRjgBCw_bohAUmyna1zJGXj7&b=400
200 OK 22 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F4%2F2%2F6%2F4%2F42642ea66879e0d4c870132d155dcf6b6c8af83b_3_PIA_175715_0_30ab.png%3Fcb%3D202250&v=3&w=800&s=uRjgBCw_bohAUmyna1zJGXj7&b=400
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash f9fd1b24ffea6d7405a113fbbf5f89dc
9fcf28da340faef7f0c4b8f4e9d1b15d1289beca
7f0d2067a86a0eb8cf24d526f4b703f3289a421a56e260ba08b9bbec0c06ae10
GET /img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F4%2F2%2F6%2F4%2F42642ea66879e0d4c870132d155dcf6b6c8af83b_3_PIA_175715_0_30ab.png%3Fcb%3D202250&v=3&w=800&s=uRjgBCw_bohAUmyna1zJGXj7&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31422360
expires: Tue, 12 Dec 2023 07:29:58 GMT
date: Tue, 13 Dec 2022 15:03:58 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 22500
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Ec7B6a53B9rnuK1wYYK64mDFXJ5x8Cm0soBcxpbRUC59apGeUzdvZ82AkQs-lA81EdwymbW2GxzAvx45rCBTBgjOtZWtx-7o0iO_6cmBeo1L21v2Wx2qOI0yBv_Dy9_Jlp7Di8OLSGoPoRUsMpydavAufw7Zjm-TlWoeOLF2AFlY-T8nqbRmQLOhyXmqszMsf3tzogCJAdGs6a5cOJhclNqhsMSfNRn2FA8xOnmxqHl08Gxfbflre0qnzT54VRvYOBI-X7URhvX0OTv3Fm7zeq9E1CkTqhBJ30sMf7jIwo1ES3-PhBhP77ijWlTjwJsnuLgwmgZgvjwEeDllZiQ0ypBuomTwXCGjbGwwI4fNRmhcqWveQn7VKfw00zLWHYFmqe75UBOqaKcVq3P9hUi48wqqK_rxl59LVeo8wyAGK-UtdqhZ
200 OK 6.5 kB URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Ec7B6a53B9rnuK1wYYK64mDFXJ5x8Cm0soBcxpbRUC59apGeUzdvZ82AkQs-lA81EdwymbW2GxzAvx45rCBTBgjOtZWtx-7o0iO_6cmBeo1L21v2Wx2qOI0yBv_Dy9_Jlp7Di8OLSGoPoRUsMpydavAufw7Zjm-TlWoeOLF2AFlY-T8nqbRmQLOhyXmqszMsf3tzogCJAdGs6a5cOJhclNqhsMSfNRn2FA8xOnmxqHl08Gxfbflre0qnzT54VRvYOBI-X7URhvX0OTv3Fm7zeq9E1CkTqhBJ30sMf7jIwo1ES3-PhBhP77ijWlTjwJsnuLgwmgZgvjwEeDllZiQ0ypBuomTwXCGjbGwwI4fNRmhcqWveQn7VKfw00zLWHYFmqe75UBOqaKcVq3P9hUi48wqqK_rxl59LVeo8wyAGK-UtdqhZ
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash e01315895df09439dfe10ef66ed7ed17
c3f4241c082193e0594d15f3c4d216fc9c555e5d
ba21db5ae20f96aed51d99068c2e3c07b3ed7b9a34e5cb55077a4fbc7f08319f
GET /delivery/lg.php?cppv=3&cpp=Ec7B6a53B9rnuK1wYYK64mDFXJ5x8Cm0soBcxpbRUC59apGeUzdvZ82AkQs-lA81EdwymbW2GxzAvx45rCBTBgjOtZWtx-7o0iO_6cmBeo1L21v2Wx2qOI0yBv_Dy9_Jlp7Di8OLSGoPoRUsMpydavAufw7Zjm-TlWoeOLF2AFlY-T8nqbRmQLOhyXmqszMsf3tzogCJAdGs6a5cOJhclNqhsMSfNRn2FA8xOnmxqHl08Gxfbflre0qnzT54VRvYOBI-X7URhvX0OTv3Fm7zeq9E1CkTqhBJ30sMf7jIwo1ES3-PhBhP77ijWlTjwJsnuLgwmgZgvjwEeDllZiQ0ypBuomTwXCGjbGwwI4fNRmhcqWveQn7VKfw00zLWHYFmqe75UBOqaKcVq3P9hUi48wqqK_rxl59LVeo8wyAGK-UtdqhZ HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:03:57 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2725437
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F2%2Fe%2F1%2F4%2F2e141309d74b4a3984e78d9db3236da3_2_PIA-293342_0_10.png%3Fcb%3D202250&v=3&w=800&s=1OAPmFAyWNCNRkyfQKm9XadI&b=400
200 OK 21 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F2%2Fe%2F1%2F4%2F2e141309d74b4a3984e78d9db3236da3_2_PIA-293342_0_10.png%3Fcb%3D202250&v=3&w=800&s=1OAPmFAyWNCNRkyfQKm9XadI&b=400
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 42f5a7551f0a764b40d4afdae2544b42
8fbe4d0b823a58f3360fefebfa6ed7c01c25349d
98e203c50c1eae812d918ef62cacbe552035702bf04ac05acf9f7cbab3e2a53e
GET /img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F2%2Fe%2F1%2F4%2F2e141309d74b4a3984e78d9db3236da3_2_PIA-293342_0_10.png%3Fcb%3D202250&v=3&w=800&s=1OAPmFAyWNCNRkyfQKm9XadI&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31422390
expires: Tue, 12 Dec 2023 07:30:28 GMT
date: Tue, 13 Dec 2022 15:03:58 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 20686
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F8%2F1%2F9%2Ff%2F819fe8e8a214b846380817b79bc005be550446b6_014980000.png%3Fcb%3D202250&v=3&w=800&s=pZOC8CwS8C0GjLj-6K3FmPYT&b=400
200 OK 26 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F8%2F1%2F9%2Ff%2F819fe8e8a214b846380817b79bc005be550446b6_014980000.png%3Fcb%3D202250&v=3&w=800&s=pZOC8CwS8C0GjLj-6K3FmPYT&b=400
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash ab8bffd762d47ecca165f20314338f4f
1c82eef4b4ac463bc600db33a917b6d5f44caef1
f89a10ce83848e8af725809c66be3609e11ccf9e64fc126f9512e297445474a8
GET /img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F8%2F1%2F9%2Ff%2F819fe8e8a214b846380817b79bc005be550446b6_014980000.png%3Fcb%3D202250&v=3&w=800&s=pZOC8CwS8C0GjLj-6K3FmPYT&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31427143
expires: Tue, 12 Dec 2023 08:49:42 GMT
date: Tue, 13 Dec 2022 15:03:58 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 25696
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F3%2Ff%2F4%2F3%2F3f432cd6164348c3a9c55ff81f93d5ec_3_PIA-250938_0_10.png%3Fcb%3D202250&v=3&w=800&s=KebS4CNT53Q5Czkvrsy5nMK2&b=400
200 OK 15 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F3%2Ff%2F4%2F3%2F3f432cd6164348c3a9c55ff81f93d5ec_3_PIA-250938_0_10.png%3Fcb%3D202250&v=3&w=800&s=KebS4CNT53Q5Czkvrsy5nMK2&b=400
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash bea8e973919a3e526c37c26854c2862e
2cc8b827152e20384cba5d844fb44947bb5a2c50
0c09fcb496a0437be5186e20a40d124ac1009924ec2bcc80d4842589a7e7327e
GET /img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F3%2Ff%2F4%2F3%2F3f432cd6164348c3a9c55ff81f93d5ec_3_PIA-250938_0_10.png%3Fcb%3D202250&v=3&w=800&s=KebS4CNT53Q5Czkvrsy5nMK2&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31422293
expires: Tue, 12 Dec 2023 07:28:51 GMT
date: Tue, 13 Dec 2022 15:03:58 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 15334
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba22bdf-55a7-4e1e-9034-79415392197a.jpeg
200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba22bdf-55a7-4e1e-9034-79415392197a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6788236cae1083aaf5a1cf95f1a6c9b
3825506ecfd360bf5352979023f445748373be3b
544d94a4896d3db29f3b6e518503f82776a3feaa55a5e9114b5572da1e667691
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba22bdf-55a7-4e1e-9034-79415392197a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9676
x-amzn-requestid: 6d84c903-9bdb-4255-8324-d87d99cd1979
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dDWgGHZZoAMFtwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63979e00-7964e1ca60e88ca45822b963;Sampled=0
x-amzn-remapped-date: Mon, 12 Dec 2022 21:32:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r4L6lushe7nGkttIzAH9dCCjcQ6oVWYMUpMyAubdHl-Rjbh4byzlaA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 21:53:49 GMT
age: 61809
etag: "3825506ecfd360bf5352979023f445748373be3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F2%2Fc%2Fd%2F4%2F2cd4ca4aaa34dc659c66748e47669706cd64b390_2015_02_05144221_Rullbocksats_Proworks_rod.png%3Fcb%3D202250&v=3&w=800&s=w6jGloRPWSkLV5cWMj-nKRPY&b=400
200 OK 29 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F2%2Fc%2Fd%2F4%2F2cd4ca4aaa34dc659c66748e47669706cd64b390_2015_02_05144221_Rullbocksats_Proworks_rod.png%3Fcb%3D202250&v=3&w=800&s=w6jGloRPWSkLV5cWMj-nKRPY&b=400
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 646ab4d341fca4ef6460b209892d5e18
feb87ce24bce8a3de1de1dbd97fa63a7385848b2
4409270252a8656bb8e905b53ab068f769058e689c5878e0ad357c6beb4ce23a
GET /img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F2%2Fc%2Fd%2F4%2F2cd4ca4aaa34dc659c66748e47669706cd64b390_2015_02_05144221_Rullbocksats_Proworks_rod.png%3Fcb%3D202250&v=3&w=800&s=w6jGloRPWSkLV5cWMj-nKRPY&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31422313
expires: Tue, 12 Dec 2023 07:29:12 GMT
date: Tue, 13 Dec 2022 15:03:57 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 29192
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F0%2F5%2F3%2F8%2F0538b4e87e0551a5fcbe319a896dbeaf47d6ad3d_1_pia_109209_9_30.png%3Fcb%3D202250&v=3&w=800&s=hbc-Hc1pmQzwOg09m8RZK-Gk&b=400
200 OK 13 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F0%2F5%2F3%2F8%2F0538b4e87e0551a5fcbe319a896dbeaf47d6ad3d_1_pia_109209_9_30.png%3Fcb%3D202250&v=3&w=800&s=hbc-Hc1pmQzwOg09m8RZK-Gk&b=400
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash d2180c6f7c44de771c158d3bbdfa7077
b5b5c34577a82ddf243f4780593a887c144f54c5
d8fd3196358180b6150cd98ba7486e3b43c39a5c594ed9f62f1d32751d71d4ab
GET /img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F0%2F5%2F3%2F8%2F0538b4e87e0551a5fcbe319a896dbeaf47d6ad3d_1_pia_109209_9_30.png%3Fcb%3D202250&v=3&w=800&s=hbc-Hc1pmQzwOg09m8RZK-Gk&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31422314
expires: Tue, 12 Dec 2023 07:29:12 GMT
date: Tue, 13 Dec 2022 15:03:57 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 13040
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffebdc4d5-a724-47ca-a30a-bce3e96bbbe3.jpeg
200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffebdc4d5-a724-47ca-a30a-bce3e96bbbe3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f6f26cc088c96e477fab6eb3bfac37b
7c2728ee396b9aa4d8c32300fb3695e04fcb9d6c
29f7be917aa2ada98958c1e5cc12073417573a46376b35334535587e09c37948
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffebdc4d5-a724-47ca-a30a-bce3e96bbbe3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3666
x-amzn-requestid: 9eb88928-c5fe-4a71-bc9b-a3aa9ffc2d06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dDWgPE_CoAMFv7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63979e01-6ed9af730d773de1607af63c;Sampled=0
x-amzn-remapped-date: Mon, 12 Dec 2022 21:32:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JzqwfGNChytZ0rnnQTInbqSC4ffPe2Z6xmCFHszQfrWN_kF_De1qbw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 22:00:35 GMT
age: 61403
etag: "7c2728ee396b9aa4d8c32300fb3695e04fcb9d6c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2Fb%2F1%2F9%2Fe%2Fb19ebe926c35682e000926006ddce0ae29c335f0_2_PIA_118185_0_30.png%3Fcb%3D202250&v=3&w=800&s=kVwWXb17k90WH83ygmnbV2id&b=400
200 OK 20 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2Fb%2F1%2F9%2Fe%2Fb19ebe926c35682e000926006ddce0ae29c335f0_2_PIA_118185_0_30.png%3Fcb%3D202250&v=3&w=800&s=kVwWXb17k90WH83ygmnbV2id&b=400
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 393f754af658aff00ef686c49818ad36
25a16c36ec04f1d96964c7ed0982b417089fde89
42af6eb3d51ac8373e2adc04cfa557861d2eb50bff509abfc5b18dcf9c74037c
GET /img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2Fb%2F1%2F9%2Fe%2Fb19ebe926c35682e000926006ddce0ae29c335f0_2_PIA_118185_0_30.png%3Fcb%3D202250&v=3&w=800&s=kVwWXb17k90WH83ygmnbV2id&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31422289
expires: Tue, 12 Dec 2023 07:28:48 GMT
date: Tue, 13 Dec 2022 15:03:58 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 19854
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86bce3d677c0dd541440ebf38920020d
f11e21b6ad97e07b1d7103ad40a2e158e06fda73
9e23bc16cd1402d9124ebb9e625a5580f677ca9e008d3e04dc95080072fd1df4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7104
x-amzn-requestid: b1117224-be51-4e21-8b3b-01e5485f0af0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAD2yH4loAMFuWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964cf8-1382e1a6710239ec629eedb8;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:34:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eCJ1Y9f8WMsfMlaqxVR4kTx0Eacgeqn2TN-df-DPt9nQI9AIrqHkEg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 22:16:33 GMT
age: 60445
etag: "f11e21b6ad97e07b1d7103ad40a2e158e06fda73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e88e06c-7fb5-447c-ab5f-a3075c4318c1.jpeg
200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e88e06c-7fb5-447c-ab5f-a3075c4318c1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a155e8441280437a2293c7838ee085c1
f70e9e62d07733784b37e050b163ee7fdc17ce99
8cfa8d89af71d36df36c480a5228d3822cc5b5a0c2d373997d30144b4a979618
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e88e06c-7fb5-447c-ab5f-a3075c4318c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4453
x-amzn-requestid: fe6af59f-8c78-40e6-bf15-2aeab0c1da0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c6jXkEjZoAMFctw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639418fd-345602320306063952b95a35;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 05:28:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z07j2G00tK9aq33axqsJWvZ8EkyPtkvpZPmVhFfjYc2P6fKMKP05Rw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 11:47:55 GMT
age: 11763
etag: "f70e9e62d07733784b37e050b163ee7fdc17ce99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
200 OK 7.4 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
IP
Hash 00a334e88d9929f36103bb1d8367cc5c
a7eaf9c1d784650d89c5753424ca5f29afbca9ef
8fd10ea56ee5ede051028d3cd2fdd9373ea42fd6612e93da4034ce25f1c882d7
GET /css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Dec 2022 15:03:58 GMT
date: Tue, 13 Dec 2022 15:03:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F1%2F817203-0_1.jpg%3Fcb%3Da8a1899950eee66b356644ad6004d003&v=3&w=400&s=UmIEVGrUX2cOogzOx3mMTsae&b=400
200 OK 16 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F1%2F817203-0_1.jpg%3Fcb%3Da8a1899950eee66b356644ad6004d003&v=3&w=400&s=UmIEVGrUX2cOogzOx3mMTsae&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x372, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4fac2d17969d6a48384b57dddf216324
da44bd352f0f93cff7b8d3933b393f878b2c3700
33ecc60f850b44e493a58e62f4e5aea65a23bd6f53485bbc7e0d210f67aec5d4
GET /img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F1%2F817203-0_1.jpg%3Fcb%3Da8a1899950eee66b356644ad6004d003&v=3&w=400&s=UmIEVGrUX2cOogzOx3mMTsae&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29607853
expires: Tue, 21 Nov 2023 07:28:12 GMT
date: Tue, 13 Dec 2022 15:03:58 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 16188
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=6398945d755f86b1758bd32b20200f6c
302 Found 496 B URL HTTP/2 a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=6398945d755f86b1758bd32b20200f6c
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (424), with CRLF line terminators
Hash 82c4e2ef358b705220d29ef01021eed3
371520dec4ec3e3923381206dae88a06f85eeac2
077db454e5bfa9efe474b7589d2c0e1e218edf5d5dc123f279a13984a9c837c0
GET /adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=6398945d755f86b1758bd32b20200f6c HTTP/1.1
Host: a1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 13 Dec 2022 15:03:58 GMT
content-type: text/html; charset=utf-8
location: https://mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=4395&adfrmid=0
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=1WsC3mmyz4zpmkgSleJI4ssxJ8tbbDDLWGafH5HtwhKs-J6b4wkv4QUO_tkJiPA6azS9I6jwq1s4TSphIIF0KABnoyHgQK-8a90J8k8QtuzUmFeZ6TfWuHCXmc13PVejxKoav59sbfBuKtcTHg2b2i-mu_MO2fvBmZITR9kPjt-j9odLUjY-bEBjrUFUDXIOev_H-NcCQ1l8y6vDQ2hVEOjym9rvn-iYTxk0hsXdclrjbCxmrPZTNfYXqlnyEcY4G03z7BlQEb_uxUXH&sds=2&rev=83933&sendBeacon=true
200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=1WsC3mmyz4zpmkgSleJI4ssxJ8tbbDDLWGafH5HtwhKs-J6b4wkv4QUO_tkJiPA6azS9I6jwq1s4TSphIIF0KABnoyHgQK-8a90J8k8QtuzUmFeZ6TfWuHCXmc13PVejxKoav59sbfBuKtcTHg2b2i-mu_MO2fvBmZITR9kPjt-j9odLUjY-bEBjrUFUDXIOev_H-NcCQ1l8y6vDQ2hVEOjym9rvn-iYTxk0hsXdclrjbCxmrPZTNfYXqlnyEcY4G03z7BlQEb_uxUXH&sds=2&rev=83933&sendBeacon=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=1WsC3mmyz4zpmkgSleJI4ssxJ8tbbDDLWGafH5HtwhKs-J6b4wkv4QUO_tkJiPA6azS9I6jwq1s4TSphIIF0KABnoyHgQK-8a90J8k8QtuzUmFeZ6TfWuHCXmc13PVejxKoav59sbfBuKtcTHg2b2i-mu_MO2fvBmZITR9kPjt-j9odLUjY-bEBjrUFUDXIOev_H-NcCQ1l8y6vDQ2hVEOjym9rvn-iYTxk0hsXdclrjbCxmrPZTNfYXqlnyEcY4G03z7BlQEb_uxUXH&sds=2&rev=83933&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:03:58 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y5iUXQAB3tMKsooIAAd8Mxo2AoJdAwvlWGM7_A&u=%7CdlTumnMRUmHBt%2BBnpH0ZQj5Tizz9BQtJfOAMka6dyRU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUAuabbKvlotkQOlWSrUssLbdSm-DnIFG0qy9wmBfEvHzK721YBwQZM5PnZgWEwTMAHhQCSd9e3_ldsDVkYJpGpwzQ_zuqRqZBJrw2RIWNN1yTMP0Kj4elXzKQdEqE3PBJHmYGy-PC_7DW67uaHndBAcURNwjVUPJLIMfhlLfv4cLuAy26hq9PxQcDbZbBiP4GmTc9RR0C4vPsW4zoXNxruKxs3R2BCS2hFpg_mCvMzzie1pQua-aIOfdNVs976g0Y5kbOW5UpfCQAyc96L7-D-Uaon8MkF-I_sGBwEgSCUG0W0TCCqC6Yhj54I7-yuhRHN8WWU7P0eBolPU-VNbZRFhVUTag4OwA2Lc-bkTu2pmaYZyq6je28704hZzd_fhEv7VBU8KkggJ9IRlxIKAaHFiOnwY3ck6ZOsqeV5fHd10IL2rPHpqKd_LUr6AstkXGWjgAdXCmoEyhDfLuUi6YdClBk3zFT493hgN1k1vMPJvQCj9R9Tfqyv9LuAKm-2hhoMyimOWWojsf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCI2PLXZSYY9O9B4iUygWz-J2QDsme0rFcvY6X93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzkyNjYwNDQ2Mzk3NDQ3OcgBCakCFzX670WzsT6oAwGqBJYCT9AYLuojuuKDP5p0VSJNxlcEkMTgupD9w0-kQZJM7X6VHD-HpAVYn1lAvezfmIZjQesig4a3LcR5EikOLMKVoGwQI1mcwk4BWTYz-MyYwqeL7BrKsmGn_5HWm20-0pPzp-LqX-BgmrGaCK6bATtRiQe7Tur7BrqbvrcvDX01fycrCWKeUlWVsHC9U4vYz-1k8ROXVSvZZ_39GWJTn5xRXc0PvZtm2tySPpLXDCJVt5h2sh9z7uGRrZtCiNdQnezy2GWiOTCZIYpWoy55ymecmVXTUwgKxwI2mLmgLeMDOwAknL5FOP_y2NoXHoHl4cNLt9pAVlTIEqMAH64jJ3mlMAKGw91jVv_fToiXS61BXJvP_Qrs_dCABvrv4u2Tr7XwUaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2XuCYVtKHXBnoVf3MAGk6-j8iCrw%26client%3Dca-pub-7926604463974479%26adurl%3D
200 OK 44 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y5iUXQAB3tMKsooIAAd8Mxo2AoJdAwvlWGM7_A&u=%7CdlTumnMRUmHBt%2BBnpH0ZQj5Tizz9BQtJfOAMka6dyRU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUAuabbKvlotkQOlWSrUssLbdSm-DnIFG0qy9wmBfEvHzK721YBwQZM5PnZgWEwTMAHhQCSd9e3_ldsDVkYJpGpwzQ_zuqRqZBJrw2RIWNN1yTMP0Kj4elXzKQdEqE3PBJHmYGy-PC_7DW67uaHndBAcURNwjVUPJLIMfhlLfv4cLuAy26hq9PxQcDbZbBiP4GmTc9RR0C4vPsW4zoXNxruKxs3R2BCS2hFpg_mCvMzzie1pQua-aIOfdNVs976g0Y5kbOW5UpfCQAyc96L7-D-Uaon8MkF-I_sGBwEgSCUG0W0TCCqC6Yhj54I7-yuhRHN8WWU7P0eBolPU-VNbZRFhVUTag4OwA2Lc-bkTu2pmaYZyq6je28704hZzd_fhEv7VBU8KkggJ9IRlxIKAaHFiOnwY3ck6ZOsqeV5fHd10IL2rPHpqKd_LUr6AstkXGWjgAdXCmoEyhDfLuUi6YdClBk3zFT493hgN1k1vMPJvQCj9R9Tfqyv9LuAKm-2hhoMyimOWWojsf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCI2PLXZSYY9O9B4iUygWz-J2QDsme0rFcvY6X93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzkyNjYwNDQ2Mzk3NDQ3OcgBCakCFzX670WzsT6oAwGqBJYCT9AYLuojuuKDP5p0VSJNxlcEkMTgupD9w0-kQZJM7X6VHD-HpAVYn1lAvezfmIZjQesig4a3LcR5EikOLMKVoGwQI1mcwk4BWTYz-MyYwqeL7BrKsmGn_5HWm20-0pPzp-LqX-BgmrGaCK6bATtRiQe7Tur7BrqbvrcvDX01fycrCWKeUlWVsHC9U4vYz-1k8ROXVSvZZ_39GWJTn5xRXc0PvZtm2tySPpLXDCJVt5h2sh9z7uGRrZtCiNdQnezy2GWiOTCZIYpWoy55ymecmVXTUwgKxwI2mLmgLeMDOwAknL5FOP_y2NoXHoHl4cNLt9pAVlTIEqMAH64jJ3mlMAKGw91jVv_fToiXS61BXJvP_Qrs_dCABvrv4u2Tr7XwUaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2XuCYVtKHXBnoVf3MAGk6-j8iCrw%26client%3Dca-pub-7926604463974479%26adurl%3D
IP
Hash 7957ba060bc6949163ba8a5939eadaeb
6eb3cab373e314f1ce1fa062365074ccd94ccfd1
e8f1d8d4d70aa2d4b52751fe2e527f6fa4a1845a3e1de8e1944dd804ac965c5d
GET /delivery/r/afr.php?z=Y5iUXQAB3tMKsooIAAd8Mxo2AoJdAwvlWGM7_A&u=%7CdlTumnMRUmHBt%2BBnpH0ZQj5Tizz9BQtJfOAMka6dyRU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUAuabbKvlotkQOlWSrUssLbdSm-DnIFG0qy9wmBfEvHzK721YBwQZM5PnZgWEwTMAHhQCSd9e3_ldsDVkYJpGpwzQ_zuqRqZBJrw2RIWNN1yTMP0Kj4elXzKQdEqE3PBJHmYGy-PC_7DW67uaHndBAcURNwjVUPJLIMfhlLfv4cLuAy26hq9PxQcDbZbBiP4GmTc9RR0C4vPsW4zoXNxruKxs3R2BCS2hFpg_mCvMzzie1pQua-aIOfdNVs976g0Y5kbOW5UpfCQAyc96L7-D-Uaon8MkF-I_sGBwEgSCUG0W0TCCqC6Yhj54I7-yuhRHN8WWU7P0eBolPU-VNbZRFhVUTag4OwA2Lc-bkTu2pmaYZyq6je28704hZzd_fhEv7VBU8KkggJ9IRlxIKAaHFiOnwY3ck6ZOsqeV5fHd10IL2rPHpqKd_LUr6AstkXGWjgAdXCmoEyhDfLuUi6YdClBk3zFT493hgN1k1vMPJvQCj9R9Tfqyv9LuAKm-2hhoMyimOWWojsf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCI2PLXZSYY9O9B4iUygWz-J2QDsme0rFcvY6X93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzkyNjYwNDQ2Mzk3NDQ3OcgBCakCFzX670WzsT6oAwGqBJYCT9AYLuojuuKDP5p0VSJNxlcEkMTgupD9w0-kQZJM7X6VHD-HpAVYn1lAvezfmIZjQesig4a3LcR5EikOLMKVoGwQI1mcwk4BWTYz-MyYwqeL7BrKsmGn_5HWm20-0pPzp-LqX-BgmrGaCK6bATtRiQe7Tur7BrqbvrcvDX01fycrCWKeUlWVsHC9U4vYz-1k8ROXVSvZZ_39GWJTn5xRXc0PvZtm2tySPpLXDCJVt5h2sh9z7uGRrZtCiNdQnezy2GWiOTCZIYpWoy55ymecmVXTUwgKxwI2mLmgLeMDOwAknL5FOP_y2NoXHoHl4cNLt9pAVlTIEqMAH64jJ3mlMAKGw91jVv_fToiXS61BXJvP_Qrs_dCABvrv4u2Tr7XwUaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2XuCYVtKHXBnoVf3MAGk6-j8iCrw%26client%3Dca-pub-7926604463974479%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:03:57 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=9gBbV2myz4zpmkgSXbvFjibvocZlWnmvIjc1bxAGtPhzXRlBlK1TEIhtnuvTRUhk3UKr6MaqM_ZLZDzrfRdSOqANucIe6TwCR2mFpYzZgKx2HyeTYUNVuYTv5mvVe3mPKETjVCZvHJMOtV6sSqCScwnoYxAPqplfattumeVneFwIDiTBgRay35MF_2g8u10-lI3GY4612PzggMsBQhxuIq1fiVfIF-7305ipqakck8wJIRo0N8__5zcfV8QQafgTN_BkAg"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 90725395
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=4395&adfrmid=0
302 Found 0 B URL HTTP/1.1 mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=4395&adfrmid=0
IP
ASN #50234 Eulerian Technologies S.a.s.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=4395&adfrmid=0 HTTP/1.1
Host: mm.melia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.eu.criteo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Tue, 13 Dec 2022 15:03:58 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 0
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Location: https://mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=4395&adfrmid=0
csm.eu.criteo.net/all?cppv=3&cpp=ExGH7Wmyz4zpmkgSy7o_00mnaNFlMN4eUjTqxBHoX8terwFk5P4yeX77TPQPm_ioCqG7J1mPguQxhfa6-Y8IZB0DTiNkDrxr1FTlT889g14JvjIYP77Po62UAnNjjh1oDZPIqu5KTpuBImNsbBRwkFN3nAYQI_yULaYmkq-H_BxKSX4UiB3hs9-T308B7snnh7vtNV-i-ENi5ynvuFBH8czdQsop48dbk4CYbLHBE1vNmE6HuGcATxdE1wOjwMUTp2ASCg&sds=2&rev=83933&sendBeacon=true
200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=ExGH7Wmyz4zpmkgSy7o_00mnaNFlMN4eUjTqxBHoX8terwFk5P4yeX77TPQPm_ioCqG7J1mPguQxhfa6-Y8IZB0DTiNkDrxr1FTlT889g14JvjIYP77Po62UAnNjjh1oDZPIqu5KTpuBImNsbBRwkFN3nAYQI_yULaYmkq-H_BxKSX4UiB3hs9-T308B7snnh7vtNV-i-ENi5ynvuFBH8czdQsop48dbk4CYbLHBE1vNmE6HuGcATxdE1wOjwMUTp2ASCg&sds=2&rev=83933&sendBeacon=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=ExGH7Wmyz4zpmkgSy7o_00mnaNFlMN4eUjTqxBHoX8terwFk5P4yeX77TPQPm_ioCqG7J1mPguQxhfa6-Y8IZB0DTiNkDrxr1FTlT889g14JvjIYP77Po62UAnNjjh1oDZPIqu5KTpuBImNsbBRwkFN3nAYQI_yULaYmkq-H_BxKSX4UiB3hs9-T308B7snnh7vtNV-i-ENi5ynvuFBH8czdQsop48dbk4CYbLHBE1vNmE6HuGcATxdE1wOjwMUTp2ASCg&sds=2&rev=83933&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:03:58 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2e5ee531cc0386adab9fe3d62f530231
16ec934be53e9ce97d40aedf906430551ad1b58a
0259d529060dc76765ae2bfb9bb5f513662c41e1b6608ec3a950d8b4b04ec056
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2e5ee531cc0386adab9fe3d62f530231
16ec934be53e9ce97d40aedf906430551ad1b58a
0259d529060dc76765ae2bfb9bb5f513662c41e1b6608ec3a950d8b4b04ec056
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2e5ee531cc0386adab9fe3d62f530231
16ec934be53e9ce97d40aedf906430551ad1b58a
0259d529060dc76765ae2bfb9bb5f513662c41e1b6608ec3a950d8b4b04ec056
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2e5ee531cc0386adab9fe3d62f530231
16ec934be53e9ce97d40aedf906430551ad1b58a
0259d529060dc76765ae2bfb9bb5f513662c41e1b6608ec3a950d8b4b04ec056
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 16:40:18 GMT
expires: Fri, 08 Dec 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 426220
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2e5ee531cc0386adab9fe3d62f530231
16ec934be53e9ce97d40aedf906430551ad1b58a
0259d529060dc76765ae2bfb9bb5f513662c41e1b6608ec3a950d8b4b04ec056
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 05:42:51 GMT
expires: Fri, 08 Dec 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 465667
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 17:10:21 GMT
expires: Wed, 06 Dec 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 597217
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2e5ee531cc0386adab9fe3d62f530231
16ec934be53e9ce97d40aedf906430551ad1b58a
0259d529060dc76765ae2bfb9bb5f513662c41e1b6608ec3a950d8b4b04ec056
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:03:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
csm.eu.criteo.net/all?cppv=3&cpp=CvCyX2myz4zpmkgSYWv29RcAsqrTM5uQ1sqww1t7aTDRZeaKzwgIAr9fiDpIUEVRmX2mFiopJPIMcKJufgkgsH4Ira7kxKnwlC7fRIU6E22LNVtMPezPf239f--3OM4Z784Wr1-ukdQMuWeO2c7fceLMEoUBtshXNnr1WOd5fPfrnQBidw-iReYrxJKuVNIiRpD7p8q6mSAgNyAQwIoGFUkjbObh6_voSS1qyh3fPTmB05q0FEzjhpPrHBoXFPE-X_VHgzVnqyD4BmFO&sds=2&rev=83933&sendBeacon=true
200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=CvCyX2myz4zpmkgSYWv29RcAsqrTM5uQ1sqww1t7aTDRZeaKzwgIAr9fiDpIUEVRmX2mFiopJPIMcKJufgkgsH4Ira7kxKnwlC7fRIU6E22LNVtMPezPf239f--3OM4Z784Wr1-ukdQMuWeO2c7fceLMEoUBtshXNnr1WOd5fPfrnQBidw-iReYrxJKuVNIiRpD7p8q6mSAgNyAQwIoGFUkjbObh6_voSS1qyh3fPTmB05q0FEzjhpPrHBoXFPE-X_VHgzVnqyD4BmFO&sds=2&rev=83933&sendBeacon=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=CvCyX2myz4zpmkgSYWv29RcAsqrTM5uQ1sqww1t7aTDRZeaKzwgIAr9fiDpIUEVRmX2mFiopJPIMcKJufgkgsH4Ira7kxKnwlC7fRIU6E22LNVtMPezPf239f--3OM4Z784Wr1-ukdQMuWeO2c7fceLMEoUBtshXNnr1WOd5fPfrnQBidw-iReYrxJKuVNIiRpD7p8q6mSAgNyAQwIoGFUkjbObh6_voSS1qyh3fPTmB05q0FEzjhpPrHBoXFPE-X_VHgzVnqyD4BmFO&sds=2&rev=83933&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 36
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:03:58 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F1%2F21864090-0.jpg%3Fcb%3Db77a57aa2fa796c7a1fd9e3262e98ff9&v=3&w=400&s=1ehw__JOrs2jsx3UZ8hY7lM6&b=400
200 OK 7.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F1%2F21864090-0.jpg%3Fcb%3Db77a57aa2fa796c7a1fd9e3262e98ff9&v=3&w=400&s=1ehw__JOrs2jsx3UZ8hY7lM6&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 264x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9d454ab0b2d9a65858d4c5b4fc5a2908
7c1492dfa5e54fdabb29d4f346de5e7b530d5254
ba30c291897ffbb81ea435694ff0ab0f3e3985acb3eb2fa77f84e8db3bf9a101
GET /img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F1%2F21864090-0.jpg%3Fcb%3Db77a57aa2fa796c7a1fd9e3262e98ff9&v=3&w=400&s=1ehw__JOrs2jsx3UZ8hY7lM6&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30900296
expires: Wed, 06 Dec 2023 06:28:55 GMT
date: Tue, 13 Dec 2022 15:03:58 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6964
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=244&m=0&partner=12017&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F12018%2F220214%2F72055d4d681b4db89c08acff858f1b81_chanti-logo-s.jpeg&v=3&w=196&s=RAnksqE9QcN-vYvAlz6oDxLB
200 OK 1.3 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=244&m=0&partner=12017&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F12018%2F220214%2F72055d4d681b4db89c08acff858f1b81_chanti-logo-s.jpeg&v=3&w=196&s=RAnksqE9QcN-vYvAlz6oDxLB
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 196x196, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 01f33a498f65bf4bb751def8c06a1991
dd3dc1f876dbec906a17869724b8d3284beb37cb
9e92587541f93124197e414774716e7099233aef4b4d56f4d888e9bb649b5362
GET /img/img?h=244&m=0&partner=12017&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F12018%2F220214%2F72055d4d681b4db89c08acff858f1b81_chanti-logo-s.jpeg&v=3&w=196&s=RAnksqE9QcN-vYvAlz6oDxLB HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29092841
expires: Wed, 15 Nov 2023 08:24:40 GMT
date: Tue, 13 Dec 2022 15:03:58 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 1298
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F6%2F262637-0.jpg%3Fcb%3D28123408313b39d8b01b2f1781e382c3&v=3&w=400&s=7tOv-LVeQ3oUTPfMmWmJkPN-&b=400
200 OK 3.8 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F6%2F262637-0.jpg%3Fcb%3D28123408313b39d8b01b2f1781e382c3&v=3&w=400&s=7tOv-LVeQ3oUTPfMmWmJkPN-&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 165x226, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a5e8705cf73122dd357724c91da88ad1
a3004534abac7989e38f75bb527d786243c7b0bd
752185d2d94ca2bdd3340ced64fb3ced1eb35449eeb28c7b99028cf1e8e4cd0c
GET /img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F6%2F262637-0.jpg%3Fcb%3D28123408313b39d8b01b2f1781e382c3&v=3&w=400&s=7tOv-LVeQ3oUTPfMmWmJkPN-&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31428793
expires: Tue, 12 Dec 2023 09:17:12 GMT
date: Tue, 13 Dec 2022 15:03:58 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 3794
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F1%2F211380-0_1.jpg%3Fcb%3D85a688c8922af30644052596f16a8db9&v=3&w=400&s=LH1wz-OSrN--VVnGcyF5x_8_&b=400
200 OK 17 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F1%2F211380-0_1.jpg%3Fcb%3D85a688c8922af30644052596f16a8db9&v=3&w=400&s=LH1wz-OSrN--VVnGcyF5x_8_&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5abb9d72489e3a1b9c416f4bf09d2f46
03340d6f2e37486283839139374814f044d21a11
1fef7a31a463420c2093b589d794f3403c44603fa3bdc43674e986d9b8b23028
GET /img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F1%2F211380-0_1.jpg%3Fcb%3D85a688c8922af30644052596f16a8db9&v=3&w=400&s=LH1wz-OSrN--VVnGcyF5x_8_&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30998650
expires: Thu, 07 Dec 2023 09:48:09 GMT
date: Tue, 13 Dec 2022 15:03:58 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 17336
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F0%2F5040-0_1.jpg%3Fcb%3D7ee111a393bf6dfb191d8802723568ff&v=3&w=400&s=Wb8ovgrq5vrF-VJFrAQnpK_g&b=400
200 OK 17 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F0%2F5040-0_1.jpg%3Fcb%3D7ee111a393bf6dfb191d8802723568ff&v=3&w=400&s=Wb8ovgrq5vrF-VJFrAQnpK_g&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x378, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 73f740578cdba011bab6ef4e031f8fa7
f6df7e2f3daeb0b38d578840ccb122be6d92e26c
c4bc25660acd36e3f7f20c5d6757dce05712aef467e3642cf8e460ee10f19bc9
GET /img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F0%2F5040-0_1.jpg%3Fcb%3D7ee111a393bf6dfb191d8802723568ff&v=3&w=400&s=Wb8ovgrq5vrF-VJFrAQnpK_g&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30217931
expires: Tue, 28 Nov 2023 08:56:10 GMT
date: Tue, 13 Dec 2022 15:03:58 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 16754
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=4395&adfrmid=0
200 OK 43 B URL HTTP/1.1 mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=4395&adfrmid=0
IP
ASN #50234 Eulerian Technologies S.a.s.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 718e8bd317b47c1018a861f423615c1c
874d28c9586324d5d16558065197cea533f10b67
11e3a37194c2691ff2eb5c2237cb14a9269c30e844dc48047f9324391477f11f
GET /dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=4395&adfrmid=0 HTTP/1.1
Host: mml1.melia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.eu.criteo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 13 Dec 2022 15:03:59 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 43
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Content-Type: image/gif
Set-Cookie: etuix=u18xIAe7CRZc30bRIIHkXB2aGfrsFjqVJ1KLyZwbgJ7PpKgrqwy.Zw--; expires=Wed, 10 Jan 2024 15:03:59 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
et0=S4NqBsLqW6o_clDSgKqUuI5E3OmVS_ZSpMJbe6Ai9H0F2_i3jYAD04fIdZ_TjoPexdm1cqHqEx62928uDt_mDbZySYEc.2edIr9B69XNXnmOnrvNMucwebjsozyLwbB7AHo-; expires=Wed, 10 Jan 2024 15:03:59 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
et=1; expires=Wed, 10 Jan 2024 15:03:59 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
csm.eu.criteo.net/all?cppv=3&cpp=deSoa2myz4zpmkgSU9Xl0vOGqy1-Zef5B0sjwRQCNA08RZDr8VtmUYe-6sbmA-pV-X0C7svdDoXcckVm3TdC9LnCBZuPLqLPk8-PB5b69IZH4u1VTh4VG4PMNLD3co6iH471gfONXm0CeKNnmzCiwSt8rlYaxkIPSb3we-VQ0c_XixW9T1uaZ480d3VHPxfUY7MiaVoQ0uBMFdkUZ_Zt6tBQ9D6KPqASM0sgDXPFAdQQ7XIZtCYkuH9Xz7oP2SDLr28UAg&sds=2&rev=83933&sendBeacon=true
200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=deSoa2myz4zpmkgSU9Xl0vOGqy1-Zef5B0sjwRQCNA08RZDr8VtmUYe-6sbmA-pV-X0C7svdDoXcckVm3TdC9LnCBZuPLqLPk8-PB5b69IZH4u1VTh4VG4PMNLD3co6iH471gfONXm0CeKNnmzCiwSt8rlYaxkIPSb3we-VQ0c_XixW9T1uaZ480d3VHPxfUY7MiaVoQ0uBMFdkUZ_Zt6tBQ9D6KPqASM0sgDXPFAdQQ7XIZtCYkuH9Xz7oP2SDLr28UAg&sds=2&rev=83933&sendBeacon=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=deSoa2myz4zpmkgSU9Xl0vOGqy1-Zef5B0sjwRQCNA08RZDr8VtmUYe-6sbmA-pV-X0C7svdDoXcckVm3TdC9LnCBZuPLqLPk8-PB5b69IZH4u1VTh4VG4PMNLD3co6iH471gfONXm0CeKNnmzCiwSt8rlYaxkIPSb3we-VQ0c_XixW9T1uaZ480d3VHPxfUY7MiaVoQ0uBMFdkUZ_Zt6tBQ9D6KPqASM0sgDXPFAdQQ7XIZtCYkuH9Xz7oP2SDLr28UAg&sds=2&rev=83933&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 36
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:03:59 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=6398945d6fef61657b8e6a8810b34cb7
302 Found 20 kB URL HTTP/2 a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=6398945d6fef61657b8e6a8810b34cb7
IP
Hash 15983de3102e474386bd926d9b2f9e1b
0528431670f6157e98fadff3b530df4834b4a28e
c8a14ba16160cece8568042f667908ad2526f094f3558bd64c4147c71b792c47
GET /adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=6398945d6fef61657b8e6a8810b34cb7 HTTP/1.1
Host: a1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 13 Dec 2022 15:03:59 GMT
content-type: text/html; charset=utf-8
location: https://mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=28548&adfrmid=0
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=28548&adfrmid=0
302 Found 0 B URL HTTP/1.1 mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=28548&adfrmid=0
IP
ASN #50234 Eulerian Technologies S.a.s.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=28548&adfrmid=0 HTTP/1.1
Host: mm.melia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.eu.criteo.com/
Connection: keep-alive
Cookie: etuix=u18xIAe7CRZc30bRIIHkXB2aGfrsFjqVJ1KLyZwbgJ7PpKgrqwy.Zw--; et0=S4NqBsLqW6o_clDSgKqUuI5E3OmVS_ZSpMJbe6Ai9H0F2_i3jYAD04fIdZ_TjoPexdm1cqHqEx62928uDt_mDbZySYEc.2edIr9B69XNXnmOnrvNMucwebjsozyLwbB7AHo-; et=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Tue, 13 Dec 2022 15:03:59 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 0
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Location: https://mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=28548&adfrmid=0
mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=28548&adfrmid=0
200 OK 43 B URL HTTP/1.1 mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=28548&adfrmid=0
IP
ASN #50234 Eulerian Technologies S.a.s.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 718e8bd317b47c1018a861f423615c1c
874d28c9586324d5d16558065197cea533f10b67
11e3a37194c2691ff2eb5c2237cb14a9269c30e844dc48047f9324391477f11f
GET /dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=28548&adfrmid=0 HTTP/1.1
Host: mml1.melia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.eu.criteo.com/
Connection: keep-alive
Cookie: etuix=u18xIAe7CRZc30bRIIHkXB2aGfrsFjqVJ1KLyZwbgJ7PpKgrqwy.Zw--; et0=S4NqBsLqW6o_clDSgKqUuI5E3OmVS_ZSpMJbe6Ai9H0F2_i3jYAD04fIdZ_TjoPexdm1cqHqEx62928uDt_mDbZySYEc.2edIr9B69XNXnmOnrvNMucwebjsozyLwbB7AHo-; et=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 13 Dec 2022 15:03:59 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 43
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Content-Type: image/gif
Set-Cookie: et0=pa0q5Tye3UH8rcQWfJvDGd8yQvtme1n1s5k_ayzR3V_BCVgp4Hx3cCe3MFJh6CX7TUQCAD5v6hIt1IuHnLhTocVm7o11Z4UqQumaARB09NwlPRK9XzTGv8AgG0uQwV05eKA-; expires=Wed, 10 Jan 2024 15:03:59 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
et=1; expires=Wed, 10 Jan 2024 15:03:59 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
jqueryapi.info/?getsrc=ok&ref=&url=http%3A%2F%2Finfogojekbdg.blogspot.com%2Fsearch%2Flabel%2Fcara%2520tutup%2520poin%2520gojek%2520dengan%2520aman%27
302 Found 0 B URL HTTP/1.1 jqueryapi.info/?getsrc=ok&ref=&url=http%3A%2F%2Finfogojekbdg.blogspot.com%2Fsearch%2Flabel%2Fcara%2520tutup%2520poin%2520gojek%2520dengan%2520aman%27
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?getsrc=ok&ref=&url=http%3A%2F%2Finfogojekbdg.blogspot.com%2Fsearch%2Flabel%2Fcara%2520tutup%2520poin%2520gojek%2520dengan%2520aman%27 HTTP/1.1
Host: jqueryapi.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
HTTP/1.1 302 Found
server: openresty/1.13.6.1
date: Tue, 13 Dec 2022 15:03:59 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: http://www6.jqueryapi.info/?template=ARROW_3&tdfs=1&s_token=1670943839.0330500000&uuid=1670943839.0330500000&term=Javascript%20Image%20Annotation%20Library&term=Online%20Programming%20Courses&term=Coding%20Certification%20Programs&term=Ethical%20Cracking%20and%20Penetration%20Testing&searchbox=0&showDomain=0&backfill=0
x-mtm-path: 0
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJqcXVlcnlhcGkuaW5mbyIsImh0dHA6Ly93d3c2LmpxdWVyeWFwaS5pbmZvLz90ZW1wbGF0ZT1BUlJPV18zJnRkZnM9MSZzX3Rva2VuPTE2NzA5NDM4MzkuMDMzMDUwMDAwMCZ1dWlkPTE2NzA5NDM4MzkuMDMzMDUwMDAwMCZ0ZXJtPUphdmFzY3JpcHQlMjBJbWFnZSUyMEFubm90YXRpb24lMjBMaWJyYXJ5JnRlcm09T25saW5lJTIwUHJvZ3JhbW1pbmclMjBDb3Vyc2VzJnRlcm09Q29kaW5nJTIwQ2VydGlmaWNhdGlvbiUyMFByb2dyYW1zJnRlcm09RXRoaWNhbCUyMENyYWNraW5nJTIwYW5kJTIwUGVuZXRyYXRpb24lMjBUZXN0aW5nJnNlYXJjaGJveD0wJnNob3dEb21haW49MCZiYWNrZmlsbD0wIiwxLCIyMDIyLTEyLTEzIDE1OjAzOjU5IiwxLCIxNjcwOTQzODM5LjAzMzA1MDAwMDAiLDc0LG51bGwsbnVsbF0:1p56p5:OshsZMfD2t9eMDkzjUda9UDz9sg; expires=Tue, 13-Dec-2022 16:03:59 GMT; Max-Age=3600; Path=/
connection: close
csm.eu.criteo.net/all?cppv=3&cpp=9gBbV2myz4zpmkgSXbvFjibvocZlWnmvIjc1bxAGtPhzXRlBlK1TEIhtnuvTRUhk3UKr6MaqM_ZLZDzrfRdSOqANucIe6TwCR2mFpYzZgKx2HyeTYUNVuYTv5mvVe3mPKETjVCZvHJMOtV6sSqCScwnoYxAPqplfattumeVneFwIDiTBgRay35MF_2g8u10-lI3GY4612PzggMsBQhxuIq1fiVfIF-7305ipqakck8wJIRo0N8__5zcfV8QQafgTN_BkAg&sds=2&rev=83933&sendBeacon=true
200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=9gBbV2myz4zpmkgSXbvFjibvocZlWnmvIjc1bxAGtPhzXRlBlK1TEIhtnuvTRUhk3UKr6MaqM_ZLZDzrfRdSOqANucIe6TwCR2mFpYzZgKx2HyeTYUNVuYTv5mvVe3mPKETjVCZvHJMOtV6sSqCScwnoYxAPqplfattumeVneFwIDiTBgRay35MF_2g8u10-lI3GY4612PzggMsBQhxuIq1fiVfIF-7305ipqakck8wJIRo0N8__5zcfV8QQafgTN_BkAg&sds=2&rev=83933&sendBeacon=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=9gBbV2myz4zpmkgSXbvFjibvocZlWnmvIjc1bxAGtPhzXRlBlK1TEIhtnuvTRUhk3UKr6MaqM_ZLZDzrfRdSOqANucIe6TwCR2mFpYzZgKx2HyeTYUNVuYTv5mvVe3mPKETjVCZvHJMOtV6sSqCScwnoYxAPqplfattumeVneFwIDiTBgRay35MF_2g8u10-lI3GY4612PzggMsBQhxuIq1fiVfIF-7305ipqakck8wJIRo0N8__5zcfV8QQafgTN_BkAg&sds=2&rev=83933&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 36
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:03:59 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=GQyM02myz4zpmkgSpcxwrjzjJr9YBx-evueApozhHywFm53k3hgZIFBbzmQtxxKq9exGTrThDq0knfKJDouU39J_1LHpPd-PM-L5Wc5lU2BQKqg3EuGcLPJNGUEwF2B-69gZksayDmOsMJFq5cQ3qQdTLTU6z9yXklotsWwuBWB6Xy23he1xYtXv69pmZjpOgYQoexI008z2cervPMxTnPGKD6gbDZdgRwD-W3zJPLRn990LkizRv5I7S2kWMqGbiesnPg&sds=2&rev=83933&sendBeacon=true
200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=GQyM02myz4zpmkgSpcxwrjzjJr9YBx-evueApozhHywFm53k3hgZIFBbzmQtxxKq9exGTrThDq0knfKJDouU39J_1LHpPd-PM-L5Wc5lU2BQKqg3EuGcLPJNGUEwF2B-69gZksayDmOsMJFq5cQ3qQdTLTU6z9yXklotsWwuBWB6Xy23he1xYtXv69pmZjpOgYQoexI008z2cervPMxTnPGKD6gbDZdgRwD-W3zJPLRn990LkizRv5I7S2kWMqGbiesnPg&sds=2&rev=83933&sendBeacon=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=GQyM02myz4zpmkgSpcxwrjzjJr9YBx-evueApozhHywFm53k3hgZIFBbzmQtxxKq9exGTrThDq0knfKJDouU39J_1LHpPd-PM-L5Wc5lU2BQKqg3EuGcLPJNGUEwF2B-69gZksayDmOsMJFq5cQ3qQdTLTU6z9yXklotsWwuBWB6Xy23he1xYtXv69pmZjpOgYQoexI008z2cervPMxTnPGKD6gbDZdgRwD-W3zJPLRn990LkizRv5I7S2kWMqGbiesnPg&sds=2&rev=83933&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:03:59 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kPenErOzWXjYBJ2DYgICAAAAENI33DW0T8YQXJSYY9_Gw0YEuliVDtGAABIAAA&wp=Y5iUXQAB3tIKsooIAAd8M879_crkaALvF2RdVA
200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kPenErOzWXjYBJ2DYgICAAAAENI33DW0T8YQXJSYY9_Gw0YEuliVDtGAABIAAA&wp=Y5iUXQAB3tIKsooIAAd8M879_crkaALvF2RdVA
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kPenErOzWXjYBJ2DYgICAAAAENI33DW0T8YQXJSYY9_Gw0YEuliVDtGAABIAAA&wp=Y5iUXQAB3tIKsooIAAd8M879_crkaALvF2RdVA HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server-processing-duration-in-ticks: 140964
date: Tue, 13 Dec 2022 15:03:59 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A22a812c5-4067-4db4-8472-d772bc8ba350%2FSOL_Tenerife_1SQUARE_800X800.jpg&v=3&w=800&s=AVhBzne3hCdaxrNH_WalzIuk&b=400
200 OK 26 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A22a812c5-4067-4db4-8472-d772bc8ba350%2FSOL_Tenerife_1SQUARE_800X800.jpg&v=3&w=800&s=AVhBzne3hCdaxrNH_WalzIuk&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 860625a105f0253fcaa83f790af89f9f
ed134bd2bd72feac23a9d3d04d71659bebe8a779
949cd9a2a26524d3564eebb08dd75b965da4f4d9e19937ad0eee21fde2ddbef0
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A22a812c5-4067-4db4-8472-d772bc8ba350%2FSOL_Tenerife_1SQUARE_800X800.jpg&v=3&w=800&s=AVhBzne3hCdaxrNH_WalzIuk&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=21339
expires: Tue, 13 Dec 2022 20:59:39 GMT
date: Tue, 13 Dec 2022 15:03:59 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 26076
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=110&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=236&s=WCSMPTBxrIyTWcT4Pq1pWJ3o
200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=110&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=236&s=WCSMPTBxrIyTWcT4Pq1pWJ3o
IP
File type PNG image data, 194 x 110, 8-bit/color RGBA, non-interlaced\012- data
Hash 9a3530145be795b1a1f3d7bcbde5b86f
1736676d197e81da9b1d80d2692caf04def8d328
225607fd059342c9fb4fbef3282ff57d6ce4dc048bcc65d1ee9e4bf6000f64c8
GET /img/img?h=110&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=236&s=WCSMPTBxrIyTWcT4Pq1pWJ3o HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30220907
expires: Tue, 28 Nov 2023 09:45:47 GMT
date: Tue, 13 Dec 2022 15:03:58 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10580
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Af0e0281b-ea46-4ce8-8a6a-55c98d2acb49%2FSOL_Barbacan_1_800x800.jpg&v=3&w=800&s=s-ZDmCStI7aWGW4QyfrHpPEd&b=400
200 OK 38 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Af0e0281b-ea46-4ce8-8a6a-55c98d2acb49%2FSOL_Barbacan_1_800x800.jpg&v=3&w=800&s=s-ZDmCStI7aWGW4QyfrHpPEd&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1b7f1bc9193ebaa23f40da03f02d65b8
75638214d507aea84dcb9a58ba2803171d9fc88f
c60a5e6c08ffe432e46166907ec5d0c292637769c16bcd969ade82fdacfd6693
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Af0e0281b-ea46-4ce8-8a6a-55c98d2acb49%2FSOL_Barbacan_1_800x800.jpg&v=3&w=800&s=s-ZDmCStI7aWGW4QyfrHpPEd&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=32961
expires: Wed, 14 Dec 2022 00:13:21 GMT
date: Tue, 13 Dec 2022 15:03:59 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 37680
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Abd13271e-ae26-449f-8e1c-10cec2ab78e1%2FSOL_Arona_Tenerife_1SQUARE_800X800.jpg&v=3&w=800&s=ItS5aLbXhn1V8aXgQ3RtRBzS&b=400
200 OK 43 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Abd13271e-ae26-449f-8e1c-10cec2ab78e1%2FSOL_Arona_Tenerife_1SQUARE_800X800.jpg&v=3&w=800&s=ItS5aLbXhn1V8aXgQ3RtRBzS&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ccfee84049e617e3b6ca9660568800a5
4ebce0bac7a28ea7dda484b91024b762fcec570c
2bf34f48c5f959f54e292b9fbca320061733f1b50b5fcb6b83c849605f47a4fb
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Abd13271e-ae26-449f-8e1c-10cec2ab78e1%2FSOL_Arona_Tenerife_1SQUARE_800X800.jpg&v=3&w=800&s=ItS5aLbXhn1V8aXgQ3RtRBzS&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1750
expires: Tue, 13 Dec 2022 15:33:10 GMT
date: Tue, 13 Dec 2022 15:03:58 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 43190
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/dt/93075/221201/20b68189c7e74c968a05593ea7e17d03_cpn_120x600_1.jpeg
200 OK 97 kB URL HTTP/2 static.criteo.net/design/dt/93075/221201/20b68189c7e74c968a05593ea7e17d03_cpn_120x600_1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x600, components 3\012- data
Hash 5fb46ff41d2d343b2b8797d59bfed6a1
52f6ea70a84e3fdfd69008b47bf66bfc12c63a58
e7219a4cedaa28516627068e413df1353bfa7591184cce72982e7ca4b7dd8406
GET /design/dt/93075/221201/20b68189c7e74c968a05593ea7e17d03_cpn_120x600_1.jpeg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 15:03:59 GMT
content-type: image/jpeg
content-length: 97447
last-modified: Thu, 01 Dec 2022 23:01:49 GMT
etag: "6389325d-17ca7"
expires: Fri, 08 Dec 2023 15:03:59 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
www6.jqueryapi.info/?template=ARROW_3&tdfs=1&s_token=1670943839.0330500000&uuid=1670943839.0330500000&term=Javascript%20Image%20Annotation%20Library&term=Online%20Programming%20Courses&term=Coding%20Certification%20Programs&term=Ethical%20Cracking%20and%20Penetration%20Testing&searchbox=0&showDomain=0&backfill=0
200 OK 2.6 kB URL HTTP/1.1 www6.jqueryapi.info/?template=ARROW_3&tdfs=1&s_token=1670943839.0330500000&uuid=1670943839.0330500000&term=Javascript%20Image%20Annotation%20Library&term=Online%20Programming%20Courses&term=Coding%20Certification%20Programs&term=Ethical%20Cracking%20and%20Penetration%20Testing&searchbox=0&showDomain=0&backfill=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Hash 41f66bb0ac50f2d851236170e7c71341
59bcec216302151922219b51be8ad8ab6d0b8384
ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073
GET /?template=ARROW_3&tdfs=1&s_token=1670943839.0330500000&uuid=1670943839.0330500000&term=Javascript%20Image%20Annotation%20Library&term=Online%20Programming%20Courses&term=Coding%20Certification%20Programs&term=Ethical%20Cracking%20and%20Penetration%20Testing&searchbox=0&showDomain=0&backfill=0 HTTP/1.1
Host: www6.jqueryapi.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://infogojekbdg.blogspot.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 13 Dec 2022 15:03:59 GMT
Content-Type: text/html
Content-Length: 2551
Last-Modified: Tue, 06 Dec 2022 22:15:21 GMT
ETag: "638fbef9-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_BEW1Iwm35jh7UffXQ0cOUmFb/Ve18uNbouRYUUesJCArEQDq6v0v0mFpx8ewOWi+tEA03pAusngHNVn2SbR4xQ
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400;
country=NO;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b9649509b14db5a889641078ccb05066
92c2224c6a970bf397d23a2fd37de759f74dd46c
6e7d750905e29196f6246744bb30b0ab0c5baa4a3909db5fabad7809b58aa825
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:04:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 762d90c3721803a580cc354e8ec8d87e
e0bc50a71eda76f7be6b5b81e6bca501c3667a1f
cf6d6cdd6d899a8388773819d0a94cfcd654eeb393b3a766eb7d1a4e2e570386
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 13 Dec 2022 15:04:00 GMT
date: Tue, 13 Dec 2022 15:04:00 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-CNIE7Wu35a2EcBZIcyLbuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=CvCyX2myz4zpmkgSYWv29RcAsqrTM5uQ1sqww1t7aTDRZeaKzwgIAr9fiDpIUEVRmX2mFiopJPIMcKJufgkgsH4Ira7kxKnwlC7fRIU6E22LNVtMPezPf239f--3OM4Z784Wr1-ukdQMuWeO2c7fceLMEoUBtshXNnr1WOd5fPfrnQBidw-iReYrxJKuVNIiRpD7p8q6mSAgNyAQwIoGFUkjbObh6_voSS1qyh3fPTmB05q0FEzjhpPrHBoXFPE-X_VHgzVnqyD4BmFO&sds=2&rev=83933&sendBeacon=true
200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=CvCyX2myz4zpmkgSYWv29RcAsqrTM5uQ1sqww1t7aTDRZeaKzwgIAr9fiDpIUEVRmX2mFiopJPIMcKJufgkgsH4Ira7kxKnwlC7fRIU6E22LNVtMPezPf239f--3OM4Z784Wr1-ukdQMuWeO2c7fceLMEoUBtshXNnr1WOd5fPfrnQBidw-iReYrxJKuVNIiRpD7p8q6mSAgNyAQwIoGFUkjbObh6_voSS1qyh3fPTmB05q0FEzjhpPrHBoXFPE-X_VHgzVnqyD4BmFO&sds=2&rev=83933&sendBeacon=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=CvCyX2myz4zpmkgSYWv29RcAsqrTM5uQ1sqww1t7aTDRZeaKzwgIAr9fiDpIUEVRmX2mFiopJPIMcKJufgkgsH4Ira7kxKnwlC7fRIU6E22LNVtMPezPf239f--3OM4Z784Wr1-ukdQMuWeO2c7fceLMEoUBtshXNnr1WOd5fPfrnQBidw-iReYrxJKuVNIiRpD7p8q6mSAgNyAQwIoGFUkjbObh6_voSS1qyh3fPTmB05q0FEzjhpPrHBoXFPE-X_VHgzVnqyD4BmFO&sds=2&rev=83933&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:03:59 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=deSoa2myz4zpmkgSU9Xl0vOGqy1-Zef5B0sjwRQCNA08RZDr8VtmUYe-6sbmA-pV-X0C7svdDoXcckVm3TdC9LnCBZuPLqLPk8-PB5b69IZH4u1VTh4VG4PMNLD3co6iH471gfONXm0CeKNnmzCiwSt8rlYaxkIPSb3we-VQ0c_XixW9T1uaZ480d3VHPxfUY7MiaVoQ0uBMFdkUZ_Zt6tBQ9D6KPqASM0sgDXPFAdQQ7XIZtCYkuH9Xz7oP2SDLr28UAg&sds=2&rev=83933&sendBeacon=true
200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=deSoa2myz4zpmkgSU9Xl0vOGqy1-Zef5B0sjwRQCNA08RZDr8VtmUYe-6sbmA-pV-X0C7svdDoXcckVm3TdC9LnCBZuPLqLPk8-PB5b69IZH4u1VTh4VG4PMNLD3co6iH471gfONXm0CeKNnmzCiwSt8rlYaxkIPSb3we-VQ0c_XixW9T1uaZ480d3VHPxfUY7MiaVoQ0uBMFdkUZ_Zt6tBQ9D6KPqASM0sgDXPFAdQQ7XIZtCYkuH9Xz7oP2SDLr28UAg&sds=2&rev=83933&sendBeacon=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=deSoa2myz4zpmkgSU9Xl0vOGqy1-Zef5B0sjwRQCNA08RZDr8VtmUYe-6sbmA-pV-X0C7svdDoXcckVm3TdC9LnCBZuPLqLPk8-PB5b69IZH4u1VTh4VG4PMNLD3co6iH471gfONXm0CeKNnmzCiwSt8rlYaxkIPSb3we-VQ0c_XixW9T1uaZ480d3VHPxfUY7MiaVoQ0uBMFdkUZ_Zt6tBQ9D6KPqASM0sgDXPFAdQQ7XIZtCYkuH9Xz7oP2SDLr28UAg&sds=2&rev=83933&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:04:00 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=9gBbV2myz4zpmkgSXbvFjibvocZlWnmvIjc1bxAGtPhzXRlBlK1TEIhtnuvTRUhk3UKr6MaqM_ZLZDzrfRdSOqANucIe6TwCR2mFpYzZgKx2HyeTYUNVuYTv5mvVe3mPKETjVCZvHJMOtV6sSqCScwnoYxAPqplfattumeVneFwIDiTBgRay35MF_2g8u10-lI3GY4612PzggMsBQhxuIq1fiVfIF-7305ipqakck8wJIRo0N8__5zcfV8QQafgTN_BkAg&sds=2&rev=83933&sendBeacon=true
200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=9gBbV2myz4zpmkgSXbvFjibvocZlWnmvIjc1bxAGtPhzXRlBlK1TEIhtnuvTRUhk3UKr6MaqM_ZLZDzrfRdSOqANucIe6TwCR2mFpYzZgKx2HyeTYUNVuYTv5mvVe3mPKETjVCZvHJMOtV6sSqCScwnoYxAPqplfattumeVneFwIDiTBgRay35MF_2g8u10-lI3GY4612PzggMsBQhxuIq1fiVfIF-7305ipqakck8wJIRo0N8__5zcfV8QQafgTN_BkAg&sds=2&rev=83933&sendBeacon=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=9gBbV2myz4zpmkgSXbvFjibvocZlWnmvIjc1bxAGtPhzXRlBlK1TEIhtnuvTRUhk3UKr6MaqM_ZLZDzrfRdSOqANucIe6TwCR2mFpYzZgKx2HyeTYUNVuYTv5mvVe3mPKETjVCZvHJMOtV6sSqCScwnoYxAPqplfattumeVneFwIDiTBgRay35MF_2g8u10-lI3GY4612PzggMsBQhxuIq1fiVfIF-7305ipqakck8wJIRo0N8__5zcfV8QQafgTN_BkAg&sds=2&rev=83933&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:04:00 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=GQyM02myz4zpmkgSpcxwrjzjJr9YBx-evueApozhHywFm53k3hgZIFBbzmQtxxKq9exGTrThDq0knfKJDouU39J_1LHpPd-PM-L5Wc5lU2BQKqg3EuGcLPJNGUEwF2B-69gZksayDmOsMJFq5cQ3qQdTLTU6z9yXklotsWwuBWB6Xy23he1xYtXv69pmZjpOgYQoexI008z2cervPMxTnPGKD6gbDZdgRwD-W3zJPLRn990LkizRv5I7S2kWMqGbiesnPg&sds=2&rev=83933&sendBeacon=true
200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=GQyM02myz4zpmkgSpcxwrjzjJr9YBx-evueApozhHywFm53k3hgZIFBbzmQtxxKq9exGTrThDq0knfKJDouU39J_1LHpPd-PM-L5Wc5lU2BQKqg3EuGcLPJNGUEwF2B-69gZksayDmOsMJFq5cQ3qQdTLTU6z9yXklotsWwuBWB6Xy23he1xYtXv69pmZjpOgYQoexI008z2cervPMxTnPGKD6gbDZdgRwD-W3zJPLRn990LkizRv5I7S2kWMqGbiesnPg&sds=2&rev=83933&sendBeacon=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=GQyM02myz4zpmkgSpcxwrjzjJr9YBx-evueApozhHywFm53k3hgZIFBbzmQtxxKq9exGTrThDq0knfKJDouU39J_1LHpPd-PM-L5Wc5lU2BQKqg3EuGcLPJNGUEwF2B-69gZksayDmOsMJFq5cQ3qQdTLTU6z9yXklotsWwuBWB6Xy23he1xYtXv69pmZjpOgYQoexI008z2cervPMxTnPGKD6gbDZdgRwD-W3zJPLRn990LkizRv5I7S2kWMqGbiesnPg&sds=2&rev=83933&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:04:00 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/animejs/animejs.js
200 OK 0 B URL HTTP/2 static.criteo.net/animejs/animejs.js
IP
GET /animejs/animejs.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 15:03:58 GMT
content-type: text/javascript
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
etag: W/"5c9a64eb-3181"
expires: Fri, 08 Dec 2023 15:03:58 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=VLB3JDJwH2wcgyAhk9jTPTiOVIRHMmOekrk0Qa6eCUvCUR1uK7fX5DK3i6Wn8oOtkWDKR0ozXEXQv_HZmx6M4QCKNzSCyBsxcY1IpVomh2PdTfiq9WvhXXwBdu4_cK-MypV422t7xVOENlqRvzzn157bgdfHTlWIAr_9JIU7Q9Jiz9nCOUimV0RBy58AVNaMjULDFUvyfjDN__pxWyStHSXwlgc0pekeHpq53hm1X6QkkUU_24Id5_0EaZUrgKd1A-VFWGPOemiJOXCYb8ToVvvC4dFWY5AtSY5xfYOxV2-hLtly0Kth8ln3N8UWaz5f1leTaSZPQPodFO0TnbK8lnyN-l5y1sOa37FBL9PGOmOfHz5NU2FquKJ3gHl58nLW1HkUkhv6iStX1tcODUOgncsvQL5T86I7ZYWAIj7AKjKdwaqkSPb_Qfw4I7CYzoRXcGLbxw
200 OK 0 B URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=VLB3JDJwH2wcgyAhk9jTPTiOVIRHMmOekrk0Qa6eCUvCUR1uK7fX5DK3i6Wn8oOtkWDKR0ozXEXQv_HZmx6M4QCKNzSCyBsxcY1IpVomh2PdTfiq9WvhXXwBdu4_cK-MypV422t7xVOENlqRvzzn157bgdfHTlWIAr_9JIU7Q9Jiz9nCOUimV0RBy58AVNaMjULDFUvyfjDN__pxWyStHSXwlgc0pekeHpq53hm1X6QkkUU_24Id5_0EaZUrgKd1A-VFWGPOemiJOXCYb8ToVvvC4dFWY5AtSY5xfYOxV2-hLtly0Kth8ln3N8UWaz5f1leTaSZPQPodFO0TnbK8lnyN-l5y1sOa37FBL9PGOmOfHz5NU2FquKJ3gHl58nLW1HkUkhv6iStX1tcODUOgncsvQL5T86I7ZYWAIj7AKjKdwaqkSPb_Qfw4I7CYzoRXcGLbxw
IP
GET /delivery/lg.php?cppv=3&cpp=VLB3JDJwH2wcgyAhk9jTPTiOVIRHMmOekrk0Qa6eCUvCUR1uK7fX5DK3i6Wn8oOtkWDKR0ozXEXQv_HZmx6M4QCKNzSCyBsxcY1IpVomh2PdTfiq9WvhXXwBdu4_cK-MypV422t7xVOENlqRvzzn157bgdfHTlWIAr_9JIU7Q9Jiz9nCOUimV0RBy58AVNaMjULDFUvyfjDN__pxWyStHSXwlgc0pekeHpq53hm1X6QkkUU_24Id5_0EaZUrgKd1A-VFWGPOemiJOXCYb8ToVvvC4dFWY5AtSY5xfYOxV2-hLtly0Kth8ln3N8UWaz5f1leTaSZPQPodFO0TnbK8lnyN-l5y1sOa37FBL9PGOmOfHz5NU2FquKJ3gHl58nLW1HkUkhv6iStX1tcODUOgncsvQL5T86I7ZYWAIj7AKjKdwaqkSPb_Qfw4I7CYzoRXcGLbxw HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:03:57 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2813017
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy_small.svg
200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy_small.svg
IP
GET /flash/icon/privacy_small.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 15:03:58 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
etag: W/"5e42ba84-6aa"
expires: Fri, 08 Dec 2023 15:03:58 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/adchoices_en.svg
200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/adchoices_en.svg
IP
GET /flash/icon/adchoices_en.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 15:03:58 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
etag: W/"5e42b9ee-759"
expires: Fri, 08 Dec 2023 15:03:58 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=o2afpTJwH2wcgyAhk9jTPTiOVIRMV5wsoVRlgdR4r6__gZtCxeezoes0E7acZQYqCphyzQVEOctPQizV72JzPuH0ub6jY9_3bkaObofOkcEtWPbmwoxWk5n1PCCPddJdC6-cy9fqzBBTqlngK_0rubWfpzEKyRZXA0MARVn7acD39lifGbuzZ_zWiBc2abpsReacQelVS56ckHT-BxJw6h0ush54-AMUd362hEYEB_EunX_mWfolteRA8yb13HYf1EDkHvJWTr3IEzWGY1dmeVGA5nXoI-tDPGZ8lXQ9QGmNM2ee2k_K01B5WSZ3a4Iuv8R2FsVs-BoAFO2QkAVmryngh-IY2ujJOF7x6dmKnC4l2QvVpdelPPkUC2JBg2mTlQzy7VU1U47y80Yd8ZvjCUmr6D5aBX8AEXl54VrwAcjk_Lym
200 OK 0 B URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=o2afpTJwH2wcgyAhk9jTPTiOVIRMV5wsoVRlgdR4r6__gZtCxeezoes0E7acZQYqCphyzQVEOctPQizV72JzPuH0ub6jY9_3bkaObofOkcEtWPbmwoxWk5n1PCCPddJdC6-cy9fqzBBTqlngK_0rubWfpzEKyRZXA0MARVn7acD39lifGbuzZ_zWiBc2abpsReacQelVS56ckHT-BxJw6h0ush54-AMUd362hEYEB_EunX_mWfolteRA8yb13HYf1EDkHvJWTr3IEzWGY1dmeVGA5nXoI-tDPGZ8lXQ9QGmNM2ee2k_K01B5WSZ3a4Iuv8R2FsVs-BoAFO2QkAVmryngh-IY2ujJOF7x6dmKnC4l2QvVpdelPPkUC2JBg2mTlQzy7VU1U47y80Yd8ZvjCUmr6D5aBX8AEXl54VrwAcjk_Lym
IP
GET /delivery/lg.php?cppv=3&cpp=o2afpTJwH2wcgyAhk9jTPTiOVIRMV5wsoVRlgdR4r6__gZtCxeezoes0E7acZQYqCphyzQVEOctPQizV72JzPuH0ub6jY9_3bkaObofOkcEtWPbmwoxWk5n1PCCPddJdC6-cy9fqzBBTqlngK_0rubWfpzEKyRZXA0MARVn7acD39lifGbuzZ_zWiBc2abpsReacQelVS56ckHT-BxJw6h0ush54-AMUd362hEYEB_EunX_mWfolteRA8yb13HYf1EDkHvJWTr3IEzWGY1dmeVGA5nXoI-tDPGZ8lXQ9QGmNM2ee2k_K01B5WSZ3a4Iuv8R2FsVs-BoAFO2QkAVmryngh-IY2ujJOF7x6dmKnC4l2QvVpdelPPkUC2JBg2mTlQzy7VU1U47y80Yd8ZvjCUmr6D5aBX8AEXl54VrwAcjk_Lym HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:03:57 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2928058
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=SGF3fvnTBSVdD-mFds6_mLz8BV_NyjxAulHBhJLfdwSgaEuQIEYiz_CoqRt-8WXgB02my8Yps2Z8yJuE21vEgpepuEJg6apmxhJFX3iWrvcfZivuwO1RywB00ldUslfwksDFDKWWkmpOWaRbkRl02IlyKBT958Lce1By0ESIG5SIesD2kEWTEnFPZNwL-UfQdjvMchqFGbSIY1lGpBpBPWYaele-lmGJngWHp2R8qob0DuCQFY_JC3UZxtOUDi9yNL4FvuxEi1C1_wN-C0vueAn5kiRX1upFK6-N2CX7QlHlFhkq_q-dVnLA-29ERu0iUYZ-iMgpbuDpwwTW-x0axcG8IAjfp3b53B3mRA7q5QmuYwFezsSpeUfJIEZPGjRQDs23PD95-xV7Re2e-trcXI19dBBwZ_26hHqnA6I3VCKpUmpF
200 OK 0 B URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=SGF3fvnTBSVdD-mFds6_mLz8BV_NyjxAulHBhJLfdwSgaEuQIEYiz_CoqRt-8WXgB02my8Yps2Z8yJuE21vEgpepuEJg6apmxhJFX3iWrvcfZivuwO1RywB00ldUslfwksDFDKWWkmpOWaRbkRl02IlyKBT958Lce1By0ESIG5SIesD2kEWTEnFPZNwL-UfQdjvMchqFGbSIY1lGpBpBPWYaele-lmGJngWHp2R8qob0DuCQFY_JC3UZxtOUDi9yNL4FvuxEi1C1_wN-C0vueAn5kiRX1upFK6-N2CX7QlHlFhkq_q-dVnLA-29ERu0iUYZ-iMgpbuDpwwTW-x0axcG8IAjfp3b53B3mRA7q5QmuYwFezsSpeUfJIEZPGjRQDs23PD95-xV7Re2e-trcXI19dBBwZ_26hHqnA6I3VCKpUmpF
IP
GET /delivery/lg.php?cppv=3&cpp=SGF3fvnTBSVdD-mFds6_mLz8BV_NyjxAulHBhJLfdwSgaEuQIEYiz_CoqRt-8WXgB02my8Yps2Z8yJuE21vEgpepuEJg6apmxhJFX3iWrvcfZivuwO1RywB00ldUslfwksDFDKWWkmpOWaRbkRl02IlyKBT958Lce1By0ESIG5SIesD2kEWTEnFPZNwL-UfQdjvMchqFGbSIY1lGpBpBPWYaele-lmGJngWHp2R8qob0DuCQFY_JC3UZxtOUDi9yNL4FvuxEi1C1_wN-C0vueAn5kiRX1upFK6-N2CX7QlHlFhkq_q-dVnLA-29ERu0iUYZ-iMgpbuDpwwTW-x0axcG8IAjfp3b53B3mRA7q5QmuYwFezsSpeUfJIEZPGjRQDs23PD95-xV7Re2e-trcXI19dBBwZ_26hHqnA6I3VCKpUmpF HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:03:57 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2893028
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=tWUprSPcXEEotVk8xXoJnxpbKa9eIvfZrleGX3Mh_Pvc5FkECs2gjgzY7nQllzuhRJmSSci9_UWDCsTvtCl_yAaUox0d-y26DeyQhdcu7_Uhq_hpqbO3tClqN1M2z3pc9MXOQ4CC-YjZJdUJV1id9gDdhN0k0E-vbFyHxSIadYULMDVev6Gex5iLCRKMQc_SA5mc79YLuxHNZuwJaZ3P0vpWMRpRRODSHuB04EiZs0djN1RN6puhppHp0SkL-4gfk3C5ncShuOfn96gGgZLN5XCVUsVSG74wCtn-s3W6pOpUnEEm438hgZQ_ov_8SUXiF8XaQCSg03ctXeTUuJF1HdruXrFtJHiFvy7eGhVF4NVClaG-yuzPMZKpCoaeqXmHS-CYyI852_gsgFR7HUtN6v6xr2S7wKwpqVCNIVXbEYUIiH4u
200 OK 0 B URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=tWUprSPcXEEotVk8xXoJnxpbKa9eIvfZrleGX3Mh_Pvc5FkECs2gjgzY7nQllzuhRJmSSci9_UWDCsTvtCl_yAaUox0d-y26DeyQhdcu7_Uhq_hpqbO3tClqN1M2z3pc9MXOQ4CC-YjZJdUJV1id9gDdhN0k0E-vbFyHxSIadYULMDVev6Gex5iLCRKMQc_SA5mc79YLuxHNZuwJaZ3P0vpWMRpRRODSHuB04EiZs0djN1RN6puhppHp0SkL-4gfk3C5ncShuOfn96gGgZLN5XCVUsVSG74wCtn-s3W6pOpUnEEm438hgZQ_ov_8SUXiF8XaQCSg03ctXeTUuJF1HdruXrFtJHiFvy7eGhVF4NVClaG-yuzPMZKpCoaeqXmHS-CYyI852_gsgFR7HUtN6v6xr2S7wKwpqVCNIVXbEYUIiH4u
IP
GET /delivery/lg.php?cppv=3&cpp=tWUprSPcXEEotVk8xXoJnxpbKa9eIvfZrleGX3Mh_Pvc5FkECs2gjgzY7nQllzuhRJmSSci9_UWDCsTvtCl_yAaUox0d-y26DeyQhdcu7_Uhq_hpqbO3tClqN1M2z3pc9MXOQ4CC-YjZJdUJV1id9gDdhN0k0E-vbFyHxSIadYULMDVev6Gex5iLCRKMQc_SA5mc79YLuxHNZuwJaZ3P0vpWMRpRRODSHuB04EiZs0djN1RN6puhppHp0SkL-4gfk3C5ncShuOfn96gGgZLN5XCVUsVSG74wCtn-s3W6pOpUnEEm438hgZQ_ov_8SUXiF8XaQCSg03ctXeTUuJF1HdruXrFtJHiFvy7eGhVF4NVClaG-yuzPMZKpCoaeqXmHS-CYyI852_gsgFR7HUtN6v6xr2S7wKwpqVCNIVXbEYUIiH4u HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:03:58 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3289139
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y5iUXQAB3tIKsooIAAd8M879_crkaALvF2RdVA&u=%7CdlTumnMRUmE8NcrFVdH5fLMGcBOcGd5wkMqevvWF0F4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1ZebXXvkDDWq6r1kd7Ozeoteptm2GJMzvENe2kodNC6goH0uFmnkd_-riqZu2HORCGl1yx4Z0wfhVt5_9M7iIqMXzXsNa5-EkdGM5PJX4gqT6x3yUEMWEeNkdAGkePOUZem_XBYz3QhUz5Q9dWCDb28y9wrDdxTdiKxBkuc1SsRIix5Uwa6rRo9UEoCbI5Col-apB_AmbIcFdHPmDHl4ON7Fbhqcmr7qFCmOtVl4jqv-mmHPi-thU1gE8gR7kESbQ1VijVRY-d86K8h7FbRMepdVzP6kFobZR7PRms1VBqfSEwTi2GmoZGLalrkTAQorelQSxthpp6trpKVnO4e72hxQvnT06QZ5Kz8yHbGPOxPhuTQ3Vrh6HJdZX4HEU6CALZOPkrNXzWI5MuMBDwoO33Eg1CnByO882o6w5WQQ178SO3lPhEqvYBoYxkncghwNKqDQbJExOblDkXXkaTOmJ8F-U0EP_xbbdnTlLU4BWVxJXsWTvqWYcuNni2cHYbychyx-Q2tLGcHQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBj5aXZSYY9K9B4iUygWz-J2QDsme0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzkyNjYwNDQ2Mzk3NDQ3OcgBCakCFzX670WzsT6oAwGqBJUCT9AGcfMRu4e5m4-P0QU0Ut4l_azX0M8mOtS8XbD-zRF3i0Bbw0we0raqhAUkCq67Vdw_Pdngj1YwIu0uL6elZYE21cfknOEzW2BVSHM3E_Vkb-ciBDETLIW52VuWkYY8sqmRomg34NFRPL4BOGc8rCXfxaerjcPlhN_yqlCHYT4cRqDS-9bDRiovuu7iFWUS5h4fCq3gleUS8oK8SkcthbYHHlQ5AMuo_sIA20HvczIjKPyKPXnYWRO9JWp2qBJFz71j6Qe0w6jfzKso434jyUifRYZBGsjLfrJlzdNbOy5qAvyGAOWne2lH8Nrq7849T7iq9VgjvH0qaYjMfUbRKCkTwCZNivxU8UgKvxD-Ly61TdUJDIAGhs3hiuHPyo7QAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0NTyakoxYPAt8f2EOljtyXIiLhoQ%26client%3Dca-pub-7926604463974479%26adurl%3D
200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y5iUXQAB3tIKsooIAAd8M879_crkaALvF2RdVA&u=%7CdlTumnMRUmE8NcrFVdH5fLMGcBOcGd5wkMqevvWF0F4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1ZebXXvkDDWq6r1kd7Ozeoteptm2GJMzvENe2kodNC6goH0uFmnkd_-riqZu2HORCGl1yx4Z0wfhVt5_9M7iIqMXzXsNa5-EkdGM5PJX4gqT6x3yUEMWEeNkdAGkePOUZem_XBYz3QhUz5Q9dWCDb28y9wrDdxTdiKxBkuc1SsRIix5Uwa6rRo9UEoCbI5Col-apB_AmbIcFdHPmDHl4ON7Fbhqcmr7qFCmOtVl4jqv-mmHPi-thU1gE8gR7kESbQ1VijVRY-d86K8h7FbRMepdVzP6kFobZR7PRms1VBqfSEwTi2GmoZGLalrkTAQorelQSxthpp6trpKVnO4e72hxQvnT06QZ5Kz8yHbGPOxPhuTQ3Vrh6HJdZX4HEU6CALZOPkrNXzWI5MuMBDwoO33Eg1CnByO882o6w5WQQ178SO3lPhEqvYBoYxkncghwNKqDQbJExOblDkXXkaTOmJ8F-U0EP_xbbdnTlLU4BWVxJXsWTvqWYcuNni2cHYbychyx-Q2tLGcHQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBj5aXZSYY9K9B4iUygWz-J2QDsme0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzkyNjYwNDQ2Mzk3NDQ3OcgBCakCFzX670WzsT6oAwGqBJUCT9AGcfMRu4e5m4-P0QU0Ut4l_azX0M8mOtS8XbD-zRF3i0Bbw0we0raqhAUkCq67Vdw_Pdngj1YwIu0uL6elZYE21cfknOEzW2BVSHM3E_Vkb-ciBDETLIW52VuWkYY8sqmRomg34NFRPL4BOGc8rCXfxaerjcPlhN_yqlCHYT4cRqDS-9bDRiovuu7iFWUS5h4fCq3gleUS8oK8SkcthbYHHlQ5AMuo_sIA20HvczIjKPyKPXnYWRO9JWp2qBJFz71j6Qe0w6jfzKso434jyUifRYZBGsjLfrJlzdNbOy5qAvyGAOWne2lH8Nrq7849T7iq9VgjvH0qaYjMfUbRKCkTwCZNivxU8UgKvxD-Ly61TdUJDIAGhs3hiuHPyo7QAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0NTyakoxYPAt8f2EOljtyXIiLhoQ%26client%3Dca-pub-7926604463974479%26adurl%3D
IP
GET /delivery/r/afr.php?z=Y5iUXQAB3tIKsooIAAd8M879_crkaALvF2RdVA&u=%7CdlTumnMRUmE8NcrFVdH5fLMGcBOcGd5wkMqevvWF0F4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1ZebXXvkDDWq6r1kd7Ozeoteptm2GJMzvENe2kodNC6goH0uFmnkd_-riqZu2HORCGl1yx4Z0wfhVt5_9M7iIqMXzXsNa5-EkdGM5PJX4gqT6x3yUEMWEeNkdAGkePOUZem_XBYz3QhUz5Q9dWCDb28y9wrDdxTdiKxBkuc1SsRIix5Uwa6rRo9UEoCbI5Col-apB_AmbIcFdHPmDHl4ON7Fbhqcmr7qFCmOtVl4jqv-mmHPi-thU1gE8gR7kESbQ1VijVRY-d86K8h7FbRMepdVzP6kFobZR7PRms1VBqfSEwTi2GmoZGLalrkTAQorelQSxthpp6trpKVnO4e72hxQvnT06QZ5Kz8yHbGPOxPhuTQ3Vrh6HJdZX4HEU6CALZOPkrNXzWI5MuMBDwoO33Eg1CnByO882o6w5WQQ178SO3lPhEqvYBoYxkncghwNKqDQbJExOblDkXXkaTOmJ8F-U0EP_xbbdnTlLU4BWVxJXsWTvqWYcuNni2cHYbychyx-Q2tLGcHQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBj5aXZSYY9K9B4iUygWz-J2QDsme0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzkyNjYwNDQ2Mzk3NDQ3OcgBCakCFzX670WzsT6oAwGqBJUCT9AGcfMRu4e5m4-P0QU0Ut4l_azX0M8mOtS8XbD-zRF3i0Bbw0we0raqhAUkCq67Vdw_Pdngj1YwIu0uL6elZYE21cfknOEzW2BVSHM3E_Vkb-ciBDETLIW52VuWkYY8sqmRomg34NFRPL4BOGc8rCXfxaerjcPlhN_yqlCHYT4cRqDS-9bDRiovuu7iFWUS5h4fCq3gleUS8oK8SkcthbYHHlQ5AMuo_sIA20HvczIjKPyKPXnYWRO9JWp2qBJFz71j6Qe0w6jfzKso434jyUifRYZBGsjLfrJlzdNbOy5qAvyGAOWne2lH8Nrq7849T7iq9VgjvH0qaYjMfUbRKCkTwCZNivxU8UgKvxD-Ly61TdUJDIAGhs3hiuHPyo7QAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0NTyakoxYPAt8f2EOljtyXIiLhoQ%26client%3Dca-pub-7926604463974479%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:03:58 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=GQyM02myz4zpmkgSpcxwrjzjJr9YBx-evueApozhHywFm53k3hgZIFBbzmQtxxKq9exGTrThDq0knfKJDouU39J_1LHpPd-PM-L5Wc5lU2BQKqg3EuGcLPJNGUEwF2B-69gZksayDmOsMJFq5cQ3qQdTLTU6z9yXklotsWwuBWB6Xy23he1xYtXv69pmZjpOgYQoexI008z2cervPMxTnPGKD6gbDZdgRwD-W3zJPLRn990LkizRv5I7S2kWMqGbiesnPg"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 58942095
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy.svg
200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy.svg
IP
GET /flash/icon/privacy.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 15:03:58 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
etag: W/"5e4d1491-646"
expires: Fri, 08 Dec 2023 15:03:58 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y5iUXQACURIKspaJAA0QCe3zyFtXXu0Q7SvYQQ&u=%7CdlTumnMRUmHlLdCU0DXuiWlHy2LTGfh8Yi4Wao77U8M%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy8IKuHQ0YyCRolvQ12OvGJY4RIcf9Lv1ySHzNj4VrDaGLkq8PS73_RIvTQ7C0fehIObJQRjTZpw9fh8xX1jKWopYH0HqymYzZwi-NI1phmQoVnauTU3yWZwk94xffKtlkQHLmoxfruG6rCXaqMBlJs408M-9PivBnRVHLwW22z6Wh2I_Pb2pb16eQqy1sgNdVco2OK3n9o3oMjcdCDIFkISlzwq1KUw3zYgNTFJc_H1yNHYvp_Jv6WbtXTKEqVpkkPAQbUrNZnosd_cGtna5S6G6BkHFAJS0T2fsjyM4W9JpStPkZ6Q5_662yC_i3zRNWGhyWheI4y27HmBlcoqabiBIFSZE6uLRBARiH6R_81Bcawrbiugznro8c1KZX70Ccg7t9IG44bva-MCN5Z6_Z_DneZXdWNp4OZ2bd1UjuFuc3qzD3lMKPHczqtf7p_t_Yd-TtS15UAMrlT-39HpkZGLVB9RuJvD6Z1GmmpKRfJrPzMW1TSGCcrMZ7XXhvpAYrl0rWm9S9B-n&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkH4EXZSYY5KiCYmtygWJoLToCcme0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzkyNjYwNDQ2Mzk3NDQ3OcgBCakCFzX670WzsT6oAwGqBJsCT9BwpUeYGAgg5rwChvHGrBw9MAS8P_nqlj2nOBnwbEjpyYc4U1x2FuEE_E0mlARKbO6H8j4f-XnewPHpLhiQTqG5Hb5FYaOj_uZYXtqsFI2szfMzKR_dHZ6WcpKuBxPkVzxvhtmlz88_UuP9ATcrasLgt01RsSytTOuV3BNyq7K4eREahG2_7W_j8-vj9BQxHuVRxxE55AxkKthPEPaH9dGXb4oB6rN2mjlr_8m-DaKGTDPr-CT9TxN64JFJEj4BKpB561-qijFZH4vMnIxNIruc_2d4JstPAUcnm-IoOv01AL4Tm08wTJ36BtX7RwfEwNEiErCZIVDuJ1OO5xl_4OOT1wxjONpQ9knXx5-28g42Tra-yyTYVtMikoAG-u_i7ZOvtfBRoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_34J62MerVhIOHqn3h-GBt8G-bGQA%26client%3Dca-pub-7926604463974479%26adurl%3D
200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y5iUXQACURIKspaJAA0QCe3zyFtXXu0Q7SvYQQ&u=%7CdlTumnMRUmHlLdCU0DXuiWlHy2LTGfh8Yi4Wao77U8M%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy8IKuHQ0YyCRolvQ12OvGJY4RIcf9Lv1ySHzNj4VrDaGLkq8PS73_RIvTQ7C0fehIObJQRjTZpw9fh8xX1jKWopYH0HqymYzZwi-NI1phmQoVnauTU3yWZwk94xffKtlkQHLmoxfruG6rCXaqMBlJs408M-9PivBnRVHLwW22z6Wh2I_Pb2pb16eQqy1sgNdVco2OK3n9o3oMjcdCDIFkISlzwq1KUw3zYgNTFJc_H1yNHYvp_Jv6WbtXTKEqVpkkPAQbUrNZnosd_cGtna5S6G6BkHFAJS0T2fsjyM4W9JpStPkZ6Q5_662yC_i3zRNWGhyWheI4y27HmBlcoqabiBIFSZE6uLRBARiH6R_81Bcawrbiugznro8c1KZX70Ccg7t9IG44bva-MCN5Z6_Z_DneZXdWNp4OZ2bd1UjuFuc3qzD3lMKPHczqtf7p_t_Yd-TtS15UAMrlT-39HpkZGLVB9RuJvD6Z1GmmpKRfJrPzMW1TSGCcrMZ7XXhvpAYrl0rWm9S9B-n&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkH4EXZSYY5KiCYmtygWJoLToCcme0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzkyNjYwNDQ2Mzk3NDQ3OcgBCakCFzX670WzsT6oAwGqBJsCT9BwpUeYGAgg5rwChvHGrBw9MAS8P_nqlj2nOBnwbEjpyYc4U1x2FuEE_E0mlARKbO6H8j4f-XnewPHpLhiQTqG5Hb5FYaOj_uZYXtqsFI2szfMzKR_dHZ6WcpKuBxPkVzxvhtmlz88_UuP9ATcrasLgt01RsSytTOuV3BNyq7K4eREahG2_7W_j8-vj9BQxHuVRxxE55AxkKthPEPaH9dGXb4oB6rN2mjlr_8m-DaKGTDPr-CT9TxN64JFJEj4BKpB561-qijFZH4vMnIxNIruc_2d4JstPAUcnm-IoOv01AL4Tm08wTJ36BtX7RwfEwNEiErCZIVDuJ1OO5xl_4OOT1wxjONpQ9knXx5-28g42Tra-yyTYVtMikoAG-u_i7ZOvtfBRoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_34J62MerVhIOHqn3h-GBt8G-bGQA%26client%3Dca-pub-7926604463974479%26adurl%3D
IP
GET /delivery/r/afr.php?z=Y5iUXQACURIKspaJAA0QCe3zyFtXXu0Q7SvYQQ&u=%7CdlTumnMRUmHlLdCU0DXuiWlHy2LTGfh8Yi4Wao77U8M%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy8IKuHQ0YyCRolvQ12OvGJY4RIcf9Lv1ySHzNj4VrDaGLkq8PS73_RIvTQ7C0fehIObJQRjTZpw9fh8xX1jKWopYH0HqymYzZwi-NI1phmQoVnauTU3yWZwk94xffKtlkQHLmoxfruG6rCXaqMBlJs408M-9PivBnRVHLwW22z6Wh2I_Pb2pb16eQqy1sgNdVco2OK3n9o3oMjcdCDIFkISlzwq1KUw3zYgNTFJc_H1yNHYvp_Jv6WbtXTKEqVpkkPAQbUrNZnosd_cGtna5S6G6BkHFAJS0T2fsjyM4W9JpStPkZ6Q5_662yC_i3zRNWGhyWheI4y27HmBlcoqabiBIFSZE6uLRBARiH6R_81Bcawrbiugznro8c1KZX70Ccg7t9IG44bva-MCN5Z6_Z_DneZXdWNp4OZ2bd1UjuFuc3qzD3lMKPHczqtf7p_t_Yd-TtS15UAMrlT-39HpkZGLVB9RuJvD6Z1GmmpKRfJrPzMW1TSGCcrMZ7XXhvpAYrl0rWm9S9B-n&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkH4EXZSYY5KiCYmtygWJoLToCcme0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzkyNjYwNDQ2Mzk3NDQ3OcgBCakCFzX670WzsT6oAwGqBJsCT9BwpUeYGAgg5rwChvHGrBw9MAS8P_nqlj2nOBnwbEjpyYc4U1x2FuEE_E0mlARKbO6H8j4f-XnewPHpLhiQTqG5Hb5FYaOj_uZYXtqsFI2szfMzKR_dHZ6WcpKuBxPkVzxvhtmlz88_UuP9ATcrasLgt01RsSytTOuV3BNyq7K4eREahG2_7W_j8-vj9BQxHuVRxxE55AxkKthPEPaH9dGXb4oB6rN2mjlr_8m-DaKGTDPr-CT9TxN64JFJEj4BKpB561-qijFZH4vMnIxNIruc_2d4JstPAUcnm-IoOv01AL4Tm08wTJ36BtX7RwfEwNEiErCZIVDuJ1OO5xl_4OOT1wxjONpQ9knXx5-28g42Tra-yyTYVtMikoAG-u_i7ZOvtfBRoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_34J62MerVhIOHqn3h-GBt8G-bGQA%26client%3Dca-pub-7926604463974479%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:03:56 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ExGH7Wmyz4zpmkgSy7o_00mnaNFlMN4eUjTqxBHoX8terwFk5P4yeX77TPQPm_ioCqG7J1mPguQxhfa6-Y8IZB0DTiNkDrxr1FTlT889g14JvjIYP77Po62UAnNjjh1oDZPIqu5KTpuBImNsbBRwkFN3nAYQI_yULaYmkq-H_BxKSX4UiB3hs9-T308B7snnh7vtNV-i-ENi5ynvuFBH8czdQsop48dbk4CYbLHBE1vNmE6HuGcATxdE1wOjwMUTp2ASCg"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 127270688
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2dc290999dafd6%26domain%3Dinfogojekbdg.blogspot.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Finfogojekbdg.blogspot.com%252Ff38e4353b86537e%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Finfogojekbandung&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=false
200 OK 0 B URL HTTP/2 www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2dc290999dafd6%26domain%3Dinfogojekbdg.blogspot.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Finfogojekbdg.blogspot.com%252Ff38e4353b86537e%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Finfogojekbandung&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=false
IP
GET /plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2dc290999dafd6%26domain%3Dinfogojekbdg.blogspot.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Finfogojekbdg.blogspot.com%252Ff38e4353b86537e%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Finfogojekbandung&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=false HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://infogojekbdg.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: Fh1y5bzOxmKSxcJqJS7e2NSGmk5ZY2C7Z9R9uJKye2m6v7CXK2mPm7csofiAwR7bQaCm+btbRWnXUxczuQ1OaA==
date: Tue, 13 Dec 2022 15:04:00 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
172.217.21.161
178.250.0.138
93.184.220.29
23.33.119.27
104.17.24.14
37.157.5.141