appsonwindows.com/download/10186436/95/
104.26.6.229301 Moved Permanently 0 B URL HTTP/1.1 appsonwindows.com/download/10186436/95/
IP 104.26.6.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /download/10186436/95/ HTTP/1.1
Host: appsonwindows.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 06 Feb 2023 12:32:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 06 Feb 2023 13:32:47 GMT
Location: https://appsonwindows.com/download/10186436/95/
Server-Timing: cf-q-config;dur=6.9999950937927e-06
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 7953e91abe1bb511-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11219
Expires: Mon, 06 Feb 2023 15:39:46 GMT
Date: Mon, 06 Feb 2023 12:32:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19573
Expires: Mon, 06 Feb 2023 17:59:00 GMT
Date: Mon, 06 Feb 2023 12:32:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7774
Expires: Mon, 06 Feb 2023 14:42:22 GMT
Date: Mon, 06 Feb 2023 12:32:48 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 11:34:04 GMT
content-type: application/json
age: 3524
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: UUB3ejiugPbpatcDgcjnOlHtPA0yHo0bmrUVGXQmKBVM58uQf17KVeezAxTzJlRhAom46ZOPxqk=
x-amz-request-id: 4QX36AXN9H5T8YRM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 12:24:56 GMT
age: 472
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8358992d3b454e20205b100da6eb956d
52d5f5fee5b25d14f5574a144c4e129d6007531e
9cf9feca73e7f734881d41d9e359647e165ac9957a00ec9c2bfbcfcdf006ea0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=94578
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:48 GMT
Etag: "63dfc1e2-117"
Expires: Tue, 07 Feb 2023 14:49:06 GMT
Last-Modified: Sun, 05 Feb 2023 14:49:06 GMT
Server: nginx
Content-Length: 279
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 12:32:48 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8358992d3b454e20205b100da6eb956d
52d5f5fee5b25d14f5574a144c4e129d6007531e
9cf9feca73e7f734881d41d9e359647e165ac9957a00ec9c2bfbcfcdf006ea0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=94578
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:48 GMT
Etag: "63dfc1e2-117"
Expires: Tue, 07 Feb 2023 14:49:06 GMT
Last-Modified: Sun, 05 Feb 2023 14:49:06 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 370e74ead61664d84985db7a9087c0e4
7c55daf6c9231e1586a0c9d48375766e7f02405f
ddc18509904868cb8e31ad5cbbd27245fc163eaac44d40a7e95fb795c6e248db
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4117
Cache-Control: max-age=118855
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:48 GMT
Etag: "63e010a2-117"
Expires: Tue, 07 Feb 2023 21:33:43 GMT
Last-Modified: Sun, 05 Feb 2023 20:25:06 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
cdnjs.cloudflare.com/ajax/libs/fancybox/3.3.5/jquery.fancybox.min.css
104.17.25.14200 OK 2.9 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/fancybox/3.3.5/jquery.fancybox.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (14065), with no line terminators
Hash c966da480efb64a4e936f34848ec8151
74aeb1bf213889c09bff4ad09b196cfa44ef3705
2131f4f45424dc47454738d9a72b696946a35309916e923ca7df02e171510f5d
GET /ajax/libs/fancybox/3.3.5/jquery.fancybox.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsonwindows.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:32:48 GMT
content-type: text/css; charset=utf-8
content-length: 2949
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e58-36f1"
last-modified: Mon, 04 May 2020 16:10:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5255884
expires: Sat, 27 Jan 2024 12:32:48 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OXCgzGsM77pJR%2Fn8%2FOKBzwsrlrnIw0PGIr%2BG7OLos2rJHPncMCKUJX0z9r3yrTyg92jmN7BOzhqTjoAK9HlSYDqYnBRxYgn0%2BfKdo3upVVRJ7zap9kSgi%2FJLDb6AhE%2F6%2FdbCxTG5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7953e91e4d6db512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 262f4bdfc247909ea4d8685ecba8702c
adcc25203fe2e2f308be2bd22216f89f11d4af7c
120761c5f13b9eddaa086f5d475462af9bc95ff43ef30783efb78ccbf3b70972
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3934
Cache-Control: max-age=155726
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:48 GMT
Etag: "63e0a160-117"
Expires: Wed, 08 Feb 2023 07:48:14 GMT
Last-Modified: Mon, 06 Feb 2023 06:42:40 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 370e74ead61664d84985db7a9087c0e4
7c55daf6c9231e1586a0c9d48375766e7f02405f
ddc18509904868cb8e31ad5cbbd27245fc163eaac44d40a7e95fb795c6e248db
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4117
Cache-Control: max-age=118855
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:48 GMT
Etag: "63e010a2-117"
Expires: Tue, 07 Feb 2023 21:33:43 GMT
Last-Modified: Sun, 05 Feb 2023 20:25:06 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9206c3ba6d5a17d62244c438fd03496e
069e8257aebe618953434b1299d065540125a512
937d395fed398e9410f75945e80f607f3146458b48cd47ba7249536ca2195817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7afb8eb5dcbd727fb69c14bfabe20e72
d4b1cc1973e4200a371f0aa8c5ec8232d780a77b
ca0a46edfe267973b60ff163d696fe7c0e862e56ee3f90f098bf309f276c987f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-77M0T1V1XW
142.250.74.40200 OK 80 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-77M0T1V1XW
IP 142.250.74.40:0
File type ASCII text, with very long lines (25667)
Hash f8711bf0eaddb4160d6cb1d88f4b52e9
340aac6f606e86364bc3f8a0bfa979ae18412ed2
411e3d9c0492a1b27ffa3cd9767ee2c1532cc36b9746c38480fb45aeda2663c7
GET /gtag/js?id=G-77M0T1V1XW HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsonwindows.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 06 Feb 2023 12:32:48 GMT
expires: Mon, 06 Feb 2023 12:32:48 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79723
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.162200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.162:0
File type ASCII text, with very long lines (3642)
Hash 492a5868c31fd308fec015637691bf0d
a988b96ac8e14029849c411a8a79b458a08a1ba7
2202090ea1414cc005fd8d19859e75b400994bd5f7d11f3fb5be2a512e4ea05e
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsonwindows.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 06 Feb 2023 12:32:48 GMT
expires: Mon, 06 Feb 2023 12:32:48 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 12013933140702909703
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50357
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, Pragma, Alert, Cache-Control, Content-Length, Expires, Retry-After, Backoff, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 11:51:19 GMT
age: 2489
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9206c3ba6d5a17d62244c438fd03496e
069e8257aebe618953434b1299d065540125a512
937d395fed398e9410f75945e80f607f3146458b48cd47ba7249536ca2195817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7afb8eb5dcbd727fb69c14bfabe20e72
d4b1cc1973e4200a371f0aa8c5ec8232d780a77b
ca0a46edfe267973b60ff163d696fe7c0e862e56ee3f90f098bf309f276c987f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10361
Expires: Mon, 06 Feb 2023 15:25:29 GMT
Date: Mon, 06 Feb 2023 12:32:48 GMT
Connection: keep-alive
push.services.mozilla.com/
35.162.110.205101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.110.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FZSCWr3jPQpTtyQOz13Yrw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fJP7IMoxbeecG/xuH+oN4AgFCOk=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 946a5ef2e5dd7032e7654d1435fd45b8
1b76eaeee4ba6615d4dda0c17027d37e5c455ba0
98a4c0fa4a73c9fa093b9ccb9db150602ea742ddf6f6a236a0d1fd0ed9d75143
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 946a5ef2e5dd7032e7654d1435fd45b8
1b76eaeee4ba6615d4dda0c17027d37e5c455ba0
98a4c0fa4a73c9fa093b9ccb9db150602ea742ddf6f6a236a0d1fd0ed9d75143
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 946a5ef2e5dd7032e7654d1435fd45b8
1b76eaeee4ba6615d4dda0c17027d37e5c455ba0
98a4c0fa4a73c9fa093b9ccb9db150602ea742ddf6f6a236a0d1fd0ed9d75143
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/1Lc5LglM1bK4FXob8vYoGtfTXnLjbHwyQZaa2X2kGFHzcGDMQDCGhQPYTptZ1pk7ygM=w32
142.250.74.97200 OK 2.3 kB URL HTTP/2 lh3.googleusercontent.com/1Lc5LglM1bK4FXob8vYoGtfTXnLjbHwyQZaa2X2kGFHzcGDMQDCGhQPYTptZ1pk7ygM=w32
IP 142.250.74.97:0
Hash 8923f9a509a419a27c5ac76e63f6c618
d5630e05e05281a43a8b722773dcbae28fa5d726
f4c96246dff17ce6d602861592b4d20b4eaf27ec9bb4a5b0113f0ae8d97da1e3
GET /1Lc5LglM1bK4FXob8vYoGtfTXnLjbHwyQZaa2X2kGFHzcGDMQDCGhQPYTptZ1pk7ygM=w32 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsonwindows.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2274
x-xss-protection: 0
date: Mon, 06 Feb 2023 12:32:49 GMT
expires: Sun, 05 Feb 2023 12:51:46 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 946a5ef2e5dd7032e7654d1435fd45b8
1b76eaeee4ba6615d4dda0c17027d37e5c455ba0
98a4c0fa4a73c9fa093b9ccb9db150602ea742ddf6f6a236a0d1fd0ed9d75143
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 17f83c823a1789ea21760ac0ff91efd1
0a3c92a9639ce39aaab0e8b0d5b7ab512cc91e69
9cc7f497eb8e32d058f70339ff3cbee6d1d21c070242c490987b733b7420a62c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html
142.250.74.66200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230201/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsonwindows.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Sun, 05 Feb 2023 20:22:18 GMT
expires: Sun, 19 Feb 2023 20:22:18 GMT
cache-control: public, max-age=1209600
age: 58231
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 946a5ef2e5dd7032e7654d1435fd45b8
1b76eaeee4ba6615d4dda0c17027d37e5c455ba0
98a4c0fa4a73c9fa093b9ccb9db150602ea742ddf6f6a236a0d1fd0ed9d75143
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/DLpUiean3jFdcaBKBU_ZyYFCpqXvO7WqtfKZsJrK4QiugN8CvpDSntm_7fY6swVvS_Y=w32
142.250.74.97200 OK 2.3 kB URL HTTP/2 lh3.googleusercontent.com/DLpUiean3jFdcaBKBU_ZyYFCpqXvO7WqtfKZsJrK4QiugN8CvpDSntm_7fY6swVvS_Y=w32
IP 142.250.74.97:0
File type PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced\012- data
Hash 5889c0f28a1e797c22e4a7959f6faa4d
0c72a01ec77e1b695c30eaea1e531d2eebd30dc4
18717b081fa5734122a6873cb8e13372c486a26ec1e708b2627561edb7068d2a
GET /DLpUiean3jFdcaBKBU_ZyYFCpqXvO7WqtfKZsJrK4QiugN8CvpDSntm_7fY6swVvS_Y=w32 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsonwindows.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Tue, 07 Feb 2023 12:32:49 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 06 Feb 2023 12:32:49 GMT
server: fife
content-length: 2316
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
play-lh.googleusercontent.com/XHXWCCgHyVpF8cU8vSWZz_2my-A0XRU-MVWeKZhEjjqRoAHSfRiW4KC1OmRq760ye-Y=w32
172.217.21.182200 OK 2.6 kB URL HTTP/2 play-lh.googleusercontent.com/XHXWCCgHyVpF8cU8vSWZz_2my-A0XRU-MVWeKZhEjjqRoAHSfRiW4KC1OmRq760ye-Y=w32
IP 172.217.21.182:0
File type PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced\012- data
Hash 654a01bbb85278d6b0f800da384de13d
85d3a242aeb5d4543f138b422de5fbf6895bbc1b
07b6c1c0f3d40a1a825e4d34e2da5161b6969eca26be4b7005dd64e5fbe2aedc
GET /XHXWCCgHyVpF8cU8vSWZz_2my-A0XRU-MVWeKZhEjjqRoAHSfRiW4KC1OmRq760ye-Y=w32 HTTP/1.1
Host: play-lh.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsonwindows.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Tue, 07 Feb 2023 12:32:49 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 06 Feb 2023 12:32:49 GMT
server: fife
content-length: 2620
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
play-lh.googleusercontent.com/HAk5CnJ5runFxxrVEUAvzSCYDX0fA0UK8NiJyCe8vFrJss4N8mdxLXyPDgnbBRx4DCyJ=w32
172.217.21.182200 OK 2.7 kB URL HTTP/2 play-lh.googleusercontent.com/HAk5CnJ5runFxxrVEUAvzSCYDX0fA0UK8NiJyCe8vFrJss4N8mdxLXyPDgnbBRx4DCyJ=w32
IP 172.217.21.182:0
File type PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced\012- data
Hash e1b8eace7863fda5c00eeb00e37adc05
b10403a290788c44c3b409df04cb18f780eee886
9c91bc6fa3184b0a102d753930291702da84411880fb064742a6b08184350401
GET /HAk5CnJ5runFxxrVEUAvzSCYDX0fA0UK8NiJyCe8vFrJss4N8mdxLXyPDgnbBRx4DCyJ=w32 HTTP/1.1
Host: play-lh.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsonwindows.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Tue, 07 Feb 2023 12:32:49 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 06 Feb 2023 12:32:49 GMT
server: fife
content-length: 2689
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
play-lh.googleusercontent.com/4kHwKb61PAspv1AhsYeU3jdXUiTQjeRpANqAsXuVULnOTHHFuvHj4y_g2W4JZtkdKQ=w32
172.217.21.182200 OK 3.4 kB URL HTTP/2 play-lh.googleusercontent.com/4kHwKb61PAspv1AhsYeU3jdXUiTQjeRpANqAsXuVULnOTHHFuvHj4y_g2W4JZtkdKQ=w32
IP 172.217.21.182:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 2faa54c173b18b1a4ab3976f802d5138
827133b41e267a509cfdaf0d817962e0f0318b42
20ed0b9ff622ec18ca2818fc2c9a48cb8424e45448083407a47acf473e13f78a
GET /4kHwKb61PAspv1AhsYeU3jdXUiTQjeRpANqAsXuVULnOTHHFuvHj4y_g2W4JZtkdKQ=w32 HTTP/1.1
Host: play-lh.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsonwindows.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3381
x-xss-protection: 0
date: Mon, 06 Feb 2023 12:32:49 GMT
expires: Sat, 04 Feb 2023 14:50:00 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 946a5ef2e5dd7032e7654d1435fd45b8
1b76eaeee4ba6615d4dda0c17027d37e5c455ba0
98a4c0fa4a73c9fa093b9ccb9db150602ea742ddf6f6a236a0d1fd0ed9d75143
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9d7d54937b70d60ca299d07980bc1e1e
42ee245e31b6c480419253d420a75159e107cc65
fd8c0e9b7ce1332347da031c471053f5acaab963f5aafd0e29bb94b90bcf9293
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 17f83c823a1789ea21760ac0ff91efd1
0a3c92a9639ce39aaab0e8b0d5b7ab512cc91e69
9cc7f497eb8e32d058f70339ff3cbee6d1d21c070242c490987b733b7420a62c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 17f83c823a1789ea21760ac0ff91efd1
0a3c92a9639ce39aaab0e8b0d5b7ab512cc91e69
9cc7f497eb8e32d058f70339ff3cbee6d1d21c070242c490987b733b7420a62c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 17f83c823a1789ea21760ac0ff91efd1
0a3c92a9639ce39aaab0e8b0d5b7ab512cc91e69
9cc7f497eb8e32d058f70339ff3cbee6d1d21c070242c490987b733b7420a62c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-77M0T1V1XW&cid=712215639.1675686814>m=45je3210&aip=1&z=678628525
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-77M0T1V1XW&cid=712215639.1675686814>m=45je3210&aip=1&z=678628525
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-77M0T1V1XW&cid=712215639.1675686814>m=45je3210&aip=1&z=678628525 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsonwindows.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 12:32:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 17f83c823a1789ea21760ac0ff91efd1
0a3c92a9639ce39aaab0e8b0d5b7ab512cc91e69
9cc7f497eb8e32d058f70339ff3cbee6d1d21c070242c490987b733b7420a62c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9d7d54937b70d60ca299d07980bc1e1e
42ee245e31b6c480419253d420a75159e107cc65
fd8c0e9b7ce1332347da031c471053f5acaab963f5aafd0e29bb94b90bcf9293
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/MCmI0oE3C5kHtT2TCornFRXMEeJCGzTbDz6-BWBQ0KjVXu4a-In97yUZcZv7Lxk46g=w32
142.250.74.97200 OK 2.4 kB URL HTTP/2 lh3.googleusercontent.com/MCmI0oE3C5kHtT2TCornFRXMEeJCGzTbDz6-BWBQ0KjVXu4a-In97yUZcZv7Lxk46g=w32
IP 142.250.74.97:0
Hash 8ebd3a05c2994b07451623f4e834c7bb
8cdf39b91c4787aa7517b6962be79b0628feeab1
29de4e3c2a5b02fd82e19f1ab4882d6b74f5bae4f54771031a068e7b5a5fd37e
GET /MCmI0oE3C5kHtT2TCornFRXMEeJCGzTbDz6-BWBQ0KjVXu4a-In97yUZcZv7Lxk46g=w32 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsonwindows.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Tue, 07 Feb 2023 12:32:49 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 06 Feb 2023 12:32:49 GMT
server: fife
content-length: 2352
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/28Kw8DNBr-PVVuaArvefL_Qy4BVKiUmhdA_94l2SFe9VvRaYX4v8AKY3J8qlhnBHRPY=w32
142.250.74.97200 OK 2.6 kB URL HTTP/2 lh3.googleusercontent.com/28Kw8DNBr-PVVuaArvefL_Qy4BVKiUmhdA_94l2SFe9VvRaYX4v8AKY3J8qlhnBHRPY=w32
IP 142.250.74.97:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 9b6f990462d090bfcc29022e6972e97e
c32e8bae0395ae6829afca5e12d84c1a85afbed7
ed2d29034096f3393ef2ffd28a66059a75044711c5a28cb56bc50f011b863c4d
GET /28Kw8DNBr-PVVuaArvefL_Qy4BVKiUmhdA_94l2SFe9VvRaYX4v8AKY3J8qlhnBHRPY=w32 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsonwindows.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Tue, 07 Feb 2023 12:32:49 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 06 Feb 2023 12:32:49 GMT
server: fife
content-length: 2565
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/CkfRYtjaIrZD4MBEjhitBtpdOfSbMEraGlrvDiLbzH6PgP3icQ6u1g35VXSEJ8CkvT8=w32
142.250.74.97200 OK 1.5 kB URL HTTP/2 lh3.googleusercontent.com/CkfRYtjaIrZD4MBEjhitBtpdOfSbMEraGlrvDiLbzH6PgP3icQ6u1g35VXSEJ8CkvT8=w32
IP 142.250.74.97:0
File type PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced\012- data
Hash d6c4da6142006b42568f70bab8ca98ce
f77130173f57b81ed55f7c7482ae4216587a23b8
a9e0a81e89913f799563efc3a9864827ed6caaa167e4daf614c32ffbff7477b9
GET /CkfRYtjaIrZD4MBEjhitBtpdOfSbMEraGlrvDiLbzH6PgP3icQ6u1g35VXSEJ8CkvT8=w32 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsonwindows.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Tue, 07 Feb 2023 12:32:49 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 06 Feb 2023 12:32:49 GMT
server: fife
content-length: 1536
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/x5uaGO3tKgUBv-GF3WfuZuzYwXpPoaXm4jpb5-PhDbriNWY5SqHmDsfTrIOZ48I0izQ=w32
142.250.74.97200 OK 1.8 kB URL HTTP/2 lh3.googleusercontent.com/x5uaGO3tKgUBv-GF3WfuZuzYwXpPoaXm4jpb5-PhDbriNWY5SqHmDsfTrIOZ48I0izQ=w32
IP 142.250.74.97:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 031044217de6054defa5f448ecfe5bf3
e2d3a3f53f8beaa5e4907f3dcf01e7743ba80edc
4a3fd6ba143e4090d8ab0706e104fa8e65b1b820ecec5b258b06c6d369e709f0
GET /x5uaGO3tKgUBv-GF3WfuZuzYwXpPoaXm4jpb5-PhDbriNWY5SqHmDsfTrIOZ48I0izQ=w32 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsonwindows.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Tue, 07 Feb 2023 12:32:49 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 06 Feb 2023 12:32:49 GMT
server: fife
content-length: 1761
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
play-lh.googleusercontent.com/AkDcfVYwKGS94srSL5CggMGI1iztSbJEQEgSbhHQ3tNefW1XLB2sYRo9HAPyQEoekaIn=w32
172.217.21.182200 OK 2.9 kB URL HTTP/2 play-lh.googleusercontent.com/AkDcfVYwKGS94srSL5CggMGI1iztSbJEQEgSbhHQ3tNefW1XLB2sYRo9HAPyQEoekaIn=w32
IP 172.217.21.182:0
File type PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced\012- data
Hash 106288b334a9ec8e6a7bd3d60cb2f814
0630d344136ff5080d6bc021a5b0ce538216e30e
650bd15471ae949c10c2881c97d10443b1fe1fcd66f30c6b201bd037190df5a9
GET /AkDcfVYwKGS94srSL5CggMGI1iztSbJEQEgSbhHQ3tNefW1XLB2sYRo9HAPyQEoekaIn=w32 HTTP/1.1
Host: play-lh.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsonwindows.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Tue, 07 Feb 2023 12:32:49 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 06 Feb 2023 12:32:49 GMT
server: fife
content-length: 2856
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d85a52a6f96da59010dc4aef95c24b6d
9e6472e7398d275d976e42fe5eaa6d555146d5bd
3dca4e3f16c9147034ad26ebcb1ab8b175f12ec93697b5d749f383220d0d9069
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=appsonwindows.com&callback=_gfp_s_&client=ca-pub-3945349410460770
216.58.207.226200 OK 257 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=appsonwindows.com&callback=_gfp_s_&client=ca-pub-3945349410460770
IP 216.58.207.226:0
File type ASCII text, with very long lines (401), with no line terminators
Hash 9bdbd8635c1c2f0ebd8d7e65ba16b6d4
e699c7dfad18b321350938c551cac08ec854fbd5
fc1bb0d78fd51a8dd180a2ce99b0e918cb68c9fbf4b46de4ecc65d4168f7c16f
GET /gampad/cookie.js?domain=appsonwindows.com&callback=_gfp_s_&client=ca-pub-3945349410460770 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsonwindows.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 06 Feb 2023 12:32:49 GMT
server: cafe
cache-control: private
content-length: 257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fundingchoicesmessages.google.com/i/ca-pub-3945349410460770?ers=2
216.58.211.14200 OK 42 kB URL HTTP/2 fundingchoicesmessages.google.com/i/ca-pub-3945349410460770?ers=2
IP 216.58.211.14:0
File type ASCII text, with very long lines (1976)
Hash ff23479050abbfc3676cc8b31144a3e8
0bf58ca8b15f3c31524c7aaf936dc343850aa824
7f979c021e479efa591ca85f7ddb24d84ee3b0cb155fc43c99fd1e5f77432231
GET /i/ca-pub-3945349410460770?ers=2 HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsonwindows.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 06 Feb 2023 12:32:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-yE7A_rk6IKFbnGXvEZt0rg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=appsonwindows.com
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=appsonwindows.com
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=appsonwindows.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsonwindows.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 06 Feb 2023 12:32:49 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d85a52a6f96da59010dc4aef95c24b6d
9e6472e7398d275d976e42fe5eaa6d555146d5bd
3dca4e3f16c9147034ad26ebcb1ab8b175f12ec93697b5d749f383220d0d9069
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play-lh.googleusercontent.com/YT1qXrRiLbese84oggIOBZPSpBLIC1D40E98K5S2E3i10ClbEK497TeIYUasCR958Ws=w32
172.217.21.182200 OK 2.7 kB URL HTTP/2 play-lh.googleusercontent.com/YT1qXrRiLbese84oggIOBZPSpBLIC1D40E98K5S2E3i10ClbEK497TeIYUasCR958Ws=w32
IP 172.217.21.182:0
File type PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced\012- data
Hash 620b64c157e8089970d81bc465c9062a
56c8f5c04fa86b3fac2b020d2ac1285e36841631
49ebe229b891e6560520cecc7a98dd0c71d6cf85d8431ab6d4abb59bd0a0221e
GET /YT1qXrRiLbese84oggIOBZPSpBLIC1D40E98K5S2E3i10ClbEK497TeIYUasCR958Ws=w32 HTTP/1.1
Host: play-lh.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsonwindows.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Tue, 07 Feb 2023 12:32:49 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 06 Feb 2023 12:32:49 GMT
server: fife
content-length: 2680
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
play-lh.googleusercontent.com/FA_85FDlPiCzSAsOZygVVxH-0SuYJ-8ueMocfLAkL_BtzIH9zZsADkJrG2WpNfSfWR9V=w32
172.217.21.182200 OK 2.6 kB URL HTTP/2 play-lh.googleusercontent.com/FA_85FDlPiCzSAsOZygVVxH-0SuYJ-8ueMocfLAkL_BtzIH9zZsADkJrG2WpNfSfWR9V=w32
IP 172.217.21.182:0
File type PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced\012- data
Hash c40f2a60d1befde9ee0baf51ca43acf3
524923b1e3a3a4a44eb865521e9a350651d5f1da
6e53844bc2c6fe0fa589d9b1faee5045b12c2061dac88a3e8ac51b7f8656aedc
GET /FA_85FDlPiCzSAsOZygVVxH-0SuYJ-8ueMocfLAkL_BtzIH9zZsADkJrG2WpNfSfWR9V=w32 HTTP/1.1
Host: play-lh.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsonwindows.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Tue, 07 Feb 2023 12:32:49 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 06 Feb 2023 12:32:49 GMT
server: fife
content-length: 2554
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 1.1 kB IP 142.250.74.131:0
Hash c8d7d122177d1897fa488e3521fb3fc5
2c9e796bb336b86d84d649e32646294ad5d5bf6c
cc98bb5814a6d69f48574b9a9f28eb57120b86b7cfdcb047be73612d1e0bf83c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play-lh.googleusercontent.com/zNZpP83drGz0hwi3fmD2RJ6Zp0B1nU7wFsIqZJoN65qs0HEPt5e3Ht-TljNr-PxVFqQ=w32
172.217.21.182200 OK 2.6 kB URL HTTP/2 play-lh.googleusercontent.com/zNZpP83drGz0hwi3fmD2RJ6Zp0B1nU7wFsIqZJoN65qs0HEPt5e3Ht-TljNr-PxVFqQ=w32
IP 172.217.21.182:0
File type PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced\012- data
Hash 57fae6ca0f610102636bfd5fa1cd4134
5b1f11f356444ef8704ed10efcca2b4a0a7ed89f
e63915188e4ee5ca7f73007ddedf31a39eb936133c5760493bc045e8f39295cb
GET /zNZpP83drGz0hwi3fmD2RJ6Zp0B1nU7wFsIqZJoN65qs0HEPt5e3Ht-TljNr-PxVFqQ=w32 HTTP/1.1
Host: play-lh.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsonwindows.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Tue, 07 Feb 2023 12:32:49 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 06 Feb 2023 12:32:49 GMT
server: fife
content-length: 2613
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 040d512b73ad828b2dd7409c0c9dab49
a7b7256940377241abd22db537a864ec6348bf90
6e7f979d255eba736072b159be75a5865fd307781806c412ea66bb0f80e38aa6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 512 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash b8edb99d9a0a459a27e961daa3838120
897005e4d1939aeb90628f30f745a044ab9d0413
c568327daa50715a1d1ce781b58577c852206a3f289e6be615b36f7acd42ee75
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsonwindows.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 06 Feb 2023 12:32:49 GMT
date: Mon, 06 Feb 2023 12:32:49 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-iA8zWmFhmQJj2l0EodT0qg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-77M0T1V1XW>m=45je3210&_p=2066857377&_gaz=1&cid=712215639.1675686814&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675686814&sct=1&seg=0&dl=https%3A%2F%2Fappsonwindows.com%2Fdownload%2F10186436%2F95%2F&dt=Download%20Particubes%200.0.49%20on%20Windows%20Pc%20%2395%20-%20appsonwindows.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-77M0T1V1XW>m=45je3210&_p=2066857377&_gaz=1&cid=712215639.1675686814&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675686814&sct=1&seg=0&dl=https%3A%2F%2Fappsonwindows.com%2Fdownload%2F10186436%2F95%2F&dt=Download%20Particubes%200.0.49%20on%20Windows%20Pc%20%2395%20-%20appsonwindows.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-77M0T1V1XW>m=45je3210&_p=2066857377&_gaz=1&cid=712215639.1675686814&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675686814&sct=1&seg=0&dl=https%3A%2F%2Fappsonwindows.com%2Fdownload%2F10186436%2F95%2F&dt=Download%20Particubes%200.0.49%20on%20Windows%20Pc%20%2395%20-%20appsonwindows.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appsonwindows.com
Connection: keep-alive
Referer: https://appsonwindows.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://appsonwindows.com
date: Mon, 06 Feb 2023 12:32:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-77M0T1V1XW&cid=712215639.1675686814>m=45je3210&aip=1
64.233.161.155204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-77M0T1V1XW&cid=712215639.1675686814>m=45je3210&aip=1
IP 64.233.161.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-77M0T1V1XW&cid=712215639.1675686814>m=45je3210&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appsonwindows.com
Connection: keep-alive
Referer: https://appsonwindows.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://appsonwindows.com
date: Mon, 06 Feb 2023 12:32:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash df5ecbacead6bfcf89c91147ea5bd428
3d4aedcbd06781fad617fe5f474837724128d13a
4875ce92cbe634ba26357c183a04ea60858ae2311dd229bd7df1052609f92098
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3645
Cache-Control: max-age=156877
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:49 GMT
Etag: "63e0a701-13a"
Expires: Wed, 08 Feb 2023 08:07:26 GMT
Last-Modified: Mon, 06 Feb 2023 07:06:41 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash df5ecbacead6bfcf89c91147ea5bd428
3d4aedcbd06781fad617fe5f474837724128d13a
4875ce92cbe634ba26357c183a04ea60858ae2311dd229bd7df1052609f92098
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3645
Cache-Control: max-age=156877
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:49 GMT
Etag: "63e0a701-13a"
Expires: Wed, 08 Feb 2023 08:07:26 GMT
Last-Modified: Mon, 06 Feb 2023 07:06:41 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash d2b2d429c5a5d191353e8805c445419b
f7cd02c83d660da5ace04c8293e8c42ed88d1b35
fd290f36795ba4b204a972e766c0376c68130604d9ae61d25eaec33060e5dd26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4247
Cache-Control: max-age=112827
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:50 GMT
Etag: "63dff896-139"
Expires: Tue, 07 Feb 2023 19:53:17 GMT
Last-Modified: Sun, 05 Feb 2023 18:42:30 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 775b935059ea0fe3ea8b6b6b39fbfcac
c75815a6b7ed90fcec75ada53d8215af52cb1a13
4f13751413b2fb82bd35ccb21b68d5b93d35af862ef772e7a4068c52fb9dbc3b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4111
Cache-Control: max-age=93284
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:50 GMT
Etag: "63dfacc7-139"
Expires: Tue, 07 Feb 2023 14:27:34 GMT
Last-Modified: Sun, 05 Feb 2023 13:19:03 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 313
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11111
Expires: Mon, 06 Feb 2023 15:38:01 GMT
Date: Mon, 06 Feb 2023 12:32:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11111
Expires: Mon, 06 Feb 2023 15:38:01 GMT
Date: Mon, 06 Feb 2023 12:32:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11111
Expires: Mon, 06 Feb 2023 15:38:01 GMT
Date: Mon, 06 Feb 2023 12:32:50 GMT
Connection: keep-alive
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOfnDbOzWf0FmAKdg2ICAgAAAHpg7GCUMTxjEHHz4GOVEN0nIF_emVybNgASAAAKDkFRVUJBZ1lCQWdFQkFn&wp=Y-DzcQAKNqwKmvVaAAAfPRcZQhCZG8JYcmA6eA
178.250.2.129200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOfnDbOzWf0FmAKdg2ICAgAAAHpg7GCUMTxjEHHz4GOVEN0nIF_emVybNgASAAAKDkFRVUJBZ1lCQWdFQkFn&wp=Y-DzcQAKNqwKmvVaAAAfPRcZQhCZG8JYcmA6eA
IP 178.250.2.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kOfnDbOzWf0FmAKdg2ICAgAAAHpg7GCUMTxjEHHz4GOVEN0nIF_emVybNgASAAAKDkFRVUJBZ1lCQWdFQkFn&wp=Y-DzcQAKNqwKmvVaAAAfPRcZQhCZG8JYcmA6eA HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 159799
date: Mon, 06 Feb 2023 12:32:49 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccc8078cc937b7de0b299bcee1496f1b
395f04af71767acc9516387c8b07bde08968fdfe
cf959fc4a72d80dcab20c235bec6d21eadaab87efa7a8969744cd228628ba050
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9808
x-amzn-requestid: 75cc8041-19f5-4994-96b6-b14d3c90ec6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiSFZAIAMF65g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-355d272c345c8c37595b4bb2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T7YlRZ936VEDkBvo2YKrS3GbyEh1xzC8W-50KiODzFjTnQb-hvkKpw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:10:54 GMT
age: 51716
etag: "395f04af71767acc9516387c8b07bde08968fdfe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=appsonwindows.com
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=appsonwindows.com
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=appsonwindows.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsonwindows.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 06 Feb 2023 12:32:50 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kOfnDbOzWawC2ASdg2ICAgAAAIJ1EGwOrFU_EHHz4GOCO1dMN8yOcOGjQwASAAAKDkFRVUJBUVlCQVFFQkFR&wp=Y-DzcQAKSbQKms0OAAq_8c0HLzN8Us_3cIzP5A
178.250.1.10200 OK 0 B URL HTTP/2 rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kOfnDbOzWawC2ASdg2ICAgAAAIJ1EGwOrFU_EHHz4GOCO1dMN8yOcOGjQwASAAAKDkFRVUJBUVlCQVFFQkFR&wp=Y-DzcQAKSbQKms0OAAq_8c0HLzN8Us_3cIzP5A
IP 178.250.1.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kOfnDbOzWawC2ASdg2ICAgAAAIJ1EGwOrFU_EHHz4GOCO1dMN8yOcOGjQwASAAAKDkFRVUJBUVlCQVFFQkFR&wp=Y-DzcQAKSbQKms0OAAq_8c0HLzN8Us_3cIzP5A HTTP/1.1
Host: rtb.nl3.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 156143
date: Mon, 06 Feb 2023 12:32:50 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 714723c38877e0d1655c7118a88ec064
809a42ce7c76cea0ce16af8172d852723c3a5f02
6bad7253694d155de31a8f5a3c635545a39aac340ca49d1bc10efb6739d4a356
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8981
x-amzn-requestid: 0054e925-c381-4737-bd92-32b2af3a604e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQHRFoAMFw6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-45ea5ee33d07326c593d21d3;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WPChtMRjKafjMFkXCam-m5lHQ-4E-UZ5VwnfjrBKaz6nuOh70Fkunw==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:02:46 GMT
age: 52204
etag: "809a42ce7c76cea0ce16af8172d852723c3a5f02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31cf5553-4c3f-4c6d-8dfb-d292e38275bb.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31cf5553-4c3f-4c6d-8dfb-d292e38275bb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5f54c8725e5dab88b12d42876fa61b12
89c734d690981e30f9d566a7763a1870724d65aa
b8cc5148ae01e1a1fe32f56bdce71de086da320cdd8a55a746609c9773fdaf77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31cf5553-4c3f-4c6d-8dfb-d292e38275bb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9809
x-amzn-requestid: 60ff8265-45f4-445b-bf49-e0f1ba4cc3da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzRVKFf7IAMF9hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddfc20-3390f67342da01416e720af6;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 06:33:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3ven3rHNpHQ94K0pntkthMllzUZIpGAGGNe_-zGTmYTtIhuQ3tZ7rQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 17:57:59 GMT
age: 66891
etag: "89c734d690981e30f9d566a7763a1870724d65aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13572f84ad268caedcc897f2ad7b9baf
afb91ab43953e8915a2169618d2ab5e330cde0a1
0fb8b09608dc293b2084953b948cc7d8a7aa7bcb525090a7e44d5cb2a725fab3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7851
x-amzn-requestid: 11d3fe95-844b-4e5d-b31c-f99e96e2b608
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRHeEIAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-602b91422dff88a750b8e3e9;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: F-bdQPU-zYhIlXtxcW_TiqE8ifPg3i0cg8gFuvJSfwoMDTe-Hqy1jg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:02:47 GMT
age: 52203
etag: "afb91ab43953e8915a2169618d2ab5e330cde0a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b3e7140400336984afc6093c1246f863
59e0b21cdf4cfdac3f1ea05badd007727939ac42
4d927e74922159db5d07b9947fa1021cff74bb7b55759960cb3941d05c1e8f11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9579
x-amzn-requestid: c474008d-a6a9-409b-88e2-c55062044575
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzQtnFGhoAMF5Zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddfb23-54dd67257ba25ad24e977a9c;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 06:28:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0Of3BK3VqVMGQGDIODQthVmi7BC8Ney4zgGCpVuzYc1j6D8RRP-AxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 14:15:34 GMT
age: 80236
etag: "59e0b21cdf4cfdac3f1ea05badd007727939ac42"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9046d887fd45a0940e31a74173d17798
1ff698b9cf660165e846dfc4770f29852aedce45
0c7b0e1250aa7718b7b35b80a1442f62e94ace1fb578fb781ec8204ee96386d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10514
x-amzn-requestid: ac2a383b-833d-4dae-9bd9-43dc3d9e373d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiPEIyoAMFqUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-436bb6816b269ce45b9f8600;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RYNzle5-l5dOMPWb2Bmu_T5aIJw9NX2FKuJsej8hzpYZcgD6coH9SA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:09 GMT
age: 52961
etag: "1ff698b9cf660165e846dfc4770f29852aedce45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash efdf5eb2d05f8488a069fdb4427ddb17
99af3c435c37975d06ae732bd258563322d1c7d5
17bea46eb3e069bcbd390faf103fb5fb2c75957bf4ca14a2c2b719de30d99bba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3457
Cache-Control: max-age=111004
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:50 GMT
Etag: "63dff48d-138"
Expires: Tue, 07 Feb 2023 19:22:54 GMT
Last-Modified: Sun, 05 Feb 2023 18:25:17 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash efdf5eb2d05f8488a069fdb4427ddb17
99af3c435c37975d06ae732bd258563322d1c7d5
17bea46eb3e069bcbd390faf103fb5fb2c75957bf4ca14a2c2b719de30d99bba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3502
Cache-Control: max-age=111049
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:50 GMT
Etag: "63dff48d-138"
Expires: Tue, 07 Feb 2023 19:23:39 GMT
Last-Modified: Sun, 05 Feb 2023 18:25:17 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash efdf5eb2d05f8488a069fdb4427ddb17
99af3c435c37975d06ae732bd258563322d1c7d5
17bea46eb3e069bcbd390faf103fb5fb2c75957bf4ca14a2c2b719de30d99bba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3457
Cache-Control: max-age=111004
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:50 GMT
Etag: "63dff48d-138"
Expires: Tue, 07 Feb 2023 19:22:54 GMT
Last-Modified: Sun, 05 Feb 2023 18:25:17 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 312
static.criteo.net/design/dt/1662e641d7d74eeb886a0ffc41a660df_avenirnextltpro-regular.woff
178.250.2.130200 OK 34 kB URL HTTP/2 static.criteo.net/design/dt/1662e641d7d74eeb886a0ffc41a660df_avenirnextltpro-regular.woff
IP 178.250.2.130:0
File type Web Open Font Format, CFF, length 34384, version 1.100\012- data
Hash 6ca898ae5c32e1195b576276384b72b1
05e67b45b9e1dcc4e64f02c619978ee7297f3752
38784db79bb7cb8998e180cff575a3d42741bbdbbeda1aad281c653089b193b1
GET /design/dt/1662e641d7d74eeb886a0ffc41a660df_avenirnextltpro-regular.woff HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 12:32:50 GMT
content-type: text/plain; charset=UTF-8
content-length: 34384
last-modified: Tue, 11 Jun 2019 14:25:37 GMT
etag: "5cffb9e1-8650"
expires: Thu, 01 Feb 2024 12:32:50 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/dt/f342bdd505994d4ebb138128d448f553_avenirnextltpro.woff
178.250.2.130200 OK 21 kB URL HTTP/2 static.criteo.net/design/dt/f342bdd505994d4ebb138128d448f553_avenirnextltpro.woff
IP 178.250.2.130:0
File type Web Open Font Format, TrueType, length 21444, version 1.100\012- data
Hash 20be5fdc3302b5f3d13fca2690afc5ef
1e75a45c81ca3ab4aee08f53c828f60daa21ff58
ed53eeea7846fe89ec2d53b5bf89b34ca78854854abdb469697c63509cc2e0ec
GET /design/dt/f342bdd505994d4ebb138128d448f553_avenirnextltpro.woff HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 12:32:50 GMT
content-type: text/plain; charset=UTF-8
content-length: 21444
last-modified: Tue, 11 Jun 2019 14:25:37 GMT
etag: "5cffb9e1-53c4"
expires: Thu, 01 Feb 2024 12:32:50 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/dt/010ccf751ef748128c521a75a966b8f1_bauer-bodoni-condensed-bold.woff
178.250.2.130200 OK 19 kB URL HTTP/2 static.criteo.net/design/dt/010ccf751ef748128c521a75a966b8f1_bauer-bodoni-condensed-bold.woff
IP 178.250.2.130:0
File type Web Open Font Format, CFF, length 19060, version 3.1\012- data
Hash c9425392bd0018132c74733dd7b2dbf8
a47dd39ae0b16c90e8e15d66302f932e367851bf
389eb0c986cfdb90b468d3c2f068b5bcb6753bb9ece0581e1bba0b8087a92b74
GET /design/dt/010ccf751ef748128c521a75a966b8f1_bauer-bodoni-condensed-bold.woff HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 12:32:50 GMT
content-type: text/plain; charset=UTF-8
content-length: 19060
last-modified: Tue, 21 Jun 2022 20:54:03 GMT
etag: "62b22feb-4a74"
expires: Thu, 01 Feb 2024 12:32:50 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/back_button2.svg
178.250.2.130200 OK 293 B URL HTTP/2 static.criteo.net/flash/icon/back_button2.svg
IP 178.250.2.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash d9f776bdc698e1bc9c6a1977218019cd
5763cfb5ac79adf0fa7f03a82bad04eea2dca243
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
GET /flash/icon/back_button2.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 12:32:50 GMT
content-type: image/svg+xml
content-length: 293
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
etag: "626a59dc-125"
expires: Thu, 01 Feb 2024 12:32:50 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/close_button.svg
178.250.2.130200 OK 308 B URL HTTP/2 static.criteo.net/flash/icon/close_button.svg
IP 178.250.2.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 1bfe2e290ec4440da74a2e2c249eae2b
0b888a3f9e27d1554f2e21d51e7a1c223d00dbd4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
GET /flash/icon/close_button.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 12:32:50 GMT
content-type: image/svg+xml
content-length: 308
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
etag: "5e46a5e4-134"
expires: Thu, 01 Feb 2024 12:32:50 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash a2bfbf4d919725ff251c887df1aed50b
61417008dee96a3229bbe65a8f9bbcf2818ec38f
dc5c65a8e8a930a63377a2afbaa38f672dea36428427c3d22e8f2c53a323b666
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2168
Cache-Control: max-age=167648
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:50 GMT
Etag: "63e0d6da-139"
Expires: Wed, 08 Feb 2023 11:06:58 GMT
Last-Modified: Mon, 06 Feb 2023 10:30:50 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 313
ads.eu.criteo.com/delivery/r/afr.php?z=Y-DzcQAKSbQKms0OAAq_8c0HLzN8Us_3cIzP5A&u=%7CuWG2rMSHRGhl21h4z7umMb2q5PZw7ktdck4Uths8MH4%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUamFb3OHLPNySDuiqBk9wKtyJbB_WllMG3M02KLDmF3l-x6KqLulbA45NVlxurUayEbTM-hRlvF_9twRinCLwcEu291_wgDyY73Q-QBTAwYM5bUP45WK5B3dDJxut9tsKzcxqPBTQjjRWjpyyecO0PCFqdT-IIR3ESxF7MH51rnS2hlE-qhb9dI2QtnsmuWjBwAQtV4PSwpfe_IGbxuxY04NX0HEFlLMbS5-NYn_4DeN3JDQmbCvuviGkoPP3bk0SWFrT_GC46-T2G4Eok-R-c5HaXITvZd6M2ouuP-Aiul2HV3ZAkLAnFFaYt7JaaU-YStMZHwvAZP4CVDPUlpHAOGsY-OdE0c5sQZ4x9xjWg0hnCXXw7IYvDfeigdpx5jV8jVBp8HeZoRlM3VhVQ3oI_SYOrjSnislPxizip0KcAT2rsvJal_RqVgZd-VHX4epgHkgQhaBVJ38rT2PhXUZ4EbPQDeuBFMUW9OKBKvZSO8LlUXJfQ03haedv35Rug-f9Uk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7AEacfPgY7STKY6a6wTx_6rwBMme0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItMzk0NTM0OTQxMDQ2MDc3MMgBCakC3nDN8XAcsj6oAwGqBMgBT9D2ebsHQiEW87sFlBjG66-aKp7M3P5cqC1VbbG5a71gL7dVrwFsuHya3mUKi68HZNmLHMkB59SR_vMAB9a_p21hu7JORvPeyjGINQndFjpgxeY3DKWR2tJm0ye3W_IoBzxL38f-1kY63MHAPH3nF6FSx9_wQ08UUXpjZEID3TQ3BDjYw-gFJWBTHnbwvYpxfGfgJmQyAD5fgKqcKrA3M4eaF9OMAPLdENsGj_AK-l7hjKi9CQRTqWiEvvsXIL6u6g5pED_NjUSABv7X27HM1djD2wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0cTlNilpaFpxTC-_aWmjnmfk6q2A%26client%3Dca-pub-3945349410460770%26adurl%3D
178.250.2.65200 OK 57 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y-DzcQAKSbQKms0OAAq_8c0HLzN8Us_3cIzP5A&u=%7CuWG2rMSHRGhl21h4z7umMb2q5PZw7ktdck4Uths8MH4%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUamFb3OHLPNySDuiqBk9wKtyJbB_WllMG3M02KLDmF3l-x6KqLulbA45NVlxurUayEbTM-hRlvF_9twRinCLwcEu291_wgDyY73Q-QBTAwYM5bUP45WK5B3dDJxut9tsKzcxqPBTQjjRWjpyyecO0PCFqdT-IIR3ESxF7MH51rnS2hlE-qhb9dI2QtnsmuWjBwAQtV4PSwpfe_IGbxuxY04NX0HEFlLMbS5-NYn_4DeN3JDQmbCvuviGkoPP3bk0SWFrT_GC46-T2G4Eok-R-c5HaXITvZd6M2ouuP-Aiul2HV3ZAkLAnFFaYt7JaaU-YStMZHwvAZP4CVDPUlpHAOGsY-OdE0c5sQZ4x9xjWg0hnCXXw7IYvDfeigdpx5jV8jVBp8HeZoRlM3VhVQ3oI_SYOrjSnislPxizip0KcAT2rsvJal_RqVgZd-VHX4epgHkgQhaBVJ38rT2PhXUZ4EbPQDeuBFMUW9OKBKvZSO8LlUXJfQ03haedv35Rug-f9Uk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7AEacfPgY7STKY6a6wTx_6rwBMme0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItMzk0NTM0OTQxMDQ2MDc3MMgBCakC3nDN8XAcsj6oAwGqBMgBT9D2ebsHQiEW87sFlBjG66-aKp7M3P5cqC1VbbG5a71gL7dVrwFsuHya3mUKi68HZNmLHMkB59SR_vMAB9a_p21hu7JORvPeyjGINQndFjpgxeY3DKWR2tJm0ye3W_IoBzxL38f-1kY63MHAPH3nF6FSx9_wQ08UUXpjZEID3TQ3BDjYw-gFJWBTHnbwvYpxfGfgJmQyAD5fgKqcKrA3M4eaF9OMAPLdENsGj_AK-l7hjKi9CQRTqWiEvvsXIL6u6g5pED_NjUSABv7X27HM1djD2wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0cTlNilpaFpxTC-_aWmjnmfk6q2A%26client%3Dca-pub-3945349410460770%26adurl%3D
IP 178.250.2.65:0
Hash 2054cb7ef20d18102b723417fbf580e1
40d3b208cc8c709136e956bc4bb97e50785f568b
9482a5cad5880e443f7d0762724e94a759b199b197909e51e9e6d3ff2f52bbcf
GET /delivery/r/afr.php?z=Y-DzcQAKSbQKms0OAAq_8c0HLzN8Us_3cIzP5A&u=%7CuWG2rMSHRGhl21h4z7umMb2q5PZw7ktdck4Uths8MH4%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUamFb3OHLPNySDuiqBk9wKtyJbB_WllMG3M02KLDmF3l-x6KqLulbA45NVlxurUayEbTM-hRlvF_9twRinCLwcEu291_wgDyY73Q-QBTAwYM5bUP45WK5B3dDJxut9tsKzcxqPBTQjjRWjpyyecO0PCFqdT-IIR3ESxF7MH51rnS2hlE-qhb9dI2QtnsmuWjBwAQtV4PSwpfe_IGbxuxY04NX0HEFlLMbS5-NYn_4DeN3JDQmbCvuviGkoPP3bk0SWFrT_GC46-T2G4Eok-R-c5HaXITvZd6M2ouuP-Aiul2HV3ZAkLAnFFaYt7JaaU-YStMZHwvAZP4CVDPUlpHAOGsY-OdE0c5sQZ4x9xjWg0hnCXXw7IYvDfeigdpx5jV8jVBp8HeZoRlM3VhVQ3oI_SYOrjSnislPxizip0KcAT2rsvJal_RqVgZd-VHX4epgHkgQhaBVJ38rT2PhXUZ4EbPQDeuBFMUW9OKBKvZSO8LlUXJfQ03haedv35Rug-f9Uk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7AEacfPgY7STKY6a6wTx_6rwBMme0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItMzk0NTM0OTQxMDQ2MDc3MMgBCakC3nDN8XAcsj6oAwGqBMgBT9D2ebsHQiEW87sFlBjG66-aKp7M3P5cqC1VbbG5a71gL7dVrwFsuHya3mUKi68HZNmLHMkB59SR_vMAB9a_p21hu7JORvPeyjGINQndFjpgxeY3DKWR2tJm0ye3W_IoBzxL38f-1kY63MHAPH3nF6FSx9_wQ08UUXpjZEID3TQ3BDjYw-gFJWBTHnbwvYpxfGfgJmQyAD5fgKqcKrA3M4eaF9OMAPLdENsGj_AK-l7hjKi9CQRTqWiEvvsXIL6u6g5pED_NjUSABv7X27HM1djD2wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0cTlNilpaFpxTC-_aWmjnmfk6q2A%26client%3Dca-pub-3945349410460770%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:32:49 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=n14rJgjZ76i8Q0H1uqg5TckoJebQ_dB8IGz228vjT6_NpjxMyXhXeM6TaGKblO5jSltM97B-EMwk7pHeUQWkE0L_UP130O98KFY82nrXzpWZbYwrhLCXx3623r2to33bDCXdnDP-Zco7HCus2Ebi-n_uICN7lF_XvQRlHMmBSXWfDwJZju-rylWqH0sJvpNmNfbgP-4Xg_NRA75Tk-vt6tLurVzTTo8aMEAyCH0R64JpmIMhFIIIvSTwYfBe-znfzKdneA"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 129667901
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash a2bfbf4d919725ff251c887df1aed50b
61417008dee96a3229bbe65a8f9bbcf2818ec38f
dc5c65a8e8a930a63377a2afbaa38f672dea36428427c3d22e8f2c53a323b666
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2168
Cache-Control: max-age=167648
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:32:50 GMT
Etag: "63e0d6da-139"
Expires: Wed, 08 Feb 2023 11:06:58 GMT
Last-Modified: Mon, 06 Feb 2023 10:30:50 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 313
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000016558%2Fretina_detail.jpg&v=3&w=800&s=VN0jO_Ww-bLOwLcppSM1TqQs&b=400
178.250.0.139200 OK 4.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000016558%2Fretina_detail.jpg&v=3&w=800&s=VN0jO_Ww-bLOwLcppSM1TqQs&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x249, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ae9f655e379a3c75294a7d0b6209aeb8
426b8814feeae161479a430b6507dc03b92a9791
5672b7ba306688ae148f37dc0c981788604e0ea0f43d2ed699aa84078e3fd67b
GET /img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000016558%2Fretina_detail.jpg&v=3&w=800&s=VN0jO_Ww-bLOwLcppSM1TqQs&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=1606647
expires: Sat, 25 Feb 2023 02:50:18 GMT
date: Mon, 06 Feb 2023 12:32:50 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4734
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000022929%2Fretina_detail.jpg&v=3&w=800&s=z-SWQXVwtygCMpg8HlNqRUL_&b=400
178.250.0.139200 OK 5.6 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000022929%2Fretina_detail.jpg&v=3&w=800&s=z-SWQXVwtygCMpg8HlNqRUL_&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 237x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4722f673f3a7818ad34bd781410acef0
13907eb89e5f979eaef08a09402b7129a4e8c10f
b0f8443dc7e9f1f4188168035387a2fe317213c5b5afe3379e87fcd1fe8f8c2e
GET /img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000022929%2Fretina_detail.jpg&v=3&w=800&s=z-SWQXVwtygCMpg8HlNqRUL_&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=1637115
expires: Sat, 25 Feb 2023 11:18:06 GMT
date: Mon, 06 Feb 2023 12:32:50 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5570
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000023606%2Fretina_detail.jpg&v=3&w=800&s=mwuXtkBaH55zxI8YnzFQ6BcJ&b=400
178.250.0.139200 OK 6.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000023606%2Fretina_detail.jpg&v=3&w=800&s=mwuXtkBaH55zxI8YnzFQ6BcJ&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x313, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6c3f18afaadeb2d7e63fb17d25adf708
0addd443a7daf013be6acb1bf658233cdf5e7153
2bb86f767243bd2e58fe9ffb4ae66bd3bd81c7d187abf2c0ef4266437e11ec74
GET /img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000023606%2Fretina_detail.jpg&v=3&w=800&s=mwuXtkBaH55zxI8YnzFQ6BcJ&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=1661368
expires: Sat, 25 Feb 2023 18:02:18 GMT
date: Mon, 06 Feb 2023 12:32:49 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6948
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000025998%2Fretina_detail.jpg&v=3&w=800&s=-5TtZM-_1tMSy5qlWzwavD9O&b=400
178.250.0.139200 OK 9.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000025998%2Fretina_detail.jpg&v=3&w=800&s=-5TtZM-_1tMSy5qlWzwavD9O&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x279, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a652943c15856210328ac00f6e0206c5
7591a8d2766873d55faff57715835f426313e62e
e2e688bf72f6b70b1abab9228c0ea77a5d44dfec8f3faecff914bf344cf3fd28
GET /img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000025998%2Fretina_detail.jpg&v=3&w=800&s=-5TtZM-_1tMSy5qlWzwavD9O&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=262892
expires: Thu, 09 Feb 2023 13:34:22 GMT
date: Mon, 06 Feb 2023 12:32:50 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9852
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=556&m=0&partner=49287&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F49287%2F230130%2Fede4584bbefd4e0fb9981737681ebfe8_logo_n_vertical.png&v=3&w=196&s=Q-VBLwoyhsXPqMf_s5YACtxr
178.250.0.139200 OK 37 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=556&m=0&partner=49287&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F49287%2F230130%2Fede4584bbefd4e0fb9981737681ebfe8_logo_n_vertical.png&v=3&w=196&s=Q-VBLwoyhsXPqMf_s5YACtxr
IP 178.250.0.139:0
File type gzip compressed data, max compression\012- data
Hash 5817db1bc8c42f15a22e01f1f8d14509
80f54ed7db6edba2c0fa680be9afdde1e255b4a5
f767dc57afbfcf697008d51bf37f6664bb7419e5de0e3af932650dcefe113a1e
GET /img/img?h=556&m=0&partner=49287&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F49287%2F230130%2Fede4584bbefd4e0fb9981737681ebfe8_logo_n_vertical.png&v=3&w=196&s=Q-VBLwoyhsXPqMf_s5YACtxr HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30525173
expires: Thu, 25 Jan 2024 19:45:43 GMT
date: Mon, 06 Feb 2023 12:32:49 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 31123
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000024966%2Fretina_detail.jpg&v=3&w=800&s=puxGngOS5rB6aoMI0Q8aBXvw&b=400
178.250.0.139200 OK 15 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000024966%2Fretina_detail.jpg&v=3&w=800&s=puxGngOS5rB6aoMI0Q8aBXvw&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x275, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 161f83240f51a71d99dd2a7dbe5a9435
17fe96165c1ca116b3eebb9945d8aea7b9147736
32b65ee1dfa84a291996eba00b8868e0c1a7a4e60f2ca5581c26922dea692674
GET /img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000024966%2Fretina_detail.jpg&v=3&w=800&s=puxGngOS5rB6aoMI0Q8aBXvw&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=814263
expires: Wed, 15 Feb 2023 22:43:53 GMT
date: Mon, 06 Feb 2023 12:32:49 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 15352
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=104&m=0&partner=49287&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F49287%2F230130%2F458aeb5261a3477fa0fa2e35b99cbba6_logo_n_horizontal.png&v=3&w=596&s=8lLEuLWuMgUxsMGXuM5Bx3-L
178.250.0.139200 OK 7.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=104&m=0&partner=49287&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F49287%2F230130%2F458aeb5261a3477fa0fa2e35b99cbba6_logo_n_horizontal.png&v=3&w=596&s=8lLEuLWuMgUxsMGXuM5Bx3-L
IP 178.250.0.139:0
File type PNG image data, 312 x 104, 8-bit/color RGBA, non-interlaced\012- data
Hash 4ebf2919b402f4b6657d39611afc7c2c
52302d0c97e71af2d60212641034fe95a47dcca2
4f1e2b8d644e853ba2e299358ce11ce17b7c128bff692cd45277dc52909b326d
GET /img/img?h=104&m=0&partner=49287&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F49287%2F230130%2F458aeb5261a3477fa0fa2e35b99cbba6_logo_n_horizontal.png&v=3&w=596&s=8lLEuLWuMgUxsMGXuM5Bx3-L HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30525160
expires: Thu, 25 Jan 2024 19:45:30 GMT
date: Mon, 06 Feb 2023 12:32:49 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7708
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000022445%2Fretina_detail.jpg&v=3&w=800&s=FukaNMgiqRBIqTTcGGqBkf-J&b=400
178.250.0.139200 OK 9.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000022445%2Fretina_detail.jpg&v=3&w=800&s=FukaNMgiqRBIqTTcGGqBkf-J&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x330, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c9b429b5e7b33247c6c35253f2f8a577
337e76546eabe686f00024d65f41ed3aba50e36c
108f0025092b29b1d14d8050232445cb81f221a38d60d23624802ef4ad952d11
GET /img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000022445%2Fretina_detail.jpg&v=3&w=800&s=FukaNMgiqRBIqTTcGGqBkf-J&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1663872
expires: Sat, 25 Feb 2023 18:44:03 GMT
date: Mon, 06 Feb 2023 12:32:49 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9018
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000024954%2Fretina_detail.jpg&v=3&w=800&s=tCn10Auz5dBnXcbSLK1qETJ9&b=400
178.250.0.139200 OK 21 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000024954%2Fretina_detail.jpg&v=3&w=800&s=tCn10Auz5dBnXcbSLK1qETJ9&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x397, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3db304a686db2649bebe9eb2a11dc489
0877a486718b993cf0defc45b19fd0b667da3cda
36bed0011e6328a516d3848056741c5b81cf499452813ff288ec321afda7255f
GET /img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000024954%2Fretina_detail.jpg&v=3&w=800&s=tCn10Auz5dBnXcbSLK1qETJ9&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1623322
expires: Sat, 25 Feb 2023 07:28:13 GMT
date: Mon, 06 Feb 2023 12:32:50 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 21334
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000013154%2Fretina_detail.jpg&v=3&w=800&s=kas7wxXjHpA6hIFAK8g-_Eve&b=400
178.250.0.139200 OK 9.3 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000013154%2Fretina_detail.jpg&v=3&w=800&s=kas7wxXjHpA6hIFAK8g-_Eve&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x389, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 15e30e3cd586591cf8af55c910ebd528
090008c95cfc8d4a24be0fb8670f12f21add9371
8ac3dc9f75b07e82bb23787a243606ef8173efffd25e678f07dce0372a03eac2
GET /img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000013154%2Fretina_detail.jpg&v=3&w=800&s=kas7wxXjHpA6hIFAK8g-_Eve&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1640084
expires: Sat, 25 Feb 2023 12:07:35 GMT
date: Mon, 06 Feb 2023 12:32:50 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9306
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000024068%2Fretina_detail.jpg&v=3&w=800&s=SFeays1Zgjs527M_wSlEXHoC&b=400
178.250.0.139200 OK 9.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000024068%2Fretina_detail.jpg&v=3&w=800&s=SFeays1Zgjs527M_wSlEXHoC&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x336, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 68f624bb0f8eb7cd766880d08b5e1fc8
e587e73d6f620c71daaef03989d8cd96c3a77d0e
f33d1655bf4f7df2e0ae29a5442e021ab98d73e8ad68a32f81a5c706c54ca9ca
GET /img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000024068%2Fretina_detail.jpg&v=3&w=800&s=SFeays1Zgjs527M_wSlEXHoC&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1618885
expires: Sat, 25 Feb 2023 06:14:16 GMT
date: Mon, 06 Feb 2023 12:32:49 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9514
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000025955%2Fretina_detail.jpg&v=3&w=800&s=vX18f0niwKu5eP-SZWjVdtd9&b=400
178.250.0.139200 OK 22 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000025955%2Fretina_detail.jpg&v=3&w=800&s=vX18f0niwKu5eP-SZWjVdtd9&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 291x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dbd7c7e4fcf9f8f1c47e2fa59fb64433
e469878684cd0491a4e3dd7f63f1260992a23439
c3e2f26cb76e0a8a5872be8a2528a41c446556ad8f355da677baaad577981b8f
GET /img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000025955%2Fretina_detail.jpg&v=3&w=800&s=vX18f0niwKu5eP-SZWjVdtd9&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=182586
expires: Wed, 08 Feb 2023 15:15:57 GMT
date: Mon, 06 Feb 2023 12:32:50 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 21844
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000020755%2Fretina_detail.jpg&v=3&w=800&s=UjTr5ht1BXoS5jUzkRv9vzIz&b=400
178.250.0.139200 OK 10 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000020755%2Fretina_detail.jpg&v=3&w=800&s=UjTr5ht1BXoS5jUzkRv9vzIz&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x275, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e62804aced186605fc022235a8f12da5
aa1adac23642453efaac6dc787825f32565955f0
7372853a3e3a4ec193b0d09dfd19c3519d605b8b2731102015e65250a56915e5
GET /img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000020755%2Fretina_detail.jpg&v=3&w=800&s=UjTr5ht1BXoS5jUzkRv9vzIz&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1641010
expires: Sat, 25 Feb 2023 12:23:00 GMT
date: Mon, 06 Feb 2023 12:32:50 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10454
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000023567%2Fretina_detail.jpg&v=3&w=800&s=SGW6tpEhy4XlzXz1z0b1C7DN&b=400
178.250.0.139200 OK 7.6 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000023567%2Fretina_detail.jpg&v=3&w=800&s=SGW6tpEhy4XlzXz1z0b1C7DN&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 284x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f0c38adf9983060bb70777e91beb208b
a8b92b751c832edb55625d7838837c063fe0322a
14222655ed99184ebc7e09ce062186f157fc81e54944e6200de47d2b451467e6
GET /img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000023567%2Fretina_detail.jpg&v=3&w=800&s=SGW6tpEhy4XlzXz1z0b1C7DN&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1647851
expires: Sat, 25 Feb 2023 14:17:02 GMT
date: Mon, 06 Feb 2023 12:32:49 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7602
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000025224%2Fretina_detail.jpg&v=3&w=800&s=QbulWLpD-kKfW2VnKU_pjaWq&b=400
178.250.0.139200 OK 18 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000025224%2Fretina_detail.jpg&v=3&w=800&s=QbulWLpD-kKfW2VnKU_pjaWq&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x323, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1be2fdf0d434241759095ab34764d16b
0e043ee30054bbf03262fbd823843267e8c908e0
4b65f7cb5cf853f9fc4d97b7ee24f0ecc8861cee6c23661f08067da7ed53be30
GET /img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000025224%2Fretina_detail.jpg&v=3&w=800&s=QbulWLpD-kKfW2VnKU_pjaWq&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2479067
expires: Tue, 07 Mar 2023 05:10:37 GMT
date: Mon, 06 Feb 2023 12:32:49 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 17606
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000018718%2Fretina_detail.jpg&v=3&w=800&s=51S4Fky-1rVLlIP6QKRVcnNh&b=400
178.250.0.139200 OK 5.8 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000018718%2Fretina_detail.jpg&v=3&w=800&s=51S4Fky-1rVLlIP6QKRVcnNh&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x245, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash df390b72071dd3828b5cea98d7d22496
d46de5621aade673181fe6e12435a4057081a36e
4f67c85901ca5b4c34471e5d1e5e669a470a6cc2856a9bbf1267bdfd257ea672
GET /img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000018718%2Fretina_detail.jpg&v=3&w=800&s=51S4Fky-1rVLlIP6QKRVcnNh&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1704566
expires: Sun, 26 Feb 2023 06:02:17 GMT
date: Mon, 06 Feb 2023 12:32:50 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5784
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000026119%2Fretina_detail.jpg&v=3&w=800&s=4VuDzQialT8i2Y-_mSPFpe_E&b=400
178.250.0.139200 OK 8.1 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000026119%2Fretina_detail.jpg&v=3&w=800&s=4VuDzQialT8i2Y-_mSPFpe_E&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x293, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a9a15315550fed18a62556c27bfa5978
7b968fc99e5410749a72bb81fe619470f87a202b
338c7da866cc36b7bffe945e1fc92b53e4ee8be07714af48334a097d42c330d9
GET /img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000026119%2Fretina_detail.jpg&v=3&w=800&s=4VuDzQialT8i2Y-_mSPFpe_E&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1983886
expires: Wed, 01 Mar 2023 11:37:37 GMT
date: Mon, 06 Feb 2023 12:32:49 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 8052
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kOfnDbOzWe0HfJ2DYgICAAAAMT8lDEtT-jAQcPPgY-MyEZho8zlxcS7dABIAAAoOQVFVQkFRWUJBUUVCQVE&wp=Y-DzcQAKN6sKmqmKAA_rwzhtJRUDNM6e34eYgQ
178.250.1.10200 OK 0 B URL HTTP/2 rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kOfnDbOzWe0HfJ2DYgICAAAAMT8lDEtT-jAQcPPgY-MyEZho8zlxcS7dABIAAAoOQVFVQkFRWUJBUUVCQVE&wp=Y-DzcQAKN6sKmqmKAA_rwzhtJRUDNM6e34eYgQ
IP 178.250.1.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kOfnDbOzWe0HfJ2DYgICAAAAMT8lDEtT-jAQcPPgY-MyEZho8zlxcS7dABIAAAoOQVFVQkFRWUJBUUVCQVE&wp=Y-DzcQAKN6sKmqmKAA_rwzhtJRUDNM6e34eYgQ HTTP/1.1
Host: rtb.nl3.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server-processing-duration-in-ticks: 142688
date: Mon, 06 Feb 2023 12:32:50 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=DZ5mzAjZ76i8Q0H1jc2EDu4AtscWgQdfSQ9MbNN8ca0_EUvbIgWb0FwRski1r1h5GeME36pElD_fUawb5farYf4RB_eZhHo2pIR86JvvhmD5K1GNlkQPoUAKnTi42g8-w7c61AB6daPFyXzOOqqQnGUgJu7SWa7vf4FcpwJnVS6Yq6UZ8KtyNO-2veyHnt9lZqJwVxrE6USHsGQ8vedJv8q29c9ezEoOIPQlE1pww95CPSTMMuWli3YcjXeqp0tkHFzLjQ&sds=2&rev=84569&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=DZ5mzAjZ76i8Q0H1jc2EDu4AtscWgQdfSQ9MbNN8ca0_EUvbIgWb0FwRski1r1h5GeME36pElD_fUawb5farYf4RB_eZhHo2pIR86JvvhmD5K1GNlkQPoUAKnTi42g8-w7c61AB6daPFyXzOOqqQnGUgJu7SWa7vf4FcpwJnVS6Yq6UZ8KtyNO-2veyHnt9lZqJwVxrE6USHsGQ8vedJv8q29c9ezEoOIPQlE1pww95CPSTMMuWli3YcjXeqp0tkHFzLjQ&sds=2&rev=84569&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=DZ5mzAjZ76i8Q0H1jc2EDu4AtscWgQdfSQ9MbNN8ca0_EUvbIgWb0FwRski1r1h5GeME36pElD_fUawb5farYf4RB_eZhHo2pIR86JvvhmD5K1GNlkQPoUAKnTi42g8-w7c61AB6daPFyXzOOqqQnGUgJu7SWa7vf4FcpwJnVS6Yq6UZ8KtyNO-2veyHnt9lZqJwVxrE6USHsGQ8vedJv8q29c9ezEoOIPQlE1pww95CPSTMMuWli3YcjXeqp0tkHFzLjQ&sds=2&rev=84569&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:32:50 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=n14rJgjZ76i8Q0H1uqg5TckoJebQ_dB8IGz228vjT6_NpjxMyXhXeM6TaGKblO5jSltM97B-EMwk7pHeUQWkE0L_UP130O98KFY82nrXzpWZbYwrhLCXx3623r2to33bDCXdnDP-Zco7HCus2Ebi-n_uICN7lF_XvQRlHMmBSXWfDwJZju-rylWqH0sJvpNmNfbgP-4Xg_NRA75Tk-vt6tLurVzTTo8aMEAyCH0R64JpmIMhFIIIvSTwYfBe-znfzKdneA&sds=2&rev=84569&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=n14rJgjZ76i8Q0H1uqg5TckoJebQ_dB8IGz228vjT6_NpjxMyXhXeM6TaGKblO5jSltM97B-EMwk7pHeUQWkE0L_UP130O98KFY82nrXzpWZbYwrhLCXx3623r2to33bDCXdnDP-Zco7HCus2Ebi-n_uICN7lF_XvQRlHMmBSXWfDwJZju-rylWqH0sJvpNmNfbgP-4Xg_NRA75Tk-vt6tLurVzTTo8aMEAyCH0R64JpmIMhFIIIvSTwYfBe-znfzKdneA&sds=2&rev=84569&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=n14rJgjZ76i8Q0H1uqg5TckoJebQ_dB8IGz228vjT6_NpjxMyXhXeM6TaGKblO5jSltM97B-EMwk7pHeUQWkE0L_UP130O98KFY82nrXzpWZbYwrhLCXx3623r2to33bDCXdnDP-Zco7HCus2Ebi-n_uICN7lF_XvQRlHMmBSXWfDwJZju-rylWqH0sJvpNmNfbgP-4Xg_NRA75Tk-vt6tLurVzTTo8aMEAyCH0R64JpmIMhFIIIvSTwYfBe-znfzKdneA&sds=2&rev=84569&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:32:50 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=244&m=0&partner=49287&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F49287%2F230130%2Fede4584bbefd4e0fb9981737681ebfe8_logo_n_vertical.png&v=3&w=196&s=brjzWX6nb7DD-_-MF-TA3Ejp
178.250.0.139200 OK 31 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=244&m=0&partner=49287&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F49287%2F230130%2Fede4584bbefd4e0fb9981737681ebfe8_logo_n_vertical.png&v=3&w=196&s=brjzWX6nb7DD-_-MF-TA3Ejp
IP 178.250.0.139:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4daf6347fdde360157ba962039021fd1
662fbbd8336d0a4d6a62de7362d1864441df5792
ffd8b9173d1b20ba318e756be8f14b9c3f5bddfe44a0733986df7c388954f4e9
GET /img/img?h=244&m=0&partner=49287&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F49287%2F230130%2Fede4584bbefd4e0fb9981737681ebfe8_logo_n_vertical.png&v=3&w=196&s=brjzWX6nb7DD-_-MF-TA3Ejp HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30525172
expires: Thu, 25 Jan 2024 19:45:43 GMT
date: Mon, 06 Feb 2023 12:32:50 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 31123
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000026107%2Fretina_detail.jpg&v=3&w=800&s=bDpt_qvGTZ3ywgV0855EE_9U&b=400
178.250.0.139200 OK 15 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000026107%2Fretina_detail.jpg&v=3&w=800&s=bDpt_qvGTZ3ywgV0855EE_9U&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x331, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0bd456b3b6a600d1daed54b7c5ff7d98
226f35b99eb9c4bfa0b9c6e97604b098d4834288
ad2a944ba098b7209597385de291f0e7fd25071ceae4759a10905d0e12b7a7f7
GET /img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000026107%2Fretina_detail.jpg&v=3&w=800&s=bDpt_qvGTZ3ywgV0855EE_9U&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=405277
expires: Sat, 11 Feb 2023 05:07:28 GMT
date: Mon, 06 Feb 2023 12:32:51 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 14624
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=EBaPn7TSIHMD8I_mWFN91L2DjvGbAZur3v15jrBHKEbT0eOJyTTtTIvcfi53iOxx7MHQ6ao7KTrsGogCxOvEwyOUl44i3SVuKr_-7KC7zOTYpTQ_tJg2UdG9QSUKQk1FM8T0odvR__xllssyGD8ZXwUcDauDYKn6ZWd4-jLuCpUySrWJk2OJ7BsdDTKc2YBzK-GAxxRCqT0W-16douHrp1b1iXFvEbSs1VFfRorvzdDBG-y9vPg8-pG_r3t0A39R9q8nSteNaChi2lvO6tZBhvVZFtbLSCiVYhpGR6wP2CKaY3rcshKb6qn7IGGBQtQpWbQIoxeU0bFfm5J_6v27ktCXphmyPoaT4i3mmnazkiOeDa12fhTZwYv5iRsKJFXE_xvrvvR1_ZJRk8z-2TExNMs5-tmpkxeNJmna9L4Xj0F7Y1f-
178.250.2.148200 OK 14 kB URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=EBaPn7TSIHMD8I_mWFN91L2DjvGbAZur3v15jrBHKEbT0eOJyTTtTIvcfi53iOxx7MHQ6ao7KTrsGogCxOvEwyOUl44i3SVuKr_-7KC7zOTYpTQ_tJg2UdG9QSUKQk1FM8T0odvR__xllssyGD8ZXwUcDauDYKn6ZWd4-jLuCpUySrWJk2OJ7BsdDTKc2YBzK-GAxxRCqT0W-16douHrp1b1iXFvEbSs1VFfRorvzdDBG-y9vPg8-pG_r3t0A39R9q8nSteNaChi2lvO6tZBhvVZFtbLSCiVYhpGR6wP2CKaY3rcshKb6qn7IGGBQtQpWbQIoxeU0bFfm5J_6v27ktCXphmyPoaT4i3mmnazkiOeDa12fhTZwYv5iRsKJFXE_xvrvvR1_ZJRk8z-2TExNMs5-tmpkxeNJmna9L4Xj0F7Y1f-
IP 178.250.2.148:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 2b111f32cef7d5b9023ee0618b5dc5ca
f1b887c07083ac4a7c4903e4bad5b42659ff61c1
8102177e6a816f97fb98990b7b88c90418b7173847cd236b7061106810d03c9a
GET /delivery/lg.php?cppv=3&cpp=EBaPn7TSIHMD8I_mWFN91L2DjvGbAZur3v15jrBHKEbT0eOJyTTtTIvcfi53iOxx7MHQ6ao7KTrsGogCxOvEwyOUl44i3SVuKr_-7KC7zOTYpTQ_tJg2UdG9QSUKQk1FM8T0odvR__xllssyGD8ZXwUcDauDYKn6ZWd4-jLuCpUySrWJk2OJ7BsdDTKc2YBzK-GAxxRCqT0W-16douHrp1b1iXFvEbSs1VFfRorvzdDBG-y9vPg8-pG_r3t0A39R9q8nSteNaChi2lvO6tZBhvVZFtbLSCiVYhpGR6wP2CKaY3rcshKb6qn7IGGBQtQpWbQIoxeU0bFfm5J_6v27ktCXphmyPoaT4i3mmnazkiOeDa12fhTZwYv5iRsKJFXE_xvrvvR1_ZJRk8z-2TExNMs5-tmpkxeNJmna9L4Xj0F7Y1f- HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:32:50 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2584821
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000023330%2Fretina_detail.jpg&v=3&w=800&s=n8N4BHN-icSpi3oivoW_vhfj&b=400
178.250.0.139200 OK 14 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000023330%2Fretina_detail.jpg&v=3&w=800&s=n8N4BHN-icSpi3oivoW_vhfj&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x364, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e2a2260dcebcfe7417cf8987a5369fbc
1a6b7b02edd1aecb5a8dacdaaaa64ef67aa7788e
75d55902ecf1b127cd0928af4e6dcc48bc0943ce5f584ed0fe09b529a91adf05
GET /img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000023330%2Fretina_detail.jpg&v=3&w=800&s=n8N4BHN-icSpi3oivoW_vhfj&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1628150
expires: Sat, 25 Feb 2023 08:48:42 GMT
date: Mon, 06 Feb 2023 12:32:50 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 13654
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000025940%2Fretina_detail.jpg&v=3&w=800&s=3KTm9_UbP2ywbZx1L5E8UBou&b=400
178.250.0.139200 OK 8.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000025940%2Fretina_detail.jpg&v=3&w=800&s=3KTm9_UbP2ywbZx1L5E8UBou&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 271x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 438070c5465268f2ca9bc69c428aef3e
05c44bfa77bdad24d4ee325ad2aadc16a58174e3
bed61d5d100efc964ea347e56d41e737a26e8a62b248e1360f61408c5233c9bd
GET /img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000025940%2Fretina_detail.jpg&v=3&w=800&s=3KTm9_UbP2ywbZx1L5E8UBou&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1989005
expires: Wed, 01 Mar 2023 13:02:56 GMT
date: Mon, 06 Feb 2023 12:32:50 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 8038
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000025651%2Fretina_detail.jpg&v=3&w=800&s=SGvviRDw0S6yDnaYcfgiP2Q9&b=400
178.250.0.139200 OK 9.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000025651%2Fretina_detail.jpg&v=3&w=800&s=SGvviRDw0S6yDnaYcfgiP2Q9&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x280, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7c4a70fe53b6e0c5e008e26d8a6f4b4c
8c068531a3e26ee2b5d5892202be9dd5ea12aa64
4dd4d7777fb1c1545f51dd6e2054c97be94841196318f57beac08ec8f6b284ae
GET /img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000025651%2Fretina_detail.jpg&v=3&w=800&s=SGvviRDw0S6yDnaYcfgiP2Q9&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1920365
expires: Tue, 28 Feb 2023 17:58:56 GMT
date: Mon, 06 Feb 2023 12:32:50 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9888
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=VmOFygjZ76i8Q0H1PTjMukOTQZLPzNqVpRweLfsKifDikp8hL4RfQhKrrMc9ImUMnmOU52He4u-u3p0z5H5Tfang27Q7xeSPx49ISuhb3MIzvTvTefhIWngOSUM4NqrR624-ZWu3sZL2IhFa8S1cWHc7fROa3VGdBKFk7dc6nV7q07WXlQHPK4MZitotB8l59tEytM2CpVhOIw2jFwlnMV6Q8W24TGFl7tB25--wsB-6cXmddcirkQH8Vdzo88VRruK_-g&sds=2&rev=84569&sendBeacon=true
178.250.0.162200 OK 80 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=VmOFygjZ76i8Q0H1PTjMukOTQZLPzNqVpRweLfsKifDikp8hL4RfQhKrrMc9ImUMnmOU52He4u-u3p0z5H5Tfang27Q7xeSPx49ISuhb3MIzvTvTefhIWngOSUM4NqrR624-ZWu3sZL2IhFa8S1cWHc7fROa3VGdBKFk7dc6nV7q07WXlQHPK4MZitotB8l59tEytM2CpVhOIw2jFwlnMV6Q8W24TGFl7tB25--wsB-6cXmddcirkQH8Vdzo88VRruK_-g&sds=2&rev=84569&sendBeacon=true
IP 178.250.0.162:0
File type gzip compressed data, max compression\012- data
Hash 47b031e3ccb006f2dd2fd73bb3225e46
b5baf066cdbe843e7257d0720edb8f822be9dfa7
66971a9920f6d5e26defef0f20085a61b874c8587b331954807367b3a9caa839
POST /all?cppv=3&cpp=VmOFygjZ76i8Q0H1PTjMukOTQZLPzNqVpRweLfsKifDikp8hL4RfQhKrrMc9ImUMnmOU52He4u-u3p0z5H5Tfang27Q7xeSPx49ISuhb3MIzvTvTefhIWngOSUM4NqrR624-ZWu3sZL2IhFa8S1cWHc7fROa3VGdBKFk7dc6nV7q07WXlQHPK4MZitotB8l59tEytM2CpVhOIw2jFwlnMV6Q8W24TGFl7tB25--wsB-6cXmddcirkQH8Vdzo88VRruK_-g&sds=2&rev=84569&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:32:51 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=DZ5mzAjZ76i8Q0H1jc2EDu4AtscWgQdfSQ9MbNN8ca0_EUvbIgWb0FwRski1r1h5GeME36pElD_fUawb5farYf4RB_eZhHo2pIR86JvvhmD5K1GNlkQPoUAKnTi42g8-w7c61AB6daPFyXzOOqqQnGUgJu7SWa7vf4FcpwJnVS6Yq6UZ8KtyNO-2veyHnt9lZqJwVxrE6USHsGQ8vedJv8q29c9ezEoOIPQlE1pww95CPSTMMuWli3YcjXeqp0tkHFzLjQ&sds=2&rev=84569&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=DZ5mzAjZ76i8Q0H1jc2EDu4AtscWgQdfSQ9MbNN8ca0_EUvbIgWb0FwRski1r1h5GeME36pElD_fUawb5farYf4RB_eZhHo2pIR86JvvhmD5K1GNlkQPoUAKnTi42g8-w7c61AB6daPFyXzOOqqQnGUgJu7SWa7vf4FcpwJnVS6Yq6UZ8KtyNO-2veyHnt9lZqJwVxrE6USHsGQ8vedJv8q29c9ezEoOIPQlE1pww95CPSTMMuWli3YcjXeqp0tkHFzLjQ&sds=2&rev=84569&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=DZ5mzAjZ76i8Q0H1jc2EDu4AtscWgQdfSQ9MbNN8ca0_EUvbIgWb0FwRski1r1h5GeME36pElD_fUawb5farYf4RB_eZhHo2pIR86JvvhmD5K1GNlkQPoUAKnTi42g8-w7c61AB6daPFyXzOOqqQnGUgJu7SWa7vf4FcpwJnVS6Yq6UZ8KtyNO-2veyHnt9lZqJwVxrE6USHsGQ8vedJv8q29c9ezEoOIPQlE1pww95CPSTMMuWli3YcjXeqp0tkHFzLjQ&sds=2&rev=84569&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:32:51 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=n14rJgjZ76i8Q0H1uqg5TckoJebQ_dB8IGz228vjT6_NpjxMyXhXeM6TaGKblO5jSltM97B-EMwk7pHeUQWkE0L_UP130O98KFY82nrXzpWZbYwrhLCXx3623r2to33bDCXdnDP-Zco7HCus2Ebi-n_uICN7lF_XvQRlHMmBSXWfDwJZju-rylWqH0sJvpNmNfbgP-4Xg_NRA75Tk-vt6tLurVzTTo8aMEAyCH0R64JpmIMhFIIIvSTwYfBe-znfzKdneA&sds=2&rev=84569&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=n14rJgjZ76i8Q0H1uqg5TckoJebQ_dB8IGz228vjT6_NpjxMyXhXeM6TaGKblO5jSltM97B-EMwk7pHeUQWkE0L_UP130O98KFY82nrXzpWZbYwrhLCXx3623r2to33bDCXdnDP-Zco7HCus2Ebi-n_uICN7lF_XvQRlHMmBSXWfDwJZju-rylWqH0sJvpNmNfbgP-4Xg_NRA75Tk-vt6tLurVzTTo8aMEAyCH0R64JpmIMhFIIIvSTwYfBe-znfzKdneA&sds=2&rev=84569&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=n14rJgjZ76i8Q0H1uqg5TckoJebQ_dB8IGz228vjT6_NpjxMyXhXeM6TaGKblO5jSltM97B-EMwk7pHeUQWkE0L_UP130O98KFY82nrXzpWZbYwrhLCXx3623r2to33bDCXdnDP-Zco7HCus2Ebi-n_uICN7lF_XvQRlHMmBSXWfDwJZju-rylWqH0sJvpNmNfbgP-4Xg_NRA75Tk-vt6tLurVzTTo8aMEAyCH0R64JpmIMhFIIIvSTwYfBe-znfzKdneA&sds=2&rev=84569&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:32:51 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=VmOFygjZ76i8Q0H1PTjMukOTQZLPzNqVpRweLfsKifDikp8hL4RfQhKrrMc9ImUMnmOU52He4u-u3p0z5H5Tfang27Q7xeSPx49ISuhb3MIzvTvTefhIWngOSUM4NqrR624-ZWu3sZL2IhFa8S1cWHc7fROa3VGdBKFk7dc6nV7q07WXlQHPK4MZitotB8l59tEytM2CpVhOIw2jFwlnMV6Q8W24TGFl7tB25--wsB-6cXmddcirkQH8Vdzo88VRruK_-g&sds=2&rev=84569&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=VmOFygjZ76i8Q0H1PTjMukOTQZLPzNqVpRweLfsKifDikp8hL4RfQhKrrMc9ImUMnmOU52He4u-u3p0z5H5Tfang27Q7xeSPx49ISuhb3MIzvTvTefhIWngOSUM4NqrR624-ZWu3sZL2IhFa8S1cWHc7fROa3VGdBKFk7dc6nV7q07WXlQHPK4MZitotB8l59tEytM2CpVhOIw2jFwlnMV6Q8W24TGFl7tB25--wsB-6cXmddcirkQH8Vdzo88VRruK_-g&sds=2&rev=84569&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=VmOFygjZ76i8Q0H1PTjMukOTQZLPzNqVpRweLfsKifDikp8hL4RfQhKrrMc9ImUMnmOU52He4u-u3p0z5H5Tfang27Q7xeSPx49ISuhb3MIzvTvTefhIWngOSUM4NqrR624-ZWu3sZL2IhFa8S1cWHc7fROa3VGdBKFk7dc6nV7q07WXlQHPK4MZitotB8l59tEytM2CpVhOIw2jFwlnMV6Q8W24TGFl7tB25--wsB-6cXmddcirkQH8Vdzo88VRruK_-g&sds=2&rev=84569&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:32:52 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
appsonwindows.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
172.67.71.156200 OK 0 B URL HTTP/2 appsonwindows.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 172.67.71.156:0
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: appsonwindows.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsonwindows.com/download/10186436/95/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:32:48 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 16:56:26 GMT
etag: W/"63dd3cba-302c"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7953e91e0b85b4eb-OSL
x-frame-options: DENY
expires: Wed, 08 Feb 2023 12:32:48 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
104.16.57.101200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP 104.16.57.101:0
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appsonwindows.com
Connection: keep-alive
Referer: https://appsonwindows.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:32:48 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7953e91e6832b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=rqOQ4P_tgtRZSadEdVDr8Gxc-Pqak-zTQhwyKSqBmEicKq-kc2O0SqG7hcXLymA4H6bTfwYHk-vOYJ5IqCkPtoM0kxt4DyMctf_GhKn9GURe-hQKAuAWu70Mu8L5K8thCX0eNWsM_KPQl6ximAWGa4OuAwfMV6IO46v0K5zr6McX-fJ1gkrJcCsFWETH0ZBVjWd1oy4d2vHUPUnXSKItn8wHu5zsBi4rfAU_g9Yr50I1F_yuNgzzmP5CJzb2-84AwlQPYMg1juCT1E6JeNjDQzEmZa78U8-Vx-zAP8T0SRPGzg9v8WbE-WcVfWPQInT7W1FQFsUHbOOzN0FmxO4MiewM_0uAQOj3acsK4X-D5Z4JAlB3aROzPLC5FZLyL1TguY3A-eeSQ8z0vkPzAZPqMRCsomXzTaHX3I2TGABNGhF_zypE
178.250.2.148200 OK 0 B URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=rqOQ4P_tgtRZSadEdVDr8Gxc-Pqak-zTQhwyKSqBmEicKq-kc2O0SqG7hcXLymA4H6bTfwYHk-vOYJ5IqCkPtoM0kxt4DyMctf_GhKn9GURe-hQKAuAWu70Mu8L5K8thCX0eNWsM_KPQl6ximAWGa4OuAwfMV6IO46v0K5zr6McX-fJ1gkrJcCsFWETH0ZBVjWd1oy4d2vHUPUnXSKItn8wHu5zsBi4rfAU_g9Yr50I1F_yuNgzzmP5CJzb2-84AwlQPYMg1juCT1E6JeNjDQzEmZa78U8-Vx-zAP8T0SRPGzg9v8WbE-WcVfWPQInT7W1FQFsUHbOOzN0FmxO4MiewM_0uAQOj3acsK4X-D5Z4JAlB3aROzPLC5FZLyL1TguY3A-eeSQ8z0vkPzAZPqMRCsomXzTaHX3I2TGABNGhF_zypE
IP 178.250.2.148:0
GET /delivery/lg.php?cppv=3&cpp=rqOQ4P_tgtRZSadEdVDr8Gxc-Pqak-zTQhwyKSqBmEicKq-kc2O0SqG7hcXLymA4H6bTfwYHk-vOYJ5IqCkPtoM0kxt4DyMctf_GhKn9GURe-hQKAuAWu70Mu8L5K8thCX0eNWsM_KPQl6ximAWGa4OuAwfMV6IO46v0K5zr6McX-fJ1gkrJcCsFWETH0ZBVjWd1oy4d2vHUPUnXSKItn8wHu5zsBi4rfAU_g9Yr50I1F_yuNgzzmP5CJzb2-84AwlQPYMg1juCT1E6JeNjDQzEmZa78U8-Vx-zAP8T0SRPGzg9v8WbE-WcVfWPQInT7W1FQFsUHbOOzN0FmxO4MiewM_0uAQOj3acsK4X-D5Z4JAlB3aROzPLC5FZLyL1TguY3A-eeSQ8z0vkPzAZPqMRCsomXzTaHX3I2TGABNGhF_zypE HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:32:50 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3007328
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/adchoices_en.svg
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/adchoices_en.svg
IP 178.250.2.130:0
GET /flash/icon/adchoices_en.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 12:32:50 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
etag: W/"5e42b9ee-759"
expires: Thu, 01 Feb 2024 12:32:50 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy.svg
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy.svg
IP 178.250.2.130:0
GET /flash/icon/privacy.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 12:32:50 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
etag: W/"5e4d1491-646"
expires: Thu, 01 Feb 2024 12:32:50 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=PhSmMv_tgtRZSadEdVDr8Gxc-PpgEGRVaFPBDJF4vHw61joFFhUCxXbcy7TwaxupT3wnHvYD7U_3gY2dtJ5XCGSWtspyAk7ps7BbPjrVpuHz33jd2Cqez773qMt2kXsl1pDo2RYpWGVl80uNRirDgTM6oBoZPxMc5FgKhCYy-9-yrKsjmehnatYLh9vyxwBMxdpKN-VJQytcnwnxFQNPezcrZiggHwbYUWKKraZqAemKUBoS4_6n9K51z0lwjOdiV9ouRye4m8S5e3wd1wwQSfw9c9BZPVPL6pmQHPJp9nXBqcfkk4sSGzYaO2cP2s6yV6gvYRCITMI_8Mf_m8sxc6SGg_nvlMuZedwfRNKdPSU067tYQifmQNqnFbXj4OeaOyhgsFLFLcqVkbhs2kbBKmtTxjRv8H9BfwU9X4Gum6LPEtJt
178.250.2.148200 OK 0 B URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=PhSmMv_tgtRZSadEdVDr8Gxc-PpgEGRVaFPBDJF4vHw61joFFhUCxXbcy7TwaxupT3wnHvYD7U_3gY2dtJ5XCGSWtspyAk7ps7BbPjrVpuHz33jd2Cqez773qMt2kXsl1pDo2RYpWGVl80uNRirDgTM6oBoZPxMc5FgKhCYy-9-yrKsjmehnatYLh9vyxwBMxdpKN-VJQytcnwnxFQNPezcrZiggHwbYUWKKraZqAemKUBoS4_6n9K51z0lwjOdiV9ouRye4m8S5e3wd1wwQSfw9c9BZPVPL6pmQHPJp9nXBqcfkk4sSGzYaO2cP2s6yV6gvYRCITMI_8Mf_m8sxc6SGg_nvlMuZedwfRNKdPSU067tYQifmQNqnFbXj4OeaOyhgsFLFLcqVkbhs2kbBKmtTxjRv8H9BfwU9X4Gum6LPEtJt
IP 178.250.2.148:0
GET /delivery/lg.php?cppv=3&cpp=PhSmMv_tgtRZSadEdVDr8Gxc-PpgEGRVaFPBDJF4vHw61joFFhUCxXbcy7TwaxupT3wnHvYD7U_3gY2dtJ5XCGSWtspyAk7ps7BbPjrVpuHz33jd2Cqez773qMt2kXsl1pDo2RYpWGVl80uNRirDgTM6oBoZPxMc5FgKhCYy-9-yrKsjmehnatYLh9vyxwBMxdpKN-VJQytcnwnxFQNPezcrZiggHwbYUWKKraZqAemKUBoS4_6n9K51z0lwjOdiV9ouRye4m8S5e3wd1wwQSfw9c9BZPVPL6pmQHPJp9nXBqcfkk4sSGzYaO2cP2s6yV6gvYRCITMI_8Mf_m8sxc6SGg_nvlMuZedwfRNKdPSU067tYQifmQNqnFbXj4OeaOyhgsFLFLcqVkbhs2kbBKmtTxjRv8H9BfwU9X4Gum6LPEtJt HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:32:49 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2343467
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
appsonwindows.com/download/10186436/95/
172.67.71.156200 OK 0 B URL HTTP/2 appsonwindows.com/download/10186436/95/
IP 172.67.71.156:0
GET /download/10186436/95/ HTTP/1.1
Host: appsonwindows.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:32:48 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=1800
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7953e91ca927b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y-DzcQAKNqwKmvVaAAAfPRcZQhCZG8JYcmA6eA&u=%7CuWG2rMSHRGjX2FI0iU4uc3IkLrjw4uFekFLZOonfuIM%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVKVrtx0blqmPNizfnpLtA-C2YWTENNRgvDBgsxzPT1ZBJFKTPfeU0AeKnxlD2vJpVwUftcNFAF65WcGO29j7do9gHduz9e369WmAbcu0kVqPHyUsMKIgMszKACPtbreLdn_M8Ya2swPnDhirFPPKAeh92gCKor_acbnBu6CWadOHreQaRsLyl9r0kgkyrMb8eK1_AqTTYrL8dXdos-wAWXq-cfLEiQGflBWtZJYlcqHAkfWqeFjUG4LlT-pW00VZa1QFIVV5xPvUegXrinjhaytd8QMSHJfNfXPmfmPGWPoHC0N6xAyfNa8qOVsMdXOwkVfoHj6X4z191yKg3AVSI6bNtb6rbxOHqvPBUg1Zgsh9S_TJCj8xZTKkoj5lFE8VwtYVdPzUCH4bYEb-TtaITwKyzTwm6knXkDWcBf-bihlXQlNOny-93mnwTgQvN2xuE8jmWwzjMp2hMuJxANy26K9WwoyWwlMvicmYZuXdahYHBTZ1jjtpBW7nDfeqceO260&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR1R5cfPgY6ztKNrq6wS9voC4BMme0rFcjfDi1pMBwI23ARABIABgw4SAgJgYggEXY2EtcHViLTM5NDUzNDk0MTA0NjA3NzDIAQmpAt5wzfFwHLI-qAMBqgTIAU_QEQBAiuYmGl-bdgu25vZ7dDtbnrE-njPKOiTFkHzZYdyeJU-nbqzDKmwN2PWGIlGZ5sxL_MV7QBh1VUNm7n9anrhm9bwWCNLXStpyIUt7eboVKADLiY3C6jeWvNaIoYYVFIaMhy283XjTskJIn5BAp5qX8Hgmxm670nz1b200cVwrB2wb_9uopvX9par_2Brqi5H7fuZiRRcT2s_6vJD7Mpwl0ILycbHwhOoauQ-n8072KC2ah_QlHUN9HqNU-ZWcmsSMLtwrgAb-19uxzNXYw9sBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0k9stsn3nvkSSNPpsvXnlyAf_Daw%26client%3Dca-pub-3945349410460770%26adurl%3D
178.250.2.65200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y-DzcQAKNqwKmvVaAAAfPRcZQhCZG8JYcmA6eA&u=%7CuWG2rMSHRGjX2FI0iU4uc3IkLrjw4uFekFLZOonfuIM%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVKVrtx0blqmPNizfnpLtA-C2YWTENNRgvDBgsxzPT1ZBJFKTPfeU0AeKnxlD2vJpVwUftcNFAF65WcGO29j7do9gHduz9e369WmAbcu0kVqPHyUsMKIgMszKACPtbreLdn_M8Ya2swPnDhirFPPKAeh92gCKor_acbnBu6CWadOHreQaRsLyl9r0kgkyrMb8eK1_AqTTYrL8dXdos-wAWXq-cfLEiQGflBWtZJYlcqHAkfWqeFjUG4LlT-pW00VZa1QFIVV5xPvUegXrinjhaytd8QMSHJfNfXPmfmPGWPoHC0N6xAyfNa8qOVsMdXOwkVfoHj6X4z191yKg3AVSI6bNtb6rbxOHqvPBUg1Zgsh9S_TJCj8xZTKkoj5lFE8VwtYVdPzUCH4bYEb-TtaITwKyzTwm6knXkDWcBf-bihlXQlNOny-93mnwTgQvN2xuE8jmWwzjMp2hMuJxANy26K9WwoyWwlMvicmYZuXdahYHBTZ1jjtpBW7nDfeqceO260&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR1R5cfPgY6ztKNrq6wS9voC4BMme0rFcjfDi1pMBwI23ARABIABgw4SAgJgYggEXY2EtcHViLTM5NDUzNDk0MTA0NjA3NzDIAQmpAt5wzfFwHLI-qAMBqgTIAU_QEQBAiuYmGl-bdgu25vZ7dDtbnrE-njPKOiTFkHzZYdyeJU-nbqzDKmwN2PWGIlGZ5sxL_MV7QBh1VUNm7n9anrhm9bwWCNLXStpyIUt7eboVKADLiY3C6jeWvNaIoYYVFIaMhy283XjTskJIn5BAp5qX8Hgmxm670nz1b200cVwrB2wb_9uopvX9par_2Brqi5H7fuZiRRcT2s_6vJD7Mpwl0ILycbHwhOoauQ-n8072KC2ah_QlHUN9HqNU-ZWcmsSMLtwrgAb-19uxzNXYw9sBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0k9stsn3nvkSSNPpsvXnlyAf_Daw%26client%3Dca-pub-3945349410460770%26adurl%3D
IP 178.250.2.65:0
GET /delivery/r/afr.php?z=Y-DzcQAKNqwKmvVaAAAfPRcZQhCZG8JYcmA6eA&u=%7CuWG2rMSHRGjX2FI0iU4uc3IkLrjw4uFekFLZOonfuIM%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVKVrtx0blqmPNizfnpLtA-C2YWTENNRgvDBgsxzPT1ZBJFKTPfeU0AeKnxlD2vJpVwUftcNFAF65WcGO29j7do9gHduz9e369WmAbcu0kVqPHyUsMKIgMszKACPtbreLdn_M8Ya2swPnDhirFPPKAeh92gCKor_acbnBu6CWadOHreQaRsLyl9r0kgkyrMb8eK1_AqTTYrL8dXdos-wAWXq-cfLEiQGflBWtZJYlcqHAkfWqeFjUG4LlT-pW00VZa1QFIVV5xPvUegXrinjhaytd8QMSHJfNfXPmfmPGWPoHC0N6xAyfNa8qOVsMdXOwkVfoHj6X4z191yKg3AVSI6bNtb6rbxOHqvPBUg1Zgsh9S_TJCj8xZTKkoj5lFE8VwtYVdPzUCH4bYEb-TtaITwKyzTwm6knXkDWcBf-bihlXQlNOny-93mnwTgQvN2xuE8jmWwzjMp2hMuJxANy26K9WwoyWwlMvicmYZuXdahYHBTZ1jjtpBW7nDfeqceO260&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR1R5cfPgY6ztKNrq6wS9voC4BMme0rFcjfDi1pMBwI23ARABIABgw4SAgJgYggEXY2EtcHViLTM5NDUzNDk0MTA0NjA3NzDIAQmpAt5wzfFwHLI-qAMBqgTIAU_QEQBAiuYmGl-bdgu25vZ7dDtbnrE-njPKOiTFkHzZYdyeJU-nbqzDKmwN2PWGIlGZ5sxL_MV7QBh1VUNm7n9anrhm9bwWCNLXStpyIUt7eboVKADLiY3C6jeWvNaIoYYVFIaMhy283XjTskJIn5BAp5qX8Hgmxm670nz1b200cVwrB2wb_9uopvX9par_2Brqi5H7fuZiRRcT2s_6vJD7Mpwl0ILycbHwhOoauQ-n8072KC2ah_QlHUN9HqNU-ZWcmsSMLtwrgAb-19uxzNXYw9sBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0k9stsn3nvkSSNPpsvXnlyAf_Daw%26client%3Dca-pub-3945349410460770%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:32:49 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=DZ5mzAjZ76i8Q0H1jc2EDu4AtscWgQdfSQ9MbNN8ca0_EUvbIgWb0FwRski1r1h5GeME36pElD_fUawb5farYf4RB_eZhHo2pIR86JvvhmD5K1GNlkQPoUAKnTi42g8-w7c61AB6daPFyXzOOqqQnGUgJu7SWa7vf4FcpwJnVS6Yq6UZ8KtyNO-2veyHnt9lZqJwVxrE6USHsGQ8vedJv8q29c9ezEoOIPQlE1pww95CPSTMMuWli3YcjXeqp0tkHFzLjQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 96996480
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y-DzcQAKN6sKmqmKAA_rwzhtJRUDNM6e34eYgQ&u=%7CuWG2rMSHRGix0wpqo5c0dek9AnQ%2FNa8FqkMuxppamxY%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVKQHlyfo233Bl3FrFAAeqMXMcMiLVnqo4vZjzzs92BzvkQIEJhQSikoKDm6vabTyOL0tpZhC1ZOuYFcJw9PaPEmVf_ZQfwY41zljmJoXTiPGIehbzs4O2giz7BGv0PHqzFCS3IIQE-2is3_2ZtAeyVCNkt-zhAeC46TuYinzEKDsWFXdcHylVkwhC7vt0eaETNJ5i1mlmP_YZapH1AIv15tnRygJ7BUJXfPt0wPVoKydcr8j0jfFCsjz4_S98rATHtYnE7yf3skuI-f2awSiMEf6UDzvcS9-Tj0UnJorBHu79NY0_aZM9UWlotQsRZrl3SU27oCIkEqAJiv5mtqTtWhTHgme-M3YjGTpSZTT3OKT7h10Ft93ps56X31nae7tp17AwVjZ7k95xma0J5v4AtYJfy0KSM2Oi6JO0fZKx6i9X4gpcKrGR9VJFJKELCCxk2bwh_H0MstHzKzOwRsZOuY1B_-1JTPfbMpxViWA4NhY5OSraM5EqKm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdBQUcfPgY6vvKIrT6gTD17_gD8me0rFclcmU93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItMzk0NTM0OTQxMDQ2MDc3MMgBCakC3nDN8XAcsj6oAwGqBMkBT9AHZBDk15SsabULh-nqQe5T6wkh5BpQYxXKF5GM200uWfiKm656_WCNNMU2QSlHEaDfTtc-JnvAHM9U07nmjMyrhfT6DePPqZvxMvxubbQ5xj9iOki1kAW3o5GSn2c_NpAHl-_0bUmNCsmkHrhWXp0jtW5w7ZTpZoUSmLUgQFztIUTYmOybz1rVaBqWmTkPc_HzvZSiasVkUq0W-_7Eb9TILdGVQL7WkpfSD2ZsgQ7bdQfJO7M7SscYtnXHn0PWwK12bgRqY80RgAb-19uxzNXYw9sBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11Ln70Rtp_k2lAjIyYSIZhMBWCog%26client%3Dca-pub-3945349410460770%26adurl%3D
178.250.2.65200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y-DzcQAKN6sKmqmKAA_rwzhtJRUDNM6e34eYgQ&u=%7CuWG2rMSHRGix0wpqo5c0dek9AnQ%2FNa8FqkMuxppamxY%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVKQHlyfo233Bl3FrFAAeqMXMcMiLVnqo4vZjzzs92BzvkQIEJhQSikoKDm6vabTyOL0tpZhC1ZOuYFcJw9PaPEmVf_ZQfwY41zljmJoXTiPGIehbzs4O2giz7BGv0PHqzFCS3IIQE-2is3_2ZtAeyVCNkt-zhAeC46TuYinzEKDsWFXdcHylVkwhC7vt0eaETNJ5i1mlmP_YZapH1AIv15tnRygJ7BUJXfPt0wPVoKydcr8j0jfFCsjz4_S98rATHtYnE7yf3skuI-f2awSiMEf6UDzvcS9-Tj0UnJorBHu79NY0_aZM9UWlotQsRZrl3SU27oCIkEqAJiv5mtqTtWhTHgme-M3YjGTpSZTT3OKT7h10Ft93ps56X31nae7tp17AwVjZ7k95xma0J5v4AtYJfy0KSM2Oi6JO0fZKx6i9X4gpcKrGR9VJFJKELCCxk2bwh_H0MstHzKzOwRsZOuY1B_-1JTPfbMpxViWA4NhY5OSraM5EqKm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdBQUcfPgY6vvKIrT6gTD17_gD8me0rFclcmU93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItMzk0NTM0OTQxMDQ2MDc3MMgBCakC3nDN8XAcsj6oAwGqBMkBT9AHZBDk15SsabULh-nqQe5T6wkh5BpQYxXKF5GM200uWfiKm656_WCNNMU2QSlHEaDfTtc-JnvAHM9U07nmjMyrhfT6DePPqZvxMvxubbQ5xj9iOki1kAW3o5GSn2c_NpAHl-_0bUmNCsmkHrhWXp0jtW5w7ZTpZoUSmLUgQFztIUTYmOybz1rVaBqWmTkPc_HzvZSiasVkUq0W-_7Eb9TILdGVQL7WkpfSD2ZsgQ7bdQfJO7M7SscYtnXHn0PWwK12bgRqY80RgAb-19uxzNXYw9sBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11Ln70Rtp_k2lAjIyYSIZhMBWCog%26client%3Dca-pub-3945349410460770%26adurl%3D
IP 178.250.2.65:0
GET /delivery/r/afr.php?z=Y-DzcQAKN6sKmqmKAA_rwzhtJRUDNM6e34eYgQ&u=%7CuWG2rMSHRGix0wpqo5c0dek9AnQ%2FNa8FqkMuxppamxY%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVKQHlyfo233Bl3FrFAAeqMXMcMiLVnqo4vZjzzs92BzvkQIEJhQSikoKDm6vabTyOL0tpZhC1ZOuYFcJw9PaPEmVf_ZQfwY41zljmJoXTiPGIehbzs4O2giz7BGv0PHqzFCS3IIQE-2is3_2ZtAeyVCNkt-zhAeC46TuYinzEKDsWFXdcHylVkwhC7vt0eaETNJ5i1mlmP_YZapH1AIv15tnRygJ7BUJXfPt0wPVoKydcr8j0jfFCsjz4_S98rATHtYnE7yf3skuI-f2awSiMEf6UDzvcS9-Tj0UnJorBHu79NY0_aZM9UWlotQsRZrl3SU27oCIkEqAJiv5mtqTtWhTHgme-M3YjGTpSZTT3OKT7h10Ft93ps56X31nae7tp17AwVjZ7k95xma0J5v4AtYJfy0KSM2Oi6JO0fZKx6i9X4gpcKrGR9VJFJKELCCxk2bwh_H0MstHzKzOwRsZOuY1B_-1JTPfbMpxViWA4NhY5OSraM5EqKm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdBQUcfPgY6vvKIrT6gTD17_gD8me0rFclcmU93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItMzk0NTM0OTQxMDQ2MDc3MMgBCakC3nDN8XAcsj6oAwGqBMkBT9AHZBDk15SsabULh-nqQe5T6wkh5BpQYxXKF5GM200uWfiKm656_WCNNMU2QSlHEaDfTtc-JnvAHM9U07nmjMyrhfT6DePPqZvxMvxubbQ5xj9iOki1kAW3o5GSn2c_NpAHl-_0bUmNCsmkHrhWXp0jtW5w7ZTpZoUSmLUgQFztIUTYmOybz1rVaBqWmTkPc_HzvZSiasVkUq0W-_7Eb9TILdGVQL7WkpfSD2ZsgQ7bdQfJO7M7SscYtnXHn0PWwK12bgRqY80RgAb-19uxzNXYw9sBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11Ln70Rtp_k2lAjIyYSIZhMBWCog%26client%3Dca-pub-3945349410460770%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:32:50 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=VmOFygjZ76i8Q0H1PTjMukOTQZLPzNqVpRweLfsKifDikp8hL4RfQhKrrMc9ImUMnmOU52He4u-u3p0z5H5Tfang27Q7xeSPx49ISuhb3MIzvTvTefhIWngOSUM4NqrR624-ZWu3sZL2IhFa8S1cWHc7fROa3VGdBKFk7dc6nV7q07WXlQHPK4MZitotB8l59tEytM2CpVhOIw2jFwlnMV6Q8W24TGFl7tB25--wsB-6cXmddcirkQH8Vdzo88VRruK_-g"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 130235282
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy_small.svg
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy_small.svg
IP 178.250.2.130:0
GET /flash/icon/privacy_small.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 12:32:50 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
etag: W/"5e42ba84-6aa"
expires: Thu, 01 Feb 2024 12:32:50 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/criteo_logo_2021.svg
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/criteo_logo_2021.svg
IP 178.250.2.130:0
GET /flash/icon/criteo_logo_2021.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 12:32:50 GMT
content-type: image/svg+xml
last-modified: Thu, 27 May 2021 13:21:59 GMT
etag: W/"60af9cf7-891"
expires: Thu, 01 Feb 2024 12:32:50 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
appsonwindows.com/static/app6.js
172.67.71.156200 OK 0 B URL HTTP/2 appsonwindows.com/static/app6.js
IP 172.67.71.156:0
GET /static/app6.js HTTP/1.1
Host: appsonwindows.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsonwindows.com/download/10186436/95/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:32:48 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=137657
etag: W/"60d94817-219b9"
last-modified: Mon, 28 Jun 2021 03:55:03 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1367653
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7953e91e0b80b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2