r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ec47f9eed203ae063b9c210009de54a9
19ff156471b9cffbc2432c5b65543bdd18e36271
3974208ce1840f6c9467287b7e220379ed881d76db64939f411dbc500c103d48
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3974208CE1840F6C9467287B7E220379ED881D76DB64939F411DBC500C103D48"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18271
Expires: Sat, 04 Feb 2023 14:33:08 GMT
Date: Sat, 04 Feb 2023 09:28:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17768
Expires: Sat, 04 Feb 2023 14:24:45 GMT
Date: Sat, 04 Feb 2023 09:28:37 GMT
Connection: keep-alive
juraganproposal.blogspot.com/
216.58.207.193200 OK 13 kB URL HTTP/1.1 juraganproposal.blogspot.com/
IP 216.58.207.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (4325)
Hash 7019ee9535cc6b8b48daaa5f7fe1eca2
6ebe517e102fb39f3419d218dc20024e6faf3e5d
71515eba20ac8e9bb3556b2212e6beedb07d784b3a5689b7d127b60c24b333ec
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: juraganproposal.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Sat, 04 Feb 2023 09:28:37 GMT
Date: Sat, 04 Feb 2023 09:28:37 GMT
Cache-Control: private, max-age=0
Last-Modified: Wed, 30 Nov 2022 12:50:58 GMT
ETag: W/"687c7001ec9632dd5a7a8cb17ffdaa32bc66037c42e9c3c34dcfcf9896eff8fb"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 13435
Server: GSE
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16639
Expires: Sat, 04 Feb 2023 14:05:56 GMT
Date: Sat, 04 Feb 2023 09:28:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 08:43:37 GMT
content-type: application/json
age: 2700
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: u/ny5diOaqwMyRrDwygqI76qoJHU+kHaZvj+7PqlD3G8kArQGWYmA0vfpeWt+Agn3fFEnoewRic=
x-amz-request-id: G4Q5KH2VQCH2WC9R
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 08:52:46 GMT
age: 2151
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 09:28:37 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
juraganproposal.blogspot.com/js/cookienotice.js
216.58.207.193200 OK 2.0 kB URL HTTP/1.1 juraganproposal.blogspot.com/js/cookienotice.js
IP 216.58.207.193:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: juraganproposal.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://juraganproposal.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Sat, 04 Feb 2023 09:28:37 GMT
Expires: Sat, 11 Feb 2023 09:28:37 GMT
Cache-Control: public, max-age=604800
Last-Modified: Sat, 04 Feb 2023 07:51:52 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
142.250.74.106200 OK 33 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
IP 142.250.74.106:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 18351732b1849ba758e98884e186b3c8
d735af8661eda41ff4ffbf76e6a284a0e2deb81c
bfac625d304d52e04f2caeb19266354749929c888ca09d3d1e3edcbb8770d0f0
GET /ajax/libs/jquery/1.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://juraganproposal.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33333
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 02 Feb 2023 08:57:41 GMT
Expires: Fri, 02 Feb 2024 08:57:41 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 174656
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash f73b25b85b47513c518f27e63d9a3938
9d71acd2fc1875bac9399e56b6508f4d5cd31a35
fc6073a0b633a99bc296ceb5afc65e32e77cbe1875cbc2ab22ba4a7869853f56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:28:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash f73b25b85b47513c518f27e63d9a3938
9d71acd2fc1875bac9399e56b6508f4d5cd31a35
fc6073a0b633a99bc296ceb5afc65e32e77cbe1875cbc2ab22ba4a7869853f56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:28:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/1149436903-widgets.js
216.58.207.233200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1149436903-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash b78721b4cce75b522d9ec0d1fae9e007
4ceaa4752e3e81867193004fe928875abc0af5ce
e85f67824ac9f31deedecf0b1d58878b6b3993bad9f2b48e8312928154012f06
GET /static/v1/widgets/1149436903-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://juraganproposal.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 02:15:05 GMT
expires: Thu, 01 Feb 2024 02:15:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 23:23:14 GMT
content-type: text/javascript
age: 285212
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
216.58.207.233200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://juraganproposal.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 03:28:44 GMT
expires: Fri, 02 Feb 2024 03:28:44 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Feb 2023 15:52:00 GMT
content-type: text/css
age: 194393
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash f73b25b85b47513c518f27e63d9a3938
9d71acd2fc1875bac9399e56b6508f4d5cd31a35
fc6073a0b633a99bc296ceb5afc65e32e77cbe1875cbc2ab22ba4a7869853f56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:28:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.98200 OK 53 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.98:0
File type ASCII text, with very long lines (3642)
Hash 8fc6399c8b282f8e5581a8bbb29fd1ea
ca7180fa56f158cf427eae1a4c7e1e01fb778f67
e3da58de454b0f819b9353921304d155db7a79e05d0fcd9abd4d938fea670a01
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://juraganproposal.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Sat, 04 Feb 2023 09:28:37 GMT
Expires: Sat, 04 Feb 2023 09:28:37 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 11485229890115500618
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 52989
X-XSS-Protection: 0
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 08:49:07 GMT
age: 2370
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
1.bp.blogspot.com/-xFWq3VCs_3A/VmDWjxFNRbI/AAAAAAAAB9E/7nSzyPW4-DM/s80-c/cara%2Bmengundurkan%2Bdiri%2Byang%2Bbaik%2Bdari%2Bperusahaan%2Btempat%2Bbekerja.jpg
142.250.74.161200 OK 4.1 kB URL HTTP/1.1 1.bp.blogspot.com/-xFWq3VCs_3A/VmDWjxFNRbI/AAAAAAAAB9E/7nSzyPW4-DM/s80-c/cara%2Bmengundurkan%2Bdiri%2Byang%2Bbaik%2Bdari%2Bperusahaan%2Btempat%2Bbekerja.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 80x80, components 3\012- data
Hash 8919fa9ecebae219944a95e32a454bb0
6f277c1a492d409b026d636c5c12598049209580
a243877020077e663638407aea447d02ce56da988ca1301aba1a3e9b4dbf1b4a
GET /-xFWq3VCs_3A/VmDWjxFNRbI/AAAAAAAAB9E/7nSzyPW4-DM/s80-c/cara%2Bmengundurkan%2Bdiri%2Byang%2Bbaik%2Bdari%2Bperusahaan%2Btempat%2Bbekerja.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://juraganproposal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v7d2"
Expires: Sun, 05 Feb 2023 09:28:37 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="cara mengundurkan diri yang baik dari perusahaan tempat bekerja.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sat, 04 Feb 2023 09:28:37 GMT
Server: fife
Content-Length: 4055
X-XSS-Protection: 0
3.bp.blogspot.com/-q7Pj0DfxfXg/VQbIwyw5qCI/AAAAAAAABJw/6z230hxMZkM/s80-c/homogenisasi%2Bsusu%2Bsapi.jpg
142.250.74.161200 OK 2.1 kB URL HTTP/1.1 3.bp.blogspot.com/-q7Pj0DfxfXg/VQbIwyw5qCI/AAAAAAAABJw/6z230hxMZkM/s80-c/homogenisasi%2Bsusu%2Bsapi.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 80x80, components 3\012- data
Hash 6ee30715f11d0008730a3ec94857c876
28b1d5e29109a2f587a635e73cbda727bcbe5316
bb02110fde1aad8054b387e40bb87fa94755373b5742f93cb9c867e5cb9c4dd4
GET /-q7Pj0DfxfXg/VQbIwyw5qCI/AAAAAAAABJw/6z230hxMZkM/s80-c/homogenisasi%2Bsusu%2Bsapi.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://juraganproposal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v49d"
Expires: Sun, 05 Feb 2023 09:28:38 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="homogenisasi susu sapi.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sat, 04 Feb 2023 09:28:38 GMT
Server: fife
Content-Length: 2121
X-XSS-Protection: 0
3.bp.blogspot.com/-akmIt_zD_9Y/VOdd8xcUC4I/AAAAAAAAA-Y/IHvounXMk6w/s80-c/Kursi%2BRoda%2C%2BBahagia%2BItu%2BSederhana.jpg
142.250.74.161200 OK 3.6 kB URL HTTP/1.1 3.bp.blogspot.com/-akmIt_zD_9Y/VOdd8xcUC4I/AAAAAAAAA-Y/IHvounXMk6w/s80-c/Kursi%2BRoda%2C%2BBahagia%2BItu%2BSederhana.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 80x80, components 3\012- data
Hash 81737c75d0958e37016d596ba5556c19
92d54bac3a921fc957e56f3941b63ae345c6b7db
b0f1d4209e44377e25659e1096cf9df9569883190d59c965cf03727ed794e387
GET /-akmIt_zD_9Y/VOdd8xcUC4I/AAAAAAAAA-Y/IHvounXMk6w/s80-c/Kursi%2BRoda%2C%2BBahagia%2BItu%2BSederhana.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://juraganproposal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v3e7"
Expires: Sun, 05 Feb 2023 09:28:38 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Kursi Roda, Bahagia Itu Sederhana.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sat, 04 Feb 2023 09:28:38 GMT
Server: fife
Content-Length: 3622
X-XSS-Protection: 0
2.bp.blogspot.com/-p7TfkJKq_lw/XKQQKznE4FI/AAAAAAAADn8/T-I7oDNzAX4tlXxapXtSXdPzjkJVIESgACK4BGAYYCw/s80/Husni%2BCahya%2BGumilar%2Bfoto.jpg
142.250.74.161200 OK 3.8 kB URL HTTP/1.1 2.bp.blogspot.com/-p7TfkJKq_lw/XKQQKznE4FI/AAAAAAAADn8/T-I7oDNzAX4tlXxapXtSXdPzjkJVIESgACK4BGAYYCw/s80/Husni%2BCahya%2BGumilar%2Bfoto.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 80x80, components 3\012- data
Hash a249544ca99502d6d1cb559461a1433c
3ecad3cb8dd3b70d0b6e67caffa0778564dea289
bf3ea1f1dcc074c38e82bd1b25242566574a291a2b85f5fe1712734b1bcad0ae
GET /-p7TfkJKq_lw/XKQQKznE4FI/AAAAAAAADn8/T-I7oDNzAX4tlXxapXtSXdPzjkJVIESgACK4BGAYYCw/s80/Husni%2BCahya%2BGumilar%2Bfoto.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://juraganproposal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "ve80"
Expires: Sun, 05 Feb 2023 09:28:38 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Husni Cahya Gumilar foto.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sat, 04 Feb 2023 09:28:38 GMT
Server: fife
Content-Length: 3753
X-XSS-Protection: 0
2.bp.blogspot.com/-NKNXhKVuOXI/VOXHuYmjMfI/AAAAAAAAA-I/AIJgIugb4Bw/s80-c/pendidikan%2Banak%2Busia%2Bdini.jpg
142.250.74.161200 OK 3.3 kB URL HTTP/1.1 2.bp.blogspot.com/-NKNXhKVuOXI/VOXHuYmjMfI/AAAAAAAAA-I/AIJgIugb4Bw/s80-c/pendidikan%2Banak%2Busia%2Bdini.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 80x80, components 3\012- data
Hash ab1e3a4de648265d66f9e6a04eea6ea8
300d0ddef531f0abf14fed4d9759fddefa443231
8a0f8caadd9b5259a2971fa41d5185c137cec913d2b48677c4563f6132b434f0
GET /-NKNXhKVuOXI/VOXHuYmjMfI/AAAAAAAAA-I/AIJgIugb4Bw/s80-c/pendidikan%2Banak%2Busia%2Bdini.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://juraganproposal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v3e3"
Expires: Sun, 05 Feb 2023 09:28:38 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="pendidikan anak usia dini.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sat, 04 Feb 2023 09:28:38 GMT
Server: fife
Content-Length: 3349
X-XSS-Protection: 0
2.bp.blogspot.com/-tB9Hq3cqYiI/VONaycjA_tI/AAAAAAAAA48/xKnPuFaW9cY/s80-c/cbe9caa5_eee2140a_664e_432a_820c_0498b72ed36a.jpg
142.250.74.161200 OK 4.3 kB URL HTTP/1.1 2.bp.blogspot.com/-tB9Hq3cqYiI/VONaycjA_tI/AAAAAAAAA48/xKnPuFaW9cY/s80-c/cbe9caa5_eee2140a_664e_432a_820c_0498b72ed36a.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 80x80, components 3\012- data
Hash 7501904212df4d58dbcb2911f6363897
9bbfd4b07443770ee849db912f0832a0e0c0a16c
6fb0492b1bb10bb6746f2458017ce12559b0aa8c0c5bd9dfe07aba136c794706
GET /-tB9Hq3cqYiI/VONaycjA_tI/AAAAAAAAA48/xKnPuFaW9cY/s80-c/cbe9caa5_eee2140a_664e_432a_820c_0498b72ed36a.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://juraganproposal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v390"
Expires: Sun, 05 Feb 2023 09:28:38 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="cbe9caa5_eee2140a_664e_432a_820c_0498b72ed36a.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sat, 04 Feb 2023 09:28:38 GMT
Server: fife
Content-Length: 4285
X-XSS-Protection: 0
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6448
Expires: Sat, 04 Feb 2023 11:16:06 GMT
Date: Sat, 04 Feb 2023 09:28:38 GMT
Connection: keep-alive
4.bp.blogspot.com/-AWNjY-FBPD8/VONg8NO0aYI/AAAAAAAAA5M/458oPJNCcMw/s80-c/P1020938.JPG
142.250.74.161200 OK 5.8 kB URL HTTP/1.1 4.bp.blogspot.com/-AWNjY-FBPD8/VONg8NO0aYI/AAAAAAAAA5M/458oPJNCcMw/s80-c/P1020938.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 80x80, components 3\012- data
Hash cdfa0e94e101fba30fe13f67a33bcb61
19eba8ea7f9b31751e9a7cac5c8593e1726366e4
872e9a21b9362a76840fcc7789fe520a0a468f4981c71a26ba3e7e94f71ae11b
GET /-AWNjY-FBPD8/VONg8NO0aYI/AAAAAAAAA5M/458oPJNCcMw/s80-c/P1020938.JPG HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://juraganproposal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v394"
Expires: Sun, 05 Feb 2023 09:28:38 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="P1020938.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sat, 04 Feb 2023 09:28:38 GMT
Server: fife
Content-Length: 5803
X-XSS-Protection: 0
3.bp.blogspot.com/-D_T7lmg1_D4/VOXG3ujeQ7I/AAAAAAAAA-A/AD-DZXHCwoM/s80-c/tidak%2Bmampu.jpg
142.250.74.161200 OK 3.4 kB URL HTTP/1.1 3.bp.blogspot.com/-D_T7lmg1_D4/VOXG3ujeQ7I/AAAAAAAAA-A/AD-DZXHCwoM/s80-c/tidak%2Bmampu.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 80x80, components 3\012- data
Hash 40936e558a2307c6653a5e4b4aca8a23
add4c00a781d5fa9fca23ef95dbe329326dd090d
13c302c89b34e989051e5bfb80f9b912dd7bc5193e6e563dcef52e51dd839f5a
GET /-D_T7lmg1_D4/VOXG3ujeQ7I/AAAAAAAAA-A/AD-DZXHCwoM/s80-c/tidak%2Bmampu.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://juraganproposal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v3e1"
Expires: Sun, 05 Feb 2023 09:28:38 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="tidak mampu.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sat, 04 Feb 2023 09:28:38 GMT
Server: fife
Content-Length: 3393
X-XSS-Protection: 0
juraganproposal.blogspot.com/feeds/posts/summary?alt=json-in-script&callback=pageNavi&max-results=99999
216.58.207.193200 OK 7.9 kB URL HTTP/1.1 juraganproposal.blogspot.com/feeds/posts/summary?alt=json-in-script&callback=pageNavi&max-results=99999
IP 216.58.207.193:0
File type Unicode text, UTF-8 text, with very long lines (47157)
Hash 02ba3e9bfa22ac75effb9ee37c5c7f9e
d2c2e021d1796fbcb0b7e2d200bb0cf143f4c747
14d942d63fdc3ce535e5d1516fb052cc1de9773e55c640d36e79f1f7f7c9af22
GET /feeds/posts/summary?alt=json-in-script&callback=pageNavi&max-results=99999 HTTP/1.1
Host: juraganproposal.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://juraganproposal.blogspot.com/
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"30b3ecdca34f5f1d2473e444893098dc5b87af297ca69efdc28237ed40b4c3c3"
Date: Sat, 04 Feb 2023 09:28:38 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Sat, 04 Feb 2023 09:28:39 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Wed, 30 Nov 2022 12:50:58 GMT
Content-Encoding: gzip
Content-Length: 7894
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.82.246.186101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.82.246.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GaIWdt7mj2mBIwVHFsy/og==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: m3DxOrMbybIU89/vtDqek8c7RoE=
www.blogger.com/img/logo-16.png
216.58.207.233200 OK 279 B URL HTTP/1.1 www.blogger.com/img/logo-16.png
IP 216.58.207.233:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ffecab6c722bb0adc3fce8d83b27993
0e59b05d3da526e82bb4f5d47c5d94e2a318dafb
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
GET /img/logo-16.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://juraganproposal.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 279
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 01 Feb 2023 23:18:51 GMT
Expires: Wed, 08 Feb 2023 23:18:51 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 01 Feb 2023 18:53:01 GMT
Content-Type: image/png
Age: 209387
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:28:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:28:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html
216.58.207.226200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230201/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://juraganproposal.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Fri, 03 Feb 2023 20:22:18 GMT
expires: Fri, 17 Feb 2023 20:22:18 GMT
cache-control: public, max-age=1209600
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
age: 47180
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.5 kB URL HTTP/1.1 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash eb34f61c512a19197043aa91983468a6
007bf5d74944f142685aab958578c6e86f6420e6
b8e2392f1ecb4a54de0d33135916d59327fa34c5527cd27b30a30ce321ddf0e9
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://juraganproposal.blogspot.com/
HTTP/1.1 200 OK
date: Sat, 04 Feb 2023 09:19:39 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 410386912
content-type: text/javascript
content-length: 4547
content-encoding: gzip
vary: Accept-Encoding
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
x-iplb-request-id: 5B5A2A9A:617F_2E69C9F0:0050_63DE2546_460D0:1589A
x-iplb-instance: 40744
juraganproposal.blogspot.com/favicon.ico
216.58.207.193200 OK 412 B URL HTTP/1.1 juraganproposal.blogspot.com/favicon.ico
IP 216.58.207.193:0
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: juraganproposal.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://juraganproposal.blogspot.com/
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Sat, 04 Feb 2023 09:28:38 GMT
Date: Sat, 04 Feb 2023 09:28:38 GMT
Cache-Control: private, max-age=86400
Last-Modified: Wed, 30 Nov 2022 12:50:58 GMT
ETag: W/"687c7001ec9632dd5a7a8cb17ffdaa32bc66037c42e9c3c34dcfcf9896eff8fb"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:28:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1961627728966765&plah=juraganproposal.blogspot.com&bust=31071765
142.250.74.98200 OK 121 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1961627728966765&plah=juraganproposal.blogspot.com&bust=31071765
IP 142.250.74.98:0
File type ASCII text, with very long lines (3988)
Size 121 kB (121321 bytes)
Hash a766d5720b21cb245b0d528f5fae092d
873b6889c9498f8a0600c4b81c350f0c8cae1930
86eb9db986217fb37cf917a8e6e0600db334e2e4c057038c41db3f42b28bd11a
GET /pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1961627728966765&plah=juraganproposal.blogspot.com&bust=31071765 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://juraganproposal.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 04 Feb 2023 09:28:38 GMT
expires: Sat, 04 Feb 2023 09:28:38 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 11658950254295930622
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 121321
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 173178f73b30dcae542a8d87e3dc718c
6371b093fbb92107fcfa160dd4655824f72c91d9
8f63e5a7116a2456f60943faf54e945bd498f982adf60ea8e005e24fbf689f32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F63E5A7116A2456F60943FAF54E945BD498F982ADF60EA8E005E24FBF689F32"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14920
Expires: Sat, 04 Feb 2023 13:37:18 GMT
Date: Sat, 04 Feb 2023 09:28:38 GMT
Connection: keep-alive
s10.histats.com/counters/cc_511.js
46.105.201.240200 OK 6.0 kB URL HTTP/2 s10.histats.com/counters/cc_511.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (14926), with no line terminators
Hash e0963faf9f8d4dd4683c649033bfe3e6
8b8365dac8c2d50836e19456f025370ee782598f
80ac8877a54d16e397e9518ce7221d0abad87a39ffd0221a99227540eeb8b2a8
GET /counters/cc_511.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://juraganproposal.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 09:21:45 GMT
etag: "1364484781"
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-request-id: 615055666
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 5984
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash de88149c85daf1f2f8f183d16f581394
4b88639d92a9defef7e575ff50f00348d7a4fc91
5bcde8fa6ee36e3a745249b5a5d1c583b0b17e1bd37a3d5b83ce9255b818680d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:28:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:28:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 4869996247036dae2a82e2857fee1766
2418a61397554c71ae478679a98de688748a1b42
f680797aafc60f9a7800f73b5a139e5dd3df7d8bf10acb8a8f99e3cc2e312b05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:28:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=juraganproposal.blogspot.com
216.58.207.194200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=juraganproposal.blogspot.com
IP 216.58.207.194:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=juraganproposal.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://juraganproposal.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 04 Feb 2023 09:28:38 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 4869996247036dae2a82e2857fee1766
2418a61397554c71ae478679a98de688748a1b42
f680797aafc60f9a7800f73b5a139e5dd3df7d8bf10acb8a8f99e3cc2e312b05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:28:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=juraganproposal.blogspot.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=juraganproposal.blogspot.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=juraganproposal.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://juraganproposal.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 04 Feb 2023 09:28:38 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash de88149c85daf1f2f8f183d16f581394
4b88639d92a9defef7e575ff50f00348d7a4fc91
5bcde8fa6ee36e3a745249b5a5d1c583b0b17e1bd37a3d5b83ce9255b818680d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:28:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:28:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 707bbc8a805b920528f43d3b19e9e41f
d33afb3c6b479050987b8ffa9ca64f574656af87
2e840eb2feba7a5a9c565c16c78c0c4ecbaa6273b9c77d97548b4d5c58ae2011
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:28:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 707bbc8a805b920528f43d3b19e9e41f
d33afb3c6b479050987b8ffa9ca64f574656af87
2e840eb2feba7a5a9c565c16c78c0c4ecbaa6273b9c77d97548b4d5c58ae2011
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:28:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js
216.58.207.193200 OK 1.2 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js
IP 216.58.207.193:0
File type ASCII text, with very long lines (1054)
Hash 169edf919beed1ee17c8a752ef12132e
b7fbae15ed7789984ee59618845b914aae37bf3e
2bcf9aebfd80a2558d54f39de59542c3df52610616fb2e4380d9f3d976cc13fc
GET /pagead/js/r20230201/r20110914/client/window_focus_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1236
x-xss-protection: 0
date: Fri, 03 Feb 2023 21:43:53 GMT
expires: Fri, 17 Feb 2023 21:43:53 GMT
cache-control: public, max-age=1209600
age: 42286
etag: 15004572836499977866
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
216.58.207.193200 OK 7.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
IP 216.58.207.193:0
File type ASCII text, with very long lines (1605)
Hash aeaebc4fec11dcafa566897f3b2aa937
7b4507c8793c1ce833dccaeb7dbc956c1fd06668
c23b4a16d9468c0018f502492594408fc809fc0fe003aed2f1145ba3dca87bae
GET /pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7647
x-xss-protection: 0
date: Fri, 03 Feb 2023 21:43:53 GMT
expires: Fri, 17 Feb 2023 21:43:53 GMT
cache-control: public, max-age=1209600
age: 42286
etag: 2161395064574532456
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s4.histats.com/stats/0.php?3490644&@f16&@g1&@h1&@i1&@j1675502953517&@k0&@l1&@mJuragan%20Proposal&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:-95152884&@b3:1675502954&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fjuraganproposal.blogspot.com%2F&@w
149.56.240.31200 OK 48 B URL HTTP/1.1 s4.histats.com/stats/0.php?3490644&@f16&@g1&@h1&@i1&@j1675502953517&@k0&@l1&@mJuragan%20Proposal&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:-95152884&@b3:1675502954&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fjuraganproposal.blogspot.com%2F&@w
IP 149.56.240.31:0
File type ASCII text, with no line terminators
Hash 0ea40eb3a3925509ffe77d77a3d6f4a6
1a7191a36cda1fd507def4ed7084fcb8b656864d
acfc1b38221979c890ef1c0ad652af7d576b164ea63e4071a08d962fe8d69ba0
GET /stats/0.php?3490644&@f16&@g1&@h1&@i1&@j1675502953517&@k0&@l1&@mJuragan%20Proposal&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:-95152884&@b3:1675502954&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fjuraganproposal.blogspot.com%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://juraganproposal.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 09:28:39 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 48
Connection: close
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
216.58.207.194200 OK 49 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 216.58.207.194:0
File type ASCII text, with very long lines (3504)
Hash 40b8ffdc606e81703c5f6a39df96f373
0a39b905fe6b8f947d256b01614abcdd27baef65
93cfc3bdb53008e8640dee5f3e7515b10a9b2959e69d8f2919f3d243cf547f36
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 49146
date: Sat, 04 Feb 2023 09:28:39 GMT
expires: Sat, 04 Feb 2023 09:28:39 GMT
cache-control: private, max-age=3000
etag: "1675254965429469"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash a4d2684195de093023285dce6cfbb448
801a97850444830bec6fe4112036a06e3692e988
5bf594d84d1875d4c7abe97bdc3a4d6ad22ce6f363c0984bc64629bc514ac365
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3658
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:28:39 GMT
Last-Modified: Sat, 04 Feb 2023 08:27:41 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 37115a4914f399e42d172b0050be1970
063d6511e532f222e5e17cc029ca538eb78f39b1
5f6c8b449255fe9adc4e38c9e3c2d5a856300d832ea2d59835b60c5abdbc01bb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1896
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:28:39 GMT
Last-Modified: Sat, 04 Feb 2023 08:57:03 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=ks71FLOzWaAB2ASdg2ICAgAAAO4e6MwYY6iyhrp8BhBGJd5j3549jkyFfiFbETgAEgAACg5BUVVCQWdZQkFnRUJBZw&wp=Y94lRgAM5yACHkeqAAnHjBWbBbccFEQv5p1WXg
178.250.2.129200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=ks71FLOzWaAB2ASdg2ICAgAAAO4e6MwYY6iyhrp8BhBGJd5j3549jkyFfiFbETgAEgAACg5BUVVCQWdZQkFnRUJBZw&wp=Y94lRgAM5yACHkeqAAnHjBWbBbccFEQv5p1WXg
IP 178.250.2.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=ks71FLOzWaAB2ASdg2ICAgAAAO4e6MwYY6iyhrp8BhBGJd5j3549jkyFfiFbETgAEgAACg5BUVVCQWdZQkFnRUJBZw&wp=Y94lRgAM5yACHkeqAAnHjBWbBbccFEQv5p1WXg HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 298650
date: Sat, 04 Feb 2023 09:28:39 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 9a38ff437259f4d2c8f0ae0a0af071c1
5e600b744c2b35b5a7d3e3429bf40c7fc45d9296
be67a0d3644f83408f95228b8b5c95133e957051e04b6904fa8a86de6063c39e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4521
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:28:39 GMT
Last-Modified: Sat, 04 Feb 2023 08:13:18 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 314
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3354
Expires: Sat, 04 Feb 2023 10:24:33 GMT
Date: Sat, 04 Feb 2023 09:28:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3354
Expires: Sat, 04 Feb 2023 10:24:33 GMT
Date: Sat, 04 Feb 2023 09:28:39 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 9a38ff437259f4d2c8f0ae0a0af071c1
5e600b744c2b35b5a7d3e3429bf40c7fc45d9296
be67a0d3644f83408f95228b8b5c95133e957051e04b6904fa8a86de6063c39e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4521
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:28:39 GMT
Last-Modified: Sat, 04 Feb 2023 08:13:18 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 314
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:04 GMT
age: 42035
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75b9c67fbf2d207afec78eb14b95d7ec
c0b7e9e9ca9ee71761489e738a3a308ff0b6e5c8
42ddfef2fc1e0200a1ff3d615fd6da42fd8bdea4551344580c13af07092d401f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5917
x-amzn-requestid: 095185b4-b608-4ac8-9041-6e5fcf9033d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW_EA4IAMFxVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f9-1d780a2a58fcc30613bdfdab;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -4TwLeMENj7WdI_QQWKgwxTj9MldN5z7qmo7_OX_eXIVba9zjDEoaA==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:17:42 GMT
age: 40257
etag: "c0b7e9e9ca9ee71761489e738a3a308ff0b6e5c8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3354
Expires: Sat, 04 Feb 2023 10:24:33 GMT
Date: Sat, 04 Feb 2023 09:28:39 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 9a38ff437259f4d2c8f0ae0a0af071c1
5e600b744c2b35b5a7d3e3429bf40c7fc45d9296
be67a0d3644f83408f95228b8b5c95133e957051e04b6904fa8a86de6063c39e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4521
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:28:39 GMT
Last-Modified: Sat, 04 Feb 2023 08:13:18 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 314
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 40686
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f926cd4f39b1a10b152e5959b28ae29e
2b1982d21321071394e363888e007598e968fb35
a51b246a9aa5a2583cae7fd4f0a3bdf73f0b318b7838828d36ea5674a5f26753
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13309
x-amzn-requestid: f6a3f0f3-d91b-4f4d-8265-0f87742ba5d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyFeBFX4oAMFfpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd82bf-5808ceec265756c702d212dc;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:55:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WWjzs8W8GmSAM0-Uc8XBTxz67RJJCIzp3fBYhkoIWZ26UrobmZV8mw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:28:17 GMT
age: 39622
etag: "2b1982d21321071394e363888e007598e968fb35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/back_button2.svg
178.250.2.130200 OK 293 B URL HTTP/2 static.criteo.net/flash/icon/back_button2.svg
IP 178.250.2.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash d9f776bdc698e1bc9c6a1977218019cd
5763cfb5ac79adf0fa7f03a82bad04eea2dca243
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
GET /flash/icon/back_button2.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 09:28:39 GMT
content-type: image/svg+xml
content-length: 293
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
etag: "626a59dc-125"
expires: Tue, 30 Jan 2024 09:28:39 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G8F3Fflod6HB4QFtjpD09xzi-2LKPw_DBJT0PKYKU3bs3pvOwO_LRw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:32 GMT
age: 40687
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.criteo.net/animejs/animejs.js
178.250.2.130200 OK 5.7 kB URL HTTP/2 static.criteo.net/animejs/animejs.js
IP 178.250.2.130:0
File type ASCII text, with very long lines (12673), with no line terminators
Hash b38406f1648d18ff34629edc267cef2e
e87131a99cc284e99f97002528db941802f1055f
3eb7cf54084cf59bf4ee14db7271b2600b28e5bf18ec3d80fa58592c83685c37
GET /animejs/animejs.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 09:28:39 GMT
content-type: text/javascript
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
etag: W/"5c9a64eb-3181"
expires: Tue, 30 Jan 2024 09:28:39 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45c6a062f8637e689819f505b019dc0e
61665688f1039c4fad848853a68e28d057718ad1
c9b14113eba535a2e1a6cbbf121a818ad0204fc6dd7b2ea9b592830ab927d6d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6718
x-amzn-requestid: 662f889b-4c25-4dec-85d4-ea9dfa8b8974
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7DE5boAMF_cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-33ca99fc7b6eac8d5486d6c1;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WvNs1hPPXHBJs5rTIBqH3DbqLLX6si9jHF46KrsuT9BFB2N2V3zeUA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:06:20 GMT
age: 40939
etag: "61665688f1039c4fad848853a68e28d057718ad1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/close_button.svg
178.250.2.130200 OK 308 B URL HTTP/2 static.criteo.net/flash/icon/close_button.svg
IP 178.250.2.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 1bfe2e290ec4440da74a2e2c249eae2b
0b888a3f9e27d1554f2e21d51e7a1c223d00dbd4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
GET /flash/icon/close_button.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 09:28:39 GMT
content-type: image/svg+xml
content-length: 308
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
etag: "5e46a5e4-134"
expires: Tue, 30 Jan 2024 09:28:39 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash dbc34b5781d90d1317a548231d74126b
1ddf557488cd97faacda09389179feeb5eb51da6
6fdb284dc6affe28aa7faad2c3912b5587d0666c0c3c35250adaeee16e5465c3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3573
Cache-Control: max-age=93703
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:28:39 GMT
Etag: "63dce259-139"
Expires: Sun, 05 Feb 2023 11:30:22 GMT
Last-Modified: Fri, 03 Feb 2023 10:30:49 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash dbc34b5781d90d1317a548231d74126b
1ddf557488cd97faacda09389179feeb5eb51da6
6fdb284dc6affe28aa7faad2c3912b5587d0666c0c3c35250adaeee16e5465c3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3573
Cache-Control: max-age=93703
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:28:39 GMT
Etag: "63dce259-139"
Expires: Sun, 05 Feb 2023 11:30:22 GMT
Last-Modified: Fri, 03 Feb 2023 10:30:49 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash dbc34b5781d90d1317a548231d74126b
1ddf557488cd97faacda09389179feeb5eb51da6
6fdb284dc6affe28aa7faad2c3912b5587d0666c0c3c35250adaeee16e5465c3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3612
Cache-Control: max-age=93742
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:28:39 GMT
Etag: "63dce259-139"
Expires: Sun, 05 Feb 2023 11:31:01 GMT
Last-Modified: Fri, 03 Feb 2023 10:30:49 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
static.criteo.net/flash/icon/adchoices_en.svg
178.250.2.130200 OK 1.4 kB URL HTTP/2 static.criteo.net/flash/icon/adchoices_en.svg
IP 178.250.2.130:0
Hash 55df88f40d7c0b8a81ef1bc03227fd50
f557759afe8520d0f4593d0a3abfc70c254e9924
b5388c10d51647e6a9b53b10c251a1e5c9810e39d7fa22229d53f497abddafaa
GET /flash/icon/adchoices_en.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 09:28:39 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
etag: W/"5e42b9ee-759"
expires: Tue, 30 Jan 2024 09:28:39 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbruuns-bazaar%2F1300x1700%2Fbbw2721_cblack_vblack.jpg&v=3&w=400&s=JLjtltuDBivgXR8cKtGDBdn1&b=400
178.250.2.135200 OK 3.2 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbruuns-bazaar%2F1300x1700%2Fbbw2721_cblack_vblack.jpg&v=3&w=400&s=JLjtltuDBivgXR8cKtGDBdn1&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 218x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e1697ff0bcc765c2dd74e6893a0f3126
1098a2e8701fd6f5f483bd68f7ea901222c79456
89d7153fe548a2b56d9be604af5623933aaa9e0b99a67f13fd50cd2c088a108d
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbruuns-bazaar%2F1300x1700%2Fbbw2721_cblack_vblack.jpg&v=3&w=400&s=JLjtltuDBivgXR8cKtGDBdn1&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29991208
expires: Wed, 17 Jan 2024 12:22:08 GMT
date: Sat, 04 Feb 2023 09:28:39 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 3232
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=108&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=316&s=2pDVO8rjdWLlsM1wd8bdXUDm
178.250.2.135200 OK 2.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=108&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=316&s=2pDVO8rjdWLlsM1wd8bdXUDm
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 287x108, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fa1111eafc5a519a57dab90bf652195c
b2b462a1efe5a836d1cefe472c3bc52089e81ba3
0030c72467d93e856298b7ae6e14826618bef94ab24aee1f7aa127b33164201c
GET /img/img?h=108&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=316&s=2pDVO8rjdWLlsM1wd8bdXUDm HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30821532
expires: Sat, 27 Jan 2024 03:00:52 GMT
date: Sat, 04 Feb 2023 09:28:38 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 2948
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fvero-moda%2F1300x1700%2Fvm10247723_cbungeecord_v175619.jpg&v=3&w=400&s=DLsk6q7FtFnIOG2cgbELG0ew&b=400
178.250.2.135200 OK 8.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fvero-moda%2F1300x1700%2Fvm10247723_cbungeecord_v175619.jpg&v=3&w=400&s=DLsk6q7FtFnIOG2cgbELG0ew&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 226x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dd13efd33a6b05598a930c1299a1ae4d
7091e0aa0e7d6646d3acda054578bcf2325c5f03
338534a94cfb2803291a760fbbb37723002d06a636d59dc8379c5a45a7bfb748
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fvero-moda%2F1300x1700%2Fvm10247723_cbungeecord_v175619.jpg&v=3&w=400&s=DLsk6q7FtFnIOG2cgbELG0ew&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29989964
expires: Wed, 17 Jan 2024 12:01:24 GMT
date: Sat, 04 Feb 2023 09:28:39 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 8046
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsuperdry%2F1300x1700%2Fsdw5011411a_cthyme.jpg&v=3&w=400&s=NNpHamWx3AsmKUZ66FU2F8gv&b=400
178.250.2.135200 OK 5.1 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsuperdry%2F1300x1700%2Fsdw5011411a_cthyme.jpg&v=3&w=400&s=NNpHamWx3AsmKUZ66FU2F8gv&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 57738b40554146a6b00bab31ba78fa4d
194f2a1d690dc989aafda51b26171386f543b570
21d5520c55b1eeb6a7b7ab64d13e5080c1f3705406264c63133c61753f4bef3d
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsuperdry%2F1300x1700%2Fsdw5011411a_cthyme.jpg&v=3&w=400&s=NNpHamWx3AsmKUZ66FU2F8gv&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30852296
expires: Sat, 27 Jan 2024 11:33:36 GMT
date: Sat, 04 Feb 2023 09:28:39 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5060
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsvea%2F1300x1700%2Fsve10244_cgrey_v901.jpg&v=3&w=400&s=EXDWfrVLjwla653OTAlKHmXI&b=400
178.250.2.135200 OK 6.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsvea%2F1300x1700%2Fsve10244_cgrey_v901.jpg&v=3&w=400&s=EXDWfrVLjwla653OTAlKHmXI&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 253x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4107b3cce321d0de575e2d09ee500141
ea63bcbed38763856b3c80f6921b2e34648cc2e6
0d5fe42912025a3f0d1d9b825a59bf43a0067e6ccba06d997e75cd7b86e83347
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsvea%2F1300x1700%2Fsve10244_cgrey_v901.jpg&v=3&w=400&s=EXDWfrVLjwla653OTAlKHmXI&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31218957
expires: Wed, 31 Jan 2024 17:24:37 GMT
date: Sat, 04 Feb 2023 09:28:38 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6652
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fus-polo%2F1300x1700%2Fupo103443_cdarksapphire.jpg&v=3&w=400&s=WBfvfZXVRCJto1UjS2XystZo&b=400
178.250.2.135200 OK 4.2 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fus-polo%2F1300x1700%2Fupo103443_cdarksapphire.jpg&v=3&w=400&s=WBfvfZXVRCJto1UjS2XystZo&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 302x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1d43919195d9dabde46fab1e315337b0
d8cfa338aa7caa6b932e78f6defeb20e628ac5c2
862f422b06c0b851083e8e37523f5b338c83349d0663fe85722c3607d03eae52
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fus-polo%2F1300x1700%2Fupo103443_cdarksapphire.jpg&v=3&w=400&s=WBfvfZXVRCJto1UjS2XystZo&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30830075
expires: Sat, 27 Jan 2024 05:23:15 GMT
date: Sat, 04 Feb 2023 09:28:39 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4178
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl4204690_cterracottapink_v602.jpg&v=3&w=400&s=eTsdE5ngirMsQm_-YjZ0ubvm&b=400
178.250.2.135200 OK 7.6 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl4204690_cterracottapink_v602.jpg&v=3&w=400&s=eTsdE5ngirMsQm_-YjZ0ubvm&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 312x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 38bf6712176786be1a3887075d3d6da4
c2e5bbe325577a9e3f3cbc71658e9f2f389ad58d
6d1779becee49583f7c887a28c195101f89b47d60a668015fa939b3b32c4094c
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl4204690_cterracottapink_v602.jpg&v=3&w=400&s=eTsdE5ngirMsQm_-YjZ0ubvm&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=29104330
expires: Sun, 07 Jan 2024 06:00:50 GMT
date: Sat, 04 Feb 2023 09:28:39 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7552
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Froyal-republiq%2F1300x1700%2Frrq250186119211_cbrown.jpg&v=3&w=400&s=aoH9gbLxX5y_hDJridYnM3hE&b=400
178.250.2.135200 OK 7.3 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Froyal-republiq%2F1300x1700%2Frrq250186119211_cbrown.jpg&v=3&w=400&s=aoH9gbLxX5y_hDJridYnM3hE&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x372, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0eeda7e6493484cfb7f70b2967c08177
35b93c5f4f4652bd480397742e1d7edf02399d31
b1b70f74f765bdeacace86455a42be94b01ab5957f2fbaea09fbba672defef41
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Froyal-republiq%2F1300x1700%2Frrq250186119211_cbrown.jpg&v=3&w=400&s=aoH9gbLxX5y_hDJridYnM3hE&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30319906
expires: Sun, 21 Jan 2024 07:40:26 GMT
date: Sat, 04 Feb 2023 09:28:39 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7318
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmarkberg%2F1300x1700%2Fmb1637lis_cblackwgrey.jpg&v=3&w=400&s=gj17nEAluCUsb5vlucJ5k_9V&b=400
178.250.2.135200 OK 24 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmarkberg%2F1300x1700%2Fmb1637lis_cblackwgrey.jpg&v=3&w=400&s=gj17nEAluCUsb5vlucJ5k_9V&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x369, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9f8ab1a890349ba5c03c70b00021c528
69c08890b5125eddab7ad6d8e7c6f726b4a609e9
387f7c4b3dff992af6ee85c02c7fca42c19182fc58598663c614d39905c61220
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmarkberg%2F1300x1700%2Fmb1637lis_cblackwgrey.jpg&v=3&w=400&s=gj17nEAluCUsb5vlucJ5k_9V&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=29640972
expires: Sat, 13 Jan 2024 11:04:52 GMT
date: Sat, 04 Feb 2023 09:28:39 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 24300
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F6b2cbc591def47e4ac7422e5a028f464_800x1200_no.png&v=3&w=1200&s=4kwCGWtG0VgF6qhrkPkkj59l
178.250.2.135200 OK 84 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F6b2cbc591def47e4ac7422e5a028f464_800x1200_no.png&v=3&w=1200&s=4kwCGWtG0VgF6qhrkPkkj59l
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash babac81dc2e4da2b8343e7d76bbbb357
c89b8eaf661b9220a82f950997eaaa899dd69ea2
5ba6a375ea3c3582d4aa716da8602fb2551bc8b2dcbfc1b8f5913f49f9466e70
GET /img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F6b2cbc591def47e4ac7422e5a028f464_800x1200_no.png&v=3&w=1200&s=4kwCGWtG0VgF6qhrkPkkj59l HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30825747
expires: Sat, 27 Jan 2024 04:11:07 GMT
date: Sat, 04 Feb 2023 09:28:39 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 84090
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fea7%2F1300x1700%2Fea7pjefz3lpt46_cwhite_v1100.jpg&v=3&w=400&s=gh9isp5E4_MW7ka58Jsk-9ev&b=400
178.250.2.135200 OK 1.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fea7%2F1300x1700%2Fea7pjefz3lpt46_cwhite_v1100.jpg&v=3&w=400&s=gh9isp5E4_MW7ka58Jsk-9ev&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 351x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 259e2dfd0b2310703fc5f72b1dfd1d5a
54c5c9fdaa8ebbc74bb5c6b58b8b6f42d88dbdf7
d8ee4899428d1f75ca75a5621b2ca03ac947f9558a6f83e837bcb6298f958e22
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fea7%2F1300x1700%2Fea7pjefz3lpt46_cwhite_v1100.jpg&v=3&w=400&s=gh9isp5E4_MW7ka58Jsk-9ev&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=29545415
expires: Fri, 12 Jan 2024 08:32:15 GMT
date: Sat, 04 Feb 2023 09:28:39 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 1748
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F3%2F6353-0_1.jpg%3Fcb%3D9e62ef41a9fe4d67fe9ab2bd7379f0b4&v=3&w=400&s=jpNsu0dSyO7QcDGtVQZlrbPt&b=400
178.250.2.135200 OK 6.6 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F3%2F6353-0_1.jpg%3Fcb%3D9e62ef41a9fe4d67fe9ab2bd7379f0b4&v=3&w=400&s=jpNsu0dSyO7QcDGtVQZlrbPt&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 06ae262a2aa445904a20058747ea0822
d21523eae0cfa9d1d2543813f8065f8609082a7c
f174662e28f2feebd8ccb7bcd80e91be29e5a206726a04eb5923afb3e554a522
GET /img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F3%2F6353-0_1.jpg%3Fcb%3D9e62ef41a9fe4d67fe9ab2bd7379f0b4&v=3&w=400&s=jpNsu0dSyO7QcDGtVQZlrbPt&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30239049
expires: Sat, 20 Jan 2024 09:12:49 GMT
date: Sat, 04 Feb 2023 09:28:39 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6586
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=244&m=0&partner=12017&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F12018%2F220214%2F72055d4d681b4db89c08acff858f1b81_chanti-logo-s.jpeg&v=3&w=196&s=fYZFH-vNvgLDwoX5sYkF7zV_
178.250.2.135200 OK 1.3 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=244&m=0&partner=12017&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F12018%2F220214%2F72055d4d681b4db89c08acff858f1b81_chanti-logo-s.jpeg&v=3&w=196&s=fYZFH-vNvgLDwoX5sYkF7zV_
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 196x196, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 01f33a498f65bf4bb751def8c06a1991
dd3dc1f876dbec906a17869724b8d3284beb37cb
9e92587541f93124197e414774716e7099233aef4b4d56f4d888e9bb649b5362
GET /img/img?h=244&m=0&partner=12017&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F12018%2F220214%2F72055d4d681b4db89c08acff858f1b81_chanti-logo-s.jpeg&v=3&w=196&s=fYZFH-vNvgLDwoX5sYkF7zV_ HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29888926
expires: Tue, 16 Jan 2024 07:57:26 GMT
date: Sat, 04 Feb 2023 09:28:39 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 1298
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F4%2F847191-0_2.jpg%3Fcb%3D5e17ab43346eaea1dc743c63890367ed&v=3&w=400&s=VEFqeWT8fK9odcZRCt1KEfKv&b=400
178.250.2.135200 OK 10 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F4%2F847191-0_2.jpg%3Fcb%3D5e17ab43346eaea1dc743c63890367ed&v=3&w=400&s=VEFqeWT8fK9odcZRCt1KEfKv&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x333, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c5b4715a9d1e4acb0731dcb0d3f769af
96c5cd041d2a1d2e5fa6724485b59f508212f7cc
7321820f961282c597519e32076a3dfaefa1a994c8710f61d221f17c91410491
GET /img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F4%2F847191-0_2.jpg%3Fcb%3D5e17ab43346eaea1dc743c63890367ed&v=3&w=400&s=VEFqeWT8fK9odcZRCt1KEfKv&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30239061
expires: Sat, 20 Jan 2024 09:13:00 GMT
date: Sat, 04 Feb 2023 09:28:39 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10082
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/googlefont/opensans/opensans-400.css
178.250.2.130200 OK 13 kB URL HTTP/2 static.criteo.net/design/googlefont/opensans/opensans-400.css
IP 178.250.2.130:0
Hash c424793d2a8b7545870553d89ae4b748
1a1ffbb20413b0e3d5dc2ad6c69c9cb6396524f5
f1dbcaf66f7ececbab84a4427351ab4f0274fa5989fbf3d4498abcec1b551870
GET /design/googlefont/opensans/opensans-400.css HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 09:28:39 GMT
content-type: text/css
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
etag: W/"6391f077-9fe"
expires: Tue, 30 Jan 2024 09:28:39 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2
178.250.2.130200 OK 17 kB URL HTTP/2 static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2
IP 178.250.2.130:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /design/googlefont/opensans/opensans-400-latin.woff2 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://static.criteo.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 09:28:39 GMT
content-type: text/plain; charset=UTF-8
content-length: 16740
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
etag: "6391f077-4164"
expires: Tue, 30 Jan 2024 09:28:39 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/googlefont/opensans/opensans-700-latin.woff2
178.250.2.130200 OK 16 kB URL HTTP/2 static.criteo.net/design/googlefont/opensans/opensans-700-latin.woff2
IP 178.250.2.130:0
File type Web Open Font Format (Version 2), TrueType, length 16372, version 1.0\012- data
Hash e45478d4d6f15dafda1f25d9e0fb5fa1
52cb490cd0ee4442ede034085cda9652b206f91c
d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72
GET /design/googlefont/opensans/opensans-700-latin.woff2 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://static.criteo.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 09:28:40 GMT
content-type: text/plain; charset=UTF-8
content-length: 16372
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
etag: "6391f079-3ff4"
expires: Tue, 30 Jan 2024 09:28:40 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/googlefont/opensans/opensans-700.css
178.250.2.130200 OK 9.8 kB URL HTTP/2 static.criteo.net/design/googlefont/opensans/opensans-700.css
IP 178.250.2.130:0
Hash ad28ca11b970ecf33ae2865cd1b93df7
7d9eba8226c3b5b889493f74c089d07d1fec71f2
e527997c54fa258a223072750ee084871b995d42d63d8c8e98061aa4c5f2c4ff
GET /design/googlefont/opensans/opensans-700.css HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 09:28:39 GMT
content-type: text/css
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
etag: W/"6391f079-9fe"
expires: Tue, 30 Jan 2024 09:28:39 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F7%2F8745306-0.jpg%3Fcb%3D16a3435f560acf8f64365ada01c7a763&v=3&w=800&s=qJfLy8pkadE7DlNEsJ0pVBD0&b=400
178.250.2.135200 OK 7.4 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F7%2F8745306-0.jpg%3Fcb%3D16a3435f560acf8f64365ada01c7a763&v=3&w=800&s=qJfLy8pkadE7DlNEsJ0pVBD0&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 216x234, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f81092c6bc9f827bbb7d4a255b0300ee
21017063803692f95720f5b5c20ae59184505abf
51f8e02e34db8b5eabb9b6b7962003d5a13e5caf1a499d4cebc7955fa75c4534
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F7%2F8745306-0.jpg%3Fcb%3D16a3435f560acf8f64365ada01c7a763&v=3&w=800&s=qJfLy8pkadE7DlNEsJ0pVBD0&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30239155
expires: Sat, 20 Jan 2024 09:14:35 GMT
date: Sat, 04 Feb 2023 09:28:39 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7406
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F4%2F847191-0_2.jpg%3Fcb%3D5e17ab43346eaea1dc743c63890367ed&v=3&w=800&s=E6qIkh-ImIfwHJYi4W3zfDqo&b=400
178.250.2.135200 OK 10 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F4%2F847191-0_2.jpg%3Fcb%3D5e17ab43346eaea1dc743c63890367ed&v=3&w=800&s=E6qIkh-ImIfwHJYi4W3zfDqo&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x333, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c5b4715a9d1e4acb0731dcb0d3f769af
96c5cd041d2a1d2e5fa6724485b59f508212f7cc
7321820f961282c597519e32076a3dfaefa1a994c8710f61d221f17c91410491
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F4%2F847191-0_2.jpg%3Fcb%3D5e17ab43346eaea1dc743c63890367ed&v=3&w=800&s=E6qIkh-ImIfwHJYi4W3zfDqo&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30239060
expires: Sat, 20 Jan 2024 09:13:00 GMT
date: Sat, 04 Feb 2023 09:28:40 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10082
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F7%2F17518-0_1.jpg%3Fcb%3D4d98ee6786951bd9f15e4a0e0f5aa4d4&v=3&w=800&s=xYXr6WHnYfZ21xQiZAPNAIlX&b=400
178.250.2.135200 OK 7.8 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F7%2F17518-0_1.jpg%3Fcb%3D4d98ee6786951bd9f15e4a0e0f5aa4d4&v=3&w=800&s=xYXr6WHnYfZ21xQiZAPNAIlX&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 393x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1ec8908e561d484d026293600bf6f047
aa767098a9a645ec505a757fb82adb5fd9b932b1
21f322e20134644ea3d4ea8dfd516618cc8f6d6645b6975e48345cd374fca08e
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F7%2F17518-0_1.jpg%3Fcb%3D4d98ee6786951bd9f15e4a0e0f5aa4d4&v=3&w=800&s=xYXr6WHnYfZ21xQiZAPNAIlX&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30242076
expires: Sat, 20 Jan 2024 10:03:16 GMT
date: Sat, 04 Feb 2023 09:28:39 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7758
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F5%2F55903-0_1_1.jpg%3Fcb%3D9a04e44d34c3a9ce5890155a1367ce1e&v=3&w=800&s=EFoYZ2dRII1mnjGvAEi6wIdc&b=400
178.250.2.135200 OK 13 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F5%2F55903-0_1_1.jpg%3Fcb%3D9a04e44d34c3a9ce5890155a1367ce1e&v=3&w=800&s=EFoYZ2dRII1mnjGvAEi6wIdc&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x359, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a57b76ddc3e974be786178df14db3499
150a59e98d3ca6a1167160b8832ea6dac9fb0bdd
cf83816a0e4ca3c0fea8204a2d804c57428ffbb35628497957e1f2cd0f703796
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F5%2F55903-0_1_1.jpg%3Fcb%3D9a04e44d34c3a9ce5890155a1367ce1e&v=3&w=800&s=EFoYZ2dRII1mnjGvAEi6wIdc&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30239200
expires: Sat, 20 Jan 2024 09:15:20 GMT
date: Sat, 04 Feb 2023 09:28:39 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 12814
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F4%2F9%2F49665-0.jpg%3Fcb%3D59480ec026d2de37d435acacd6ad3c21&v=3&w=800&s=dMlarWgI4yo8gJABEioOkDFa&b=400
178.250.2.135200 OK 13 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F4%2F9%2F49665-0.jpg%3Fcb%3D59480ec026d2de37d435acacd6ad3c21&v=3&w=800&s=dMlarWgI4yo8gJABEioOkDFa&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 311x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b154188033c095143f6756eebb8a3fcf
aaddc7db9cc723c22ea1dc6b3e3db9634b14c337
56a0a5d1cd621092baf64d3bb60e297dea9ea1644cb8b04d808a533f558a9fe7
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F4%2F9%2F49665-0.jpg%3Fcb%3D59480ec026d2de37d435acacd6ad3c21&v=3&w=800&s=dMlarWgI4yo8gJABEioOkDFa&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30239364
expires: Sat, 20 Jan 2024 09:18:04 GMT
date: Sat, 04 Feb 2023 09:28:40 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 13328
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F3%2F3303206512-0.jpg%3Fcb%3De09d747a1244eed2f69ab5880f13bc2e&v=3&w=800&s=mkhCj-lACkYUycZgogv4pNQk&b=400
178.250.2.135200 OK 12 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F3%2F3303206512-0.jpg%3Fcb%3De09d747a1244eed2f69ab5880f13bc2e&v=3&w=800&s=mkhCj-lACkYUycZgogv4pNQk&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash eb6a5dfcb0d0f49419da1dab0f3113df
d2aa2f4e612f0ed5484ed2369af4b54a35d268fd
aba183445de6d42b3e95b080c79ed82462a3728090e1fe1e1e214511f5118490
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F3%2F3303206512-0.jpg%3Fcb%3De09d747a1244eed2f69ab5880f13bc2e&v=3&w=800&s=mkhCj-lACkYUycZgogv4pNQk&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30239096
expires: Sat, 20 Jan 2024 09:13:36 GMT
date: Sat, 04 Feb 2023 09:28:39 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 12032
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F3%2F234269-0.jpg%3Fcb%3D451edc24049f5cbfd48bdbe57fc34270&v=3&w=800&s=VrtlK6B0qJcFAr8UDIwKt5Yh&b=400
178.250.2.135200 OK 1.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F3%2F234269-0.jpg%3Fcb%3D451edc24049f5cbfd48bdbe57fc34270&v=3&w=800&s=VrtlK6B0qJcFAr8UDIwKt5Yh&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 160x184, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9e2cf243a29cc66b7885389d89a25d15
91248bbfac4434109f4c6e998632157d05586510
a41f5800fa2d7677d7789bdb3300c3e8d6331286041a561fcbe1027cc70c9a59
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F3%2F234269-0.jpg%3Fcb%3D451edc24049f5cbfd48bdbe57fc34270&v=3&w=800&s=VrtlK6B0qJcFAr8UDIwKt5Yh&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30239057
expires: Sat, 20 Jan 2024 09:12:57 GMT
date: Sat, 04 Feb 2023 09:28:39 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 1532
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/criteo_logo_2021.svg
178.250.2.130200 OK 7.7 kB URL HTTP/2 static.criteo.net/flash/icon/criteo_logo_2021.svg
IP 178.250.2.130:0
Hash 6ee9e59ace45fd7c47b357f13519b551
9de299540f6f630a1a3593b58db4f5abc94c0536
73fe03631a72e8798f4c911ea7dd503748608dad2b4b1e4cb0be602d1ef4bd5b
GET /flash/icon/criteo_logo_2021.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 09:28:39 GMT
content-type: image/svg+xml
last-modified: Thu, 27 May 2021 13:21:59 GMT
etag: W/"60af9cf7-891"
expires: Tue, 30 Jan 2024 09:28:39 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=100&m=0&partner=12017&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F12018%2F220214%2Fe8c42282818a4114a6e91079f2fbb54a_chanti-logo.jpeg&v=3&w=356&s=vwA1CDJCexktWEIE2f0V2ezR
178.250.2.135200 OK 2.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=100&m=0&partner=12017&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F12018%2F220214%2Fe8c42282818a4114a6e91079f2fbb54a_chanti-logo.jpeg&v=3&w=356&s=vwA1CDJCexktWEIE2f0V2ezR
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 350x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fc229770187be10180e9dad09492d51a
d78af2697628a9afaf43c29b3492f0ec195f1e24
dc7dad246041b90f3fc7eac98b5df9b2021183749a7372a41618f8c6b81973f7
GET /img/img?h=100&m=0&partner=12017&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F12018%2F220214%2Fe8c42282818a4114a6e91079f2fbb54a_chanti-logo.jpeg&v=3&w=356&s=vwA1CDJCexktWEIE2f0V2ezR HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29862570
expires: Tue, 16 Jan 2024 00:38:10 GMT
date: Sat, 04 Feb 2023 09:28:39 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 1980
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=WRiQdwEjKDNILPPHr5UpuuPrwvjhkd_N0KYoSwj6fRfaRUtU4FTir3Me-JtFgzEOVMtnO2v_1zQ6bC5_vWP0dlrTrNbyrvS-n6xkbYC6QgxRvicsCveNZx6OSXc1hVDgeTVhZJGoMu0W2vrfAd6AVFnRDg8meMF9hqpMs8ZHdQzQju3p7fgL_2i13OJIadiBGx17gOtDXgVFkWeSEBcdG2SsrVN2_2UQ_uhvbnO3OaB_7-kiUGImen7uzuH7Eh8IT-pn_zO6Gk5LZ9kt&sds=2&rev=84569&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=WRiQdwEjKDNILPPHr5UpuuPrwvjhkd_N0KYoSwj6fRfaRUtU4FTir3Me-JtFgzEOVMtnO2v_1zQ6bC5_vWP0dlrTrNbyrvS-n6xkbYC6QgxRvicsCveNZx6OSXc1hVDgeTVhZJGoMu0W2vrfAd6AVFnRDg8meMF9hqpMs8ZHdQzQju3p7fgL_2i13OJIadiBGx17gOtDXgVFkWeSEBcdG2SsrVN2_2UQ_uhvbnO3OaB_7-kiUGImen7uzuH7Eh8IT-pn_zO6Gk5LZ9kt&sds=2&rev=84569&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=WRiQdwEjKDNILPPHr5UpuuPrwvjhkd_N0KYoSwj6fRfaRUtU4FTir3Me-JtFgzEOVMtnO2v_1zQ6bC5_vWP0dlrTrNbyrvS-n6xkbYC6QgxRvicsCveNZx6OSXc1hVDgeTVhZJGoMu0W2vrfAd6AVFnRDg8meMF9hqpMs8ZHdQzQju3p7fgL_2i13OJIadiBGx17gOtDXgVFkWeSEBcdG2SsrVN2_2UQ_uhvbnO3OaB_7-kiUGImen7uzuH7Eh8IT-pn_zO6Gk5LZ9kt&sds=2&rev=84569&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 09:28:40 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F0%2F1031215-0.jpg%3Fcb%3Df68b57db3856ea49a344faf6b797533e&v=3&w=800&s=swmdobzNl-ocTPnLWSgLIKaw&b=400
178.250.2.135200 OK 15 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F0%2F1031215-0.jpg%3Fcb%3Df68b57db3856ea49a344faf6b797533e&v=3&w=800&s=swmdobzNl-ocTPnLWSgLIKaw&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 278x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3f3ec9db6768d34da1bd6dfa5c84d835
c8d5ae6ad3d4060c36a8ddff67b1000f5450c60e
3824f47468db3f487b79e9fa14f6a838b00d9852efa8dfc479565ce73534204b
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F0%2F1031215-0.jpg%3Fcb%3Df68b57db3856ea49a344faf6b797533e&v=3&w=800&s=swmdobzNl-ocTPnLWSgLIKaw&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30239244
expires: Sat, 20 Jan 2024 09:16:04 GMT
date: Sat, 04 Feb 2023 09:28:39 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 14996
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F0%2F1032020-0.jpg%3Fcb%3D46c369e276f35fffbbf19ad59415ecf5&v=3&w=800&s=H98con0lViB__IcA6ZkhA33n&b=400
178.250.2.135200 OK 12 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F0%2F1032020-0.jpg%3Fcb%3D46c369e276f35fffbbf19ad59415ecf5&v=3&w=800&s=H98con0lViB__IcA6ZkhA33n&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x362, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ad8527db58d7a39168b11caa1317dfab
c6d7c1f78808ba754befd5215a8a38cbd277ba31
b75224402588851b54c4be0242733f9e7118921cff5102dab4c534631fd2c3d9
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F0%2F1032020-0.jpg%3Fcb%3D46c369e276f35fffbbf19ad59415ecf5&v=3&w=800&s=H98con0lViB__IcA6ZkhA33n&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30240916
expires: Sat, 20 Jan 2024 09:43:56 GMT
date: Sat, 04 Feb 2023 09:28:40 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 12194
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F8%2F280229-0.jpg%3Fcb%3D4b53c52ecd296a37955016f54617d88b&v=3&w=800&s=se5weNn5jtPAK2xozgLJ8T5_&b=400
178.250.2.135200 OK 9.4 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F8%2F280229-0.jpg%3Fcb%3D4b53c52ecd296a37955016f54617d88b&v=3&w=800&s=se5weNn5jtPAK2xozgLJ8T5_&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 328x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2c05d03e72667613f383f2607b2b969a
e432af7cc070074e9f32e6881d6a7d40107bd3a8
22cdb1a8a34cbe60caf443f44897c5fab343a258760ca8534a91c9d10f891c0d
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F8%2F280229-0.jpg%3Fcb%3D4b53c52ecd296a37955016f54617d88b&v=3&w=800&s=se5weNn5jtPAK2xozgLJ8T5_&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30240772
expires: Sat, 20 Jan 2024 09:41:33 GMT
date: Sat, 04 Feb 2023 09:28:40 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9350
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F7%2F17139-0.jpg%3Fcb%3D95340639a928f363ca290796436aea92&v=3&w=800&s=xzIcE-kefA16pnQyCz6cnL_n&b=400
178.250.2.135200 OK 9.6 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F7%2F17139-0.jpg%3Fcb%3D95340639a928f363ca290796436aea92&v=3&w=800&s=xzIcE-kefA16pnQyCz6cnL_n&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 252x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0a33c111a6dcd212d2c7a9abad8b3854
b25af58787fec20a20d0b4856d52fccbe051e831
b68f301d959e67e9275e467cd1babf3fc95a41271dede870a887b09861a9afe8
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F7%2F17139-0.jpg%3Fcb%3D95340639a928f363ca290796436aea92&v=3&w=800&s=xzIcE-kefA16pnQyCz6cnL_n&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30240166
expires: Sat, 20 Jan 2024 09:31:26 GMT
date: Sat, 04 Feb 2023 09:28:40 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9610
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=72AOlAEjKDNILPPHCWiH6EYvBs875vuPNXaAlwjMcoccvMWzJM7DYf0yWxLIfGvR4DkXynMj2aD9z6jAhu0tErdlJAQFFsaxC2A8Oc3BIZoJn6-dgnA6C_7DV9-puizEqI8srudY8l8fMzqmoaf-kjl_A_Qr0ZqFbV0ZIfR3qu478q7wvUfcabIqTctcETbolO4B8orbi7EMC7VhG91z1hWMxsXCHKOa9jVJEmsZEHrPGYSj-dHPevThYwCEvTDh0_9eKQ&sds=2&rev=84569&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=72AOlAEjKDNILPPHCWiH6EYvBs875vuPNXaAlwjMcoccvMWzJM7DYf0yWxLIfGvR4DkXynMj2aD9z6jAhu0tErdlJAQFFsaxC2A8Oc3BIZoJn6-dgnA6C_7DV9-puizEqI8srudY8l8fMzqmoaf-kjl_A_Qr0ZqFbV0ZIfR3qu478q7wvUfcabIqTctcETbolO4B8orbi7EMC7VhG91z1hWMxsXCHKOa9jVJEmsZEHrPGYSj-dHPevThYwCEvTDh0_9eKQ&sds=2&rev=84569&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=72AOlAEjKDNILPPHCWiH6EYvBs875vuPNXaAlwjMcoccvMWzJM7DYf0yWxLIfGvR4DkXynMj2aD9z6jAhu0tErdlJAQFFsaxC2A8Oc3BIZoJn6-dgnA6C_7DV9-puizEqI8srudY8l8fMzqmoaf-kjl_A_Qr0ZqFbV0ZIfR3qu478q7wvUfcabIqTctcETbolO4B8orbi7EMC7VhG91z1hWMxsXCHKOa9jVJEmsZEHrPGYSj-dHPevThYwCEvTDh0_9eKQ&sds=2&rev=84569&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 09:28:39 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=RKi9fQEjKDNILPPHWifOFgqVHZMv3yMdX8l2FAyMDSmWnsLzijhkyj_5NhydQXfa17bznH82XDnBCoIUh8WAXIdczXVK8qGbS2EH4T1TXQazaNNv8mF1wIYOpKpjBe09kVQPI568pHIwEu03SyB7yAmgOg3F0KydyM-iDcLwBFrPS9DYBEMLhz-yYcEkWCVTweLFySdHY4UWzpVMC5A_5zXRPrVtClTV_jIEamjXC-lnhkAcg2N3-LiuqpPvo-e0XBIglw&sds=2&rev=84569&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=RKi9fQEjKDNILPPHWifOFgqVHZMv3yMdX8l2FAyMDSmWnsLzijhkyj_5NhydQXfa17bznH82XDnBCoIUh8WAXIdczXVK8qGbS2EH4T1TXQazaNNv8mF1wIYOpKpjBe09kVQPI568pHIwEu03SyB7yAmgOg3F0KydyM-iDcLwBFrPS9DYBEMLhz-yYcEkWCVTweLFySdHY4UWzpVMC5A_5zXRPrVtClTV_jIEamjXC-lnhkAcg2N3-LiuqpPvo-e0XBIglw&sds=2&rev=84569&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=RKi9fQEjKDNILPPHWifOFgqVHZMv3yMdX8l2FAyMDSmWnsLzijhkyj_5NhydQXfa17bznH82XDnBCoIUh8WAXIdczXVK8qGbS2EH4T1TXQazaNNv8mF1wIYOpKpjBe09kVQPI568pHIwEu03SyB7yAmgOg3F0KydyM-iDcLwBFrPS9DYBEMLhz-yYcEkWCVTweLFySdHY4UWzpVMC5A_5zXRPrVtClTV_jIEamjXC-lnhkAcg2N3-LiuqpPvo-e0XBIglw&sds=2&rev=84569&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 09:28:40 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=t4dr8AEjKDNILPPHLiz7M8tA2ffol-V8SFl0YPsfbQNYmC6CDgP6H92XPTc51vviPuno5e4b1VtwlY03UI40bufzJq1-WgCpHSPwnzlW6uD1zlyuDBVNW4bx4jIOi-yApS5mp6nJLgiHqzgm5ejACy2-WHe13rhhKNhpIyuGx6avYr-hmoauI0WB821ryl5hgASpihg8L0kqKdJZi9LbHo2MizGYWBff8_GXPiyoMGDLoPjsQ2AgE8NwNi-A5PS_37zKyg&sds=2&rev=84569&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=t4dr8AEjKDNILPPHLiz7M8tA2ffol-V8SFl0YPsfbQNYmC6CDgP6H92XPTc51vviPuno5e4b1VtwlY03UI40bufzJq1-WgCpHSPwnzlW6uD1zlyuDBVNW4bx4jIOi-yApS5mp6nJLgiHqzgm5ejACy2-WHe13rhhKNhpIyuGx6avYr-hmoauI0WB821ryl5hgASpihg8L0kqKdJZi9LbHo2MizGYWBff8_GXPiyoMGDLoPjsQ2AgE8NwNi-A5PS_37zKyg&sds=2&rev=84569&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=t4dr8AEjKDNILPPHLiz7M8tA2ffol-V8SFl0YPsfbQNYmC6CDgP6H92XPTc51vviPuno5e4b1VtwlY03UI40bufzJq1-WgCpHSPwnzlW6uD1zlyuDBVNW4bx4jIOi-yApS5mp6nJLgiHqzgm5ejACy2-WHe13rhhKNhpIyuGx6avYr-hmoauI0WB821ryl5hgASpihg8L0kqKdJZi9LbHo2MizGYWBff8_GXPiyoMGDLoPjsQ2AgE8NwNi-A5PS_37zKyg&sds=2&rev=84569&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 09:28:39 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash e194d669b4869a5fb3661deef521857d
ac3fdcb76d689b28ba218f874b7eb4fc012a68c3
7ac4a2096bf71cd7bdb9c4ebdac349ca5efe448ae8d03fef0a42565cb0365848
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5679
Cache-Control: max-age=108771
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:28:40 GMT
Etag: "63dd14fc-139"
Expires: Sun, 05 Feb 2023 15:41:31 GMT
Last-Modified: Fri, 03 Feb 2023 14:06:52 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash e194d669b4869a5fb3661deef521857d
ac3fdcb76d689b28ba218f874b7eb4fc012a68c3
7ac4a2096bf71cd7bdb9c4ebdac349ca5efe448ae8d03fef0a42565cb0365848
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5195
Cache-Control: max-age=108287
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:28:40 GMT
Etag: "63dd14fc-139"
Expires: Sun, 05 Feb 2023 15:33:27 GMT
Last-Modified: Fri, 03 Feb 2023 14:06:52 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kqnZE7OzWbQB9AOdg2ICAgAAAL4rtqWnsGcrhrp8BhBGJd5j-PKiuBgH2w4WC3oAEgAACg5BUVVCQlFZQkJRRUJCUQ&wp=Y94lRgANEPEKGU4FAAwUq7FslqyZmxOIXdctxw
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kqnZE7OzWbQB9AOdg2ICAgAAAL4rtqWnsGcrhrp8BhBGJd5j-PKiuBgH2w4WC3oAEgAACg5BUVVCQlFZQkJRRUJCUQ&wp=Y94lRgANEPEKGU4FAAwUq7FslqyZmxOIXdctxw
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kqnZE7OzWbQB9AOdg2ICAgAAAL4rtqWnsGcrhrp8BhBGJd5j-PKiuBgH2w4WC3oAEgAACg5BUVVCQlFZQkJRRUJCUQ&wp=Y94lRgANEPEKGU4FAAwUq7FslqyZmxOIXdctxw HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 215010
date: Sat, 04 Feb 2023 09:28:40 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kqnZE7OzWbQB9AOdg2ICAgAAAL4rtqWnsGcrhrp8BhBGJd5jBLRocD891Wzyze0AEgAACg5BUVVCQlFZQkJRRUJCUQ&wp=Y94lRgANEPAKGU4FAAwUq3qImJEJYGirPrH6bg
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kqnZE7OzWbQB9AOdg2ICAgAAAL4rtqWnsGcrhrp8BhBGJd5jBLRocD891Wzyze0AEgAACg5BUVVCQlFZQkJRRUJCUQ&wp=Y94lRgANEPAKGU4FAAwUq3qImJEJYGirPrH6bg
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kqnZE7OzWbQB9AOdg2ICAgAAAL4rtqWnsGcrhrp8BhBGJd5jBLRocD891Wzyze0AEgAACg5BUVVCQlFZQkJRRUJCUQ&wp=Y94lRgANEPAKGU4FAAwUq3qImJEJYGirPrH6bg HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 214650
date: Sat, 04 Feb 2023 09:28:39 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 621b586028d5acaf29b8777ca0872ce1
9d2a358576d0acab58e2eacf7765b686cee9181f
a7c99a5217e394c715679780ae1e3e60202653547212b0a4fd2efab0e1a01015
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:28:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 512 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 9b9a05cdaadefc1b404306aaa26087c6
c981db78f52f63899dc8e10feb610188c3d8a667
4e6b16006fb17c08e19bc862a505d9ae7855f126f0217f59d842254802b8d14d
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://juraganproposal.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 04 Feb 2023 09:28:40 GMT
date: Sat, 04 Feb 2023 09:28:40 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-7y1NSccfY1JvomibW6LFwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=RKi9fQEjKDNILPPHWifOFgqVHZMv3yMdX8l2FAyMDSmWnsLzijhkyj_5NhydQXfa17bznH82XDnBCoIUh8WAXIdczXVK8qGbS2EH4T1TXQazaNNv8mF1wIYOpKpjBe09kVQPI568pHIwEu03SyB7yAmgOg3F0KydyM-iDcLwBFrPS9DYBEMLhz-yYcEkWCVTweLFySdHY4UWzpVMC5A_5zXRPrVtClTV_jIEamjXC-lnhkAcg2N3-LiuqpPvo-e0XBIglw&sds=2&rev=84569&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=RKi9fQEjKDNILPPHWifOFgqVHZMv3yMdX8l2FAyMDSmWnsLzijhkyj_5NhydQXfa17bznH82XDnBCoIUh8WAXIdczXVK8qGbS2EH4T1TXQazaNNv8mF1wIYOpKpjBe09kVQPI568pHIwEu03SyB7yAmgOg3F0KydyM-iDcLwBFrPS9DYBEMLhz-yYcEkWCVTweLFySdHY4UWzpVMC5A_5zXRPrVtClTV_jIEamjXC-lnhkAcg2N3-LiuqpPvo-e0XBIglw&sds=2&rev=84569&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=RKi9fQEjKDNILPPHWifOFgqVHZMv3yMdX8l2FAyMDSmWnsLzijhkyj_5NhydQXfa17bznH82XDnBCoIUh8WAXIdczXVK8qGbS2EH4T1TXQazaNNv8mF1wIYOpKpjBe09kVQPI568pHIwEu03SyB7yAmgOg3F0KydyM-iDcLwBFrPS9DYBEMLhz-yYcEkWCVTweLFySdHY4UWzpVMC5A_5zXRPrVtClTV_jIEamjXC-lnhkAcg2N3-LiuqpPvo-e0XBIglw&sds=2&rev=84569&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 09:28:41 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=t4dr8AEjKDNILPPHLiz7M8tA2ffol-V8SFl0YPsfbQNYmC6CDgP6H92XPTc51vviPuno5e4b1VtwlY03UI40bufzJq1-WgCpHSPwnzlW6uD1zlyuDBVNW4bx4jIOi-yApS5mp6nJLgiHqzgm5ejACy2-WHe13rhhKNhpIyuGx6avYr-hmoauI0WB821ryl5hgASpihg8L0kqKdJZi9LbHo2MizGYWBff8_GXPiyoMGDLoPjsQ2AgE8NwNi-A5PS_37zKyg&sds=2&rev=84569&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=t4dr8AEjKDNILPPHLiz7M8tA2ffol-V8SFl0YPsfbQNYmC6CDgP6H92XPTc51vviPuno5e4b1VtwlY03UI40bufzJq1-WgCpHSPwnzlW6uD1zlyuDBVNW4bx4jIOi-yApS5mp6nJLgiHqzgm5ejACy2-WHe13rhhKNhpIyuGx6avYr-hmoauI0WB821ryl5hgASpihg8L0kqKdJZi9LbHo2MizGYWBff8_GXPiyoMGDLoPjsQ2AgE8NwNi-A5PS_37zKyg&sds=2&rev=84569&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=t4dr8AEjKDNILPPHLiz7M8tA2ffol-V8SFl0YPsfbQNYmC6CDgP6H92XPTc51vviPuno5e4b1VtwlY03UI40bufzJq1-WgCpHSPwnzlW6uD1zlyuDBVNW4bx4jIOi-yApS5mp6nJLgiHqzgm5ejACy2-WHe13rhhKNhpIyuGx6avYr-hmoauI0WB821ryl5hgASpihg8L0kqKdJZi9LbHo2MizGYWBff8_GXPiyoMGDLoPjsQ2AgE8NwNi-A5PS_37zKyg&sds=2&rev=84569&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 09:28:41 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=72AOlAEjKDNILPPHCWiH6EYvBs875vuPNXaAlwjMcoccvMWzJM7DYf0yWxLIfGvR4DkXynMj2aD9z6jAhu0tErdlJAQFFsaxC2A8Oc3BIZoJn6-dgnA6C_7DV9-puizEqI8srudY8l8fMzqmoaf-kjl_A_Qr0ZqFbV0ZIfR3qu478q7wvUfcabIqTctcETbolO4B8orbi7EMC7VhG91z1hWMxsXCHKOa9jVJEmsZEHrPGYSj-dHPevThYwCEvTDh0_9eKQ&sds=2&rev=84569&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=72AOlAEjKDNILPPHCWiH6EYvBs875vuPNXaAlwjMcoccvMWzJM7DYf0yWxLIfGvR4DkXynMj2aD9z6jAhu0tErdlJAQFFsaxC2A8Oc3BIZoJn6-dgnA6C_7DV9-puizEqI8srudY8l8fMzqmoaf-kjl_A_Qr0ZqFbV0ZIfR3qu478q7wvUfcabIqTctcETbolO4B8orbi7EMC7VhG91z1hWMxsXCHKOa9jVJEmsZEHrPGYSj-dHPevThYwCEvTDh0_9eKQ&sds=2&rev=84569&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=72AOlAEjKDNILPPHCWiH6EYvBs875vuPNXaAlwjMcoccvMWzJM7DYf0yWxLIfGvR4DkXynMj2aD9z6jAhu0tErdlJAQFFsaxC2A8Oc3BIZoJn6-dgnA6C_7DV9-puizEqI8srudY8l8fMzqmoaf-kjl_A_Qr0ZqFbV0ZIfR3qu478q7wvUfcabIqTctcETbolO4B8orbi7EMC7VhG91z1hWMxsXCHKOa9jVJEmsZEHrPGYSj-dHPevThYwCEvTDh0_9eKQ&sds=2&rev=84569&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 09:28:41 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy_small.svg
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy_small.svg
IP 178.250.2.130:0
GET /flash/icon/privacy_small.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 09:28:39 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
etag: W/"5e42ba84-6aa"
expires: Tue, 30 Jan 2024 09:28:39 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=7jehQ993wCs3txwqPiSRw8TATw7Rf2s7RZ_QUD9ZI3sdmdEOFjxaO4BCgsMnrFKsmq-A2GK_kWhXkadr-mjyw8MPpze4W-UR5Bk_tiVSASE8FyABNSS1SufE_egkMuvuifg34aLa7quRNYaKgRx3Kg-k-8Oi5XvbFZy5Puk5zslB5r5C-n7uqovyWj9K1cE7zAaXeiAYqIK-VBfbjPN6JSt6w-V9mV6OJVifm8Kmq55AhuzrdWMtlQRPd8rZNizDf0O0QblX_w0xEqest_ob2R3cwSVOaUm58RGZZmbvJVdlN1D-OUcpxQ_NdOVXIks8PpLJPvFhxOSn_XzxGumFILfc-PcHs4Iavcku2SyoxyORXQrVSvYXl7w8el1pJTaWaC5A5SrN4ui0Ep4ED8Jz4gVpAKXanaWpvjlEUQviHOM0OnhS
178.250.2.148200 OK 0 B URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=7jehQ993wCs3txwqPiSRw8TATw7Rf2s7RZ_QUD9ZI3sdmdEOFjxaO4BCgsMnrFKsmq-A2GK_kWhXkadr-mjyw8MPpze4W-UR5Bk_tiVSASE8FyABNSS1SufE_egkMuvuifg34aLa7quRNYaKgRx3Kg-k-8Oi5XvbFZy5Puk5zslB5r5C-n7uqovyWj9K1cE7zAaXeiAYqIK-VBfbjPN6JSt6w-V9mV6OJVifm8Kmq55AhuzrdWMtlQRPd8rZNizDf0O0QblX_w0xEqest_ob2R3cwSVOaUm58RGZZmbvJVdlN1D-OUcpxQ_NdOVXIks8PpLJPvFhxOSn_XzxGumFILfc-PcHs4Iavcku2SyoxyORXQrVSvYXl7w8el1pJTaWaC5A5SrN4ui0Ep4ED8Jz4gVpAKXanaWpvjlEUQviHOM0OnhS
IP 178.250.2.148:0
GET /delivery/lg.php?cppv=3&cpp=7jehQ993wCs3txwqPiSRw8TATw7Rf2s7RZ_QUD9ZI3sdmdEOFjxaO4BCgsMnrFKsmq-A2GK_kWhXkadr-mjyw8MPpze4W-UR5Bk_tiVSASE8FyABNSS1SufE_egkMuvuifg34aLa7quRNYaKgRx3Kg-k-8Oi5XvbFZy5Puk5zslB5r5C-n7uqovyWj9K1cE7zAaXeiAYqIK-VBfbjPN6JSt6w-V9mV6OJVifm8Kmq55AhuzrdWMtlQRPd8rZNizDf0O0QblX_w0xEqest_ob2R3cwSVOaUm58RGZZmbvJVdlN1D-OUcpxQ_NdOVXIks8PpLJPvFhxOSn_XzxGumFILfc-PcHs4Iavcku2SyoxyORXQrVSvYXl7w8el1pJTaWaC5A5SrN4ui0Ep4ED8Jz4gVpAKXanaWpvjlEUQviHOM0OnhS HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 09:28:39 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3465946
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y94lRgAM5yACHkeqAAnHjBWbBbccFEQv5p1WXg&u=%7C4Y5j4QbejY1qAROzDEv15rKxa3%2Fz%2Byc5RB5J3I5xWu0%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm0xI9yR5IIJj3vZY7sx6JmuR7bkdVg5BwzOqmnlAfHa9CuPIUkodmxOvPtmuyTH1XsqAaJh7pIfQt3XcY4hG42On9R9olTkVAd4Wagm0ckSuESNXjnwdatAk-6ghC5SmN-rvb2obEuEfKSAq67D_a-NovqftLcl5tH3SGPkPIdvPxCkh4tAzidcf5G3wvNb2k06-eY0cthrxkU7jPU6x8fWuh0_fepAyzzWPU6EYqrBP_ttSdHky4r85jl586ZXmOU6aaE3woqu7ZpRUQ5POuqvMJFBimuMERq3mZMe7K_UmEi20TQuaDEWC3s_NPl4eDXoL4QZP4BYrhzYPAdJyB07a9Ore-mp14kk2V-eicoJ783Ihml7gtGHrpgKgqAIH8dg5dB0MN7m5Fq1nz2cu28dQsuDzFQfiNI4dfCRZbCYQ0rUCPhVcpiWmahQ-6IaJsxpAJslGVagSjd3teckl2odaE832NnvLQAqgX_fWcnLXl95r0XhRn0ygfNPpahxexPXSZkKFFUttw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFOiVRiXeY6DOM6qP-cAPjI-nuA3JntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTE5NjE2Mjc3Mjg5NjY3NjXIAQmpAt5wzfFwHLI-qAMBqgTUAU_Qnqnb4eCQn7MqWGXh7AGXLqhGt8bcXeXWfYhfuaiJx10OHZSHgM4AP_984nxMFkaysOMreun8rh_fkRHHqywiYgnTdvuCvm0wIHyol9VufPvLx_-QPmqXFboWFx-sOxw7tRON0cpoS7SI3U3WoyKaCNMrc09yv7HzmXxkNUYD4U8kSiUilv_W9mDd6o3hTXypRH1vUU8dgVFMg6qANXpe5ACj71lbqspf7LzRWschgtE-KsSaErZp7tVI3ySIqB-qAbkrpNBCJHSMOvV9KSX_nJFCgAbdreKcxpuNq4sBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2bY7pXIlLLlLfl-3UFG4zeds1eVg%26client%3Dca-pub-1961627728966765%26adurl%3D
178.250.2.65200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y94lRgAM5yACHkeqAAnHjBWbBbccFEQv5p1WXg&u=%7C4Y5j4QbejY1qAROzDEv15rKxa3%2Fz%2Byc5RB5J3I5xWu0%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm0xI9yR5IIJj3vZY7sx6JmuR7bkdVg5BwzOqmnlAfHa9CuPIUkodmxOvPtmuyTH1XsqAaJh7pIfQt3XcY4hG42On9R9olTkVAd4Wagm0ckSuESNXjnwdatAk-6ghC5SmN-rvb2obEuEfKSAq67D_a-NovqftLcl5tH3SGPkPIdvPxCkh4tAzidcf5G3wvNb2k06-eY0cthrxkU7jPU6x8fWuh0_fepAyzzWPU6EYqrBP_ttSdHky4r85jl586ZXmOU6aaE3woqu7ZpRUQ5POuqvMJFBimuMERq3mZMe7K_UmEi20TQuaDEWC3s_NPl4eDXoL4QZP4BYrhzYPAdJyB07a9Ore-mp14kk2V-eicoJ783Ihml7gtGHrpgKgqAIH8dg5dB0MN7m5Fq1nz2cu28dQsuDzFQfiNI4dfCRZbCYQ0rUCPhVcpiWmahQ-6IaJsxpAJslGVagSjd3teckl2odaE832NnvLQAqgX_fWcnLXl95r0XhRn0ygfNPpahxexPXSZkKFFUttw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFOiVRiXeY6DOM6qP-cAPjI-nuA3JntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTE5NjE2Mjc3Mjg5NjY3NjXIAQmpAt5wzfFwHLI-qAMBqgTUAU_Qnqnb4eCQn7MqWGXh7AGXLqhGt8bcXeXWfYhfuaiJx10OHZSHgM4AP_984nxMFkaysOMreun8rh_fkRHHqywiYgnTdvuCvm0wIHyol9VufPvLx_-QPmqXFboWFx-sOxw7tRON0cpoS7SI3U3WoyKaCNMrc09yv7HzmXxkNUYD4U8kSiUilv_W9mDd6o3hTXypRH1vUU8dgVFMg6qANXpe5ACj71lbqspf7LzRWschgtE-KsSaErZp7tVI3ySIqB-qAbkrpNBCJHSMOvV9KSX_nJFCgAbdreKcxpuNq4sBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2bY7pXIlLLlLfl-3UFG4zeds1eVg%26client%3Dca-pub-1961627728966765%26adurl%3D
IP 178.250.2.65:0
GET /delivery/r/afr.php?z=Y94lRgAM5yACHkeqAAnHjBWbBbccFEQv5p1WXg&u=%7C4Y5j4QbejY1qAROzDEv15rKxa3%2Fz%2Byc5RB5J3I5xWu0%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm0xI9yR5IIJj3vZY7sx6JmuR7bkdVg5BwzOqmnlAfHa9CuPIUkodmxOvPtmuyTH1XsqAaJh7pIfQt3XcY4hG42On9R9olTkVAd4Wagm0ckSuESNXjnwdatAk-6ghC5SmN-rvb2obEuEfKSAq67D_a-NovqftLcl5tH3SGPkPIdvPxCkh4tAzidcf5G3wvNb2k06-eY0cthrxkU7jPU6x8fWuh0_fepAyzzWPU6EYqrBP_ttSdHky4r85jl586ZXmOU6aaE3woqu7ZpRUQ5POuqvMJFBimuMERq3mZMe7K_UmEi20TQuaDEWC3s_NPl4eDXoL4QZP4BYrhzYPAdJyB07a9Ore-mp14kk2V-eicoJ783Ihml7gtGHrpgKgqAIH8dg5dB0MN7m5Fq1nz2cu28dQsuDzFQfiNI4dfCRZbCYQ0rUCPhVcpiWmahQ-6IaJsxpAJslGVagSjd3teckl2odaE832NnvLQAqgX_fWcnLXl95r0XhRn0ygfNPpahxexPXSZkKFFUttw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFOiVRiXeY6DOM6qP-cAPjI-nuA3JntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTE5NjE2Mjc3Mjg5NjY3NjXIAQmpAt5wzfFwHLI-qAMBqgTUAU_Qnqnb4eCQn7MqWGXh7AGXLqhGt8bcXeXWfYhfuaiJx10OHZSHgM4AP_984nxMFkaysOMreun8rh_fkRHHqywiYgnTdvuCvm0wIHyol9VufPvLx_-QPmqXFboWFx-sOxw7tRON0cpoS7SI3U3WoyKaCNMrc09yv7HzmXxkNUYD4U8kSiUilv_W9mDd6o3hTXypRH1vUU8dgVFMg6qANXpe5ACj71lbqspf7LzRWschgtE-KsSaErZp7tVI3ySIqB-qAbkrpNBCJHSMOvV9KSX_nJFCgAbdreKcxpuNq4sBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2bY7pXIlLLlLfl-3UFG4zeds1eVg%26client%3Dca-pub-1961627728966765%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 09:28:38 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=WRiQdwEjKDNILPPHr5UpuuPrwvjhkd_N0KYoSwj6fRfaRUtU4FTir3Me-JtFgzEOVMtnO2v_1zQ6bC5_vWP0dlrTrNbyrvS-n6xkbYC6QgxRvicsCveNZx6OSXc1hVDgeTVhZJGoMu0W2vrfAd6AVFnRDg8meMF9hqpMs8ZHdQzQju3p7fgL_2i13OJIadiBGx17gOtDXgVFkWeSEBcdG2SsrVN2_2UQ_uhvbnO3OaB_7-kiUGImen7uzuH7Eh8IT-pn_zO6Gk5LZ9kt"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 138323258
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y94lRgANEPAKGU4FAAwUq3qImJEJYGirPrH6bg&u=%7C4Y5j4QbejY0pVJITZT3nHWF1eJqLEaCJO6Y%2FqfjJ%2FVI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm2BX1PGM944JzK1Izpb9QpWSeV0vHRz9Otl3LSmQOZux_oIGTlfxCt6ZRNTzvlelSvfb0ZQHmTlNOguhQdiVQURH96ZO0ZM-DluK3hDCmPjQzuGGrqLyS7Upa5FFDyl2feTeqLu3v5cR3Oiro-g_1BYIF9AnSgid9fztlf4-oh7ltB-Vskmw_4kqW3guWEDkobADrVVkN6VePNq1JRkYLBIjUd97RGPQpdrv7SKdnSYFxGvg_02men-L-QhWHsb78npj8epq1dd2OdkYwn4Ti8dmkU5Ao2M3REUgJG9TYiAoC6xP8_ehjpckO1GW4EYVo9B-074mBLuQhEwsi6S5i7gElw-bI6OlEJhJoN2fyXqemk8czSiuCPeRT3Touc5g_41cM0Gocmbx5Ry1hbgPryIUiKq8HFSGCVFrF2Z3gGjN1yDmghpAdsG6IVRw1sfgEi14ByYvWKdHzItHu0era9QQnZGH4jJgGxuRQdLy-cZzwyR4NLIRFXc27grJkPNybOW1TxCNJGq-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnOvPRiXeY_ChNIWcZaupsKgLyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0xOTYxNjI3NzI4OTY2NzY1yAEJqQLecM3xcByyPqgDAaoEzgFP0NHeni8HicefuDGD-k6AVJA9sBjr6TJ-xrXAplLhjbMutGM1sB9vYDIlh8OyE2eflPeSDs9Se4nwwHx6rb_ZhjQTrZK-QAUvuvK_xia3HMu2e3kl_bu8TBvzlt-5Q0K9vg2TtqGf1nub5f4funP36rPIKE2PV5dQs6movaOBzAbwsEBw32u83xbsw5XmtW1PLuauZjlgSEYk0Lg1QQXfM1W0edBEWZAqmZFW_TElf2OHLCX3gw4d51Merq457mKHYZG8dGP-eo5k2PkK2oAG-u_i7ZOvtfBRoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Yx4DJWwSqBC6URu9YfXzexsySvA%26client%3Dca-pub-1961627728966765%26adurl%3D
178.250.2.65200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y94lRgANEPAKGU4FAAwUq3qImJEJYGirPrH6bg&u=%7C4Y5j4QbejY0pVJITZT3nHWF1eJqLEaCJO6Y%2FqfjJ%2FVI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm2BX1PGM944JzK1Izpb9QpWSeV0vHRz9Otl3LSmQOZux_oIGTlfxCt6ZRNTzvlelSvfb0ZQHmTlNOguhQdiVQURH96ZO0ZM-DluK3hDCmPjQzuGGrqLyS7Upa5FFDyl2feTeqLu3v5cR3Oiro-g_1BYIF9AnSgid9fztlf4-oh7ltB-Vskmw_4kqW3guWEDkobADrVVkN6VePNq1JRkYLBIjUd97RGPQpdrv7SKdnSYFxGvg_02men-L-QhWHsb78npj8epq1dd2OdkYwn4Ti8dmkU5Ao2M3REUgJG9TYiAoC6xP8_ehjpckO1GW4EYVo9B-074mBLuQhEwsi6S5i7gElw-bI6OlEJhJoN2fyXqemk8czSiuCPeRT3Touc5g_41cM0Gocmbx5Ry1hbgPryIUiKq8HFSGCVFrF2Z3gGjN1yDmghpAdsG6IVRw1sfgEi14ByYvWKdHzItHu0era9QQnZGH4jJgGxuRQdLy-cZzwyR4NLIRFXc27grJkPNybOW1TxCNJGq-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnOvPRiXeY_ChNIWcZaupsKgLyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0xOTYxNjI3NzI4OTY2NzY1yAEJqQLecM3xcByyPqgDAaoEzgFP0NHeni8HicefuDGD-k6AVJA9sBjr6TJ-xrXAplLhjbMutGM1sB9vYDIlh8OyE2eflPeSDs9Se4nwwHx6rb_ZhjQTrZK-QAUvuvK_xia3HMu2e3kl_bu8TBvzlt-5Q0K9vg2TtqGf1nub5f4funP36rPIKE2PV5dQs6movaOBzAbwsEBw32u83xbsw5XmtW1PLuauZjlgSEYk0Lg1QQXfM1W0edBEWZAqmZFW_TElf2OHLCX3gw4d51Merq457mKHYZG8dGP-eo5k2PkK2oAG-u_i7ZOvtfBRoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Yx4DJWwSqBC6URu9YfXzexsySvA%26client%3Dca-pub-1961627728966765%26adurl%3D
IP 178.250.2.65:0
GET /delivery/r/afr.php?z=Y94lRgANEPAKGU4FAAwUq3qImJEJYGirPrH6bg&u=%7C4Y5j4QbejY0pVJITZT3nHWF1eJqLEaCJO6Y%2FqfjJ%2FVI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm2BX1PGM944JzK1Izpb9QpWSeV0vHRz9Otl3LSmQOZux_oIGTlfxCt6ZRNTzvlelSvfb0ZQHmTlNOguhQdiVQURH96ZO0ZM-DluK3hDCmPjQzuGGrqLyS7Upa5FFDyl2feTeqLu3v5cR3Oiro-g_1BYIF9AnSgid9fztlf4-oh7ltB-Vskmw_4kqW3guWEDkobADrVVkN6VePNq1JRkYLBIjUd97RGPQpdrv7SKdnSYFxGvg_02men-L-QhWHsb78npj8epq1dd2OdkYwn4Ti8dmkU5Ao2M3REUgJG9TYiAoC6xP8_ehjpckO1GW4EYVo9B-074mBLuQhEwsi6S5i7gElw-bI6OlEJhJoN2fyXqemk8czSiuCPeRT3Touc5g_41cM0Gocmbx5Ry1hbgPryIUiKq8HFSGCVFrF2Z3gGjN1yDmghpAdsG6IVRw1sfgEi14ByYvWKdHzItHu0era9QQnZGH4jJgGxuRQdLy-cZzwyR4NLIRFXc27grJkPNybOW1TxCNJGq-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnOvPRiXeY_ChNIWcZaupsKgLyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0xOTYxNjI3NzI4OTY2NzY1yAEJqQLecM3xcByyPqgDAaoEzgFP0NHeni8HicefuDGD-k6AVJA9sBjr6TJ-xrXAplLhjbMutGM1sB9vYDIlh8OyE2eflPeSDs9Se4nwwHx6rb_ZhjQTrZK-QAUvuvK_xia3HMu2e3kl_bu8TBvzlt-5Q0K9vg2TtqGf1nub5f4funP36rPIKE2PV5dQs6movaOBzAbwsEBw32u83xbsw5XmtW1PLuauZjlgSEYk0Lg1QQXfM1W0edBEWZAqmZFW_TElf2OHLCX3gw4d51Merq457mKHYZG8dGP-eo5k2PkK2oAG-u_i7ZOvtfBRoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Yx4DJWwSqBC6URu9YfXzexsySvA%26client%3Dca-pub-1961627728966765%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 09:28:38 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=72AOlAEjKDNILPPHCWiH6EYvBs875vuPNXaAlwjMcoccvMWzJM7DYf0yWxLIfGvR4DkXynMj2aD9z6jAhu0tErdlJAQFFsaxC2A8Oc3BIZoJn6-dgnA6C_7DV9-puizEqI8srudY8l8fMzqmoaf-kjl_A_Qr0ZqFbV0ZIfR3qu478q7wvUfcabIqTctcETbolO4B8orbi7EMC7VhG91z1hWMxsXCHKOa9jVJEmsZEHrPGYSj-dHPevThYwCEvTDh0_9eKQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 109206742
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy.svg
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy.svg
IP 178.250.2.130:0
GET /flash/icon/privacy.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 09:28:39 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
etag: W/"5e4d1491-646"
expires: Tue, 30 Jan 2024 09:28:39 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Ruqb7HxNsy-yKT2QHB61fxqL7Wi4SFtpOZmFz_w1fY6U3dAUDcb5gA6wjA3IKdwzsj2K_DwmJBKK6XOzWOWjEScTyBcfjbfoYh6Ae28uqNQ8GE8UbrEAHxouBQRCAIrBkOzDAdy_NPDKElFHPOAUKccQF-hXYCjBrf5Tp_aM4AxlGNY8fQTEQN91J-38wxJUjOFYh8GTPjXwUewRuQ2GMkTxWFrQxonFB_5TLpGHnl-eRw_upDMlPlg1HLSHepIHXZv-M1EXHPE4gAX-FbWoEP2bWtrcv4W6234d0nwca5Ap06zlppRxjM5Jbx-dZybcmLgaeZ3AB4Cth02p0bGsokHDSGNpkyGq9mDcpemYFD5EAe-RUkLR4zhU1V4y6wxzJoc8RwAF8NnEMJLBiEfsgru2pyCeukKmowjGOm0J_fRbn_Ik
178.250.2.148200 OK 0 B URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Ruqb7HxNsy-yKT2QHB61fxqL7Wi4SFtpOZmFz_w1fY6U3dAUDcb5gA6wjA3IKdwzsj2K_DwmJBKK6XOzWOWjEScTyBcfjbfoYh6Ae28uqNQ8GE8UbrEAHxouBQRCAIrBkOzDAdy_NPDKElFHPOAUKccQF-hXYCjBrf5Tp_aM4AxlGNY8fQTEQN91J-38wxJUjOFYh8GTPjXwUewRuQ2GMkTxWFrQxonFB_5TLpGHnl-eRw_upDMlPlg1HLSHepIHXZv-M1EXHPE4gAX-FbWoEP2bWtrcv4W6234d0nwca5Ap06zlppRxjM5Jbx-dZybcmLgaeZ3AB4Cth02p0bGsokHDSGNpkyGq9mDcpemYFD5EAe-RUkLR4zhU1V4y6wxzJoc8RwAF8NnEMJLBiEfsgru2pyCeukKmowjGOm0J_fRbn_Ik
IP 178.250.2.148:0
GET /delivery/lg.php?cppv=3&cpp=Ruqb7HxNsy-yKT2QHB61fxqL7Wi4SFtpOZmFz_w1fY6U3dAUDcb5gA6wjA3IKdwzsj2K_DwmJBKK6XOzWOWjEScTyBcfjbfoYh6Ae28uqNQ8GE8UbrEAHxouBQRCAIrBkOzDAdy_NPDKElFHPOAUKccQF-hXYCjBrf5Tp_aM4AxlGNY8fQTEQN91J-38wxJUjOFYh8GTPjXwUewRuQ2GMkTxWFrQxonFB_5TLpGHnl-eRw_upDMlPlg1HLSHepIHXZv-M1EXHPE4gAX-FbWoEP2bWtrcv4W6234d0nwca5Ap06zlppRxjM5Jbx-dZybcmLgaeZ3AB4Cth02p0bGsokHDSGNpkyGq9mDcpemYFD5EAe-RUkLR4zhU1V4y6wxzJoc8RwAF8NnEMJLBiEfsgru2pyCeukKmowjGOm0J_fRbn_Ik HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 09:28:39 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1734666
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y94lRgANEPIKGU4FAAwUq0XYBq2VOSiIJCUq0A&u=%7C4Y5j4QbejY0f0%2FgVLHdcjvd1bIx9enhGgBb6jRfBiQg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUAuabbKvlotkQOlWSrUssLY7gtmU85ixvb2TUrnoXOlNcxjA-tlrhkeUB3ok2MmJuDbeMjef7sPwERV_G7Nh0LWsUfQO1dOISBFp82acdHw-_L3VSc3aBlX0zPi_LwcQwciFjjrnflqlKiwVuLC1snd1BEj0-jwWY6C2TLpRQiDL8AVm-sTXFrixDF-4sDBPBtxokTfQ4tqh_8c6sEqdb5IzcNuUMdUHLlSDvxYvwGj859yrYew390l0hdQ6Z3XHEmf_HO89Jr-pX906rkvT8LwHNNoKeos8mN3Q8R0KvNwQyoya3p9Ex8cbfXJdON0bM7cXbbB68a6JAusCbFK_qrNPnxlI7eWETrDj-cyI8m0nlkHrsVAm_YU8i4AiHLU0zH1h7XyLcm8Y_L4XbukMAnhvFK_G4hGMSyH3ehfxMOLYbhA47ET4TUs_2WdMDbxMXyvtV9JtxmMpxYsvEzOCzautHoqt_27D-afUxvndqCT1WRMXzGyuQrbMUrWd2ZFtzg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCNjhRiXeY_KhNIWcZaupsKgLyZ7SsVy96ZX3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0xOTYxNjI3NzI4OTY2NzY1yAEJqQLecM3xcByyPqgDAaoE0AFP0DT_nEgVXWR0iZz3P9_Sj5CClpDogq-3VNrsIKxQnXoYsvDjH9srFiXh5-2PspbE7UY4qO-VDMwuIXRDKZmwwgphV9POWTesB5O9lvbhBivL7FZLNY5e3RqkQlA_vIMd76CWt_olYT6G1cYzsCGRPKqHLuWeuTX7E8J_QzPNfI40S91eI623w5N6AO_of7uAYBBBzc6LD6fEcLQSU13hsSJirK-w4Lqc54e3lBa8Rt9l34zDDwnf2IluorkNCLvq-0n3HbzSv9cn_zkvreKPgAb67-Ltk6-18FGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2bsGOsj01v8XhLhYzOtrLSksB3Nw%26client%3Dca-pub-1961627728966765%26adurl%3D
178.250.2.65200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y94lRgANEPIKGU4FAAwUq0XYBq2VOSiIJCUq0A&u=%7C4Y5j4QbejY0f0%2FgVLHdcjvd1bIx9enhGgBb6jRfBiQg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUAuabbKvlotkQOlWSrUssLY7gtmU85ixvb2TUrnoXOlNcxjA-tlrhkeUB3ok2MmJuDbeMjef7sPwERV_G7Nh0LWsUfQO1dOISBFp82acdHw-_L3VSc3aBlX0zPi_LwcQwciFjjrnflqlKiwVuLC1snd1BEj0-jwWY6C2TLpRQiDL8AVm-sTXFrixDF-4sDBPBtxokTfQ4tqh_8c6sEqdb5IzcNuUMdUHLlSDvxYvwGj859yrYew390l0hdQ6Z3XHEmf_HO89Jr-pX906rkvT8LwHNNoKeos8mN3Q8R0KvNwQyoya3p9Ex8cbfXJdON0bM7cXbbB68a6JAusCbFK_qrNPnxlI7eWETrDj-cyI8m0nlkHrsVAm_YU8i4AiHLU0zH1h7XyLcm8Y_L4XbukMAnhvFK_G4hGMSyH3ehfxMOLYbhA47ET4TUs_2WdMDbxMXyvtV9JtxmMpxYsvEzOCzautHoqt_27D-afUxvndqCT1WRMXzGyuQrbMUrWd2ZFtzg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCNjhRiXeY_KhNIWcZaupsKgLyZ7SsVy96ZX3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0xOTYxNjI3NzI4OTY2NzY1yAEJqQLecM3xcByyPqgDAaoE0AFP0DT_nEgVXWR0iZz3P9_Sj5CClpDogq-3VNrsIKxQnXoYsvDjH9srFiXh5-2PspbE7UY4qO-VDMwuIXRDKZmwwgphV9POWTesB5O9lvbhBivL7FZLNY5e3RqkQlA_vIMd76CWt_olYT6G1cYzsCGRPKqHLuWeuTX7E8J_QzPNfI40S91eI623w5N6AO_of7uAYBBBzc6LD6fEcLQSU13hsSJirK-w4Lqc54e3lBa8Rt9l34zDDwnf2IluorkNCLvq-0n3HbzSv9cn_zkvreKPgAb67-Ltk6-18FGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2bsGOsj01v8XhLhYzOtrLSksB3Nw%26client%3Dca-pub-1961627728966765%26adurl%3D
IP 178.250.2.65:0
GET /delivery/r/afr.php?z=Y94lRgANEPIKGU4FAAwUq0XYBq2VOSiIJCUq0A&u=%7C4Y5j4QbejY0f0%2FgVLHdcjvd1bIx9enhGgBb6jRfBiQg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUAuabbKvlotkQOlWSrUssLY7gtmU85ixvb2TUrnoXOlNcxjA-tlrhkeUB3ok2MmJuDbeMjef7sPwERV_G7Nh0LWsUfQO1dOISBFp82acdHw-_L3VSc3aBlX0zPi_LwcQwciFjjrnflqlKiwVuLC1snd1BEj0-jwWY6C2TLpRQiDL8AVm-sTXFrixDF-4sDBPBtxokTfQ4tqh_8c6sEqdb5IzcNuUMdUHLlSDvxYvwGj859yrYew390l0hdQ6Z3XHEmf_HO89Jr-pX906rkvT8LwHNNoKeos8mN3Q8R0KvNwQyoya3p9Ex8cbfXJdON0bM7cXbbB68a6JAusCbFK_qrNPnxlI7eWETrDj-cyI8m0nlkHrsVAm_YU8i4AiHLU0zH1h7XyLcm8Y_L4XbukMAnhvFK_G4hGMSyH3ehfxMOLYbhA47ET4TUs_2WdMDbxMXyvtV9JtxmMpxYsvEzOCzautHoqt_27D-afUxvndqCT1WRMXzGyuQrbMUrWd2ZFtzg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCNjhRiXeY_KhNIWcZaupsKgLyZ7SsVy96ZX3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0xOTYxNjI3NzI4OTY2NzY1yAEJqQLecM3xcByyPqgDAaoE0AFP0DT_nEgVXWR0iZz3P9_Sj5CClpDogq-3VNrsIKxQnXoYsvDjH9srFiXh5-2PspbE7UY4qO-VDMwuIXRDKZmwwgphV9POWTesB5O9lvbhBivL7FZLNY5e3RqkQlA_vIMd76CWt_olYT6G1cYzsCGRPKqHLuWeuTX7E8J_QzPNfI40S91eI623w5N6AO_of7uAYBBBzc6LD6fEcLQSU13hsSJirK-w4Lqc54e3lBa8Rt9l34zDDwnf2IluorkNCLvq-0n3HbzSv9cn_zkvreKPgAb67-Ltk6-18FGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2bsGOsj01v8XhLhYzOtrLSksB3Nw%26client%3Dca-pub-1961627728966765%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 09:28:39 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=RKi9fQEjKDNILPPHWifOFgqVHZMv3yMdX8l2FAyMDSmWnsLzijhkyj_5NhydQXfa17bznH82XDnBCoIUh8WAXIdczXVK8qGbS2EH4T1TXQazaNNv8mF1wIYOpKpjBe09kVQPI568pHIwEu03SyB7yAmgOg3F0KydyM-iDcLwBFrPS9DYBEMLhz-yYcEkWCVTweLFySdHY4UWzpVMC5A_5zXRPrVtClTV_jIEamjXC-lnhkAcg2N3-LiuqpPvo-e0XBIglw"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 88391529
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y94lRgANEPEKGU4FAAwUq7FslqyZmxOIXdctxw&u=%7C4Y5j4QbejY1sJfkkZaN6kaNYBOTPwwC7CKO86G%2BnMfY%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm2BX1PGM944JzK1Izpb9QpWSeV0vHRz9OuTb_X_lNigdIdJBIxFBFFgyL6Kpe4i5RwVSm-EHf4gFOWQfmCfkIW6YOM-AkzN9jf_lg5XiiUyZt9l2v_C_cAwN2RL8pO0fBfBimaS7CIzRT3vblD9cej2pw9ECGjovfkDpqLIdmzdqy_WCeOzOajYPR3P6k0l4yQvB2fNxy2nVUAl48KfDhDe1BWKtgBICRgfe8N461nXzvOgrZruJpvoOMgSr2gUs1zvtRp8yiWPWG12py72u3Cj_S_qXOmC_Hgynemzf8aFS70OAD5c1Q_Z8ZBa0u73OIp5PgcoS1UzSjjIEiSqTHbmgplXLW1U2Phqw57QPPT0Fp0ZGlHLfnJnBn3E6qu0wD5WYjwQP0dcAcscYXTVdP6Gl2ZciWDPaqG8XRGIOv6nRMomB7aPpJF_fcuvFnWgMi8rMQcdBZuJPzUmHSVCQLUr1_TTiEj1DyCnZbLHvhDlOZuWOr7umwOTlxA4bSeBHDfNLwEPb7JgYYlBtO1RlnvH&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwdtRRiXeY_GhNIWcZaupsKgLyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0xOTYxNjI3NzI4OTY2NzY1yAEJqQLecM3xcByyPqgDAaoEzgFP0L53bhFm9JHjOp9Qe1UPxcCJgoNyQynA0jjxsE9TSdGSTV6lkILzaRzJ8WwHAGDqP4RX0raskjDM8aki0hectYcF-oLM6jktYfKOOsCI2I1jZTslx3omFXEu1T31yxJRx4BLS-QQGctYBg3S6CqeP92iNlPKRBk8kwJ2c0TTDqEAOCyU_d0NKmwvdiGdB5C32NbrHj1Lfr4c4hLYhpMjuoZSDAPmUOAqd2q5AHEj77pmnZG6gKbhjab5GeoLApaZaQle0_IQnG8U1Avas4AG-u_i7ZOvtfBRoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Il9TTuZaCLeYn6nEYpgTSbt7VYw%26client%3Dca-pub-1961627728966765%26adurl%3D
178.250.2.65200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y94lRgANEPEKGU4FAAwUq7FslqyZmxOIXdctxw&u=%7C4Y5j4QbejY1sJfkkZaN6kaNYBOTPwwC7CKO86G%2BnMfY%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm2BX1PGM944JzK1Izpb9QpWSeV0vHRz9OuTb_X_lNigdIdJBIxFBFFgyL6Kpe4i5RwVSm-EHf4gFOWQfmCfkIW6YOM-AkzN9jf_lg5XiiUyZt9l2v_C_cAwN2RL8pO0fBfBimaS7CIzRT3vblD9cej2pw9ECGjovfkDpqLIdmzdqy_WCeOzOajYPR3P6k0l4yQvB2fNxy2nVUAl48KfDhDe1BWKtgBICRgfe8N461nXzvOgrZruJpvoOMgSr2gUs1zvtRp8yiWPWG12py72u3Cj_S_qXOmC_Hgynemzf8aFS70OAD5c1Q_Z8ZBa0u73OIp5PgcoS1UzSjjIEiSqTHbmgplXLW1U2Phqw57QPPT0Fp0ZGlHLfnJnBn3E6qu0wD5WYjwQP0dcAcscYXTVdP6Gl2ZciWDPaqG8XRGIOv6nRMomB7aPpJF_fcuvFnWgMi8rMQcdBZuJPzUmHSVCQLUr1_TTiEj1DyCnZbLHvhDlOZuWOr7umwOTlxA4bSeBHDfNLwEPb7JgYYlBtO1RlnvH&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwdtRRiXeY_GhNIWcZaupsKgLyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0xOTYxNjI3NzI4OTY2NzY1yAEJqQLecM3xcByyPqgDAaoEzgFP0L53bhFm9JHjOp9Qe1UPxcCJgoNyQynA0jjxsE9TSdGSTV6lkILzaRzJ8WwHAGDqP4RX0raskjDM8aki0hectYcF-oLM6jktYfKOOsCI2I1jZTslx3omFXEu1T31yxJRx4BLS-QQGctYBg3S6CqeP92iNlPKRBk8kwJ2c0TTDqEAOCyU_d0NKmwvdiGdB5C32NbrHj1Lfr4c4hLYhpMjuoZSDAPmUOAqd2q5AHEj77pmnZG6gKbhjab5GeoLApaZaQle0_IQnG8U1Avas4AG-u_i7ZOvtfBRoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Il9TTuZaCLeYn6nEYpgTSbt7VYw%26client%3Dca-pub-1961627728966765%26adurl%3D
IP 178.250.2.65:0
GET /delivery/r/afr.php?z=Y94lRgANEPEKGU4FAAwUq7FslqyZmxOIXdctxw&u=%7C4Y5j4QbejY1sJfkkZaN6kaNYBOTPwwC7CKO86G%2BnMfY%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm2BX1PGM944JzK1Izpb9QpWSeV0vHRz9OuTb_X_lNigdIdJBIxFBFFgyL6Kpe4i5RwVSm-EHf4gFOWQfmCfkIW6YOM-AkzN9jf_lg5XiiUyZt9l2v_C_cAwN2RL8pO0fBfBimaS7CIzRT3vblD9cej2pw9ECGjovfkDpqLIdmzdqy_WCeOzOajYPR3P6k0l4yQvB2fNxy2nVUAl48KfDhDe1BWKtgBICRgfe8N461nXzvOgrZruJpvoOMgSr2gUs1zvtRp8yiWPWG12py72u3Cj_S_qXOmC_Hgynemzf8aFS70OAD5c1Q_Z8ZBa0u73OIp5PgcoS1UzSjjIEiSqTHbmgplXLW1U2Phqw57QPPT0Fp0ZGlHLfnJnBn3E6qu0wD5WYjwQP0dcAcscYXTVdP6Gl2ZciWDPaqG8XRGIOv6nRMomB7aPpJF_fcuvFnWgMi8rMQcdBZuJPzUmHSVCQLUr1_TTiEj1DyCnZbLHvhDlOZuWOr7umwOTlxA4bSeBHDfNLwEPb7JgYYlBtO1RlnvH&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwdtRRiXeY_GhNIWcZaupsKgLyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0xOTYxNjI3NzI4OTY2NzY1yAEJqQLecM3xcByyPqgDAaoEzgFP0L53bhFm9JHjOp9Qe1UPxcCJgoNyQynA0jjxsE9TSdGSTV6lkILzaRzJ8WwHAGDqP4RX0raskjDM8aki0hectYcF-oLM6jktYfKOOsCI2I1jZTslx3omFXEu1T31yxJRx4BLS-QQGctYBg3S6CqeP92iNlPKRBk8kwJ2c0TTDqEAOCyU_d0NKmwvdiGdB5C32NbrHj1Lfr4c4hLYhpMjuoZSDAPmUOAqd2q5AHEj77pmnZG6gKbhjab5GeoLApaZaQle0_IQnG8U1Avas4AG-u_i7ZOvtfBRoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Il9TTuZaCLeYn6nEYpgTSbt7VYw%26client%3Dca-pub-1961627728966765%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 09:28:38 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=t4dr8AEjKDNILPPHLiz7M8tA2ffol-V8SFl0YPsfbQNYmC6CDgP6H92XPTc51vviPuno5e4b1VtwlY03UI40bufzJq1-WgCpHSPwnzlW6uD1zlyuDBVNW4bx4jIOi-yApS5mp6nJLgiHqzgm5ejACy2-WHe13rhhKNhpIyuGx6avYr-hmoauI0WB821ryl5hgASpihg8L0kqKdJZi9LbHo2MizGYWBff8_GXPiyoMGDLoPjsQ2AgE8NwNi-A5PS_37zKyg"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 137207418
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2