best-proxylist.blogspot.mx/2012_12_01_archive.html
302 Moved Temporarily 200 B URL HTTP/1.1 best-proxylist.blogspot.mx/2012_12_01_archive.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash c4d41d1c7daaa0469c2e29a512420494
708d09f76bc2561da1242d234f54030368ed57ae
60c95ed0461fdaefde803d29a64fbaca1ae8974d0d006cc803bde130465c7a03
Analyzer Verdict Alert fortinet Malware
GET /2012_12_01_archive.html HTTP/1.1
Host: best-proxylist.blogspot.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://best-proxylist.blogspot.com/2012_12_01_archive.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Wed, 14 Dec 2022 15:01:35 GMT
Expires: Wed, 14 Dec 2022 15:01:35 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 200
Server: GSE
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3c0c53379f331e934f61070074d41035
420f6e542cbf741838566f22e475a80e2f600d21
4b7213ec107cdf1c2cd61a124453fb682ec291af0004d071105c87e2fe7528f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B7213EC107CDF1C2CD61A124453FB682EC291AF0004D071105C87E2FE7528F5"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10351
Expires: Wed, 14 Dec 2022 17:54:07 GMT
Date: Wed, 14 Dec 2022 15:01:36 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 555d8608594803d49eeb9581c6b70702
d01e0201e0ba0cf751ef97226620338a853bc635
2885cdac311a30161a8ac9ef8e54c788afafd4f86ed197a651fc6d8bda077908
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2885CDAC311A30161A8AC9EF8E54C788AFAFD4F86ED197A651FC6D8BDA077908"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3870
Expires: Wed, 14 Dec 2022 16:06:06 GMT
Date: Wed, 14 Dec 2022 15:01:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 14 Dec 2022 14:33:49 GMT
content-type: application/json
age: 1667
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 51bd0cc75ed746fd33c950eb12936b7e
4a1007ea6c6e4f5e8b4a7d1f85f7a3e329dc8f50
188d4a0d544f40048dc7476cb4f5e478f1eb49a8ef1d51699fb155d2ae258655
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "188D4A0D544F40048DC7476CB4F5E478F1EB49A8EF1D51699FB155D2AE258655"
Last-Modified: Tue, 13 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15932
Expires: Wed, 14 Dec 2022 19:27:08 GMT
Date: Wed, 14 Dec 2022 15:01:36 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: JL35ZiFvRxw97icAQHTOkPrPRP8MI+8CGMhSdYBQWr3br/S7q+QdPGBXpxeGAfHaDptbGsgJFoM=
x-amz-request-id: KS3V6MX5D0ZTV3E2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 14 Dec 2022 14:52:24 GMT
age: 552
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 15:01:36 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 14 Dec 2022 14:07:58 GMT
age: 3218
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 210b7a2584ae55362c4b582e325f37f7
5f1982f961f1c5db96bbb66af075bab3cb535963
cb3767debad90cb8a34ce287de194cdb2a4f7146e7b51560fd2e0eb11fbfbc2f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 413
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:36 GMT
Etag: "63999230-1d7"
Last-Modified: Wed, 14 Dec 2022 14:54:43 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: L8PATxBQbJpwzauoMP3sKw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RZbnEvcXjmCDaLn7MpziyACqNzg=
pagead2.googlesyndication.com/pagead/show_ads.js
200 OK 36 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/show_ads.js
IP
File type ASCII text, with very long lines (3577)
Hash 10cba609437358046dbb55547cc00502
e9f89c5336feb24f8b4cf8f4d161510a2f196bbe
16144f6777d30a83a13160799263fa8f2e19ec9b8d45af4624c417c3050fc886
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Wed, 14 Dec 2022 15:01:37 GMT
Expires: Wed, 14 Dec 2022 15:01:37 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 1976430232238013469
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 36187
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f833cfd77e55de148e0bec43c0d190e9
1beff09149aba5449fce4ccb58d2d1ce635cbd49
21bb27e197293f902a7d80edeb7fdf91b7a8c1725718eb76bcbe7c8a0ee7c373
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 00f0cd16a4285109b0d728642f1d1df3
833e9fa9eb60302f3f4c0370e52b533befd2e2e2
748e2cfb115a307c593b875812af31efbc2310a2b4309bf35091f9af98dfb980
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 00f0cd16a4285109b0d728642f1d1df3
833e9fa9eb60302f3f4c0370e52b533befd2e2e2
748e2cfb115a307c593b875812af31efbc2310a2b4309bf35091f9af98dfb980
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Wed, 14 Dec 2022 15:01:37 GMT
expires: Wed, 14 Dec 2022 15:01:37 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/img/icon18_email.gif
200 OK 164 B URL HTTP/2 resources.blogblog.com/img/icon18_email.gif
IP
File type GIF image data, version 89a, 18 x 13\012- data
Hash 36b9f993db1b953f3b9b08040aaf9af4
18248661b307586dc291fd2dff4bb59cf7579475
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
GET /img/icon18_email.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 14:19:22 GMT
expires: Tue, 20 Dec 2022 14:19:22 GMT
cache-control: public, max-age=604800
last-modified: Mon, 12 Dec 2022 12:50:23 GMT
content-type: image/gif
age: 88935
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 14:01:44 GMT
expires: Wed, 13 Dec 2023 14:01:44 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Dec 2022 06:58:47 GMT
content-type: text/css
age: 89993
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 00f0cd16a4285109b0d728642f1d1df3
833e9fa9eb60302f3f4c0370e52b533befd2e2e2
748e2cfb115a307c593b875812af31efbc2310a2b4309bf35091f9af98dfb980
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Wed, 14 Dec 2022 08:17:26 GMT
Expires: Wed, 28 Dec 2022 08:17:26 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Age: 24251
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f340e8485c80338c159be2ac5f8050c5
704f9da662775b15315248a59353c9af39a1ef0e
2197d905b6847b6ae4eb8b90be3edb8ed0e6c809208590d3a59559e8fce99f8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 00f0cd16a4285109b0d728642f1d1df3
833e9fa9eb60302f3f4c0370e52b533befd2e2e2
748e2cfb115a307c593b875812af31efbc2310a2b4309bf35091f9af98dfb980
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
200 OK 58 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP
File type ASCII text, with very long lines (580)
Hash 813b15c3004464f6bd39fd0773b04757
bd2218fe1e647f61132aad70d29cd91fd0416f26
446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:14 GMT
expires: Sat, 09 Dec 2023 13:33:14 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
age: 437303
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
best-proxylist.blogspot.com/2012_12_01_archive.html
200 OK 45 kB URL HTTP/1.1 best-proxylist.blogspot.com/2012_12_01_archive.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5651)
Hash c089ff5d9450de5e9026fa72c04389e0
b62aaff030776598066c128cba1f79863891a531
1bbe6d911cf29b9b64996ff86470ec3cfc4af3e447ac17dca962085f006fb0ec
Analyzer Verdict Alert fortinet Malware
GET /2012_12_01_archive.html HTTP/1.1
Host: best-proxylist.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Wed, 14 Dec 2022 15:01:37 GMT
Date: Wed, 14 Dec 2022 15:01:37 GMT
Cache-Control: private, max-age=0
Last-Modified: Sun, 27 Nov 2022 11:12:58 GMT
ETag: W/"3f55650ad5de9d30b77f25c2af989863e35e69749f6ded0381b079aec994b9d1"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 44987
Server: GSE
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0433fbd1fce23a4ef7cc57d125978157
ea3a6ab371fde7b300a6c8f7717ce928dd270a4a
78512d3a66d775eebb884c20bb79fda3f374295ef224d13c63bc29eea64bd996
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
best-proxylist.blogspot.com/js/cookienotice.js
200 OK 2.0 kB URL HTTP/1.1 best-proxylist.blogspot.com/js/cookienotice.js
IP
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: best-proxylist.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/2012_12_01_archive.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 05:25:41 GMT
Expires: Thu, 15 Dec 2022 05:25:41 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 07 Dec 2022 20:54:14 GMT
Content-Type: text/javascript
Age: 552956
www.blogger.com/dyn-css/authorization.css?targetBlogID=8405251274239367815&zx=837cd1a2-9d60-44f6-8060-e287125b51be
200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=8405251274239367815&zx=837cd1a2-9d60-44f6-8060-e287125b51be
IP
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=8405251274239367815&zx=837cd1a2-9d60-44f6-8060-e287125b51be HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 14 Dec 2022 15:01:37 GMT
last-modified: Wed, 14 Dec 2022 15:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=pub-8116085563943069&plah=best-proxylist.blogspot.com
200 OK 120 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=pub-8116085563943069&plah=best-proxylist.blogspot.com
IP
File type ASCII text, with very long lines (5918)
Size 120 kB (119959 bytes)
Hash 8190596a6bbfb803187cb90f873f0804
6e982b632ea4db981e14c54c0082e4a316254648
884d3c3494ec3ed44342ba25fe2e89b2c55b01e6598385cd1942566f92587613
GET /pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=pub-8116085563943069&plah=best-proxylist.blogspot.com HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 14 Dec 2022 15:01:37 GMT
expires: Wed, 14 Dec 2022 15:01:37 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 3338792349518308061
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 119959
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0433fbd1fce23a4ef7cc57d125978157
ea3a6ab371fde7b300a6c8f7717ce928dd270a4a
78512d3a66d775eebb884c20bb79fda3f374295ef224d13c63bc29eea64bd996
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bcc65d6ecbe203fe5317edb80cf75446
de2608795465b2586373b6ac532eb406cffaa47b
6c2e330e67eb0b47ba01beeff54f264ab618ed7797bc181152d2f36d9f9f2d58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=best-proxylist.blogspot.com&callback=_gfp_s_&client=pub-8116085563943069&gpid_exp=1
200 OK 251 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=best-proxylist.blogspot.com&callback=_gfp_s_&client=pub-8116085563943069&gpid_exp=1
IP
File type ASCII text, with very long lines (391), with no line terminators
Hash 0495fd7ab3a34613e852ffd179d89c40
aa984912a63fef14a196d17ad89c497ec126b95f
5e72003c52280aa095f51daab05b513cdcebc4d9caca6c2796b763c64e724bca
GET /gampad/cookie.js?domain=best-proxylist.blogspot.com&callback=_gfp_s_&client=pub-8116085563943069&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 14 Dec 2022 15:01:37 GMT
server: cafe
cache-control: private
content-length: 251
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f340e8485c80338c159be2ac5f8050c5
704f9da662775b15315248a59353c9af39a1ef0e
2197d905b6847b6ae4eb8b90be3edb8ed0e6c809208590d3a59559e8fce99f8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4639c657cf22b8bb603cdbbe9bb37c46
d57cbcfa27681e015ba68dadebda7a1dea7f52ba
cecea4b1fcaf2bb5d76732ebd45558f6d7be60e80d0e13f8481061a173685bff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/ga.js
200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Wed, 14 Dec 2022 13:06:06 GMT
Expires: Wed, 14 Dec 2022 15:06:06 GMT
Cache-Control: public, max-age=7200
Age: 6931
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
adservice.google.com/adsid/integrator.js?domain=best-proxylist.blogspot.com
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=best-proxylist.blogspot.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=best-proxylist.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 14 Dec 2022 15:01:37 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bcc65d6ecbe203fe5317edb80cf75446
de2608795465b2586373b6ac532eb406cffaa47b
6c2e330e67eb0b47ba01beeff54f264ab618ed7797bc181152d2f36d9f9f2d58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=best-proxylist.blogspot.com
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=best-proxylist.blogspot.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=best-proxylist.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 14 Dec 2022 15:01:37 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2002790015&utmhn=best-proxylist.blogspot.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Anonymizer%20%7C%20Proxy%20List%20%7C%20Free%20HTTPS%3A%201%20%D0%B4%D0%B5%D0%BA.%202012%20%D0%B3.&utmhid=1499934344&utmr=-&utmp=%2F2012_12_01_archive.html&utmht=1671030095379&utmac=UA-915775-25&utmcc=__utma%3D48685877.117133645.1671030095.1671030095.1671030095.1%3B%2B__utmz%3D48685877.1671030095.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=206849817&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
200 OK 35 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2002790015&utmhn=best-proxylist.blogspot.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Anonymizer%20%7C%20Proxy%20List%20%7C%20Free%20HTTPS%3A%201%20%D0%B4%D0%B5%D0%BA.%202012%20%D0%B3.&utmhid=1499934344&utmr=-&utmp=%2F2012_12_01_archive.html&utmht=1671030095379&utmac=UA-915775-25&utmcc=__utma%3D48685877.117133645.1671030095.1671030095.1671030095.1%3B%2B__utmz%3D48685877.1671030095.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=206849817&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2002790015&utmhn=best-proxylist.blogspot.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Anonymizer%20%7C%20Proxy%20List%20%7C%20Free%20HTTPS%3A%201%20%D0%B4%D0%B5%D0%BA.%202012%20%D0%B3.&utmhid=1499934344&utmr=-&utmp=%2F2012_12_01_archive.html&utmht=1671030095379&utmac=UA-915775-25&utmcc=__utma%3D48685877.117133645.1671030095.1671030095.1671030095.1%3B%2B__utmz%3D48685877.1671030095.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=206849817&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Wed, 14 Dec 2022 15:01:37 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d65e8797e775e53b6d31c91a7635f719
37ec6f0b1640030feb848d1cfb0b4e3fc21c5b17
cc2fb6cb6f0885ea4c62646293c06c3de8d2650c435f493ff192f1f7ec2b148c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 69a7451c35876a8257f0525d6e9ed93d
506c7fcac44cb8190813b6e1171e42884d26cb5a
3f68d76c4edfb94578f3c10dcef00b865001f6c5f19a71cf7b744557f905cf3a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 69a7451c35876a8257f0525d6e9ed93d
506c7fcac44cb8190813b6e1171e42884d26cb5a
3f68d76c4edfb94578f3c10dcef00b865001f6c5f19a71cf7b744557f905cf3a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
best-proxylist.blogspot.com/favicon.ico
200 OK 412 B URL HTTP/1.1 best-proxylist.blogspot.com/favicon.ico
IP
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: best-proxylist.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/2012_12_01_archive.html
Cookie: __utma=48685877.117133645.1671030095.1671030095.1671030095.1; __utmb=48685877.1.10.1671030095; __utmc=48685877; __utmz=48685877.1671030095.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Content-Type: image/x-icon
Expires: Wed, 14 Dec 2022 15:01:37 GMT
Date: Wed, 14 Dec 2022 15:01:37 GMT
Cache-Control: private, max-age=86400
Last-Modified: Sun, 27 Nov 2022 11:12:58 GMT
ETag: W/"3f55650ad5de9d30b77f25c2af989863e35e69749f6ded0381b079aec994b9d1"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8116085563943069&output=html&h=90&adk=173538299&adf=1374884920&w=728&lmt=1669547578&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=336699&color_text=333333&color_url=999999&url=http%3A%2F%2Fbest-proxylist.blogspot.com%2F2012_12_01_archive.html&host=pub-1556223355139109&h_ch=00000&wgl=1&dt=1671030095269&bpp=37&bdt=496&idt=-M&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&abxe=1&correlator=3504250071693&frm=20&pv=2&ga_vid=117133645.1671030095&ga_sid=1671030095&ga_hid=1499934344&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=39&ady=144&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2188177777466677&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=mgpySPWTvE&p=http%3A//best-proxylist.blogspot.com&dtd=148
200 OK 9.5 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8116085563943069&output=html&h=90&adk=173538299&adf=1374884920&w=728&lmt=1669547578&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=336699&color_text=333333&color_url=999999&url=http%3A%2F%2Fbest-proxylist.blogspot.com%2F2012_12_01_archive.html&host=pub-1556223355139109&h_ch=00000&wgl=1&dt=1671030095269&bpp=37&bdt=496&idt=-M&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&abxe=1&correlator=3504250071693&frm=20&pv=2&ga_vid=117133645.1671030095&ga_sid=1671030095&ga_hid=1499934344&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=39&ady=144&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2188177777466677&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=mgpySPWTvE&p=http%3A//best-proxylist.blogspot.com&dtd=148
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (21397), with no line terminators
Hash 9b50e88f81c349f7b72159031ffc57d1
beaa84dcd3c15f49337a9d705ac90275d8db7f71
81503bdd3eab22fe66aaca2aad1231414902573998574271c6d9a23160699157
GET /pagead/ads?client=ca-pub-8116085563943069&output=html&h=90&adk=173538299&adf=1374884920&w=728&lmt=1669547578&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=336699&color_text=333333&color_url=999999&url=http%3A%2F%2Fbest-proxylist.blogspot.com%2F2012_12_01_archive.html&host=pub-1556223355139109&h_ch=00000&wgl=1&dt=1671030095269&bpp=37&bdt=496&idt=-M&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&abxe=1&correlator=3504250071693&frm=20&pv=2&ga_vid=117133645.1671030095&ga_sid=1671030095&ga_hid=1499934344&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=39&ady=144&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2188177777466677&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=mgpySPWTvE&p=http%3A//best-proxylist.blogspot.com&dtd=148 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 14 Dec 2022 15:01:38 GMT
server: cafe
content-length: 9463
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 14-Dec-2022 15:16:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 14 Dec 2022 15:01:38 GMT
cache-control: private
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8116085563943069&output=html&h=600&adk=2676577121&adf=3745148778&w=160&lmt=1669547578&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=336699&color_text=333333&color_url=336699&url=http%3A%2F%2Fbest-proxylist.blogspot.com%2F2012_12_01_archive.html&host=pub-1556223355139109&h_ch=00000&alternate_ad_url=http%3A%2F%2Fwww.blogger.com%2Fimg%2Fblogger_ad160x600.html&wgl=1&dt=1671030095269&bpp=8&bdt=496&idt=9&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=3504250071693&pv_h_ch=00000&frm=20&pv=1&ga_vid=117133645.1671030095&ga_sid=1671030095&ga_hid=1499934344&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=882&ady=144&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2188177777466677&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&cms=1&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=YSbfgMCFRG&p=http%3A//best-proxylist.blogspot.com&dtd=154
200 OK 9.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8116085563943069&output=html&h=600&adk=2676577121&adf=3745148778&w=160&lmt=1669547578&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=336699&color_text=333333&color_url=336699&url=http%3A%2F%2Fbest-proxylist.blogspot.com%2F2012_12_01_archive.html&host=pub-1556223355139109&h_ch=00000&alternate_ad_url=http%3A%2F%2Fwww.blogger.com%2Fimg%2Fblogger_ad160x600.html&wgl=1&dt=1671030095269&bpp=8&bdt=496&idt=9&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=3504250071693&pv_h_ch=00000&frm=20&pv=1&ga_vid=117133645.1671030095&ga_sid=1671030095&ga_hid=1499934344&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=882&ady=144&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2188177777466677&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&cms=1&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=YSbfgMCFRG&p=http%3A//best-proxylist.blogspot.com&dtd=154
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (21407), with no line terminators
Hash bbb009cf00e4621b27c8c939ed634a08
0c37ad6ffd7e78d0b035d7c66fdb46a99626852b
95fdb6a69f0088ba7980d3ac71b6c6d563fad5f867f7dc713ae6ea232b2d3bba
GET /pagead/ads?client=ca-pub-8116085563943069&output=html&h=600&adk=2676577121&adf=3745148778&w=160&lmt=1669547578&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=336699&color_text=333333&color_url=336699&url=http%3A%2F%2Fbest-proxylist.blogspot.com%2F2012_12_01_archive.html&host=pub-1556223355139109&h_ch=00000&alternate_ad_url=http%3A%2F%2Fwww.blogger.com%2Fimg%2Fblogger_ad160x600.html&wgl=1&dt=1671030095269&bpp=8&bdt=496&idt=9&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=3504250071693&pv_h_ch=00000&frm=20&pv=1&ga_vid=117133645.1671030095&ga_sid=1671030095&ga_hid=1499934344&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=882&ady=144&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2188177777466677&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&cms=1&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=YSbfgMCFRG&p=http%3A//best-proxylist.blogspot.com&dtd=154 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 14 Dec 2022 15:01:38 GMT
server: cafe
content-length: 9438
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 14-Dec-2022 15:16:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 14 Dec 2022 15:01:38 GMT
cache-control: private
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/adview?ai=CpMu_UeWZY87sN4OoygX2sJKIC8me0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItODExNjA4NTU2Mzk0MzA2OcgBCakCCAD_snjVsT6oAwGqBOcBT9BFXP6KKhBDB0acvlB65_Jx1wnYy1VX1uyWFEySbWQavKE8uhzzxz6ZI6NHbho9n_FbZ4BABi22C67ARAAhG8AEwSWZBPReNJT-kPMKGjJpmrYhCsF4HWcJGhGjKKBZ6vbQAiNIBuu1cdyLxV8nj13QY7cFe3a1lVQgsWdEz6DGetBUChp9CZ9m9bA2IGPkJT9isZVYhCwNo07c14XPmauJoPnPeAwCso0q2h3U6LQ4K66XRfs5kj5tAx-DQa08xy2-bkOp0pLbuiqAgslVmapTM7hLkq8RXxklAPnUyVIlugZMLGUqgAa8-MjZiIygtuYBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04MTE2MDg1NTYzOTQzMDY5GAA&sigh=p5AiTLQjidM&uach_m=[UACH]&cid=CAQSGwDq26N9NVO-8tfpxjOTRN-rwV8fQRvGNglDwBgBIBM
200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/adview?ai=CpMu_UeWZY87sN4OoygX2sJKIC8me0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItODExNjA4NTU2Mzk0MzA2OcgBCakCCAD_snjVsT6oAwGqBOcBT9BFXP6KKhBDB0acvlB65_Jx1wnYy1VX1uyWFEySbWQavKE8uhzzxz6ZI6NHbho9n_FbZ4BABi22C67ARAAhG8AEwSWZBPReNJT-kPMKGjJpmrYhCsF4HWcJGhGjKKBZ6vbQAiNIBuu1cdyLxV8nj13QY7cFe3a1lVQgsWdEz6DGetBUChp9CZ9m9bA2IGPkJT9isZVYhCwNo07c14XPmauJoPnPeAwCso0q2h3U6LQ4K66XRfs5kj5tAx-DQa08xy2-bkOp0pLbuiqAgslVmapTM7hLkq8RXxklAPnUyVIlugZMLGUqgAa8-MjZiIygtuYBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04MTE2MDg1NTYzOTQzMDY5GAA&sigh=p5AiTLQjidM&uach_m=[UACH]&cid=CAQSGwDq26N9NVO-8tfpxjOTRN-rwV8fQRvGNglDwBgBIBM
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/adview?ai=CpMu_UeWZY87sN4OoygX2sJKIC8me0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItODExNjA4NTU2Mzk0MzA2OcgBCakCCAD_snjVsT6oAwGqBOcBT9BFXP6KKhBDB0acvlB65_Jx1wnYy1VX1uyWFEySbWQavKE8uhzzxz6ZI6NHbho9n_FbZ4BABi22C67ARAAhG8AEwSWZBPReNJT-kPMKGjJpmrYhCsF4HWcJGhGjKKBZ6vbQAiNIBuu1cdyLxV8nj13QY7cFe3a1lVQgsWdEz6DGetBUChp9CZ9m9bA2IGPkJT9isZVYhCwNo07c14XPmauJoPnPeAwCso0q2h3U6LQ4K66XRfs5kj5tAx-DQa08xy2-bkOp0pLbuiqAgslVmapTM7hLkq8RXxklAPnUyVIlugZMLGUqgAa8-MjZiIygtuYBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04MTE2MDg1NTYzOTQzMDY5GAA&sigh=p5AiTLQjidM&uach_m=[UACH]&cid=CAQSGwDq26N9NVO-8tfpxjOTRN-rwV8fQRvGNglDwBgBIBM HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8116085563943069&output=html&h=90&adk=173538299&adf=1374884920&w=728&lmt=1669547578&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=336699&color_text=333333&color_url=999999&url=http%3A%2F%2Fbest-proxylist.blogspot.com%2F2012_12_01_archive.html&host=pub-1556223355139109&h_ch=00000&wgl=1&dt=1671030095269&bpp=37&bdt=496&idt=-M&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&abxe=1&correlator=3504250071693&frm=20&pv=2&ga_vid=117133645.1671030095&ga_sid=1671030095&ga_hid=1499934344&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=39&ady=144&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2188177777466677&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=mgpySPWTvE&p=http%3A//best-proxylist.blogspot.com&dtd=148
Cookie: test_cookie=CheckForPermission
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 15:01:38 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: IDE=AHWqTUm0CjNlS_E07gNy4yCvB3_50ITc0wMhekhmqjDQ8iV8hrx9szcnmz_RpcNge7M; expires=Fri, 13-Dec-2024 15:01:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 14 Dec 2022 15:01:38 GMT
cache-control: private
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 69a7451c35876a8257f0525d6e9ed93d
506c7fcac44cb8190813b6e1171e42884d26cb5a
3f68d76c4edfb94578f3c10dcef00b865001f6c5f19a71cf7b744557f905cf3a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7656cc0f3816c0828cd9dc73b2ea8aa6
939a00c40cc6875976fff408deb3c59661c14997
33ca5f464001eab5f2e005309e5eadfa3785c8f7450e8792861df812c8e356bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7656cc0f3816c0828cd9dc73b2ea8aa6
939a00c40cc6875976fff408deb3c59661c14997
33ca5f464001eab5f2e005309e5eadfa3785c8f7450e8792861df812c8e356bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/adview?ai=C71ZwUeWZY-XoOP-XxdwPgNq26ALJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTgxMTYwODU1NjM5NDMwNjnIAQmpAggA_7J41bE-qAMBqgToAU_QVriZwjs_jt_Ais2l7bIY0vIzEbyJuFOri47WRP67bRnruTciTOVK_9ffvqQF1CiKuEycfNTKv2z5xgqLvsesMGXyNFk8B94G3-fELajr9_GRSu4TCjP9vY0BSe_3qvRC8zxia4JoIStRI2k7g1z0aKWkQowZy2SgRrZLubWkWKgjSToHcglNAXcURC1TIb8TOIqpdgB2vTpKkHfjxx9f69AJlEpwrsvT3Jn4OxSjNZltCiKOU1XZci3TW5E7rWcdNbfc2o1rF2djRe1P9ZebcmPJUzRrMkpUopCCKEKHRDZmnJy_AeGABuuRn9nH_b-C0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTgxMTYwODU1NjM5NDMwNjkYAA&sigh=PLHorWcAglw&uach_m=[UACH]&cid=CAQSGwDq26N9coTtzRt1dOMJ123IEK_3l6NOlERMuBgBIBM
200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/adview?ai=C71ZwUeWZY-XoOP-XxdwPgNq26ALJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTgxMTYwODU1NjM5NDMwNjnIAQmpAggA_7J41bE-qAMBqgToAU_QVriZwjs_jt_Ais2l7bIY0vIzEbyJuFOri47WRP67bRnruTciTOVK_9ffvqQF1CiKuEycfNTKv2z5xgqLvsesMGXyNFk8B94G3-fELajr9_GRSu4TCjP9vY0BSe_3qvRC8zxia4JoIStRI2k7g1z0aKWkQowZy2SgRrZLubWkWKgjSToHcglNAXcURC1TIb8TOIqpdgB2vTpKkHfjxx9f69AJlEpwrsvT3Jn4OxSjNZltCiKOU1XZci3TW5E7rWcdNbfc2o1rF2djRe1P9ZebcmPJUzRrMkpUopCCKEKHRDZmnJy_AeGABuuRn9nH_b-C0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTgxMTYwODU1NjM5NDMwNjkYAA&sigh=PLHorWcAglw&uach_m=[UACH]&cid=CAQSGwDq26N9coTtzRt1dOMJ123IEK_3l6NOlERMuBgBIBM
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/adview?ai=C71ZwUeWZY-XoOP-XxdwPgNq26ALJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTgxMTYwODU1NjM5NDMwNjnIAQmpAggA_7J41bE-qAMBqgToAU_QVriZwjs_jt_Ais2l7bIY0vIzEbyJuFOri47WRP67bRnruTciTOVK_9ffvqQF1CiKuEycfNTKv2z5xgqLvsesMGXyNFk8B94G3-fELajr9_GRSu4TCjP9vY0BSe_3qvRC8zxia4JoIStRI2k7g1z0aKWkQowZy2SgRrZLubWkWKgjSToHcglNAXcURC1TIb8TOIqpdgB2vTpKkHfjxx9f69AJlEpwrsvT3Jn4OxSjNZltCiKOU1XZci3TW5E7rWcdNbfc2o1rF2djRe1P9ZebcmPJUzRrMkpUopCCKEKHRDZmnJy_AeGABuuRn9nH_b-C0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTgxMTYwODU1NjM5NDMwNjkYAA&sigh=PLHorWcAglw&uach_m=[UACH]&cid=CAQSGwDq26N9coTtzRt1dOMJ123IEK_3l6NOlERMuBgBIBM HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8116085563943069&output=html&h=600&adk=2676577121&adf=3745148778&w=160&lmt=1669547578&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=336699&color_text=333333&color_url=336699&url=http%3A%2F%2Fbest-proxylist.blogspot.com%2F2012_12_01_archive.html&host=pub-1556223355139109&h_ch=00000&alternate_ad_url=http%3A%2F%2Fwww.blogger.com%2Fimg%2Fblogger_ad160x600.html&wgl=1&dt=1671030095269&bpp=8&bdt=496&idt=9&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=3504250071693&pv_h_ch=00000&frm=20&pv=1&ga_vid=117133645.1671030095&ga_sid=1671030095&ga_hid=1499934344&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=882&ady=144&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=2188177777466677&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&cms=1&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=YSbfgMCFRG&p=http%3A//best-proxylist.blogspot.com&dtd=154
Cookie: test_cookie=CheckForPermission
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 15:01:38 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: IDE=AHWqTUm57wtOLOQ_gfHbvNS0myf-xtBQveULUZ_PSJYbKFhztrMARmx9pS3AsnUxOpk; expires=Fri, 13-Dec-2024 15:01:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 14 Dec 2022 15:01:38 GMT
cache-control: private
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
200 OK 1.2 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
IP
File type ASCII text, with very long lines (1054)
Hash 169edf919beed1ee17c8a752ef12132e
b7fbae15ed7789984ee59618845b914aae37bf3e
2bcf9aebfd80a2558d54f39de59542c3df52610616fb2e4380d9f3d976cc13fc
GET /pagead/js/r20221207/r20110914/client/window_focus_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1236
x-xss-protection: 0
date: Tue, 13 Dec 2022 22:02:26 GMT
expires: Tue, 27 Dec 2022 22:02:26 GMT
cache-control: public, max-age=1209600
age: 61152
etag: 15004572836499977866
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
IP
File type ASCII text, with very long lines (1542)
Hash 6f59900fa87e133bae329372aebefe36
260937d2934233c07b112f3564ec9eca7b529fd7
156c12ec7d6973b5742504716567b70740dd66bee9cc0e1a1608df56e77011fd
GET /pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7480
x-xss-protection: 0
date: Tue, 13 Dec 2022 22:04:55 GMT
expires: Tue, 27 Dec 2022 22:04:55 GMT
cache-control: public, max-age=1209600
age: 61003
etag: 15631949847000551034
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
200 OK 48 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP
File type ASCII text, with very long lines (3501)
Hash 0aea457deb170b60b680d7d723b4a6e2
3acbe700c709c2c5c07d6fb145ea7b448cc07a90
86c662679bc2508be7e8064c91055a3c5be7db2c24d58e5f27676f35702ba339
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 47725
date: Wed, 14 Dec 2022 15:01:38 GMT
expires: Wed, 14 Dec 2022 15:01:38 GMT
cache-control: private, max-age=3000
etag: "1670417373259609"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4118
Expires: Wed, 14 Dec 2022 16:10:16 GMT
Date: Wed, 14 Dec 2022 15:01:38 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 314 B IP
Hash 9f0f9fba95597f8a731745204c6064da
5504c2b0ced59cd7460c6c279a9f11bdaafd693a
806d5e62bc97c7a7861cbabbbfa339b2fc4f4039e802048284f592d192303110
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3805
Cache-Control: max-age=119710
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:38 GMT
Etag: "63990713-13a"
Expires: Fri, 16 Dec 2022 00:16:48 GMT
Last-Modified: Tue, 13 Dec 2022 23:13:23 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 314
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4118
Expires: Wed, 14 Dec 2022 16:10:16 GMT
Date: Wed, 14 Dec 2022 15:01:38 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4118
Expires: Wed, 14 Dec 2022 16:10:16 GMT
Date: Wed, 14 Dec 2022 15:01:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2263c6ae-1846-44f1-8b25-471bca417daf.jpeg
200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2263c6ae-1846-44f1-8b25-471bca417daf.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8b0477fb90d103e2155bbf7ab47d877
ab668e755bd742b165fa3ba46a4c486c616a7ff6
40e2282cf64da6034f73a2ff0c0d060550caa364244d5bdf282d2f54719d48ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2263c6ae-1846-44f1-8b25-471bca417daf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4703
x-amzn-requestid: 975cb427-5feb-4c36-bcfe-bed0cc9bd3b5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czpW4Hh4IAMFeRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639155c5-63d6d97371f11d6012edae68;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 03:11:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UjIRajW22SkXZZgVKDxjvkO-3g950W_McDg_fa0DeTVGbgIRFDMVMQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 05:29:49 GMT
age: 34309
etag: "ab668e755bd742b165fa3ba46a4c486c616a7ff6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb91a48bd-4125-4a30-8a37-7ba4692b71f2.jpeg
200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb91a48bd-4125-4a30-8a37-7ba4692b71f2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3acfbf939eab432007f8315f2376f563
e14ad15ba9151accd71ea1c4b312d3d5c0a7f62c
d02ae4fa55f6ba4b1ca2186eb31a40018eada1e1491efdc4a95ffba4c35afa07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb91a48bd-4125-4a30-8a37-7ba4692b71f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5108
x-amzn-requestid: cba619a3-ef9a-420b-b280-2b53608aad53
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpL0G93IAMF59Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef18-7cc4f81a16016a8d63156bff;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:31:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3JmSN0RECaKzxPmndCUHm_4YLojawf7kw8A43yj1h1IfuZQKsVl6eg==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:42:57 GMT
age: 62321
etag: "e14ad15ba9151accd71ea1c4b312d3d5c0a7f62c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79a2c580-94e2-4dbb-9a82-9c5b12a9ecfa.jpeg
200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79a2c580-94e2-4dbb-9a82-9c5b12a9ecfa.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 027a9fc390a10242c7389ac20d8be93a
9bc06ec4c13fd3f14bde06387d56814f2a886a88
8ef7b73d6657c8d5cfd26fcad97b82f0acd21637d7ee8af84688295ffca85093
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79a2c580-94e2-4dbb-9a82-9c5b12a9ecfa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4041
x-amzn-requestid: 5f92302c-f41f-46a4-9283-2c5d49c3c282
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpc2Gl5IAMFzUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef85-54bd3ad3579e0d081e17b206;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:32:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nZ8xLZj1nRTZnduwFxc9QP4EWyP8k3GuJV4Br3o9Q7Zt9ZlwWIudDQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:59:15 GMT
etag: "9bc06ec4c13fd3f14bde06387d56814f2a886a88"
content-type: image/jpeg
age: 61343
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf99cc35-2988-4958-a87c-f7f44e2094c7.jpeg
200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf99cc35-2988-4958-a87c-f7f44e2094c7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f8501112ef886bfa0aaf2239cee2d312
f07542e9312ef0b42c96f2687766fe46f57f38cb
296c8dd5bdcb6ff49fcfebe464a7baa9c22bbe8ef6fef0798e92b10e1b3b1ac9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf99cc35-2988-4958-a87c-f7f44e2094c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4294
x-amzn-requestid: a906aaed-cfa3-453a-b872-87f906f6251c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGp1ME7aoAMFWyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398f021-23ddca2815a10a181549c5d8;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:35:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: v5C9KOhwCQKWxvPNJuUXqFckYLMQanLQ9oWzdUPaQk9GLDZ7pJrH9g==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:50:24 GMT
age: 61874
etag: "f07542e9312ef0b42c96f2687766fe46f57f38cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg
200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 690133687ca909986a7ac4e919193bbb
9f36b8f5cd7f540d18318c0b8ca55d40e85ed1d4
d4913048b7f2b341c77a345420a855e6385e00c64ef30f6cf136ad16f6bda771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6711
x-amzn-requestid: ee80741a-2c58-4749-8443-c245db7b09a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c9hqYHNnoAMF4JA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63954975-662de21405a1312c6d5bc15c;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 03:07:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qjrT2_IIgJ6cc5tKv33dl2gfKFAC4GMRZspXCaQwwCk1GMh1-2FXgw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 05:50:16 GMT
age: 33082
etag: "9f36b8f5cd7f540d18318c0b8ca55d40e85ed1d4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88d6f0a9-7f6f-4650-8d61-2ed3133aaf86.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88d6f0a9-7f6f-4650-8d61-2ed3133aaf86.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ddda117cee658be4cfe3a5d04a88c46
a167e2211732837cf07b3b9a0b33610492ab8a47
bc5fae9d44914c804f82d1e0f90a01fe14d86063da59292bf78100f539b3f7a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88d6f0a9-7f6f-4650-8d61-2ed3133aaf86.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13205
x-amzn-requestid: 23929642-4b48-40f4-8847-854dfca772b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpKoH_4oAMF_8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef10-19ad3c327c190b9227d232a2;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:30:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Vx7sZ090BsrHPpf5WTWPKYaCNlYvuh5chiNxw2anH2Kd1WovN9Dc4w==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:53:03 GMT
age: 61715
etag: "a167e2211732837cf07b3b9a0b33610492ab8a47"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
200 OK 4.4 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
IP
File type ASCII text, with very long lines (2171)
Hash 44c72b9bddfecacc9114e84d685dd085
38f3ff57b9b64a38fc2153eb30564b7fc1c86349
c82afd4f2d89288b4b79244f0c24264810b11326670710ac8e28e7bfc87c7991
GET /ajax/libs/webfont/1.6.28/webfontloader.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 15:01:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 4420
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04030-30d9"
last-modified: Mon, 04 May 2020 16:17:52 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 595904
expires: Mon, 04 Dec 2023 15:01:38 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMOC5By%2BlUaUBw36maEwa41XdpKgmpILGisZjOgJRJnDDrJfir99SQGCA%2BVLtK7rWMrXy6qLixeXqErTJYdddykzTgL7k%2BFy%2FP9449gh21Wn1d8XRW1CTrFYI3VF4yM79r977MiI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7797d0e37d1ab50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 312 B IP
Hash 0c85c661841cf5b4d34ef77e9364d2ba
509b0bfb37b8e15405b8e0bc4ea1d213335ef9ac
c98821752c9370d5ffe7fbfbae92f7b87a9cfd085bb5b4b986eace9dc92f270e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1217
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:38 GMT
Last-Modified: Wed, 14 Dec 2022 14:41:21 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
200 OK 312 B IP
Hash 0c85c661841cf5b4d34ef77e9364d2ba
509b0bfb37b8e15405b8e0bc4ea1d213335ef9ac
c98821752c9370d5ffe7fbfbae92f7b87a9cfd085bb5b4b986eace9dc92f270e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1217
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:38 GMT
Last-Modified: Wed, 14 Dec 2022 14:41:21 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 312
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kKnZE7OzWdgFWp2DYgICAAAASv5VHY2HERUQUeWZYx4QbeSQakfkzu01ABIAAA&wp=Y5nlUQAN9k4KspQDAASYdncfPkdIaSloSZj2og
200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kKnZE7OzWdgFWp2DYgICAAAASv5VHY2HERUQUeWZYx4QbeSQakfkzu01ABIAAA&wp=Y5nlUQAN9k4KspQDAASYdncfPkdIaSloSZj2og
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kKnZE7OzWdgFWp2DYgICAAAASv5VHY2HERUQUeWZYx4QbeSQakfkzu01ABIAAA&wp=Y5nlUQAN9k4KspQDAASYdncfPkdIaSloSZj2og HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 1733686
date: Wed, 14 Dec 2022 15:01:38 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPenErOzWaAB2ASdg2ICAgAAAEr-VR2NhxEVEFHlmWOJuFN-f5q6rJjX9gASAAA&wp=Y5nlUQAONGUFkUv_AA2tALCpGwpfZV4axKEBsg
200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPenErOzWaAB2ASdg2ICAgAAAEr-VR2NhxEVEFHlmWOJuFN-f5q6rJjX9gASAAA&wp=Y5nlUQAONGUFkUv_AA2tALCpGwpfZV4axKEBsg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kPenErOzWaAB2ASdg2ICAgAAAEr-VR2NhxEVEFHlmWOJuFN-f5q6rJjX9gASAAA&wp=Y5nlUQAONGUFkUv_AA2tALCpGwpfZV4axKEBsg HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 251163
date: Wed, 14 Dec 2022 15:01:38 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 314 B IP
Hash 29b20b2039da4fff67b217acc3bb43b2
c94a60c0abeafcf70dbc94460d8e07090c3f93f5
c414055ce8d8332757b89ecfc6cc5846ce01d23b71aecf647041a033bc95eab5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3100
Cache-Control: max-age=170820
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:38 GMT
Etag: "6399d17a-13a"
Expires: Fri, 16 Dec 2022 14:28:38 GMT
Last-Modified: Wed, 14 Dec 2022 13:36:58 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
200 OK 313 B IP
Hash e866c08861e2c29b974e8563b152409e
d551c18f7e627515b2d3e768ee6fd73013ec8f4f
2fe81be9f12d6586950ee40ffe766edb171f0b4a10768aa08ec453502c131756
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6500
Cache-Control: max-age=117005
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:38 GMT
Etag: "6398f1fb-139"
Expires: Thu, 15 Dec 2022 23:31:43 GMT
Last-Modified: Tue, 13 Dec 2022 21:43:23 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 313 B IP
Hash e866c08861e2c29b974e8563b152409e
d551c18f7e627515b2d3e768ee6fd73013ec8f4f
2fe81be9f12d6586950ee40ffe766edb171f0b4a10768aa08ec453502c131756
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6500
Cache-Control: max-age=117005
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:38 GMT
Etag: "6398f1fb-139"
Expires: Thu, 15 Dec 2022 23:31:43 GMT
Last-Modified: Tue, 13 Dec 2022 21:43:23 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 313 B IP
Hash e866c08861e2c29b974e8563b152409e
d551c18f7e627515b2d3e768ee6fd73013ec8f4f
2fe81be9f12d6586950ee40ffe766edb171f0b4a10768aa08ec453502c131756
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6500
Cache-Control: max-age=117005
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:38 GMT
Etag: "6398f1fb-139"
Expires: Thu, 15 Dec 2022 23:31:43 GMT
Last-Modified: Tue, 13 Dec 2022 21:43:23 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 313 B IP
Hash e866c08861e2c29b974e8563b152409e
d551c18f7e627515b2d3e768ee6fd73013ec8f4f
2fe81be9f12d6586950ee40ffe766edb171f0b4a10768aa08ec453502c131756
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6500
Cache-Control: max-age=117005
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:38 GMT
Etag: "6398f1fb-139"
Expires: Thu, 15 Dec 2022 23:31:43 GMT
Last-Modified: Tue, 13 Dec 2022 21:43:23 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 313 B IP
Hash e866c08861e2c29b974e8563b152409e
d551c18f7e627515b2d3e768ee6fd73013ec8f4f
2fe81be9f12d6586950ee40ffe766edb171f0b4a10768aa08ec453502c131756
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6265
Cache-Control: max-age=116770
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:38 GMT
Etag: "6398f1fb-139"
Expires: Thu, 15 Dec 2022 23:27:48 GMT
Last-Modified: Tue, 13 Dec 2022 21:43:23 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bfb5d3c071cebab21e6ab8647e84b6ba
ebc1553e88dbe512449a31b3cb4c10c659484d7d
cf794ab56bfa29d8e47637d68f5c82e4c60b855a8f6b772f344a72c712da3c4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 314 B IP
Hash 7d00863a3d90b2f325555624abbbb5e7
98a339da609cca0739b36f54454719cfe746f9ca
04358cf461e8fd30b3c98edf32a36e80243293f7ba5928de90ae1405f9d4908e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5616
Cache-Control: max-age=166149
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:38 GMT
Etag: "6399b567-13a"
Expires: Fri, 16 Dec 2022 13:10:47 GMT
Last-Modified: Wed, 14 Dec 2022 11:37:11 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
200 OK 314 B IP
Hash 7d00863a3d90b2f325555624abbbb5e7
98a339da609cca0739b36f54454719cfe746f9ca
04358cf461e8fd30b3c98edf32a36e80243293f7ba5928de90ae1405f9d4908e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5670
Cache-Control: max-age=166203
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:38 GMT
Etag: "6399b567-13a"
Expires: Fri, 16 Dec 2022 13:11:41 GMT
Last-Modified: Wed, 14 Dec 2022 11:37:11 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
200 OK 314 B IP
Hash 7d00863a3d90b2f325555624abbbb5e7
98a339da609cca0739b36f54454719cfe746f9ca
04358cf461e8fd30b3c98edf32a36e80243293f7ba5928de90ae1405f9d4908e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5616
Cache-Control: max-age=166149
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:38 GMT
Etag: "6399b567-13a"
Expires: Fri, 16 Dec 2022 13:10:47 GMT
Last-Modified: Wed, 14 Dec 2022 11:37:11 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
200 OK 314 B IP
Hash 7d00863a3d90b2f325555624abbbb5e7
98a339da609cca0739b36f54454719cfe746f9ca
04358cf461e8fd30b3c98edf32a36e80243293f7ba5928de90ae1405f9d4908e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5616
Cache-Control: max-age=166149
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:38 GMT
Etag: "6399b567-13a"
Expires: Fri, 16 Dec 2022 13:10:47 GMT
Last-Modified: Wed, 14 Dec 2022 11:37:11 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
200 OK 471 B IP
Hash 46b46246dab924b3928174909a4743a6
f75b17cf19432179343c64d04c6c7bf5578fa3d4
a3c0efb544ff107f290bdeab3f7abcea1de0a7d9729c47ff9a7f48e4c78acac5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6225
Cache-Control: max-age=109839
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:38 GMT
Etag: "6398d710-1d7"
Expires: Thu, 15 Dec 2022 21:32:17 GMT
Last-Modified: Tue, 13 Dec 2022 19:48:32 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
static.criteo.net/design/dt/93075/221201/afec17cbecd64676891a8ed983c55597_cpn_160x600_1.jpeg
200 OK 124 kB URL HTTP/2 static.criteo.net/design/dt/93075/221201/afec17cbecd64676891a8ed983c55597_cpn_160x600_1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x600, components 3\012- data
Size 124 kB (124453 bytes)
Hash 070949a13a58344485c2348bb53e4025
5eef6daa80b13e3cd30284bca419573c020d93b4
d495e0703fadfaa0fc14b8f4c20890b611a2764d458f58680d05498b0992c227
GET /design/dt/93075/221201/afec17cbecd64676891a8ed983c55597_cpn_160x600_1.jpeg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 15:01:38 GMT
content-type: image/jpeg
content-length: 124453
last-modified: Thu, 01 Dec 2022 23:01:49 GMT
etag: "6389325d-1e625"
expires: Sat, 09 Dec 2023 15:01:38 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/back_button2.svg
200 OK 293 B URL HTTP/2 static.criteo.net/flash/icon/back_button2.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash d9f776bdc698e1bc9c6a1977218019cd
5763cfb5ac79adf0fa7f03a82bad04eea2dca243
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
GET /flash/icon/back_button2.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 15:01:38 GMT
content-type: image/svg+xml
content-length: 293
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
etag: "626a59dc-125"
expires: Sat, 09 Dec 2023 15:01:38 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/close_button.svg
200 OK 308 B URL HTTP/2 static.criteo.net/flash/icon/close_button.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 1bfe2e290ec4440da74a2e2c249eae2b
0b888a3f9e27d1554f2e21d51e7a1c223d00dbd4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
GET /flash/icon/close_button.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 15:01:38 GMT
content-type: image/svg+xml
content-length: 308
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
etag: "5e46a5e4-134"
expires: Sat, 09 Dec 2023 15:01:38 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bfb5d3c071cebab21e6ab8647e84b6ba
ebc1553e88dbe512449a31b3cb4c10c659484d7d
cf794ab56bfa29d8e47637d68f5c82e4c60b855a8f6b772f344a72c712da3c4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A04d08c03-cee2-4f89-8bb4-c319b9be52cf%2FParadisus-Gran-Canaria_1-SQUARE_800X800.jpg&v=3&w=800&s=ZzegjABv24KzmhXXOgjHwHL6&b=400
200 OK 20 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A04d08c03-cee2-4f89-8bb4-c319b9be52cf%2FParadisus-Gran-Canaria_1-SQUARE_800X800.jpg&v=3&w=800&s=ZzegjABv24KzmhXXOgjHwHL6&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6f7863e88f43aa96bc60769aed70eb75
aeca7c00e1347dd2f26280adefe03c0aa03d0654
33813d7d8b1f1b6c7d5b5074a772f0b708187972055199628091b437026cb494
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A04d08c03-cee2-4f89-8bb4-c319b9be52cf%2FParadisus-Gran-Canaria_1-SQUARE_800X800.jpg&v=3&w=800&s=ZzegjABv24KzmhXXOgjHwHL6&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=26095
expires: Wed, 14 Dec 2022 22:16:34 GMT
date: Wed, 14 Dec 2022 15:01:38 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 20366
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=108&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2Fa21d783007334b99b7401f1425c637a2_horizontal_gray.png&v=3&w=316&s=ulooLtAtiYQmGlykU1JLbTld
200 OK 9.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=108&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2Fa21d783007334b99b7401f1425c637a2_horizontal_gray.png&v=3&w=316&s=ulooLtAtiYQmGlykU1JLbTld
IP
File type PNG image data, 316 x 79, 8-bit/color RGBA, non-interlaced\012- data
Hash 144da97a9207083a49983f04d880b34e
eef82a7c16c1e52dc5501c6c527531f50ad29d1a
1af44b1581b500a0d19809c57dca3a293b82555b9d63a09b105da81b4141c566
GET /img/img?h=108&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2Fa21d783007334b99b7401f1425c637a2_horizontal_gray.png&v=3&w=316&s=ulooLtAtiYQmGlykU1JLbTld HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29408497
expires: Mon, 20 Nov 2023 00:03:16 GMT
date: Wed, 14 Dec 2022 15:01:38 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9512
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Af0e0281b-ea46-4ce8-8a6a-55c98d2acb49%2FSOL_Barbacan_1_800x800.jpg&v=3&w=800&s=s-ZDmCStI7aWGW4QyfrHpPEd&b=400
200 OK 38 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Af0e0281b-ea46-4ce8-8a6a-55c98d2acb49%2FSOL_Barbacan_1_800x800.jpg&v=3&w=800&s=s-ZDmCStI7aWGW4QyfrHpPEd&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1b7f1bc9193ebaa23f40da03f02d65b8
75638214d507aea84dcb9a58ba2803171d9fc88f
c60a5e6c08ffe432e46166907ec5d0c292637769c16bcd969ade82fdacfd6693
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Af0e0281b-ea46-4ce8-8a6a-55c98d2acb49%2FSOL_Barbacan_1_800x800.jpg&v=3&w=800&s=s-ZDmCStI7aWGW4QyfrHpPEd&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=0
expires: Wed, 14 Dec 2022 15:01:38 GMT
date: Wed, 14 Dec 2022 15:01:38 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 37680
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Acc02e550-3ad1-4a83-9723-a63ab5f22aa9%2FGran_Melia_de_Mar_1SQUARE_800X800.jpg&v=3&w=800&s=dJ8lqJ537lVJvbJD2hqRR-hq&b=400
200 OK 43 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Acc02e550-3ad1-4a83-9723-a63ab5f22aa9%2FGran_Melia_de_Mar_1SQUARE_800X800.jpg&v=3&w=800&s=dJ8lqJ537lVJvbJD2hqRR-hq&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 088c5f52dac37f43999e5c2a4b007462
2a3f7502896de9a26291e91a38676602e27ef59e
e88e85976f8ab93f44e2cb44795c73ab60635e6d055d4481b52000d0f6f48d70
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Acc02e550-3ad1-4a83-9723-a63ab5f22aa9%2FGran_Melia_de_Mar_1SQUARE_800X800.jpg&v=3&w=800&s=dJ8lqJ537lVJvbJD2hqRR-hq&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=39829
expires: Thu, 15 Dec 2022 02:05:28 GMT
date: Wed, 14 Dec 2022 15:01:38 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 42914
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F1%2F211205-0.jpg%3Fcb%3D9d4757914a94d34d009ff025a4924647&v=3&w=800&s=YcZjOozIH52cQf1DwZG0g5Ig&b=400
200 OK 13 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F1%2F211205-0.jpg%3Fcb%3D9d4757914a94d34d009ff025a4924647&v=3&w=800&s=YcZjOozIH52cQf1DwZG0g5Ig&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x349, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5fab8b303c326187a9366090a0ba57cb
dd348d213e1b0bb865779455f78ade2b3314b7f1
959f28190ef27176ebd62db37b4a4e6508fdddec693c0a5737a094e59baaf8e0
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F1%2F211205-0.jpg%3Fcb%3D9d4757914a94d34d009ff025a4924647&v=3&w=800&s=YcZjOozIH52cQf1DwZG0g5Ig&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30052079
expires: Mon, 27 Nov 2023 10:49:38 GMT
date: Wed, 14 Dec 2022 15:01:37 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 13342
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=176&m=0&partner=12017&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F12018%2F220214%2F72055d4d681b4db89c08acff858f1b81_chanti-logo-s.jpeg&v=3&w=256&s=-yVOjSR8O-t__r4SzR6tFAQc
200 OK 1.1 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=176&m=0&partner=12017&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F12018%2F220214%2F72055d4d681b4db89c08acff858f1b81_chanti-logo-s.jpeg&v=3&w=256&s=-yVOjSR8O-t__r4SzR6tFAQc
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 176x176, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 133ec163e404f82f1dffb6febb7f11d2
539bc2cc717918e64e5f2ba2ff6e419f7dc3fff1
33f9ea5786eb9fa9bbe9e9dae21ba360f913f0ba9d4b0fd4be356fe97dd4e9f7
GET /img/img?h=176&m=0&partner=12017&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F12018%2F220214%2F72055d4d681b4db89c08acff858f1b81_chanti-logo-s.jpeg&v=3&w=256&s=-yVOjSR8O-t__r4SzR6tFAQc HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29008433
expires: Wed, 15 Nov 2023 08:55:31 GMT
date: Wed, 14 Dec 2022 15:01:38 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 1110
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F7%2F178GR0032Z-0.jpg%3Fcb%3Dfc9fb5bf427d201ca99fff8b4c6f02a3&v=3&w=800&s=x8HOu9WLwxoam_PPNVQgIQzk&b=400
200 OK 6.6 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F7%2F178GR0032Z-0.jpg%3Fcb%3Dfc9fb5bf427d201ca99fff8b4c6f02a3&v=3&w=800&s=x8HOu9WLwxoam_PPNVQgIQzk&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 173x238, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 318b500e2b854e1f27709570b83b517d
cc53864c3a5784fc5f24c9f50188fc258f0a1e09
04b12bdf47ca28c4b4088444584f2d40ed7209502a3217b9dce22f6e1c8ba62b
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F7%2F178GR0032Z-0.jpg%3Fcb%3Dfc9fb5bf427d201ca99fff8b4c6f02a3&v=3&w=800&s=x8HOu9WLwxoam_PPNVQgIQzk&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=28992673
expires: Wed, 15 Nov 2023 04:32:52 GMT
date: Wed, 14 Dec 2022 15:01:38 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6598
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F8%2F1844679-0.jpg%3Fcb%3Ddce4718ada81e3fe0dc0bbc372fc1ecf&v=3&w=800&s=noNWMdebWzcc6GSf5ooYS_HB&b=400
200 OK 8.4 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F8%2F1844679-0.jpg%3Fcb%3Ddce4718ada81e3fe0dc0bbc372fc1ecf&v=3&w=800&s=noNWMdebWzcc6GSf5ooYS_HB&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x365, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9ab9352694e39d09b006d299a75d4b4e
c67a9f66f025ad84c090cc2ed5c36ebf101df203
432a7d6bd46254f1d9cf470e8d18031e0731c98f3101c03723217879d6dfa838
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F8%2F1844679-0.jpg%3Fcb%3Ddce4718ada81e3fe0dc0bbc372fc1ecf&v=3&w=800&s=noNWMdebWzcc6GSf5ooYS_HB&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29344265
expires: Sun, 19 Nov 2023 06:12:44 GMT
date: Wed, 14 Dec 2022 15:01:37 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 8404
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139200-2.jpg%3Fcb%3Df4bbfffcc691f0d09fed11ab574d2c15&v=3&w=800&s=ELGNwAEysDJJFXqMz4SRd9vY&b=400
200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139200-2.jpg%3Fcb%3Df4bbfffcc691f0d09fed11ab574d2c15&v=3&w=800&s=ELGNwAEysDJJFXqMz4SRd9vY&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x358, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b4a8b65dd45b5caaf05d7af1a012c211
2d76450cb9247fc5eb904e3d6db3c051c26226ae
bdeedcf8ba166914065e069ca9514b3020cfe22d1239cb8ec86495c301108540
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139200-2.jpg%3Fcb%3Df4bbfffcc691f0d09fed11ab574d2c15&v=3&w=800&s=ELGNwAEysDJJFXqMz4SRd9vY&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29519978
expires: Tue, 21 Nov 2023 07:01:17 GMT
date: Wed, 14 Dec 2022 15:01:38 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10926
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F7%2F8745311-0_1.jpg%3Fcb%3D120aa6ab1f73f9250573069ae3eb362e&v=3&w=800&s=xEhAoAxSZyHBtLr1iy7wIjKr&b=400
200 OK 9.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F7%2F8745311-0_1.jpg%3Fcb%3D120aa6ab1f73f9250573069ae3eb362e&v=3&w=800&s=xEhAoAxSZyHBtLr1iy7wIjKr&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x389, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5a1b5172120326300089ce65762a5af4
38b0a766a16589c866f8aca9eb317204a3c7566e
eb70307be1d1a2eb6dd69c7db8df13ba74228a693e7db0f5f57369009f7958d8
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F7%2F8745311-0_1.jpg%3Fcb%3D120aa6ab1f73f9250573069ae3eb362e&v=3&w=800&s=xEhAoAxSZyHBtLr1iy7wIjKr&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29861740
expires: Sat, 25 Nov 2023 05:57:19 GMT
date: Wed, 14 Dec 2022 15:01:38 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9892
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F3%2F6361-0.jpg%3Fcb%3Db8d1cf063ce2d8c2703adbfb24d22fcd&v=3&w=800&s=f4tzjHjWbA6nvsjkrdcSw47H&b=400
200 OK 5.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F3%2F6361-0.jpg%3Fcb%3Db8d1cf063ce2d8c2703adbfb24d22fcd&v=3&w=800&s=f4tzjHjWbA6nvsjkrdcSw47H&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 29cff6eff75bd8055185105012ae8302
34b9d6094fb5b0748de795c343e1f951fabc62ed
05f8c471a8b59d6f7e159b9a70304ddaee20f54367befbbb2149b23630a605d7
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F3%2F6361-0.jpg%3Fcb%3Db8d1cf063ce2d8c2703adbfb24d22fcd&v=3&w=800&s=f4tzjHjWbA6nvsjkrdcSw47H&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30559757
expires: Sun, 03 Dec 2023 07:50:56 GMT
date: Wed, 14 Dec 2022 15:01:37 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5914
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F3%2F336526-0.jpg%3Fcb%3Daac8f82f32171735d53ff5a92d054441&v=3&w=800&s=NslIk78jAUE7BObxVypbsX3J&b=400
200 OK 9.2 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F3%2F336526-0.jpg%3Fcb%3Daac8f82f32171735d53ff5a92d054441&v=3&w=800&s=NslIk78jAUE7BObxVypbsX3J&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x354, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a9fd55fdb785fc58dca73dd0918a9db1
7007e245e672e5c8572478b8277bbb8c4143b451
3b662214d12fbdf045041e215861f62e5105b7125f15b1751da18148a8d3bc00
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F3%2F336526-0.jpg%3Fcb%3Daac8f82f32171735d53ff5a92d054441&v=3&w=800&s=NslIk78jAUE7BObxVypbsX3J&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29864701
expires: Sat, 25 Nov 2023 06:46:40 GMT
date: Wed, 14 Dec 2022 15:01:37 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9170
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4557f99d9d9535e0134db96dfe8063b2
c9b446d4f382a8ee3d73b1b2e77c96c3e4787059
74305a78c814edc962f442dbbc14023e0b96c5822d5aa9f4ef4c8e4bc791fc00
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4557f99d9d9535e0134db96dfe8063b2
c9b446d4f382a8ee3d73b1b2e77c96c3e4787059
74305a78c814edc962f442dbbc14023e0b96c5822d5aa9f4ef4c8e4bc791fc00
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.criteo.net/flash/icon/privacy.svg
200 OK 1.4 kB URL HTTP/2 static.criteo.net/flash/icon/privacy.svg
IP
Hash d70ece4d6a22c6d60e0dbaa6aa867058
0c42ae243a3bf575216c5e0f03f156f452c8dfc1
235af72b494747460fb72b6efd38b0d89661acf6cf4207e11d844c2a5c355c8d
GET /flash/icon/privacy.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 15:01:38 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
etag: W/"5e4d1491-646"
expires: Sat, 09 Dec 2023 15:01:38 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4557f99d9d9535e0134db96dfe8063b2
c9b446d4f382a8ee3d73b1b2e77c96c3e4787059
74305a78c814edc962f442dbbc14023e0b96c5822d5aa9f4ef4c8e4bc791fc00
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4557f99d9d9535e0134db96dfe8063b2
c9b446d4f382a8ee3d73b1b2e77c96c3e4787059
74305a78c814edc962f442dbbc14023e0b96c5822d5aa9f4ef4c8e4bc791fc00
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
200 OK 32 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
File type gzip compressed data, max compression\012- data
Hash bc00930360f2a5b54c9cac36d699fed3
5f528075e27ed8fc376252e7b2ec0191bb8ad3ef
79a840d708fdd099e9291e77474c79b0b0f429870b8eae95d887ee12100c3361
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 06:30:11 GMT
expires: Sat, 09 Dec 2023 06:30:11 GMT
cache-control: public, max-age=31536000
age: 462687
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:12 GMT
expires: Sat, 09 Dec 2023 13:33:12 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
age: 437306
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Dec 2022 18:52:41 GMT
expires: Tue, 12 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 158937
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4557f99d9d9535e0134db96dfe8063b2
c9b446d4f382a8ee3d73b1b2e77c96c3e4787059
74305a78c814edc962f442dbbc14023e0b96c5822d5aa9f4ef4c8e4bc791fc00
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=48795&adfrmid=0
302 Found 0 B URL HTTP/1.1 mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=48795&adfrmid=0
IP
ASN #50234 Eulerian Technologies S.a.s.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=48795&adfrmid=0 HTTP/1.1
Host: mm.melia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.eu.criteo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Wed, 14 Dec 2022 15:01:39 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 0
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Location: https://mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=48795&adfrmid=0
csm.eu.criteo.net/all?cppv=3&cpp=LUlRPDMiMGqlmFyMxG3zcWIALr-APxi2wNkIJbEaW7060Ab_tDOllU5Qpqb4jmB3XQLz9JhkvBl2gClQCA_ZZqcqz1QluLZKYwHbRBOCkdxRFAw60oNTx4Cgrh9hIYDr8As0uBUJU2whF9FB9CWmKwAAXZUphw7OQ247U3AlwRDf2EwqyUJcT4lDDRjw3Y1m_nARxzxIxFbA4w_p7_yn-QiR8RxUHujfq_xV4uBmrB2x-d6XppAJ7vZSBuboRI494S-QfA&sds=2&rev=83933&sendBeacon=true
200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=LUlRPDMiMGqlmFyMxG3zcWIALr-APxi2wNkIJbEaW7060Ab_tDOllU5Qpqb4jmB3XQLz9JhkvBl2gClQCA_ZZqcqz1QluLZKYwHbRBOCkdxRFAw60oNTx4Cgrh9hIYDr8As0uBUJU2whF9FB9CWmKwAAXZUphw7OQ247U3AlwRDf2EwqyUJcT4lDDRjw3Y1m_nARxzxIxFbA4w_p7_yn-QiR8RxUHujfq_xV4uBmrB2x-d6XppAJ7vZSBuboRI494S-QfA&sds=2&rev=83933&sendBeacon=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=LUlRPDMiMGqlmFyMxG3zcWIALr-APxi2wNkIJbEaW7060Ab_tDOllU5Qpqb4jmB3XQLz9JhkvBl2gClQCA_ZZqcqz1QluLZKYwHbRBOCkdxRFAw60oNTx4Cgrh9hIYDr8As0uBUJU2whF9FB9CWmKwAAXZUphw7OQ247U3AlwRDf2EwqyUJcT4lDDRjw3Y1m_nARxzxIxFbA4w_p7_yn-QiR8RxUHujfq_xV4uBmrB2x-d6XppAJ7vZSBuboRI494S-QfA&sds=2&rev=83933&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 15:01:39 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=k30ykDMiMGqlmFyM1EHXEQzSxWCoryLaOig-dg46Knlx0Jt8yPraG4MOHTqch9ei61oubnr_edLTgAkIQ_9Uwri-sy4kybZ-qp3fThJGkfoMUb4UuWEjdn_iqGlg4ODXFng-9FVwQqL5m9huQK4_xiBpTBx44HhUEuBjeZTSXBV0nLkNslSazOS9wQAYyqc2tVb9-0MpYK2wFQsw03FpEhL_X9MmMCtegf5ld3MBCREeNYVtAPf579Ro_lmI2GxeLnE4bg&sds=2&rev=83933&sendBeacon=true
200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=k30ykDMiMGqlmFyM1EHXEQzSxWCoryLaOig-dg46Knlx0Jt8yPraG4MOHTqch9ei61oubnr_edLTgAkIQ_9Uwri-sy4kybZ-qp3fThJGkfoMUb4UuWEjdn_iqGlg4ODXFng-9FVwQqL5m9huQK4_xiBpTBx44HhUEuBjeZTSXBV0nLkNslSazOS9wQAYyqc2tVb9-0MpYK2wFQsw03FpEhL_X9MmMCtegf5ld3MBCREeNYVtAPf579Ro_lmI2GxeLnE4bg&sds=2&rev=83933&sendBeacon=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=k30ykDMiMGqlmFyM1EHXEQzSxWCoryLaOig-dg46Knlx0Jt8yPraG4MOHTqch9ei61oubnr_edLTgAkIQ_9Uwri-sy4kybZ-qp3fThJGkfoMUb4UuWEjdn_iqGlg4ODXFng-9FVwQqL5m9huQK4_xiBpTBx44HhUEuBjeZTSXBV0nLkNslSazOS9wQAYyqc2tVb9-0MpYK2wFQsw03FpEhL_X9MmMCtegf5ld3MBCREeNYVtAPf579Ro_lmI2GxeLnE4bg&sds=2&rev=83933&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 15:01:39 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=48795&adfrmid=0
200 OK 43 B URL HTTP/1.1 mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=48795&adfrmid=0
IP
ASN #50234 Eulerian Technologies S.a.s.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 718e8bd317b47c1018a861f423615c1c
874d28c9586324d5d16558065197cea533f10b67
11e3a37194c2691ff2eb5c2237cb14a9269c30e844dc48047f9324391477f11f
GET /dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=48795&adfrmid=0 HTTP/1.1
Host: mml1.melia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.eu.criteo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 15:01:39 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 43
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Content-Type: image/gif
Set-Cookie: etuix=.u8PyE25ZBYkoONo_Uk7nzFJmxFCPIiB2wFUjHitGd85zGk5YTWPxQ--; expires=Thu, 11 Jan 2024 15:01:39 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
et0=gz4OwJkIF.Mlrv4QvGm9GZTyANn607rKjaFXSm9MXBk.Sujnt9uuwz82MzFFNUiW8HjiCEqspgoxQyh5fE3.jg3AVYzMQjSaU1VKmuFslB23MSs0TUIsw7l3hjKe77OfXMc-; expires=Thu, 11 Jan 2024 15:01:39 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
et=1; expires=Thu, 11 Jan 2024 15:01:39 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
IP
File type JSON data\012- , ASCII text, with very long lines (14726), with no line terminators
Hash 38a5ea34b35ed20f854b01d2e4ebb384
6ec91ffb3fd2a5c37572f08a6ff7a98748b30484
cfc0ae50616e8e8339dd2bdd32f21b8b4af8ba6476f31e22a09707de9cfcb1ce
GET /getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://best-proxylist.blogspot.com
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Wed, 14 Dec 2022 15:01:39 GMT
server: cafe
content-length: 11118
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 058c9e100b3576e633367ab86b5f4e7b
cdff1e70fd08c3432d51bc87a0facd8c04a62d43
f3669c345974098decc6e96cb4e6c6d1cfac6583cb0b14cd040e208cb2f4dbaf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 15:01:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
200 OK 512 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 6cfd2c7fd5657044d43c7046807179aa
088817ccd2a6dd25960272db64c030184a355021
cbe4ae4fb24b499a39aaf79154b8e0d3fec51afc55d80a5710f61d4938326e92
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 14 Dec 2022 15:01:39 GMT
date: Wed, 14 Dec 2022 15:01:39 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-dQWVukynyrB9gwQHLmzz_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss84mUmwC9f9TyaKouBi5vNI83gAqZ_v-rv9N8Hd2SwGSm1L4iZVdfcgM9_smlG0GPs9Uey9ELT7fJ33BFj3GktFg4&sig=Cg0ArKJSzMYmplU-XZpGEAE&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=173538299&rs=2&la=0&cr=0&vs=4&r=v&rst=1671030095417&rpt=1256&met=ie&wmsd=0&pbe=0
200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss84mUmwC9f9TyaKouBi5vNI83gAqZ_v-rv9N8Hd2SwGSm1L4iZVdfcgM9_smlG0GPs9Uey9ELT7fJ33BFj3GktFg4&sig=Cg0ArKJSzMYmplU-XZpGEAE&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=173538299&rs=2&la=0&cr=0&vs=4&r=v&rst=1671030095417&rpt=1256&met=ie&wmsd=0&pbe=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjss84mUmwC9f9TyaKouBi5vNI83gAqZ_v-rv9N8Hd2SwGSm1L4iZVdfcgM9_smlG0GPs9Uey9ELT7fJ33BFj3GktFg4&sig=Cg0ArKJSzMYmplU-XZpGEAE&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=173538299&rs=2&la=0&cr=0&vs=4&r=v&rst=1671030095417&rpt=1256&met=ie&wmsd=0&pbe=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://googleads.g.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Wed, 14 Dec 2022 15:01:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=LUlRPDMiMGqlmFyMxG3zcWIALr-APxi2wNkIJbEaW7060Ab_tDOllU5Qpqb4jmB3XQLz9JhkvBl2gClQCA_ZZqcqz1QluLZKYwHbRBOCkdxRFAw60oNTx4Cgrh9hIYDr8As0uBUJU2whF9FB9CWmKwAAXZUphw7OQ247U3AlwRDf2EwqyUJcT4lDDRjw3Y1m_nARxzxIxFbA4w_p7_yn-QiR8RxUHujfq_xV4uBmrB2x-d6XppAJ7vZSBuboRI494S-QfA&sds=2&rev=83933&sendBeacon=true
200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=LUlRPDMiMGqlmFyMxG3zcWIALr-APxi2wNkIJbEaW7060Ab_tDOllU5Qpqb4jmB3XQLz9JhkvBl2gClQCA_ZZqcqz1QluLZKYwHbRBOCkdxRFAw60oNTx4Cgrh9hIYDr8As0uBUJU2whF9FB9CWmKwAAXZUphw7OQ247U3AlwRDf2EwqyUJcT4lDDRjw3Y1m_nARxzxIxFbA4w_p7_yn-QiR8RxUHujfq_xV4uBmrB2x-d6XppAJ7vZSBuboRI494S-QfA&sds=2&rev=83933&sendBeacon=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=LUlRPDMiMGqlmFyMxG3zcWIALr-APxi2wNkIJbEaW7060Ab_tDOllU5Qpqb4jmB3XQLz9JhkvBl2gClQCA_ZZqcqz1QluLZKYwHbRBOCkdxRFAw60oNTx4Cgrh9hIYDr8As0uBUJU2whF9FB9CWmKwAAXZUphw7OQ247U3AlwRDf2EwqyUJcT4lDDRjw3Y1m_nARxzxIxFbA4w_p7_yn-QiR8RxUHujfq_xV4uBmrB2x-d6XppAJ7vZSBuboRI494S-QfA&sds=2&rev=83933&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 15:01:39 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvgtc-9Dt_HOg3xOCvvloQEgZGsdFgbzJfB1qpetYHPm-DUUKCRhFB_NWtXstxepdMeqn2tpiMoNo-8YpEgnUzaV14&sig=Cg0ArKJSzAAqAoTauXo_EAE&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2676577121&rs=2&la=0&cr=0&vs=4&r=v&rst=1671030095424&rpt=1605&met=ie&wmsd=0&pbe=0
200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvgtc-9Dt_HOg3xOCvvloQEgZGsdFgbzJfB1qpetYHPm-DUUKCRhFB_NWtXstxepdMeqn2tpiMoNo-8YpEgnUzaV14&sig=Cg0ArKJSzAAqAoTauXo_EAE&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2676577121&rs=2&la=0&cr=0&vs=4&r=v&rst=1671030095424&rpt=1605&met=ie&wmsd=0&pbe=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjsvgtc-9Dt_HOg3xOCvvloQEgZGsdFgbzJfB1qpetYHPm-DUUKCRhFB_NWtXstxepdMeqn2tpiMoNo-8YpEgnUzaV14&sig=Cg0ArKJSzAAqAoTauXo_EAE&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2676577121&rs=2&la=0&cr=0&vs=4&r=v&rst=1671030095424&rpt=1605&met=ie&wmsd=0&pbe=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://googleads.g.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Wed, 14 Dec 2022 15:01:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=k30ykDMiMGqlmFyM1EHXEQzSxWCoryLaOig-dg46Knlx0Jt8yPraG4MOHTqch9ei61oubnr_edLTgAkIQ_9Uwri-sy4kybZ-qp3fThJGkfoMUb4UuWEjdn_iqGlg4ODXFng-9FVwQqL5m9huQK4_xiBpTBx44HhUEuBjeZTSXBV0nLkNslSazOS9wQAYyqc2tVb9-0MpYK2wFQsw03FpEhL_X9MmMCtegf5ld3MBCREeNYVtAPf579Ro_lmI2GxeLnE4bg&sds=2&rev=83933&sendBeacon=true
200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=k30ykDMiMGqlmFyM1EHXEQzSxWCoryLaOig-dg46Knlx0Jt8yPraG4MOHTqch9ei61oubnr_edLTgAkIQ_9Uwri-sy4kybZ-qp3fThJGkfoMUb4UuWEjdn_iqGlg4ODXFng-9FVwQqL5m9huQK4_xiBpTBx44HhUEuBjeZTSXBV0nLkNslSazOS9wQAYyqc2tVb9-0MpYK2wFQsw03FpEhL_X9MmMCtegf5ld3MBCREeNYVtAPf579Ro_lmI2GxeLnE4bg&sds=2&rev=83933&sendBeacon=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=k30ykDMiMGqlmFyM1EHXEQzSxWCoryLaOig-dg46Knlx0Jt8yPraG4MOHTqch9ei61oubnr_edLTgAkIQ_9Uwri-sy4kybZ-qp3fThJGkfoMUb4UuWEjdn_iqGlg4ODXFng-9FVwQqL5m9huQK4_xiBpTBx44HhUEuBjeZTSXBV0nLkNslSazOS9wQAYyqc2tVb9-0MpYK2wFQsw03FpEhL_X9MmMCtegf5ld3MBCREeNYVtAPf579Ro_lmI2GxeLnE4bg&sds=2&rev=83933&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 15:01:40 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/animejs/animejs.js
200 OK 0 B URL HTTP/2 static.criteo.net/animejs/animejs.js
IP
GET /animejs/animejs.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 15:01:38 GMT
content-type: text/javascript
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
etag: W/"5c9a64eb-3181"
expires: Sat, 09 Dec 2023 15:01:38 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y5nlUQAONGUFkUv_AA2tALCpGwpfZV4axKEBsg&u=%7C2j%2FvPbNdQrgbPw9qmjt40d9SN4eh8Ge7GliN%2F13EnW0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TyHgKyU7CHfZbIqo3eOHzDXVDhH7lDfWgjT4Ljb_g3_TskQOPlgvPmWt5RRerXF4zEEbHNOLaLZTWNgEWCa9H177hv1M0ZzHZ_glTvt2I2URHRsfePxzdv2g8CTMuwIag82t-434HS35YCaiYxZ8dquIn9vVDf6cx_YBrm3btauVj47D2wnzSn6-kmWxRqj8uyhaDow5k5Skn1KrQ44_M7bGlUe8LSO6U1JJN-bM7TNBULMVA5AuO-b1ktlF2QnOzeV-EW4pHyds4T_U6IjjOSsjqAczR7yjOl07IhXfCBobFZzIF8Tm1ftXANtWzHw_8rF_F3W5VZOvSp_XwCUVQOpSRimQDNuSGPRkO0s1UsywNhhhWckaOA-JpGHISBWa9ngop7w3z69DPdE4zxKNlxvclT7xhVhUUttvLIyDsuW2hKtYQLYzV-DLZMj8GbXtXnBEnX_vEAHP3Gls1sLMga-7ek_d7sRrRAS0s_m3JNcKUPUnV_PKJbjpxZAW9L3zKg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCT9TVUeWZY-XoOP-XxdwPgNq26ALJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTgxMTYwODU1NjM5NDMwNjnIAQmpAggA_7J41bE-qAMBqgTrAU_QVriZwjs_jt_Ais2l7bIY0vIzEbyJuFOri47WRP67bRnruTciTOVK_9ffvqQF1CiKuEycfNTKv2z5xgqLvsesMGXyNFk8B94G3-fELajr9_GRSu4TCjP9vY0BSe_3qvRC8zxia4JoIStRI2k7g1z0aKWkQowZy2SgRrZLubWkWKgjSToHcglNAXcURC1TIb8TOIqpdgB2vTpKkHfjxx9f69AJlEpwrsvT3Jn4OxSjNZltCiKOU1XZci3TW5E7rWcdd7X9SArki3Tc2fnsJao9imrdWYJhHFLWFli_jrA4Whp-GTY7El4QNtqABuuRn9nH_b-C0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tlYNyByevbXgpNUk57UhzJuyu0A%26client%3Dca-pub-8116085563943069%26adurl%3D
200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y5nlUQAONGUFkUv_AA2tALCpGwpfZV4axKEBsg&u=%7C2j%2FvPbNdQrgbPw9qmjt40d9SN4eh8Ge7GliN%2F13EnW0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TyHgKyU7CHfZbIqo3eOHzDXVDhH7lDfWgjT4Ljb_g3_TskQOPlgvPmWt5RRerXF4zEEbHNOLaLZTWNgEWCa9H177hv1M0ZzHZ_glTvt2I2URHRsfePxzdv2g8CTMuwIag82t-434HS35YCaiYxZ8dquIn9vVDf6cx_YBrm3btauVj47D2wnzSn6-kmWxRqj8uyhaDow5k5Skn1KrQ44_M7bGlUe8LSO6U1JJN-bM7TNBULMVA5AuO-b1ktlF2QnOzeV-EW4pHyds4T_U6IjjOSsjqAczR7yjOl07IhXfCBobFZzIF8Tm1ftXANtWzHw_8rF_F3W5VZOvSp_XwCUVQOpSRimQDNuSGPRkO0s1UsywNhhhWckaOA-JpGHISBWa9ngop7w3z69DPdE4zxKNlxvclT7xhVhUUttvLIyDsuW2hKtYQLYzV-DLZMj8GbXtXnBEnX_vEAHP3Gls1sLMga-7ek_d7sRrRAS0s_m3JNcKUPUnV_PKJbjpxZAW9L3zKg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCT9TVUeWZY-XoOP-XxdwPgNq26ALJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTgxMTYwODU1NjM5NDMwNjnIAQmpAggA_7J41bE-qAMBqgTrAU_QVriZwjs_jt_Ais2l7bIY0vIzEbyJuFOri47WRP67bRnruTciTOVK_9ffvqQF1CiKuEycfNTKv2z5xgqLvsesMGXyNFk8B94G3-fELajr9_GRSu4TCjP9vY0BSe_3qvRC8zxia4JoIStRI2k7g1z0aKWkQowZy2SgRrZLubWkWKgjSToHcglNAXcURC1TIb8TOIqpdgB2vTpKkHfjxx9f69AJlEpwrsvT3Jn4OxSjNZltCiKOU1XZci3TW5E7rWcdd7X9SArki3Tc2fnsJao9imrdWYJhHFLWFli_jrA4Whp-GTY7El4QNtqABuuRn9nH_b-C0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tlYNyByevbXgpNUk57UhzJuyu0A%26client%3Dca-pub-8116085563943069%26adurl%3D
IP
GET /delivery/r/afr.php?z=Y5nlUQAONGUFkUv_AA2tALCpGwpfZV4axKEBsg&u=%7C2j%2FvPbNdQrgbPw9qmjt40d9SN4eh8Ge7GliN%2F13EnW0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TyHgKyU7CHfZbIqo3eOHzDXVDhH7lDfWgjT4Ljb_g3_TskQOPlgvPmWt5RRerXF4zEEbHNOLaLZTWNgEWCa9H177hv1M0ZzHZ_glTvt2I2URHRsfePxzdv2g8CTMuwIag82t-434HS35YCaiYxZ8dquIn9vVDf6cx_YBrm3btauVj47D2wnzSn6-kmWxRqj8uyhaDow5k5Skn1KrQ44_M7bGlUe8LSO6U1JJN-bM7TNBULMVA5AuO-b1ktlF2QnOzeV-EW4pHyds4T_U6IjjOSsjqAczR7yjOl07IhXfCBobFZzIF8Tm1ftXANtWzHw_8rF_F3W5VZOvSp_XwCUVQOpSRimQDNuSGPRkO0s1UsywNhhhWckaOA-JpGHISBWa9ngop7w3z69DPdE4zxKNlxvclT7xhVhUUttvLIyDsuW2hKtYQLYzV-DLZMj8GbXtXnBEnX_vEAHP3Gls1sLMga-7ek_d7sRrRAS0s_m3JNcKUPUnV_PKJbjpxZAW9L3zKg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCT9TVUeWZY-XoOP-XxdwPgNq26ALJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTgxMTYwODU1NjM5NDMwNjnIAQmpAggA_7J41bE-qAMBqgTrAU_QVriZwjs_jt_Ais2l7bIY0vIzEbyJuFOri47WRP67bRnruTciTOVK_9ffvqQF1CiKuEycfNTKv2z5xgqLvsesMGXyNFk8B94G3-fELajr9_GRSu4TCjP9vY0BSe_3qvRC8zxia4JoIStRI2k7g1z0aKWkQowZy2SgRrZLubWkWKgjSToHcglNAXcURC1TIb8TOIqpdgB2vTpKkHfjxx9f69AJlEpwrsvT3Jn4OxSjNZltCiKOU1XZci3TW5E7rWcdd7X9SArki3Tc2fnsJao9imrdWYJhHFLWFli_jrA4Whp-GTY7El4QNtqABuuRn9nH_b-C0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tlYNyByevbXgpNUk57UhzJuyu0A%26client%3Dca-pub-8116085563943069%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 15:01:37 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=LUlRPDMiMGqlmFyMxG3zcWIALr-APxi2wNkIJbEaW7060Ab_tDOllU5Qpqb4jmB3XQLz9JhkvBl2gClQCA_ZZqcqz1QluLZKYwHbRBOCkdxRFAw60oNTx4Cgrh9hIYDr8As0uBUJU2whF9FB9CWmKwAAXZUphw7OQ247U3AlwRDf2EwqyUJcT4lDDRjw3Y1m_nARxzxIxFbA4w_p7_yn-QiR8RxUHujfq_xV4uBmrB2x-d6XppAJ7vZSBuboRI494S-QfA"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 76374542
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y5nlUQAN9k4KspQDAASYdncfPkdIaSloSZj2og&u=%7C2j%2FvPbNdQrjDgQOzlmzuvO2NgQt%2Fkv9pypbZsR8tACg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANVoEdisV7DxsKoZ_B5KwGvVd_8mB6tue92BS4UuKc-UiscukFuZnHXvGxYYCd1r3co7tfbJwYkEDyTymNBt-m5jvqQmowGEHtEWYSwRr5WX18L8BHPkpputthJ-sn8C6gM1EYnckIiyF430fA7oQLyIYuWM6InwgdJfTbuY4RwUJiYcuw7_7M2Dn88X_Qgd5fEjmRMicfHlDnrL3RId3Ag0T5Rrjc1dLObkewypV72lXUbvhF0onGFjrf2GMbLFHhzA0TpAvUnJ7RMct1Ege3dMUch_5JvLoXorDNRnaXHXSdaNFzZl_HAcRsSa_X83jEDgpWCPCiSBaB1gBjhs614JrPghwCWYRRHhGjCobBni3tz2uo0mH9tZHZd_b_KjeqfiriNOuclJKfbiW41Okrd_L3wwknj8bi5TjMAuwF0pBy-8EXVcRCZpuHT8vsWkk41qf2sXgD6Bh8_I0F7Q2mkxiErUd9nwC_PBOHxbQcYsVp4XaJdnLpXY9XdBNs-dzfmIY4DYMlsAX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa213UeWZY87sN4OoygX2sJKIC8me0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItODExNjA4NTU2Mzk0MzA2OcgBCakCCAD_snjVsT6oAwGqBOoBT9BFXP6KKhBDB0acvlB65_Jx1wnYy1VX1uyWFEySbWQavKE8uhzzxz6ZI6NHbho9n_FbZ4BABi22C67ARAAhG8AEwSWZBPReNJT-kPMKGjJpmrYhCsF4HWcJGhGjKKBZ6vbQAiNIBuu1cdyLxV8nj13QY7cFe3a1lVQgsWdEz6DGetBUChp9CZ9m9bA2IGPkJT9isZVYhCwNo07c14XPmauJoPnPeAwCso0q2h3U6LQ4K66XRfs5kj5tAx-DQa08x2-8T9EuXQ7IBbaUIRloP1JaJ7L9mIEJ3a3tPV8mdkwJooPmqHaVidDNgAa8-MjZiIygtuYBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1od0v_sNP2YzBSkeH6xk912fouvg%26client%3Dca-pub-8116085563943069%26adurl%3D
200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y5nlUQAN9k4KspQDAASYdncfPkdIaSloSZj2og&u=%7C2j%2FvPbNdQrjDgQOzlmzuvO2NgQt%2Fkv9pypbZsR8tACg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANVoEdisV7DxsKoZ_B5KwGvVd_8mB6tue92BS4UuKc-UiscukFuZnHXvGxYYCd1r3co7tfbJwYkEDyTymNBt-m5jvqQmowGEHtEWYSwRr5WX18L8BHPkpputthJ-sn8C6gM1EYnckIiyF430fA7oQLyIYuWM6InwgdJfTbuY4RwUJiYcuw7_7M2Dn88X_Qgd5fEjmRMicfHlDnrL3RId3Ag0T5Rrjc1dLObkewypV72lXUbvhF0onGFjrf2GMbLFHhzA0TpAvUnJ7RMct1Ege3dMUch_5JvLoXorDNRnaXHXSdaNFzZl_HAcRsSa_X83jEDgpWCPCiSBaB1gBjhs614JrPghwCWYRRHhGjCobBni3tz2uo0mH9tZHZd_b_KjeqfiriNOuclJKfbiW41Okrd_L3wwknj8bi5TjMAuwF0pBy-8EXVcRCZpuHT8vsWkk41qf2sXgD6Bh8_I0F7Q2mkxiErUd9nwC_PBOHxbQcYsVp4XaJdnLpXY9XdBNs-dzfmIY4DYMlsAX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa213UeWZY87sN4OoygX2sJKIC8me0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItODExNjA4NTU2Mzk0MzA2OcgBCakCCAD_snjVsT6oAwGqBOoBT9BFXP6KKhBDB0acvlB65_Jx1wnYy1VX1uyWFEySbWQavKE8uhzzxz6ZI6NHbho9n_FbZ4BABi22C67ARAAhG8AEwSWZBPReNJT-kPMKGjJpmrYhCsF4HWcJGhGjKKBZ6vbQAiNIBuu1cdyLxV8nj13QY7cFe3a1lVQgsWdEz6DGetBUChp9CZ9m9bA2IGPkJT9isZVYhCwNo07c14XPmauJoPnPeAwCso0q2h3U6LQ4K66XRfs5kj5tAx-DQa08x2-8T9EuXQ7IBbaUIRloP1JaJ7L9mIEJ3a3tPV8mdkwJooPmqHaVidDNgAa8-MjZiIygtuYBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1od0v_sNP2YzBSkeH6xk912fouvg%26client%3Dca-pub-8116085563943069%26adurl%3D
IP
GET /delivery/r/afr.php?z=Y5nlUQAN9k4KspQDAASYdncfPkdIaSloSZj2og&u=%7C2j%2FvPbNdQrjDgQOzlmzuvO2NgQt%2Fkv9pypbZsR8tACg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANVoEdisV7DxsKoZ_B5KwGvVd_8mB6tue92BS4UuKc-UiscukFuZnHXvGxYYCd1r3co7tfbJwYkEDyTymNBt-m5jvqQmowGEHtEWYSwRr5WX18L8BHPkpputthJ-sn8C6gM1EYnckIiyF430fA7oQLyIYuWM6InwgdJfTbuY4RwUJiYcuw7_7M2Dn88X_Qgd5fEjmRMicfHlDnrL3RId3Ag0T5Rrjc1dLObkewypV72lXUbvhF0onGFjrf2GMbLFHhzA0TpAvUnJ7RMct1Ege3dMUch_5JvLoXorDNRnaXHXSdaNFzZl_HAcRsSa_X83jEDgpWCPCiSBaB1gBjhs614JrPghwCWYRRHhGjCobBni3tz2uo0mH9tZHZd_b_KjeqfiriNOuclJKfbiW41Okrd_L3wwknj8bi5TjMAuwF0pBy-8EXVcRCZpuHT8vsWkk41qf2sXgD6Bh8_I0F7Q2mkxiErUd9nwC_PBOHxbQcYsVp4XaJdnLpXY9XdBNs-dzfmIY4DYMlsAX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa213UeWZY87sN4OoygX2sJKIC8me0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItODExNjA4NTU2Mzk0MzA2OcgBCakCCAD_snjVsT6oAwGqBOoBT9BFXP6KKhBDB0acvlB65_Jx1wnYy1VX1uyWFEySbWQavKE8uhzzxz6ZI6NHbho9n_FbZ4BABi22C67ARAAhG8AEwSWZBPReNJT-kPMKGjJpmrYhCsF4HWcJGhGjKKBZ6vbQAiNIBuu1cdyLxV8nj13QY7cFe3a1lVQgsWdEz6DGetBUChp9CZ9m9bA2IGPkJT9isZVYhCwNo07c14XPmauJoPnPeAwCso0q2h3U6LQ4K66XRfs5kj5tAx-DQa08x2-8T9EuXQ7IBbaUIRloP1JaJ7L9mIEJ3a3tPV8mdkwJooPmqHaVidDNgAa8-MjZiIygtuYBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1od0v_sNP2YzBSkeH6xk912fouvg%26client%3Dca-pub-8116085563943069%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 15:01:37 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=k30ykDMiMGqlmFyM1EHXEQzSxWCoryLaOig-dg46Knlx0Jt8yPraG4MOHTqch9ei61oubnr_edLTgAkIQ_9Uwri-sy4kybZ-qp3fThJGkfoMUb4UuWEjdn_iqGlg4ODXFng-9FVwQqL5m9huQK4_xiBpTBx44HhUEuBjeZTSXBV0nLkNslSazOS9wQAYyqc2tVb9-0MpYK2wFQsw03FpEhL_X9MmMCtegf5ld3MBCREeNYVtAPf579Ro_lmI2GxeLnE4bg"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 145773435
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:400%7CMontserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato:400%7CMontserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
IP
GET /css?family=Lato:400%7CMontserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Dec 2022 15:01:38 GMT
date: Wed, 14 Dec 2022 15:01:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=6399e55119f6e328c372ee7229ef91e9
302 Found 0 B URL HTTP/2 a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=6399e55119f6e328c372ee7229ef91e9
IP
GET /adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=6399e55119f6e328c372ee7229ef91e9 HTTP/1.1
Host: a1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 14 Dec 2022 15:01:38 GMT
content-type: text/html; charset=utf-8
location: https://mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=48795&adfrmid=0
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/adchoices_en.svg
200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/adchoices_en.svg
IP
GET /flash/icon/adchoices_en.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 15:01:38 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
etag: W/"5e42b9ee-759"
expires: Sat, 09 Dec 2023 15:01:38 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=GZQ0wPnTBSVdD-mFds6_mLz8BV8JWIp6-tV0MotxKtyPdB7JtKnaBo8nkKifg-tqAySWIhbWV1KNh2N07CPoGpD6K2q1XbdhfYy_zc75-dX3GSNEVjgjVDNy5hSDiIwL_eSon8zpNfe5l7X8m4Z8ky1quJ7v2bVe7cmzYyxLcF3UkHCQO06d298b5piqzRpdiX0NYS6-LUoKtc7gGl0nEhldmq_-VtIeL66YigLZign8jqh0rXYLjSY_Oyf-Tsq8bKF9wUQsFskMneYZpCJsugSk3uOD6uBZGxluj7YwgP8pyo00MM-0C1YPKTKNlE_3LvOYQnBTcD0-UE9b6n9xv9Z6noKE8kY3wbubCm4STBrOM1jL80x-iuBZds-fTPZd2PNfuc509PJahzG0IgQ4_IVh7-IFIUpJx_bEw0M4ubiH2_m_
200 OK 0 B URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=GZQ0wPnTBSVdD-mFds6_mLz8BV8JWIp6-tV0MotxKtyPdB7JtKnaBo8nkKifg-tqAySWIhbWV1KNh2N07CPoGpD6K2q1XbdhfYy_zc75-dX3GSNEVjgjVDNy5hSDiIwL_eSon8zpNfe5l7X8m4Z8ky1quJ7v2bVe7cmzYyxLcF3UkHCQO06d298b5piqzRpdiX0NYS6-LUoKtc7gGl0nEhldmq_-VtIeL66YigLZign8jqh0rXYLjSY_Oyf-Tsq8bKF9wUQsFskMneYZpCJsugSk3uOD6uBZGxluj7YwgP8pyo00MM-0C1YPKTKNlE_3LvOYQnBTcD0-UE9b6n9xv9Z6noKE8kY3wbubCm4STBrOM1jL80x-iuBZds-fTPZd2PNfuc509PJahzG0IgQ4_IVh7-IFIUpJx_bEw0M4ubiH2_m_
IP
GET /delivery/lg.php?cppv=3&cpp=GZQ0wPnTBSVdD-mFds6_mLz8BV8JWIp6-tV0MotxKtyPdB7JtKnaBo8nkKifg-tqAySWIhbWV1KNh2N07CPoGpD6K2q1XbdhfYy_zc75-dX3GSNEVjgjVDNy5hSDiIwL_eSon8zpNfe5l7X8m4Z8ky1quJ7v2bVe7cmzYyxLcF3UkHCQO06d298b5piqzRpdiX0NYS6-LUoKtc7gGl0nEhldmq_-VtIeL66YigLZign8jqh0rXYLjSY_Oyf-Tsq8bKF9wUQsFskMneYZpCJsugSk3uOD6uBZGxluj7YwgP8pyo00MM-0C1YPKTKNlE_3LvOYQnBTcD0-UE9b6n9xv9Z6noKE8kY3wbubCm4STBrOM1jL80x-iuBZds-fTPZd2PNfuc509PJahzG0IgQ4_IVh7-IFIUpJx_bEw0M4ubiH2_m_ HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 15:01:38 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3520737
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/criteo_logo_2021.svg
200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/criteo_logo_2021.svg
IP
GET /flash/icon/criteo_logo_2021.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 15:01:38 GMT
content-type: image/svg+xml
last-modified: Thu, 27 May 2021 13:21:59 GMT
etag: W/"60af9cf7-891"
expires: Sat, 09 Dec 2023 15:01:38 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=pRi2hXxNsy-yKT2QHB61fxqL7WicMnxWC9u9WNMJpQtPPC0FpzxiI6fRzkfhYbhaqBt_FrShJfml3ONvfXWq0I-hXrnGA0gE9inuWap6BQ8iUsExWjMyu_TOiENBisXURnxMeJtZiUkR2LdsY-yFNG5Hv4uU93kIBcgrEm94xW2K2csRDbwBMXJPOmW5khIPygBDmGasrWAiGIpFURPgWB4M90tEldKilT53dlKWDFdLJGBOJbR6ETNvqq2TUhykerFdsYzdLKkm15pPVcLlOJfTeCdk5JS0fTep3D6OvRchxXj_tJRt2SczZO8OU2cgB0AzUUU_AJnX7uY0Oyi-oMOpnUSLdilko7cJUcbkwXY8wQBNbxrMsaLqifgC_O2wKUG3GHoPu8uwScA9j_wlZKf4tobt9wQiimarZhOUzxdXYJLZ-oEmNmKZrQHKBk60jz6AGg
200 OK 0 B URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=pRi2hXxNsy-yKT2QHB61fxqL7WicMnxWC9u9WNMJpQtPPC0FpzxiI6fRzkfhYbhaqBt_FrShJfml3ONvfXWq0I-hXrnGA0gE9inuWap6BQ8iUsExWjMyu_TOiENBisXURnxMeJtZiUkR2LdsY-yFNG5Hv4uU93kIBcgrEm94xW2K2csRDbwBMXJPOmW5khIPygBDmGasrWAiGIpFURPgWB4M90tEldKilT53dlKWDFdLJGBOJbR6ETNvqq2TUhykerFdsYzdLKkm15pPVcLlOJfTeCdk5JS0fTep3D6OvRchxXj_tJRt2SczZO8OU2cgB0AzUUU_AJnX7uY0Oyi-oMOpnUSLdilko7cJUcbkwXY8wQBNbxrMsaLqifgC_O2wKUG3GHoPu8uwScA9j_wlZKf4tobt9wQiimarZhOUzxdXYJLZ-oEmNmKZrQHKBk60jz6AGg
IP
GET /delivery/lg.php?cppv=3&cpp=pRi2hXxNsy-yKT2QHB61fxqL7WicMnxWC9u9WNMJpQtPPC0FpzxiI6fRzkfhYbhaqBt_FrShJfml3ONvfXWq0I-hXrnGA0gE9inuWap6BQ8iUsExWjMyu_TOiENBisXURnxMeJtZiUkR2LdsY-yFNG5Hv4uU93kIBcgrEm94xW2K2csRDbwBMXJPOmW5khIPygBDmGasrWAiGIpFURPgWB4M90tEldKilT53dlKWDFdLJGBOJbR6ETNvqq2TUhykerFdsYzdLKkm15pPVcLlOJfTeCdk5JS0fTep3D6OvRchxXj_tJRt2SczZO8OU2cgB0AzUUU_AJnX7uY0Oyi-oMOpnUSLdilko7cJUcbkwXY8wQBNbxrMsaLqifgC_O2wKUG3GHoPu8uwScA9j_wlZKf4tobt9wQiimarZhOUzxdXYJLZ-oEmNmKZrQHKBk60jz6AGg HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 15:01:38 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3839655
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy_small.svg
200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy_small.svg
IP
GET /flash/icon/privacy_small.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 15:01:38 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
etag: W/"5e42ba84-6aa"
expires: Sat, 09 Dec 2023 15:01:38 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
172.217.21.161
93.184.220.29
178.250.0.139
104.17.25.14
37.157.5.142
23.36.76.226