r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2198
Expires: Thu, 02 Feb 2023 05:18:43 GMT
Date: Thu, 02 Feb 2023 04:42:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3412
Expires: Thu, 02 Feb 2023 05:38:57 GMT
Date: Thu, 02 Feb 2023 04:42:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 03:43:28 GMT
content-type: application/json
age: 3517
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15671
Expires: Thu, 02 Feb 2023 09:03:16 GMT
Date: Thu, 02 Feb 2023 04:42:05 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: VVsiu+1EktKGRMKF4ge1Ywknd0AHwPJk6dWkK9dxACK6pKsRPCg5sVcqknyXUwNrbFM72dmoBDI=
x-amz-request-id: R6BTGFK5J9GAB84T
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 04:22:56 GMT
age: 1149
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 04:42:05 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 04:41:43 GMT
age: 22
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21015
Expires: Thu, 02 Feb 2023 10:32:20 GMT
Date: Thu, 02 Feb 2023 04:42:05 GMT
Connection: keep-alive
map1malaysia.blogspot.com/2012/07
142.250.74.1200 OK 42 kB URL HTTP/1.1 map1malaysia.blogspot.com/2012/07
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (582)
Hash f83e7381b8a5a06feff6d4ce85e75cf9
6db2a16b0713ad08a916e88c030f3814510f1a15
a6dbfcdfc498eff6761a7e22f5032a6f1fe8f3184bee4a262c195e0c62a9c5e1
Analyzer Verdict Alert fortinet Malware
GET /2012/07 HTTP/1.1
Host: map1malaysia.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Thu, 02 Feb 2023 04:42:05 GMT
Date: Thu, 02 Feb 2023 04:42:05 GMT
Cache-Control: private, max-age=0
Last-Modified: Sat, 17 Dec 2022 10:24:36 GMT
ETag: W/"06babafb04ad1e5cf508ac914e6618410d3d955875237bb13bd5603403eab837"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 42229
Server: GSE
pagead2.googlesyndication.com/pagead/show_ads.js
142.250.74.66200 OK 37 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/show_ads.js
IP 142.250.74.66:0
File type ASCII text, with very long lines (3594)
Hash 67ee4fa85bbcf6268145d2a7cc80866e
ce8d0f2635fc51c4b79a0f61adb8a74b219765df
742dc4d021042646fa4706121e947e05c07e996843f60d6b353cfbd67f9bef10
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Thu, 02 Feb 2023 04:42:06 GMT
Expires: Thu, 02 Feb 2023 04:42:06 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 3037868968991810506
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 36587
X-XSS-Protection: 0
push.services.mozilla.com/
54.70.239.215101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.70.239.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 576pFe0STlxB7azji2GMTg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dSLYj1I9wuSXiUBFrE/NIrIe9YM=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3d29f78f39e32e907ddeeb9cddb2460e
79697c5da8c1a7f0a8c1e4e73c155695ea7a4fce
d5161650375a0a70a98fd4b3f2f2d2d8150133d6cb1722a1dc64973a0ad42934
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.66200 OK 53 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.66:0
File type ASCII text, with very long lines (4879)
Hash b599ae1730d33c34286567102e7771a0
e61e212034479d332b3aebe406a540e86473707f
b194335d078d4ef688176571f54c54d45880600c7fde0d3fa85430887204cd74
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Thu, 02 Feb 2023 04:42:06 GMT
Expires: Thu, 02 Feb 2023 04:42:06 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 3677917011589503857
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 52732
X-XSS-Protection: 0
map1malaysia.blogspot.com/js/cookienotice.js
142.250.74.1200 OK 2.0 kB URL HTTP/1.1 map1malaysia.blogspot.com/js/cookienotice.js
IP 142.250.74.1:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: map1malaysia.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/2012/07
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 27 Jan 2023 18:32:16 GMT
Expires: Fri, 03 Feb 2023 18:32:16 GMT
Cache-Control: public, max-age=604800
Last-Modified: Fri, 27 Jan 2023 16:51:52 GMT
Content-Type: text/javascript
Age: 468590
apis.google.com/js/platform.js
172.217.21.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1429)
Hash 2354fa28c58e16af89e7da6224aeca93
6bd3430a81730ed77c5d53f5406ddb40306ecabd
dc35ae752b7be035bd3a3bd4ae205e41afce5fa8f88e1bfe0e9524610df10f3b
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20950
date: Thu, 02 Feb 2023 04:42:06 GMT
expires: Thu, 02 Feb 2023 04:42:06 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "03884666a30c671f"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3d29f78f39e32e907ddeeb9cddb2460e
79697c5da8c1a7f0a8c1e4e73c155695ea7a4fce
d5161650375a0a70a98fd4b3f2f2d2d8150133d6cb1722a1dc64973a0ad42934
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/1149436903-widgets.js
216.58.207.233200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1149436903-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash b78721b4cce75b522d9ec0d1fae9e007
4ceaa4752e3e81867193004fe928875abc0af5ce
e85f67824ac9f31deedecf0b1d58878b6b3993bad9f2b48e8312928154012f06
GET /static/v1/widgets/1149436903-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 02:15:05 GMT
expires: Thu, 01 Feb 2024 02:15:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 23:23:14 GMT
content-type: text/javascript
age: 95221
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img1.blogblog.com/img/icon18_email.gif
216.58.207.233200 OK 164 B URL HTTP/1.1 img1.blogblog.com/img/icon18_email.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 18 x 13\012- data
Hash 36b9f993db1b953f3b9b08040aaf9af4
18248661b307586dc291fd2dff4bb59cf7579475
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
GET /img/icon18_email.gif HTTP/1.1
Host: img1.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 164
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 02 Feb 2023 03:43:54 GMT
Expires: Thu, 09 Feb 2023 03:43:54 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 01 Feb 2023 10:52:25 GMT
Content-Type: image/gif
Age: 3492
resources.blogblog.com/img/icon18_edit_allbkg.gif
216.58.207.233200 OK 162 B URL HTTP/2 resources.blogblog.com/img/icon18_edit_allbkg.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 20:56:35 GMT
expires: Wed, 08 Feb 2023 20:56:35 GMT
cache-control: public, max-age=604800
last-modified: Wed, 01 Feb 2023 17:54:33 GMT
content-type: image/gif
age: 27931
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s7.addthis.com/js/250/addthis_widget.js
23.38.200.123308 Permanent Redirect 171 B URL HTTP/1.1 s7.addthis.com/js/250/addthis_widget.js
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3c417e9efbcaeb3bf7e7df75cf3b22fd
00465aec6b8ec302eae8abb99678fc5c09c3f343
21bd143d38dbbae427615a7266a86a18dc95c417f3e510632d7a9180d98d3571
GET /js/250/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
HTTP/1.1 308 Permanent Redirect
Server: nginx/1.15.8
Content-Type: text/html
Content-Length: 171
Location: https://s7.addthis.com/js/250/addthis_widget.js
Date: Thu, 02 Feb 2023 04:42:06 GMT
Connection: keep-alive
X-Distribution: 99
X-Host: s7.addthis.com
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3d29f78f39e32e907ddeeb9cddb2460e
79697c5da8c1a7f0a8c1e4e73c155695ea7a4fce
d5161650375a0a70a98fd4b3f2f2d2d8150133d6cb1722a1dc64973a0ad42934
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 737fb1a7e54ea78dd56b4ac44a2c1de8
4fc7537db04c8cedc6a98ea38cfcaa6ba5c8a3a7
596cb4e532b0f523b844981b7e60fba87eb3a904b0a40dfdc3802a02650f790e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.66200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.66:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Wed, 01 Feb 2023 12:42:13 GMT
Expires: Wed, 15 Feb 2023 12:42:13 GMT
Cache-Control: public, max-age=1209600
Age: 57593
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs
172.217.21.174200 OK 61 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs
IP 172.217.21.174:0
File type ASCII text, with very long lines (1448)
Hash 62f98a42acaa85f40e228f65e5ee2361
a41c1755a6a2708340b74638f11ebdeed8e977db
54acbd2f18406888cbe8ee3fc76b512081c7c1c0102a4b1f7eef6cd11fc60f15
GET /_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 60741
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 02:19:07 GMT
expires: Fri, 02 Feb 2024 02:19:07 GMT
cache-control: public, max-age=31536000
age: 8579
last-modified: Sat, 07 Jan 2023 15:19:07 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
map1malaysia.blogspot.com/b/csi.js?h=OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso
142.250.74.1200 OK 21 kB URL HTTP/1.1 map1malaysia.blogspot.com/b/csi.js?h=OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso
IP 142.250.74.1:0
File type ASCII text, with very long lines (14652)
Hash 8ef118c9f79cd61c742b0b35d233fa56
8747af34d916c4343d70695152a87e7c0989bf84
b70960ffdf87c2b22538f137f695bed0e5c59d7e403953aba148a78895a9e6fe
Analyzer Verdict Alert fortinet Malware
GET /b/csi.js?h=OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso HTTP/1.1
Host: map1malaysia.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/2012/07
HTTP/1.1 200 OK
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 02 Feb 2023 04:42:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 20712
Server: GSE
www.blogblog.com/1kt/travel/bg_black_50.png
216.58.207.233200 OK 83 B URL HTTP/1.1 www.blogblog.com/1kt/travel/bg_black_50.png
IP 216.58.207.233:0
File type PNG image data, 5 x 5, 8-bit/color RGBA, interlaced\012- data
Hash f7417b83fa976977f788364905aa5dd7
a6ede06565a88ef03ca33ad1b40a3c43e6c7f91f
8ad5d8cd8999e56275e12e5a5325b108bd15146fefe072af726fffecfe6ab862
GET /1kt/travel/bg_black_50.png HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 83
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 30 Jan 2023 16:13:36 GMT
Expires: Mon, 06 Feb 2023 16:13:36 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 30 Jan 2023 12:52:28 GMT
Content-Type: image/png
Age: 217710
www.linkwithin.com/widget.js
3.19.188.212404 Not Found 162 B URL HTTP/1.1 www.linkwithin.com/widget.js
IP 3.19.188.212:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1b7c22a214949975556626d7217e9a39
d01c97e2944166ed23e47e4a62ff471ab8fa031f
340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
GET /widget.js HTTP/1.1
Host: www.linkwithin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 02 Feb 2023 04:42:06 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3d29f78f39e32e907ddeeb9cddb2460e
79697c5da8c1a7f0a8c1e4e73c155695ea7a4fce
d5161650375a0a70a98fd4b3f2f2d2d8150133d6cb1722a1dc64973a0ad42934
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s7.addthis.com/js/250/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/250/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116326 bytes)
Hash 059926d46e16e89dcedf50ed90a5866e
3c418a1b52b0e62e3d07ac2cf435eb94d3ba87d0
f378a60cba395231f31f959f575f014dddc8e6eb786294b5aadf7862dd250404
GET /js/250/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://map1malaysia.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
content-encoding: gzip
content-length: 116326
date: Thu, 02 Feb 2023 04:42:06 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
4.bp.blogspot.com/-16ctQQyW-Og/UA92T3A-WDI/AAAAAAAABs0/Aq9TSYvnz-o/s400/bazaar-ramadhan.jpg
142.250.74.161200 OK 52 kB URL HTTP/1.1 4.bp.blogspot.com/-16ctQQyW-Og/UA92T3A-WDI/AAAAAAAABs0/Aq9TSYvnz-o/s400/bazaar-ramadhan.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x268, components 3\012- data
Hash d29dc88b56678b5d774dbf99fabb92cd
caf6cb8e0ea5da54e56d97a67ff2d8128cb8f86d
4ca04baaf7163bad0183fd25b7ccab6424cef4ab95e624ac33dc4b41683a51ef
GET /-16ctQQyW-Og/UA92T3A-WDI/AAAAAAAABs0/Aq9TSYvnz-o/s400/bazaar-ramadhan.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1774"
Expires: Fri, 03 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="bazaar-ramadhan.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 02 Feb 2023 04:42:06 GMT
Server: fife
Content-Length: 52058
X-XSS-Protection: 0
4.bp.blogspot.com/-i90GV8_OOI4/UBNWMKFIFEI/AAAAAAAABv8/JzO6g1M7nvw/s400/anm.jpg
142.250.74.161200 OK 54 kB URL HTTP/1.1 4.bp.blogspot.com/-i90GV8_OOI4/UBNWMKFIFEI/AAAAAAAABv8/JzO6g1M7nvw/s400/anm.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 315x360, components 3\012- data
Hash 1dddf824953c541b15fc7125e6a98966
cf1f694687f9c6b9c126fa99096a762d2beab411
6af2551eaa0237860f54cf6c01c07ee38d4791282e251feafe7f49775d3b9592
GET /-i90GV8_OOI4/UBNWMKFIFEI/AAAAAAAABv8/JzO6g1M7nvw/s400/anm.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1774"
Expires: Fri, 03 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="anm.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 02 Feb 2023 04:42:06 GMT
Server: fife
Content-Length: 54376
X-XSS-Protection: 0
www.blogblog.com/1kt/travel/bg_black_70.png
216.58.207.233200 OK 84 B URL HTTP/1.1 www.blogblog.com/1kt/travel/bg_black_70.png
IP 216.58.207.233:0
File type PNG image data, 5 x 5, 8-bit/color RGBA, interlaced\012- data
Hash 4fc6c14642616095c0b1c90baa826951
25cacf250fad4290661fe8849069769f4eb40aba
4f01951293a11116b89b6e19f70cb9b72b2e3a68b2005c75d1d9b8e7b85eb35a
GET /1kt/travel/bg_black_70.png HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 84
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 28 Jan 2023 13:53:40 GMT
Expires: Sat, 04 Feb 2023 13:53:40 GMT
Cache-Control: public, max-age=604800
Last-Modified: Sat, 28 Jan 2023 09:52:21 GMT
Content-Type: image/png
Age: 398906
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.linkwithin.com/pixel.png
3.19.188.212200 OK 83 B URL HTTP/1.1 www.linkwithin.com/pixel.png
IP 3.19.188.212:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash ca1dba98f5e46c0e7a1549b3d8af9b93
37284bda145ed93cee64997e3d6688cae7d98468
88021da4a13d993a2c94e4d8ddc9bd98b34985d806371e71e0531b37b8a0e081
GET /pixel.png HTTP/1.1
Host: www.linkwithin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 02 Feb 2023 04:42:06 GMT
Content-Type: image/png
Content-Length: 83
Last-Modified: Thu, 18 Jun 2020 22:02:28 GMT
Connection: keep-alive
ETag: "5eebe474-53"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 160ff46273e80b1a0523615a5a30b060
7ccdc86678b4cddb5b6c36e42e884ca11866ae59
0eb9af55430b8b3c5c429edae27548a210d638227ba2c23d29a715bc5b79a477
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20230131/r20190131/zrt_lookup.html
142.250.74.34200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230131/r20190131/zrt_lookup.html
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230131/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:39:37 GMT
expires: Thu, 16 Feb 2023 00:39:37 GMT
cache-control: public, max-age=1209600
age: 14549
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-GqtqpTiL6tA/UA3f1ygCpSI/AAAAAAAABso/Tu563V1gTeg/s400/Niah+Largest+limestone+cave+in+world.jpg
142.250.74.161200 OK 44 kB URL HTTP/1.1 1.bp.blogspot.com/-GqtqpTiL6tA/UA3f1ygCpSI/AAAAAAAABso/Tu563V1gTeg/s400/Niah+Largest+limestone+cave+in+world.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x300, components 3\012- data
Hash ba3f03648380c82be67bc6eb6af03848
94a04eeb3425b3ea4e035a41b9fa10f6ff5cd0c8
293042b9cd7cc6b9550bd0fd08eef2a02720fba8fd797a9e2fe2b645eda37b28
GET /-GqtqpTiL6tA/UA3f1ygCpSI/AAAAAAAABso/Tu563V1gTeg/s400/Niah+Largest+limestone+cave+in+world.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1774"
Expires: Fri, 03 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Niah Largest limestone cave in world.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 02 Feb 2023 04:42:06 GMT
Server: fife
Content-Length: 44149
X-XSS-Protection: 0
2.bp.blogspot.com/-APX-RM5xCA8/UAuovlu-tmI/AAAAAAAABr8/IPSiLlSPH1c/s400/kedai+rakyat+1malaysia.jpg
142.250.74.161200 OK 32 kB URL HTTP/1.1 2.bp.blogspot.com/-APX-RM5xCA8/UAuovlu-tmI/AAAAAAAABr8/IPSiLlSPH1c/s400/kedai+rakyat+1malaysia.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 363x336, components 3\012- data
Hash adb486dae07ad02e3fd6c683d9bc5d78
84a9c5a877e8df0683af56a5afb56910efb7fbe5
8c08fdc0bc261b77aebf8a40f11028418e421b9a91aa25ca281db805fdbc56c2
GET /-APX-RM5xCA8/UAuovlu-tmI/AAAAAAAABr8/IPSiLlSPH1c/s400/kedai+rakyat+1malaysia.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1774"
Expires: Fri, 03 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="kedai rakyat 1malaysia.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 02 Feb 2023 04:42:06 GMT
Server: fife
Content-Length: 32223
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3673498704421778&plah=map1malaysia.blogspot.com
142.250.74.66200 OK 121 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3673498704421778&plah=map1malaysia.blogspot.com
IP 142.250.74.66:0
File type ASCII text, with very long lines (3928)
Size 121 kB (120764 bytes)
Hash 567f59909aef19f3480bd664fbaf0311
2efd81d6949d9b16511272cc76f50a436b773567
c78de77cc5709bbd866104d553f83250015794ff43695e4f02b9870f93106a93
GET /pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3673498704421778&plah=map1malaysia.blogspot.com HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 02 Feb 2023 04:42:06 GMT
expires: Thu, 02 Feb 2023 04:42:06 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 12064360562720857705
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 120764
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-81J8rR1eN8U/UBNqso8CI9I/AAAAAAAABwo/4-HtYHnfgVU/s400/penang+2nd+bridge.jpg
142.250.74.161200 OK 38 kB URL HTTP/1.1 4.bp.blogspot.com/-81J8rR1eN8U/UBNqso8CI9I/AAAAAAAABwo/4-HtYHnfgVU/s400/penang+2nd+bridge.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x272, components 3\012- data
Hash 6639f9d68796cef2900a0bd9dc5250ed
b48b56ae213b3d58ed2341cdd43887510a67c364
7a1d95329a737a5e92e09ec31f34a960394ece51ed45c32fba31712c7b699b4f
GET /-81J8rR1eN8U/UBNqso8CI9I/AAAAAAAABwo/4-HtYHnfgVU/s400/penang+2nd+bridge.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1774"
Expires: Fri, 03 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="penang 2nd bridge.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 02 Feb 2023 04:42:06 GMT
Server: fife
Content-Length: 38484
X-XSS-Protection: 0
4.bp.blogspot.com/-itIPRwstTaY/UBNqrvyyw9I/AAAAAAAABwg/nKtOgMjhHGA/s400/penang+2nd+bridge+b.jpg
142.250.74.161200 OK 29 kB URL HTTP/1.1 4.bp.blogspot.com/-itIPRwstTaY/UBNqrvyyw9I/AAAAAAAABwg/nKtOgMjhHGA/s400/penang+2nd+bridge+b.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x262, components 3\012- data
Hash 5d1d40a0ec500f12b9ab53a66a328674
bbb9208af65f93bb03f704fe8833907487fc3270
e6bced66a300454f2e1c9c14c1590a4984d2dbba9d1f801f643e958ca5b9fc02
GET /-itIPRwstTaY/UBNqrvyyw9I/AAAAAAAABwg/nKtOgMjhHGA/s400/penang+2nd+bridge+b.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1774"
Expires: Fri, 03 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="penang 2nd bridge b.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 02 Feb 2023 04:42:06 GMT
Server: fife
Content-Length: 29057
X-XSS-Protection: 0
3.bp.blogspot.com/-Ge2gktUIReQ/UA3Iq9En1XI/AAAAAAAABsc/x7TkIzz7-kc/s400/ramadhan+sabah+2.jpg
142.250.74.161200 OK 51 kB URL HTTP/1.1 3.bp.blogspot.com/-Ge2gktUIReQ/UA3Iq9En1XI/AAAAAAAABsc/x7TkIzz7-kc/s400/ramadhan+sabah+2.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 400x300, components 3\012- data
Hash 4648bfd501dbf5150a834e6421d23e13
138cf3b35a274fa285a3855265abdaf25c411030
b0164236830541a98fd1ae36e44a4cdf4f80ce34187a40c4f5e364014d3c7cde
GET /-Ge2gktUIReQ/UA3Iq9En1XI/AAAAAAAABsc/x7TkIzz7-kc/s400/ramadhan+sabah+2.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1774"
Expires: Fri, 03 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="ramadhan sabah 2.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 02 Feb 2023 04:42:06 GMT
Server: fife
Content-Length: 51118
X-XSS-Protection: 0
lh3.googleusercontent.com/-3DB4dR-snQI/VnVNwlFlvnI/AAAAAAAAFD4/DlL0KH2BXts/w72-h72-p-k-no-nu/IMG-20151219-WA0002.jpg
142.250.74.97200 OK 4.0 kB URL HTTP/1.1 lh3.googleusercontent.com/-3DB4dR-snQI/VnVNwlFlvnI/AAAAAAAAFD4/DlL0KH2BXts/w72-h72-p-k-no-nu/IMG-20151219-WA0002.jpg
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 951a9e3277ff5a30c9fe690d52e7aa39
426deeaf0667cd290cb29fa04676fe8a50c46e06
5fe84ab39820c5d9f1945ec596f1a483dd77d8347b8c551a817f4a3d451c1aa3
GET /-3DB4dR-snQI/VnVNwlFlvnI/AAAAAAAAFD4/DlL0KH2BXts/w72-h72-p-k-no-nu/IMG-20151219-WA0002.jpg HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1440"
Expires: Fri, 03 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="IMG-20151219-WA0002.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 02 Feb 2023 04:42:06 GMT
Server: fife
Content-Length: 3998
X-XSS-Protection: 0
lh3.googleusercontent.com/-ZS_iaatqNH8/VoJkKB6dS_I/AAAAAAAAFfo/UJFcIIP8T6M/w72-h72-p-k-no-nu/IMG-20151229-WA0006.jpg
142.250.74.97200 OK 4.1 kB URL HTTP/1.1 lh3.googleusercontent.com/-ZS_iaatqNH8/VoJkKB6dS_I/AAAAAAAAFfo/UJFcIIP8T6M/w72-h72-p-k-no-nu/IMG-20151229-WA0006.jpg
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash dd505c1571474fc6cb4fffe6e5225d50
65897eefd6eb7a00fc5101572f878f3552ce81af
d752ef9317e4f487c71ea24974c974f035c1b648b9f07af7ba35bd2d47a7c4f7
GET /-ZS_iaatqNH8/VoJkKB6dS_I/AAAAAAAAFfo/UJFcIIP8T6M/w72-h72-p-k-no-nu/IMG-20151229-WA0006.jpg HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v15fc"
Expires: Fri, 03 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="IMG-20151229-WA0006.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 02 Feb 2023 04:42:06 GMT
Server: fife
Content-Length: 4089
X-XSS-Protection: 0
4.bp.blogspot.com/-1cOzlF5D4xk/UBNqrAodz-I/AAAAAAAABwY/tLx7w70X9jA/s400/jambatan+kedua+pulau+pinang.jpg
142.250.74.161200 OK 26 kB URL HTTP/1.1 4.bp.blogspot.com/-1cOzlF5D4xk/UBNqrAodz-I/AAAAAAAABwY/tLx7w70X9jA/s400/jambatan+kedua+pulau+pinang.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 316x325, components 3\012- data
Hash 74f36b291446b2eb1512f8e697abda44
9982449b5bea19c2308e737a51b9712cfc8c62fb
20b5004b5abbd79d29ba2f07e8231c22f9927447f3fa4197559d867f104751a7
GET /-1cOzlF5D4xk/UBNqrAodz-I/AAAAAAAABwY/tLx7w70X9jA/s400/jambatan+kedua+pulau+pinang.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1774"
Expires: Fri, 03 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="jambatan kedua pulau pinang.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 02 Feb 2023 04:42:06 GMT
Server: fife
Content-Length: 26414
X-XSS-Protection: 0
4.bp.blogspot.com/-7Icv-1Tqyns/UBNqteI4s0I/AAAAAAAABww/gauaGt26Wx0/s400/penang+ke+2.jpg
142.250.74.161200 OK 30 kB URL HTTP/1.1 4.bp.blogspot.com/-7Icv-1Tqyns/UBNqteI4s0I/AAAAAAAABww/gauaGt26Wx0/s400/penang+ke+2.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 336x225, components 3\012- data
Hash 300c0c35f7b50b6e218d11e0a988795d
dd1f19e4f62eab7df948332e92df30f06c3c01c2
4de271e8788fd1a14f8ab32e153d6184ea133b918afcba335dc6e1a1e8172acf
GET /-7Icv-1Tqyns/UBNqteI4s0I/AAAAAAAABww/gauaGt26Wx0/s400/penang+ke+2.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1774"
Expires: Fri, 03 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="penang ke 2.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 02 Feb 2023 04:42:06 GMT
Server: fife
Content-Length: 29954
X-XSS-Protection: 0
3.bp.blogspot.com/-JenTBLBoVZ4/UBDUaXI6QpI/AAAAAAAABuo/k9APluytqJI/s400/tanker+fire+labuan.jpg
142.250.74.161200 OK 26 kB URL HTTP/1.1 3.bp.blogspot.com/-JenTBLBoVZ4/UBDUaXI6QpI/AAAAAAAABuo/k9APluytqJI/s400/tanker+fire+labuan.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x300, components 3\012- data
Hash ca80ddf96e687855d1c2740cf22cb2f3
225fd8f05e0551a47073c5a334f4327f39e21064
2d94e9b577faa818f109e7aa963aab2b8854c2e6529695184e0b2890f6ea280a
GET /-JenTBLBoVZ4/UBDUaXI6QpI/AAAAAAAABuo/k9APluytqJI/s400/tanker+fire+labuan.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1774"
Expires: Fri, 03 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="tanker fire labuan.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 02 Feb 2023 04:42:06 GMT
Server: fife
Content-Length: 26147
X-XSS-Protection: 0
themes.googleusercontent.com/image?id=1YK_kIkypmbLpa7gdIiaw1FsCvT-gyA1MlyoCmSbDXblLJ1mXUvy0Y0W-SsOiDgK_OAMs
142.250.74.97301 Moved Permanently 0 B URL HTTP/1.1 themes.googleusercontent.com/image?id=1YK_kIkypmbLpa7gdIiaw1FsCvT-gyA1MlyoCmSbDXblLJ1mXUvy0Y0W-SsOiDgK_OAMs
IP 142.250.74.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /image?id=1YK_kIkypmbLpa7gdIiaw1FsCvT-gyA1MlyoCmSbDXblLJ1mXUvy0Y0W-SsOiDgK_OAMs HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 02 Feb 2023 04:42:06 GMT
Location: https://themes.googleusercontent.com/image?id=1YK_kIkypmbLpa7gdIiaw1FsCvT-gyA1MlyoCmSbDXblLJ1mXUvy0Y0W-SsOiDgK_OAMs
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4f34667467b2eddfb447e4cdfcda668d
7d1e5a685072668a72f6c91127b5c7358923e9cc
6b06650500b587bcb619b67528aac8370a9a5c79d3b2cb9f34711582526d90a7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-FESsdaJfBa0/UA_PdxJBAVI/AAAAAAAABtA/6K_BFq5E4f8/s400/tapak+bazar+ramadhan+MBI+Ipoh.jpg
142.250.74.161200 OK 51 kB URL HTTP/1.1 3.bp.blogspot.com/-FESsdaJfBa0/UA_PdxJBAVI/AAAAAAAABtA/6K_BFq5E4f8/s400/tapak+bazar+ramadhan+MBI+Ipoh.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x316, components 3\012- data
Hash 09628c4ae5b5bc554fd5b54a7f76d896
e506564e7b0e103538ce298d0cb4df62888ee54a
31b3e977387310cb94a34f2a5846ef0d15e1ff8bf358d83a84e4977193bd1513
GET /-FESsdaJfBa0/UA_PdxJBAVI/AAAAAAAABtA/6K_BFq5E4f8/s400/tapak+bazar+ramadhan+MBI+Ipoh.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1774"
Expires: Fri, 03 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="tapak bazar ramadhan MBI Ipoh.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 02 Feb 2023 04:42:06 GMT
Server: fife
Content-Length: 50832
X-XSS-Protection: 0
maps.google.com.my/maps?f=q&source=s_q&hl=en&geocode=&q=Port+Dickson&aq=&sll=5.263234,100.484623&sspn=0.691951,1.234589&ie=UTF8&hq=&hnear=Port+Dickson,+Negeri+Sembilan&t=m&z=11&iwloc=A&ll=2.536424,101.806814&output=embed
216.58.207.227301 Moved Permanently 0 B URL HTTP/2 maps.google.com.my/maps?f=q&source=s_q&hl=en&geocode=&q=Port+Dickson&aq=&sll=5.263234,100.484623&sspn=0.691951,1.234589&ie=UTF8&hq=&hnear=Port+Dickson,+Negeri+Sembilan&t=m&z=11&iwloc=A&ll=2.536424,101.806814&output=embed
IP 216.58.207.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /maps?f=q&source=s_q&hl=en&geocode=&q=Port+Dickson&aq=&sll=5.263234,100.484623&sspn=0.691951,1.234589&ie=UTF8&hq=&hnear=Port+Dickson,+Negeri+Sembilan&t=m&z=11&iwloc=A&ll=2.536424,101.806814&output=embed HTTP/1.1
Host: maps.google.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://www.google.com/maps/embed?origin=mfe&pb=!1m13!1m8!1m3!1d255098.19766602587!2d101.806814!3d2.536424!3m2!1i1024!2i768!4f13.1!2m1!1sPort+Dickson!5e0!6i11!3m1!1sen!5m1!1sen
vary: Origin, X-Origin, Referer
date: Thu, 02 Feb 2023 04:42:06 GMT
content-type: text/html
server: scaffolding on HTTPServer2
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server-timing: gfet4t7; dur=12
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-1xkzjfIzdZc/UqKINm1pYMI/AAAAAAAAD0M/Jb6s_Rp_uss/w72-h72-p-k-no-nu/where+to+buy+Bazaar+Baru+Chow+Kit+Market.jpg
142.250.74.161200 OK 4.4 kB URL HTTP/1.1 1.bp.blogspot.com/-1xkzjfIzdZc/UqKINm1pYMI/AAAAAAAAD0M/Jb6s_Rp_uss/w72-h72-p-k-no-nu/where+to+buy+Bazaar+Baru+Chow+Kit+Market.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 950f1165c73c23928901992eb0c3f89f
6f0537c51831c95d325e0c3c63e28a4629427739
9315c2908342802647613bf4deacf577ad096007644bbf999c0ca88052744cc2
GET /-1xkzjfIzdZc/UqKINm1pYMI/AAAAAAAAD0M/Jb6s_Rp_uss/w72-h72-p-k-no-nu/where+to+buy+Bazaar+Baru+Chow+Kit+Market.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="where to buy Bazaar Baru Chow Kit Market.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4369
X-XSS-Protection: 0
Date: Thu, 02 Feb 2023 04:42:06 GMT
Expires: Sat, 28 Jan 2023 18:32:17 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "vf44"
Content-Type: image/jpeg
Age: 0
maps.google.com.my/maps?f=q&source=s_q&hl=en&geocode=&q=pulau+pinang&aq=&sll=1.46343,103.754715&sspn=0.347329,0.617294&ie=UTF8&hq=&hnear=Penang&t=m&z=10&ll=5.263234,100.484623&output=embed
216.58.207.227301 Moved Permanently 0 B URL HTTP/2 maps.google.com.my/maps?f=q&source=s_q&hl=en&geocode=&q=pulau+pinang&aq=&sll=1.46343,103.754715&sspn=0.347329,0.617294&ie=UTF8&hq=&hnear=Penang&t=m&z=10&ll=5.263234,100.484623&output=embed
IP 216.58.207.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /maps?f=q&source=s_q&hl=en&geocode=&q=pulau+pinang&aq=&sll=1.46343,103.754715&sspn=0.347329,0.617294&ie=UTF8&hq=&hnear=Penang&t=m&z=10&ll=5.263234,100.484623&output=embed HTTP/1.1
Host: maps.google.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://www.google.com/maps/embed?origin=mfe&pb=!1m13!1m8!1m3!1d508543.51321506314!2d100.484623!3d5.263234!3m2!1i1024!2i768!4f13.1!2m1!1spulau+pinang!5e0!6i10!3m1!1sen!5m1!1sen
vary: Origin, X-Origin, Referer
date: Thu, 02 Feb 2023 04:42:06 GMT
content-type: text/html
server: scaffolding on HTTPServer2
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server-timing: gfet4t7; dur=13
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-w_qpEZV6vRQ/UA3Ip35zN1I/AAAAAAAABsU/Tgv9NxbbpiQ/s400/ramadhan+sabah+1.jpg
142.250.74.161200 OK 47 kB URL HTTP/1.1 1.bp.blogspot.com/-w_qpEZV6vRQ/UA3Ip35zN1I/AAAAAAAABsU/Tgv9NxbbpiQ/s400/ramadhan+sabah+1.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 400x300, components 3\012- data
Hash e0fd163117d6c82ab284c8facc8c799d
2e79a19441a196e4090467c7743b2799fd311581
527a675a3835f8da6ec20c0c5c1988d323c6ddfd571a9e5994ae4cf5ef0f129a
GET /-w_qpEZV6vRQ/UA3Ip35zN1I/AAAAAAAABsU/Tgv9NxbbpiQ/s400/ramadhan+sabah+1.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1774"
Expires: Fri, 03 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="ramadhan sabah 1.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 02 Feb 2023 04:42:06 GMT
Server: fife
Content-Length: 47119
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4f34667467b2eddfb447e4cdfcda668d
7d1e5a685072668a72f6c91127b5c7358923e9cc
6b06650500b587bcb619b67528aac8370a9a5c79d3b2cb9f34711582526d90a7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-37HE9PRHdo8/UBNqqF-s1dI/AAAAAAAABwQ/9UFw6msJc1c/s400/jambatan+2+penang.jpg
142.250.74.161200 OK 20 kB URL HTTP/1.1 1.bp.blogspot.com/-37HE9PRHdo8/UBNqqF-s1dI/AAAAAAAABwQ/9UFw6msJc1c/s400/jambatan+2+penang.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 300x154, components 3\012- data
Hash ea08dbd385266b7375033e49f1d1c40d
967bcf703ae53aa5d20a9c9245f3e43de8944085
bde0c8b544321c8ec7dd4ea54a55bcf00f7ffe4bc04d44df5c06a11ef7a50b28
GET /-37HE9PRHdo8/UBNqqF-s1dI/AAAAAAAABwQ/9UFw6msJc1c/s400/jambatan+2+penang.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1774"
Expires: Fri, 03 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="jambatan 2 penang.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 02 Feb 2023 04:42:06 GMT
Server: fife
Content-Length: 19527
X-XSS-Protection: 0
1.bp.blogspot.com/-zs-EqQLc5_A/VnzXvhcEPjI/AAAAAAAAFWs/_GAE3K-lPVA/s640/masjid%2Bkampung%2Bkling%2Bmelaka.jpg
142.250.74.161200 OK 40 kB URL HTTP/1.1 1.bp.blogspot.com/-zs-EqQLc5_A/VnzXvhcEPjI/AAAAAAAAFWs/_GAE3K-lPVA/s640/masjid%2Bkampung%2Bkling%2Bmelaka.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 640x367, components 3\012- data
Hash 7884bca008e73eb571a5811d78048936
99f3dbf2bfaffb41be89071fc1788ad611665fce
dcdc75d9da38203113a0f1f7f74393d3c548ca9f6ef50b45ea464a7514629bb8
GET /-zs-EqQLc5_A/VnzXvhcEPjI/AAAAAAAAFWs/_GAE3K-lPVA/s640/masjid%2Bkampung%2Bkling%2Bmelaka.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v156c"
Expires: Fri, 03 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="masjid kampung kling melaka.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 02 Feb 2023 04:42:06 GMT
Server: fife
Content-Length: 39566
X-XSS-Protection: 0
lh3.googleusercontent.com/-0gU5o2FX-Cg/WjnFIojd7zI/AAAAAAAAGrw/xDHXpnLI0f8izL5MJ_jq61s5G8gltKmpwCHMYCw/w72-h72-p-k-no-nu/20170828113616-big.jpg
142.250.74.97200 OK 4.6 kB URL HTTP/2 lh3.googleusercontent.com/-0gU5o2FX-Cg/WjnFIojd7zI/AAAAAAAAGrw/xDHXpnLI0f8izL5MJ_jq61s5G8gltKmpwCHMYCw/w72-h72-p-k-no-nu/20170828113616-big.jpg
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash c9bed51d77a6665a21681b32d1bc8844
136416c6dc134a62c8a8fd05247e5deb95ccfb44
24540cff4ecca0df084b2659be8c46c44ad07562edd869b0c1e9c4e87d77e2bd
GET /-0gU5o2FX-Cg/WjnFIojd7zI/AAAAAAAAGrw/xDHXpnLI0f8izL5MJ_jq61s5G8gltKmpwCHMYCw/w72-h72-p-k-no-nu/20170828113616-big.jpg HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="20170828113616-big.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4643
x-xss-protection: 0
date: Thu, 02 Feb 2023 04:42:06 GMT
expires: Sat, 28 Jan 2023 18:32:16 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1abd"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-YxApcJSU4xg/UBDVJpNEH6I/AAAAAAAABuw/E5XdJfXFfBc/s400/tankerfire+2+labuan.jpg
142.250.74.161200 OK 28 kB URL HTTP/1.1 1.bp.blogspot.com/-YxApcJSU4xg/UBDVJpNEH6I/AAAAAAAABuw/E5XdJfXFfBc/s400/tankerfire+2+labuan.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x300, components 3\012- data
Hash f9493b3b0c47de6221251b7d6fcd74b9
eb84bc7e618690d7ffecfea0a76428323a9f071b
56b7b4402e021b10c33dbf45ebbbb0c81584c0d981ec9643f944fae67a962c7d
GET /-YxApcJSU4xg/UBDVJpNEH6I/AAAAAAAABuw/E5XdJfXFfBc/s400/tankerfire+2+labuan.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1774"
Expires: Fri, 03 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="tankerfire 2 labuan.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 02 Feb 2023 04:42:06 GMT
Server: fife
Content-Length: 27566
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash df4a6d84addba49571d9f6ae44c61a3f
28c8093de27e27645cf6dfd5ae93a62fc77b9be5
cb6623b08b6245ea11bb871729613e453046d427d738a8c6431c5da8347e6e05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash df4a6d84addba49571d9f6ae44c61a3f
28c8093de27e27645cf6dfd5ae93a62fc77b9be5
cb6623b08b6245ea11bb871729613e453046d427d738a8c6431c5da8347e6e05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/buttons/blogger-simple-white.gif
216.58.207.233200 OK 692 B URL HTTP/2 www.blogger.com/buttons/blogger-simple-white.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 88 x 30\012- data
Hash 0e702b249fa4e9f3d1b5104fbc49a756
984efa34dd954e286769af8826c2e5920d91985a
9db517fb026d425e77ba29808d69c2ef986829dc7fe293de66c81e3737c41e7d
GET /buttons/blogger-simple-white.gif HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
expires: Fri, 02 Feb 2024 04:42:06 GMT
date: Thu, 02 Feb 2023 04:42:06 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 06:46:07 GMT
content-type: image/gif
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 692
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 737fb1a7e54ea78dd56b4ac44a2c1de8
4fc7537db04c8cedc6a98ea38cfcaa6ba5c8a3a7
596cb4e532b0f523b844981b7e60fba87eb3a904b0a40dfdc3802a02650f790e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f44095f8ebc7d211f4ee24d88a703128
97263cb2c5d0237c08bee075fb75c8bddefddf2c
1183ec38cb48e7986d42d545c968616fe9f996f73849f1da6c111eb4ccfbb529
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=map1malaysia.blogspot.com&callback=_gfp_s_&client=ca-pub-3673498704421778
216.58.207.226200 OK 251 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=map1malaysia.blogspot.com&callback=_gfp_s_&client=ca-pub-3673498704421778
IP 216.58.207.226:0
File type ASCII text, with very long lines (391), with no line terminators
Hash 5e406626e66b3ce62d72f8199661f3b7
0027079b8ed0301e8d1c1dc934686e804ea69364
e4c38e2cf570f0c581ddfe2ca601d1777bd5e63fc146f885ea50819cb0e101dd
GET /gampad/cookie.js?domain=map1malaysia.blogspot.com&callback=_gfp_s_&client=ca-pub-3673498704421778 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 04:42:06 GMT
server: cafe
cache-control: private
content-length: 251
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=map1malaysia.blogspot.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=map1malaysia.blogspot.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=map1malaysia.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 04:42:06 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=map1malaysia.blogspot.com
216.58.207.194200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=map1malaysia.blogspot.com
IP 216.58.207.194:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=map1malaysia.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 04:42:06 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-KYnH50eD0Vk/V3XqDQP6s5I/AAAAAAAAFtE/D0E2mErNzeU4UCWP3N2b9Z1qlA6_yme3wCLcB/w72-h72-p-k-no-nu/borong%2Bbaju%2Bmelayu%2B1.jpg
142.250.74.161200 OK 5.4 kB URL HTTP/2 4.bp.blogspot.com/-KYnH50eD0Vk/V3XqDQP6s5I/AAAAAAAAFtE/D0E2mErNzeU4UCWP3N2b9Z1qlA6_yme3wCLcB/w72-h72-p-k-no-nu/borong%2Bbaju%2Bmelayu%2B1.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 69b19b88376f82bd4a25589ae7d5e295
b1f6819d2b6a62ad5eb0e3f7481e03152b94b02e
828fdc1b89f77e33b474b1808edeb7b496870249cce5392bfc63846e678cf553
GET /-KYnH50eD0Vk/V3XqDQP6s5I/AAAAAAAAFtE/D0E2mErNzeU4UCWP3N2b9Z1qlA6_yme3wCLcB/w72-h72-p-k-no-nu/borong%2Bbaju%2Bmelayu%2B1.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v16d2"
expires: Fri, 03 Feb 2023 04:42:06 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="borong baju melayu 1.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 04:42:06 GMT
server: fife
content-length: 5425
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f44095f8ebc7d211f4ee24d88a703128
97263cb2c5d0237c08bee075fb75c8bddefddf2c
1183ec38cb48e7986d42d545c968616fe9f996f73849f1da6c111eb4ccfbb529
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
themes.googleusercontent.com/image?id=1YK_kIkypmbLpa7gdIiaw1FsCvT-gyA1MlyoCmSbDXblLJ1mXUvy0Y0W-SsOiDgK_OAMs
142.250.74.97200 OK 76 kB URL HTTP/2 themes.googleusercontent.com/image?id=1YK_kIkypmbLpa7gdIiaw1FsCvT-gyA1MlyoCmSbDXblLJ1mXUvy0Y0W-SsOiDgK_OAMs
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Picasa], baseline, precision 8, 1800x1200, components 3\012- data
Hash 80c6546a7f26430fec0dcee096720efb
8a0cd626fc1bfb904fa55efe236057a1dac9198c
143da993e04024d7784c7db29c3a302e7a7b8a2e586381b6d398810e7980b351
GET /image?id=1YK_kIkypmbLpa7gdIiaw1FsCvT-gyA1MlyoCmSbDXblLJ1mXUvy0Y0W-SsOiDgK_OAMs HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://map1malaysia.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Fri, 03 Feb 2023 04:42:06 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 04:42:06 GMT
server: fife
content-length: 75663
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 160ff46273e80b1a0523615a5a30b060
7ccdc86678b4cddb5b6c36e42e884ca11866ae59
0eb9af55430b8b3c5c429edae27548a210d638227ba2c23d29a715bc5b79a477
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/maps/embed?origin=mfe&pb=!1m13!1m8!1m3!1d255098.19766602587!2d101.806814!3d2.536424!3m2!1i1024!2i768!4f13.1!2m1!1sPort+Dickson!5e0!6i11!3m1!1sen!5m1!1sen
216.58.211.4200 OK 896 B URL HTTP/2 www.google.com/maps/embed?origin=mfe&pb=!1m13!1m8!1m3!1d255098.19766602587!2d101.806814!3d2.536424!3m2!1i1024!2i768!4f13.1!2m1!1sPort+Dickson!5e0!6i11!3m1!1sen!5m1!1sen
IP 216.58.211.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1453)
Hash d5704ee8a3d6ec1b477e9f49e457a68b
b1d35b30dedb58727ddf1a13f5c336e70e43fb33
e9640ea3817a1ed5a79800bd51ec7a713b2a5e7d2e4cfe1621c4954495c8be40
GET /maps/embed?origin=mfe&pb=!1m13!1m8!1m3!1d255098.19766602587!2d101.806814!3d2.536424!3m2!1i1024!2i768!4f13.1!2m1!1sPort+Dickson!5e0!6i11!3m1!1sen!5m1!1sen HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://map1malaysia.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, must-revalidate
pragma: no-cache
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-WWjiIvvNgu9yteZXdOSS5A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-type: text/html; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 02 Feb 2023 04:42:07 GMT
server: scaffolding on HTTPServer2
content-length: 896
x-xss-protection: 0
x-content-type-options: nosniff
server-timing: gfet4t7; dur=266
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-ZA0uMsOs-1A/X8G8X7rCH8I/AAAAAAAAHSA/7WrFpAZoAlQj0yi-qCjx3G9bK8wpbO6VACLcBGAsYHQ/w72-h72-p-k-no-nu/TIMAH%2BTASOH%2BLAKE%2BPERLIS%2B1.jpg
142.250.74.161200 OK 5.4 kB URL HTTP/2 1.bp.blogspot.com/-ZA0uMsOs-1A/X8G8X7rCH8I/AAAAAAAAHSA/7WrFpAZoAlQj0yi-qCjx3G9bK8wpbO6VACLcBGAsYHQ/w72-h72-p-k-no-nu/TIMAH%2BTASOH%2BLAKE%2BPERLIS%2B1.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash c0c4533bcfb247a5a428ab2968cba6de
45cfdcea26f395a370689446c92cf8e6c74543dd
877717a29fd4f696e5a30ea71362bbf6bda44bb529814e125dd3c730d809ed44
GET /-ZA0uMsOs-1A/X8G8X7rCH8I/AAAAAAAAHSA/7WrFpAZoAlQj0yi-qCjx3G9bK8wpbO6VACLcBGAsYHQ/w72-h72-p-k-no-nu/TIMAH%2BTASOH%2BLAKE%2BPERLIS%2B1.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1d44"
expires: Fri, 03 Feb 2023 04:42:07 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="TIMAH TASOH LAKE PERLIS 1.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 04:42:07 GMT
server: fife
content-length: 5402
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad
216.58.207.202200 OK 56 kB URL HTTP/2 maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad
IP 216.58.207.202:0
File type ASCII text, with very long lines (2436)
Hash 02f9adbc4ba911060b56981f8ec7213d
519bab7745be5d24aba757169c48ae5982c4aea3
5e75223c3fe0ba3f4da9097e78acddea4a38e1b33d1c17f5e188567842e68912
GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56419
x-xss-protection: 0
x-frame-options: SAMEORIGIN
date: Thu, 02 Feb 2023 04:37:03 GMT
expires: Thu, 02 Feb 2023 05:07:03 GMT
cache-control: public, max-age=1800
content-type: text/javascript; charset=UTF-8
age: 304
server-timing: gfet4t7; dur=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/maps/embed?origin=mfe&pb=!1m13!1m8!1m3!1d255265.07782869643!2d103.754715!3d1.46343!3m2!1i1024!2i768!4f13.1!2m1!1sJohor+Bahru+Johor!5e0!6i11!3m1!1sen!5m1!1sen
216.58.211.4200 OK 883 B URL HTTP/2 www.google.com/maps/embed?origin=mfe&pb=!1m13!1m8!1m3!1d255265.07782869643!2d103.754715!3d1.46343!3m2!1i1024!2i768!4f13.1!2m1!1sJohor+Bahru+Johor!5e0!6i11!3m1!1sen!5m1!1sen
IP 216.58.211.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1411)
Hash 9220ab08a47890873057cbec67d54c3f
5a713c876dc3958283357ecb6a06e648f245e206
b227ce3163f5e0a54ff751ea7343a823992fe0313a3304bceebd022a80c2ecff
GET /maps/embed?origin=mfe&pb=!1m13!1m8!1m3!1d255265.07782869643!2d103.754715!3d1.46343!3m2!1i1024!2i768!4f13.1!2m1!1sJohor+Bahru+Johor!5e0!6i11!3m1!1sen!5m1!1sen HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://map1malaysia.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-hxtB-JuSr7w9tu1pXN5UeA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
pragma: no-cache
content-type: text/html; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 02 Feb 2023 04:42:07 GMT
server: scaffolding on HTTPServer2
content-length: 883
x-xss-protection: 0
x-content-type-options: nosniff
server-timing: gfet4t7; dur=302
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7333
Expires: Thu, 02 Feb 2023 06:44:20 GMT
Date: Thu, 02 Feb 2023 04:42:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7333
Expires: Thu, 02 Feb 2023 06:44:20 GMT
Date: Thu, 02 Feb 2023 04:42:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7333
Expires: Thu, 02 Feb 2023 06:44:20 GMT
Date: Thu, 02 Feb 2023 04:42:07 GMT
Connection: keep-alive
www.google.com/maps/embed?origin=mfe&pb=!1m13!1m8!1m3!1d508543.51321506314!2d100.484623!3d5.263234!3m2!1i1024!2i768!4f13.1!2m1!1spulau+pinang!5e0!6i10!3m1!1sen!5m1!1sen
216.58.211.4200 OK 895 B URL HTTP/2 www.google.com/maps/embed?origin=mfe&pb=!1m13!1m8!1m3!1d508543.51321506314!2d100.484623!3d5.263234!3m2!1i1024!2i768!4f13.1!2m1!1spulau+pinang!5e0!6i10!3m1!1sen!5m1!1sen
IP 216.58.211.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1435)
Hash 86751024524b4622d3bfab0ea94ad33c
a30f66044f96b9340cbe8154eeb097e08fe61335
20ecb4865dd96c3e921c8cd6c884cfda3c62c897ce2f4aec99d3bcd623895cb6
GET /maps/embed?origin=mfe&pb=!1m13!1m8!1m3!1d508543.51321506314!2d100.484623!3d5.263234!3m2!1i1024!2i768!4f13.1!2m1!1spulau+pinang!5e0!6i10!3m1!1sen!5m1!1sen HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://map1malaysia.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-Iy0zTWtMuc-sca7F3y_jww' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 02 Feb 2023 04:42:07 GMT
server: scaffolding on HTTPServer2
content-length: 895
x-xss-protection: 0
x-content-type-options: nosniff
server-timing: gfet4t7; dur=512
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i697kJpdT4ZPeMLWIftWf16pWCic0-v4tL4GDKfVfTZLo-E4-3FwDQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 22829
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7333
Expires: Thu, 02 Feb 2023 06:44:20 GMT
Date: Thu, 02 Feb 2023 04:42:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 91987222-d376-4099-a4e9-5f877b5212be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzO2FSDIAMFktg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce325e-281a7e062ee3039d42ae8f83;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:08:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SEH32iK4aCkxhxQyu3fSlW8uVM1Oj5hwnl2U09k_THEOdAqdEeVMJw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:03:43 GMT
age: 23904
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23ac16a6-b0c6-4c81-9bd1-78ee332bf49a.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23ac16a6-b0c6-4c81-9bd1-78ee332bf49a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0ceb09fa3caa0fcda4a6314141e2d019
d08f43956f6859e4c2385231bb5506262257445f
a2100701c69f86920b14714b19ec14db9ebfd91000f0ec2397b8f27d981bc1ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23ac16a6-b0c6-4c81-9bd1-78ee332bf49a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14593
x-amzn-requestid: 796fc590-5a08-4765-b861-e5f707e4d7f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdLoFHQoAMFaAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbe3-3f93635c337e77e453bba394;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gYo5IyA5mM2B5nw6O2QkkZ6-go2CzG8Nwb_pWSixGplAl7LsbmWUiQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:55:43 GMT
age: 24384
etag: "d08f43956f6859e4c2385231bb5506262257445f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53ad6bfb-91d6-4204-960a-49f84cc18db2.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53ad6bfb-91d6-4204-960a-49f84cc18db2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5129c5bd93215d4f092922326826223e
b6df7a2f09b0efd9342589ffde5621ca6f894285
07fb43e6e0e11d9cd4bcf5d51d248f0fb85d41e231042bc7ad6c1897b3e82556
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53ad6bfb-91d6-4204-960a-49f84cc18db2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8296
x-amzn-requestid: 5961f5cd-2288-44e2-9eb2-35c115cdd95f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKVGqWoAMF34A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-609946154fa2e547084125e4;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JFS3n1VPoHesu6OC4w3L5ygNtVOxAL2EyfIZG-S26x8m9GFKdJpHpA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:00:22 GMT
age: 24105
etag: "b6df7a2f09b0efd9342589ffde5621ca6f894285"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3825d7eb-9bf8-4ff1-ac96-196cbf5c1873.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3825d7eb-9bf8-4ff1-ac96-196cbf5c1873.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 93ef9da6520124f03883a2b5241e0623
41b557bb05e1769c124aa0195c398e2dbd1fc0e9
dd6a1589ae40fb69c60f1675ea49a6a1a00d43e29d1a18f0d30b7c4e9bceee5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3825d7eb-9bf8-4ff1-ac96-196cbf5c1873.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11198
x-amzn-requestid: f21313a6-3ca8-4c58-981c-a1700769719c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKUGu6IAMFsww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-1d60cc337f91692e436f2990;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pwsRzGhqa83gc7xjxWBwpPFEmiVKLY3_YKm1OuRbKgXPyvOSzRtoZQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:00:22 GMT
age: 24105
etag: "41b557bb05e1769c124aa0195c398e2dbd1fc0e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b204f3abe06417a75a9703b1ed69bb37
f636ae39c412c40c3737e9c3c99a5e2e30a7e861
209edba54e970905fc4efd62b8736ef3f5d5021ccb82ea63e7ebfe0baf3e1896
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00c1df1d-5e83-46c4-87de-093028c17afe.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00c1df1d-5e83-46c4-87de-093028c17afe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dbb3b7fe13504478f3fe5e8c0190b8db
b8ca03ed416b5ab9cd118f32a1890ffa764a7aec
e47f269c393ee8d87bfce593f31fd49309e1d9b47b8745dd3b6568036da50d55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00c1df1d-5e83-46c4-87de-093028c17afe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7416
x-amzn-requestid: c4e8c4e6-5f2a-4b94-ad48-f10fb51c78c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BH1-IAMF17g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-40e58e6e49f919a3740bb92a;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2-O9YJrb-baVaEYFpesrbfMrIDBautEp2f5ilm1-vmHcjUGxE0c1VA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:29:58 GMT
etag: "b8ca03ed416b5ab9cd118f32a1890ffa764a7aec"
content-type: image/jpeg
age: 22329
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b204f3abe06417a75a9703b1ed69bb37
f636ae39c412c40c3737e9c3c99a5e2e30a7e861
209edba54e970905fc4efd62b8736ef3f5d5021ccb82ea63e7ebfe0baf3e1896
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20230131/r20110914/client/window_focus_fy2021.js
216.58.211.1200 OK 1.2 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230131/r20110914/client/window_focus_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1054)
Hash 169edf919beed1ee17c8a752ef12132e
b7fbae15ed7789984ee59618845b914aae37bf3e
2bcf9aebfd80a2558d54f39de59542c3df52610616fb2e4380d9f3d976cc13fc
GET /pagead/js/r20230131/r20110914/client/window_focus_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1236
x-xss-protection: 0
date: Wed, 01 Feb 2023 22:16:17 GMT
expires: Wed, 15 Feb 2023 22:16:17 GMT
cache-control: public, max-age=1209600
age: 23150
etag: 15004572836499977866
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230131/r20110914/client/qs_click_protection_fy2021.js
216.58.211.1200 OK 7.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230131/r20110914/client/qs_click_protection_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1605)
Hash aeaebc4fec11dcafa566897f3b2aa937
7b4507c8793c1ce833dccaeb7dbc956c1fd06668
c23b4a16d9468c0018f502492594408fc809fc0fe003aed2f1145ba3dca87bae
GET /pagead/js/r20230131/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7647
x-xss-protection: 0
date: Wed, 01 Feb 2023 22:16:17 GMT
expires: Wed, 15 Feb 2023 22:16:17 GMT
cache-control: public, max-age=1209600
age: 23150
etag: 2161395064574532456
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.gstatic.com/maps-api-v3/embed/js/51/8/init_embed.js
142.250.74.3200 OK 227 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/51/8/init_embed.js
IP 142.250.74.3:0
File type ASCII text, with very long lines (2599)
Size 227 kB (227161 bytes)
Hash e3fcdb3b625ae8f6058df005fbac1b91
9cd25835e9e08695c0114f57a5abf4d3437b1619
97fcf9ad8137f24c0f74e5450b2b4a01d87dfa70678130187fe13c1614ab419b
GET /maps-api-v3/embed/js/51/8/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 227161
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 19:04:03 GMT
expires: Thu, 01 Feb 2024 19:04:03 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 18:44:31 GMT
content-type: text/javascript
age: 34684
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 1.0 kB IP 93.184.220.29:0
File type gzip compressed data, max compression\012- data
Hash 003c14c5a38f6b880f3d4f9247a8a827
7e77d08ca3f3835ba4d9149e00f034b3f49ecc9b
03bace11b33061b2ff69869e06e22e5623c96f7a4fd22e3eb3d036db9ebf806e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4425
Cache-Control: max-age=99491
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:07 GMT
Etag: "63da0f79-139"
Expires: Fri, 03 Feb 2023 08:20:18 GMT
Last-Modified: Wed, 01 Feb 2023 07:06:33 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash fd33fb271c10d9a3fe8b114eafaf704e
4eda1f76d4c345b9b5393de39bfdce2c4c76b9fc
2d6345b53f060111aba2d40820d88e3fc7ab9bd76d5298c05fec582381fc4fec
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2073
Cache-Control: max-age=97139
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:07 GMT
Etag: "63da0f79-139"
Expires: Fri, 03 Feb 2023 07:41:06 GMT
Last-Modified: Wed, 01 Feb 2023 07:06:33 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash fd33fb271c10d9a3fe8b114eafaf704e
4eda1f76d4c345b9b5393de39bfdce2c4c76b9fc
2d6345b53f060111aba2d40820d88e3fc7ab9bd76d5298c05fec582381fc4fec
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3304
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:07 GMT
Etag: "63da0f79-139"
Last-Modified: Thu, 02 Feb 2023 03:47:03 GMT
Server: ECS (amb/6BC4)
X-Cache: HIT
Content-Length: 313
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 07:51:59 GMT
expires: Thu, 01 Feb 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 75008
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 13:09:06 GMT
expires: Wed, 31 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 142381
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 283207
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 75f7afd37af1d98d4e2a1369501aa3c3
5f25e040eeda9c29b4ce2666f05d889bd54f07f0
b3c3f088310e8db7b598efb702a7335d5d110d8b0cb5d5a8dc165457a297393a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5113
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:08 GMT
Last-Modified: Thu, 02 Feb 2023 03:16:55 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 75f7afd37af1d98d4e2a1369501aa3c3
5f25e040eeda9c29b4ce2666f05d889bd54f07f0
b3c3f088310e8db7b598efb702a7335d5d110d8b0cb5d5a8dc165457a297393a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4626
Cache-Control: max-age=124910
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:08 GMT
Etag: "63da71fc-139"
Expires: Fri, 03 Feb 2023 15:23:58 GMT
Last-Modified: Wed, 01 Feb 2023 14:06:52 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 313
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kc71FLOzWawC-gGdg2ICAgAAAD57CZ0_LBCTlxn4VRAeP9tj7S9XQZyhGnebssMAEgAACg5BUVVCQlFZQkJRRUJCUQ&wp=Y9s_HwAAuCsKGVoMAAC2KLaC34vcIpMi21VNUQ
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kc71FLOzWawC-gGdg2ICAgAAAD57CZ0_LBCTlxn4VRAeP9tj7S9XQZyhGnebssMAEgAACg5BUVVCQlFZQkJRRUJCUQ&wp=Y9s_HwAAuCsKGVoMAAC2KLaC34vcIpMi21VNUQ
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kc71FLOzWawC-gGdg2ICAgAAAD57CZ0_LBCTlxn4VRAeP9tj7S9XQZyhGnebssMAEgAACg5BUVVCQlFZQkJRRUJCUQ&wp=Y9s_HwAAuCsKGVoMAAC2KLaC34vcIpMi21VNUQ HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 278192
date: Thu, 02 Feb 2023 04:42:07 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 34057df66622b763fac26c84b1e33814
096d78a127fbb9dbae567b216c18acb32fdc1721
91bcc8cff97b409a7e83150dbf206d85af01f08f1c8b47372ee2c62a162c7bfb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6393
Cache-Control: max-age=143215
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:08 GMT
Etag: "63dab296-13a"
Expires: Fri, 03 Feb 2023 20:29:03 GMT
Last-Modified: Wed, 01 Feb 2023 18:42:30 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 314
csi.gstatic.com/csi?v=2&s=osv&puid=1~ldmm2r55&c=2066001250822&slotId=1033000625411&qqid=CLSanv-C9vwCFb9JHgIdm9gCpw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
172.217.3.131204 No Content 0 B URL HTTP/2 csi.gstatic.com/csi?v=2&s=osv&puid=1~ldmm2r55&c=2066001250822&slotId=1033000625411&qqid=CLSanv-C9vwCFb9JHgIdm9gCpw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
IP 172.217.3.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=osv&puid=1~ldmm2r55&c=2066001250822&slotId=1033000625411&qqid=CLSanv-C9vwCFb9JHgIdm9gCpw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: *
date: Thu, 02 Feb 2023 04:42:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kc71FLOzWdACmAKdg2ICAgAAAMjtfEzDmLyZlxn4VRAeP9tjPZp2F5ZeVKmSSzwAEgAACg5BUVVCQlFZQkJRRUJCUQ&wp=Y9s_HwAAvzACHkiHAA1jZIX-8i_wInMz7m5Giw
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kc71FLOzWdACmAKdg2ICAgAAAMjtfEzDmLyZlxn4VRAeP9tjPZp2F5ZeVKmSSzwAEgAACg5BUVVCQlFZQkJRRUJCUQ&wp=Y9s_HwAAvzACHkiHAA1jZIX-8i_wInMz7m5Giw
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kc71FLOzWdACmAKdg2ICAgAAAMjtfEzDmLyZlxn4VRAeP9tjPZp2F5ZeVKmSSzwAEgAACg5BUVVCQlFZQkJRRUJCUQ&wp=Y9s_HwAAvzACHkiHAA1jZIX-8i_wInMz7m5Giw HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 176721
date: Thu, 02 Feb 2023 04:42:07 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kc71FLOzWdACmAKdg2ICAgAAAMjtfEzDmLyZlxn4VRAeP9tjFpsP2sP_tvI9zuUAEgAACg5BUVVCQlFZQkJRRUJCUQ&wp=Y9s_HwABPvEKGEPGAAXczerjST6M8hMJV5vq0w
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kc71FLOzWdACmAKdg2ICAgAAAMjtfEzDmLyZlxn4VRAeP9tjFpsP2sP_tvI9zuUAEgAACg5BUVVCQlFZQkJRRUJCUQ&wp=Y9s_HwABPvEKGEPGAAXczerjST6M8hMJV5vq0w
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kc71FLOzWdACmAKdg2ICAgAAAMjtfEzDmLyZlxn4VRAeP9tjFpsP2sP_tvI9zuUAEgAACg5BUVVCQlFZQkJRRUJCUQ&wp=Y9s_HwABPvEKGEPGAAXczerjST6M8hMJV5vq0w HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 307307
date: Thu, 02 Feb 2023 04:42:07 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kc71FLOzWdACmAKdg2ICAgAAAMjtfEzDmLyZlxn4VRAeP9tjPH74jDnoF0FlYB8AEgAACg5BUVVCQWdZQkFnRUJBZw&wp=Y9s_HwABEUAKGaxJAAJQrzYf5XLltC3n46RQ2Q
178.250.2.129200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kc71FLOzWdACmAKdg2ICAgAAAMjtfEzDmLyZlxn4VRAeP9tjPH74jDnoF0FlYB8AEgAACg5BUVVCQWdZQkFnRUJBZw&wp=Y9s_HwABEUAKGaxJAAJQrzYf5XLltC3n46RQ2Q
IP 178.250.2.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kc71FLOzWdACmAKdg2ICAgAAAMjtfEzDmLyZlxn4VRAeP9tjPH74jDnoF0FlYB8AEgAACg5BUVVCQWdZQkFnRUJBZw&wp=Y9s_HwABEUAKGaxJAAJQrzYf5XLltC3n46RQ2Q HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 166393
date: Thu, 02 Feb 2023 04:42:07 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csi.gstatic.com/csi?v=2&s=osv&puid=1~ldmm2r8v&c=1190844467911&slotId=595422233955.5&qqid=CKryn_-C9vwCFQVOGQodCFgKqA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
172.217.3.131204 No Content 0 B URL HTTP/2 csi.gstatic.com/csi?v=2&s=osv&puid=1~ldmm2r8v&c=1190844467911&slotId=595422233955.5&qqid=CKryn_-C9vwCFQVOGQodCFgKqA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
IP 172.217.3.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=osv&puid=1~ldmm2r8v&c=1190844467911&slotId=595422233955.5&qqid=CKryn_-C9vwCFQVOGQodCFgKqA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: *
date: Thu, 02 Feb 2023 04:42:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash f8d8478f6fd65ccb723aafc9fa19ac4b
de1c2b7881907cc7c06c816b365da09df429ba7a
e4f4422c14320af3bf6e865e98d42ab5e8f5ef06a41c10f42670ae2d533e534a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5994
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:09 GMT
Last-Modified: Thu, 02 Feb 2023 03:02:15 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash f8d8478f6fd65ccb723aafc9fa19ac4b
de1c2b7881907cc7c06c816b365da09df429ba7a
e4f4422c14320af3bf6e865e98d42ab5e8f5ef06a41c10f42670ae2d533e534a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5994
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:09 GMT
Last-Modified: Thu, 02 Feb 2023 03:02:15 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash f8d8478f6fd65ccb723aafc9fa19ac4b
de1c2b7881907cc7c06c816b365da09df429ba7a
e4f4422c14320af3bf6e865e98d42ab5e8f5ef06a41c10f42670ae2d533e534a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6032
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:09 GMT
Last-Modified: Thu, 02 Feb 2023 03:01:37 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash f8d8478f6fd65ccb723aafc9fa19ac4b
de1c2b7881907cc7c06c816b365da09df429ba7a
e4f4422c14320af3bf6e865e98d42ab5e8f5ef06a41c10f42670ae2d533e534a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5994
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:09 GMT
Etag: "63daae91-139"
Last-Modified: Thu, 02 Feb 2023 03:02:15 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash f8d8478f6fd65ccb723aafc9fa19ac4b
de1c2b7881907cc7c06c816b365da09df429ba7a
e4f4422c14320af3bf6e865e98d42ab5e8f5ef06a41c10f42670ae2d533e534a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5994
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:09 GMT
Last-Modified: Thu, 02 Feb 2023 03:02:15 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
static.criteo.net/flash/icon/back_button2.svg
178.250.2.130200 OK 293 B URL HTTP/2 static.criteo.net/flash/icon/back_button2.svg
IP 178.250.2.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash d9f776bdc698e1bc9c6a1977218019cd
5763cfb5ac79adf0fa7f03a82bad04eea2dca243
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
GET /flash/icon/back_button2.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 04:42:09 GMT
content-type: image/svg+xml
content-length: 293
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
etag: "626a59dc-125"
expires: Sun, 28 Jan 2024 04:42:09 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/close_button.svg
178.250.2.130200 OK 308 B URL HTTP/2 static.criteo.net/flash/icon/close_button.svg
IP 178.250.2.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 1bfe2e290ec4440da74a2e2c249eae2b
0b888a3f9e27d1554f2e21d51e7a1c223d00dbd4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
GET /flash/icon/close_button.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 04:42:09 GMT
content-type: image/svg+xml
content-length: 308
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
etag: "5e46a5e4-134"
expires: Sun, 28 Jan 2024 04:42:09 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 39f6ca1b7865aaacade6af8dfb840bb9
d85b74a1c96889491927bca16fe4fb1bc05d066a
8362bae667f163b53b51cfdc6cf0a5269a13dd46a8e93b79409d7eb9adbf5dc7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5132
Cache-Control: max-age=112450
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:09 GMT
Etag: "63da3f57-13a"
Expires: Fri, 03 Feb 2023 11:56:19 GMT
Last-Modified: Wed, 01 Feb 2023 10:30:47 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 39f6ca1b7865aaacade6af8dfb840bb9
d85b74a1c96889491927bca16fe4fb1bc05d066a
8362bae667f163b53b51cfdc6cf0a5269a13dd46a8e93b79409d7eb9adbf5dc7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5151
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:09 GMT
Last-Modified: Thu, 02 Feb 2023 03:16:18 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 39f6ca1b7865aaacade6af8dfb840bb9
d85b74a1c96889491927bca16fe4fb1bc05d066a
8362bae667f163b53b51cfdc6cf0a5269a13dd46a8e93b79409d7eb9adbf5dc7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5243
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:09 GMT
Last-Modified: Thu, 02 Feb 2023 03:14:46 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 314
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=DgD5Pt93wCs3txwqPiSRw8TATw7-kdB_Fg4L0kEWpNANlTOqf6E9LlXEGrJQpap47IbCsHgdW0mYR0CNPB49ShtBQI4_b9_6E4lXhJu_vchvTgNCysQY-9IH_8opMsBL9rws5xtqZf8AQZ4xi7xfyjR7Yq1FzDD5D30LrcvS_SFPihah5ZbI-TPFql2gCJqlnvjUIbMkm-slI9-Slgs66KW_V8UptkrAY3HxQEEOgcjo_Rz-RIb1ogamd050ymjW2jbSpq2U5U03ss-FsOaLqNwU7ZEqDz-8yoa64j7loLdsXymtPmwFQVF64cu3gXVM86_urXhway_sgl5cxxKySlat7MXBGSEAiq5I84hyYN4ULkZ2UOQGwFFzgGbM4RDOJikeNIFpzQk2UAY6R0NbzbM5SwG9jG4yZHhPfzxhvjPkeC81
178.250.0.160200 OK 357 B URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=DgD5Pt93wCs3txwqPiSRw8TATw7-kdB_Fg4L0kEWpNANlTOqf6E9LlXEGrJQpap47IbCsHgdW0mYR0CNPB49ShtBQI4_b9_6E4lXhJu_vchvTgNCysQY-9IH_8opMsBL9rws5xtqZf8AQZ4xi7xfyjR7Yq1FzDD5D30LrcvS_SFPihah5ZbI-TPFql2gCJqlnvjUIbMkm-slI9-Slgs66KW_V8UptkrAY3HxQEEOgcjo_Rz-RIb1ogamd050ymjW2jbSpq2U5U03ss-FsOaLqNwU7ZEqDz-8yoa64j7loLdsXymtPmwFQVF64cu3gXVM86_urXhway_sgl5cxxKySlat7MXBGSEAiq5I84hyYN4ULkZ2UOQGwFFzgGbM4RDOJikeNIFpzQk2UAY6R0NbzbM5SwG9jG4yZHhPfzxhvjPkeC81
IP 178.250.0.160:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c98f6387f1dad375df324ae1b3dcb8ba
8c9ebeb689b56706a2c170a2d671847c9e137a5b
a7db43072e9c00b2835b487b9fa88327aaba4080d5f7a58bb2caf7431ab51fc3
GET /delivery/lg.php?cppv=3&cpp=DgD5Pt93wCs3txwqPiSRw8TATw7-kdB_Fg4L0kEWpNANlTOqf6E9LlXEGrJQpap47IbCsHgdW0mYR0CNPB49ShtBQI4_b9_6E4lXhJu_vchvTgNCysQY-9IH_8opMsBL9rws5xtqZf8AQZ4xi7xfyjR7Yq1FzDD5D30LrcvS_SFPihah5ZbI-TPFql2gCJqlnvjUIbMkm-slI9-Slgs66KW_V8UptkrAY3HxQEEOgcjo_Rz-RIb1ogamd050ymjW2jbSpq2U5U03ss-FsOaLqNwU7ZEqDz-8yoa64j7loLdsXymtPmwFQVF64cu3gXVM86_urXhway_sgl5cxxKySlat7MXBGSEAiq5I84hyYN4ULkZ2UOQGwFFzgGbM4RDOJikeNIFpzQk2UAY6R0NbzbM5SwG9jG4yZHhPfzxhvjPkeC81 HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 04:42:09 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3110885
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 39f6ca1b7865aaacade6af8dfb840bb9
d85b74a1c96889491927bca16fe4fb1bc05d066a
8362bae667f163b53b51cfdc6cf0a5269a13dd46a8e93b79409d7eb9adbf5dc7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5132
Cache-Control: max-age=112450
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:09 GMT
Etag: "63da3f57-13a"
Expires: Fri, 03 Feb 2023 11:56:19 GMT
Last-Modified: Wed, 01 Feb 2023 10:30:47 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 314
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftamaris%2F1300x1700%2Ftam112549829_cantelopeuni_v309.jpg&v=3&w=400&s=gpVQdr807YDssiJabmfbxiNl&b=400
178.250.0.139200 OK 4.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftamaris%2F1300x1700%2Ftam112549829_cantelopeuni_v309.jpg&v=3&w=400&s=gpVQdr807YDssiJabmfbxiNl&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 288x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0f672fd89e95e6d08cc28c446bbd83a2
cae1db46cbc74a5045b02e2d13fa32ed434758e3
eca7ed9381a4aab8526a3565063b4d33601ea32bdc80b1c5e0dca61503a91301
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftamaris%2F1300x1700%2Ftam112549829_cantelopeuni_v309.jpg&v=3&w=400&s=gpVQdr807YDssiJabmfbxiNl&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30082161
expires: Tue, 16 Jan 2024 08:51:31 GMT
date: Thu, 02 Feb 2023 04:42:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4510
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fvero-moda%2F1300x1700%2Fvm10247723_cblack_v177868.jpg&v=3&w=400&s=r_JrdZ68TEE_MudByXLy2G-l&b=400
178.250.0.139200 OK 5.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fvero-moda%2F1300x1700%2Fvm10247723_cblack_v177868.jpg&v=3&w=400&s=r_JrdZ68TEE_MudByXLy2G-l&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 233x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b2f8514c6d2bd10c32706b1772abf702
db67d6c7fc281ee918b6891368b73e1a61330af7
4eb64ff32170af7717eea1203258aabf6125c4825d6d3c443182c46ac3b89c9b
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fvero-moda%2F1300x1700%2Fvm10247723_cblack_v177868.jpg&v=3&w=400&s=r_JrdZ68TEE_MudByXLy2G-l&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29850316
expires: Sat, 13 Jan 2024 16:27:26 GMT
date: Thu, 02 Feb 2023 04:42:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5666
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf1741394803_cblack.jpg&v=3&w=400&s=b5OAUjF40XdzcSX2tResorh-&b=400
178.250.0.139200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf1741394803_cblack.jpg&v=3&w=400&s=b5OAUjF40XdzcSX2tResorh-&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x351, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 77ad2ab29464a85a38895f7ecf0a58f6
9aab0bcfb9bbe84772a6c654532a450d0edc067a
8ea266295c05e575875733f6a71b7f59e1fbfba330cbbe98a18805a4a129099f
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf1741394803_cblack.jpg&v=3&w=400&s=b5OAUjF40XdzcSX2tResorh-&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29796523
expires: Sat, 13 Jan 2024 01:30:53 GMT
date: Thu, 02 Feb 2023 04:42:08 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10886
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Froyal-republiq%2F1300x1700%2Frrq250186119211_cbrown.jpg&v=3&w=400&s=aoH9gbLxX5y_hDJridYnM3hE&b=400
178.250.0.139200 OK 7.3 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Froyal-republiq%2F1300x1700%2Frrq250186119211_cbrown.jpg&v=3&w=400&s=aoH9gbLxX5y_hDJridYnM3hE&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x372, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0eeda7e6493484cfb7f70b2967c08177
35b93c5f4f4652bd480397742e1d7edf02399d31
b1b70f74f765bdeacace86455a42be94b01ab5957f2fbaea09fbba672defef41
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Froyal-republiq%2F1300x1700%2Frrq250186119211_cbrown.jpg&v=3&w=400&s=aoH9gbLxX5y_hDJridYnM3hE&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30502983
expires: Sun, 21 Jan 2024 05:45:13 GMT
date: Thu, 02 Feb 2023 04:42:08 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7318
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fminus%2F1300x1700%2Fmnsmi5104_csort_v100.jpg&v=3&w=400&s=UU5Eev-KFEMFj_LOwCi52rTp&b=400
178.250.0.139200 OK 13 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fminus%2F1300x1700%2Fmnsmi5104_csort_v100.jpg&v=3&w=400&s=UU5Eev-KFEMFj_LOwCi52rTp&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 323x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 433c165fe46d9a440b1baa38f89cfaa1
64952c32ca6966c31994a2e31a37f3fe6abc6754
6d3eb41e09491534880dcac9e4c75587cc6e045608e87b217240eff77a7da6db
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fminus%2F1300x1700%2Fmnsmi5104_csort_v100.jpg&v=3&w=400&s=UU5Eev-KFEMFj_LOwCi52rTp&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31215647
expires: Mon, 29 Jan 2024 11:42:57 GMT
date: Thu, 02 Feb 2023 04:42:08 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 12570
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F6b2cbc591def47e4ac7422e5a028f464_800x1200_no.png&v=3&w=1200&s=N61iHYqAK5W6DTHZxRSAYnmO
178.250.0.139200 OK 84 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F6b2cbc591def47e4ac7422e5a028f464_800x1200_no.png&v=3&w=1200&s=N61iHYqAK5W6DTHZxRSAYnmO
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash babac81dc2e4da2b8343e7d76bbbb357
c89b8eaf661b9220a82f950997eaaa899dd69ea2
5ba6a375ea3c3582d4aa716da8602fb2551bc8b2dcbfc1b8f5913f49f9466e70
GET /img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F6b2cbc591def47e4ac7422e5a028f464_800x1200_no.png&v=3&w=1200&s=N61iHYqAK5W6DTHZxRSAYnmO HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=28354467
expires: Wed, 27 Dec 2023 08:56:37 GMT
date: Thu, 02 Feb 2023 04:42:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 84090
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=92&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=668&s=gxPZjUP0BaWPFrJ7tyND3XwD
178.250.0.139200 OK 2.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=92&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=668&s=gxPZjUP0BaWPFrJ7tyND3XwD
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 245x92, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5eb10dd94e8094217e2622b3ed7cfb4e
468e6e08995be2e06747261ceff2103c913afdc5
77d4938753c78b0197727babcba341fcb52ebd819260d406844b47cec0c53032
GET /img/img?h=92&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=668&s=gxPZjUP0BaWPFrJ7tyND3XwD HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31023898
expires: Sat, 27 Jan 2024 06:27:07 GMT
date: Thu, 02 Feb 2023 04:42:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 2500
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf2042572801_ctan.jpg&v=3&w=400&s=yguIR5sXcpFaRoJdojLU19MR&b=400
178.250.0.139200 OK 10 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf2042572801_ctan.jpg&v=3&w=400&s=yguIR5sXcpFaRoJdojLU19MR&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x307, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 856474342b119d29cf8fa714fe0109ac
1d4f33c60dfa8dfa3f03045950b7d9a616f0a421
d0c0c14368d20206a0c461972f40e5a5ed3c71b1f75e49c424235dedc26be753
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf2042572801_ctan.jpg&v=3&w=400&s=yguIR5sXcpFaRoJdojLU19MR&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=29566786
expires: Wed, 10 Jan 2024 09:41:56 GMT
date: Thu, 02 Feb 2023 04:42:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10470
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl4204690_cterracottapink_v602.jpg&v=3&w=400&s=eTsdE5ngirMsQm_-YjZ0ubvm&b=400
178.250.0.139200 OK 7.6 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl4204690_cterracottapink_v602.jpg&v=3&w=400&s=eTsdE5ngirMsQm_-YjZ0ubvm&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 312x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 38bf6712176786be1a3887075d3d6da4
c2e5bbe325577a9e3f3cbc71658e9f2f389ad58d
6d1779becee49583f7c887a28c195101f89b47d60a668015fa939b3b32c4094c
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl4204690_cterracottapink_v602.jpg&v=3&w=400&s=eTsdE5ngirMsQm_-YjZ0ubvm&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=29300026
expires: Sun, 07 Jan 2024 07:35:55 GMT
date: Thu, 02 Feb 2023 04:42:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7552
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Farauto-rap%2F1300x1700%2Fara81019_cpink_v34.jpg&v=3&w=400&s=45jEAzmzxcH1lW9HlMiGcXBB&b=400
178.250.0.139200 OK 10 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Farauto-rap%2F1300x1700%2Fara81019_cpink_v34.jpg&v=3&w=400&s=45jEAzmzxcH1lW9HlMiGcXBB&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x328, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5bbd5a6deed04732f39740f18ed87c4e
bd06da739c5e96a93ec6a59cd32cc233c7647020
5766885993ebc3843ebde2a9ce4477a8485e6c3174fd4011151fe441f79cfa21
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Farauto-rap%2F1300x1700%2Fara81019_cpink_v34.jpg&v=3&w=400&s=45jEAzmzxcH1lW9HlMiGcXBB&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=29744259
expires: Fri, 12 Jan 2024 10:59:49 GMT
date: Thu, 02 Feb 2023 04:42:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10472
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y9s_HwABEUAKGaxJAAJQrzYf5XLltC3n46RQ2Q&u=%7C0KpFto9oRtp8uEWowh5mhgasy8ASZpk%2B96oxk5wYa8w%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcf3eZ29jXGD0YiLLHRwSijT7k5XzVsocl4zILuAsJnz3TCcBccZgBaPfZdhfuVNq2GS3ZkDkhRG8QkfCJ068ho7p2nHV4it1vt7RjJ3CbUjFmcfphmd9TV7QeCext1yWbzwyUpk3KMH_Mqr3bwerJQCoLVMoMdCyYDpbhzXvjYfzH9Nd3PbfGOqODpL2tJeI3Chtq5ijWntx-8ouD9SshTdZkwjosZ-rAKLCMxDzV9Y6T9uvplSgCVJAj0_c5WTRigEWzfEPBhCJCtQv9scBpYurDoYfRCRTbIzUKcerrIvW1fqW-yHisG4Meq8kX73h5ZgTwBckxeYtJ0kVVFJHZkNm5jbqEAT4mv9q1Zzm9SxI9f20i2rSB0DQVPTM4MV36VoYpiGVlDD8qcM9fwh_gaa_cZDw7oGutRODZNATco7G38InDfrbPoEb25I_puToVdXgzcgQgm7u8x3dxi3kQep81JIguMZX87wYVpCJqqpIqd-mr7cgOfn14wCyL5corcu5tjsZC4Cy8BYJv_2Td1&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuaZtHz_bY8CiBMnYZq-hicANyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0zNjczNDk4NzA0NDIxNzc4yAEJqQKaVz4LtW6yPqgDAaoE1QFP0HFA1k9q8H7G_PGo01aNHC-FBUz0ZV3MysUXiCakVdMzAhsLHLpTD9UZCB59AAc80U21OTH-p3gIfSJnN3DorS0ANWsLzY3cy_zQ8NGqlwPKA3zp610QLInZ8D__SmQj1NzxW_LhU2u35WWxyibTUNWC62STNC_uQrX4g6Mjp2dIieZcxaSHCKlBt0Eb5aEOLqZ__aU8SY9Y5STpl92efMtBJAc4Jtv7bEG90ff-ID-7fhYZOwBx0SuTgeKzcgMOuc9Q8i8pl0nMREylSl_T4QtoOv2ABt2t4pzGm42riwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1d6IPH_ALNsRWS7WZ6hka8vF_bQA%26client%3Dca-pub-3673498704421778%26adurl%3D
178.250.0.138200 OK 60 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y9s_HwABEUAKGaxJAAJQrzYf5XLltC3n46RQ2Q&u=%7C0KpFto9oRtp8uEWowh5mhgasy8ASZpk%2B96oxk5wYa8w%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcf3eZ29jXGD0YiLLHRwSijT7k5XzVsocl4zILuAsJnz3TCcBccZgBaPfZdhfuVNq2GS3ZkDkhRG8QkfCJ068ho7p2nHV4it1vt7RjJ3CbUjFmcfphmd9TV7QeCext1yWbzwyUpk3KMH_Mqr3bwerJQCoLVMoMdCyYDpbhzXvjYfzH9Nd3PbfGOqODpL2tJeI3Chtq5ijWntx-8ouD9SshTdZkwjosZ-rAKLCMxDzV9Y6T9uvplSgCVJAj0_c5WTRigEWzfEPBhCJCtQv9scBpYurDoYfRCRTbIzUKcerrIvW1fqW-yHisG4Meq8kX73h5ZgTwBckxeYtJ0kVVFJHZkNm5jbqEAT4mv9q1Zzm9SxI9f20i2rSB0DQVPTM4MV36VoYpiGVlDD8qcM9fwh_gaa_cZDw7oGutRODZNATco7G38InDfrbPoEb25I_puToVdXgzcgQgm7u8x3dxi3kQep81JIguMZX87wYVpCJqqpIqd-mr7cgOfn14wCyL5corcu5tjsZC4Cy8BYJv_2Td1&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuaZtHz_bY8CiBMnYZq-hicANyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0zNjczNDk4NzA0NDIxNzc4yAEJqQKaVz4LtW6yPqgDAaoE1QFP0HFA1k9q8H7G_PGo01aNHC-FBUz0ZV3MysUXiCakVdMzAhsLHLpTD9UZCB59AAc80U21OTH-p3gIfSJnN3DorS0ANWsLzY3cy_zQ8NGqlwPKA3zp610QLInZ8D__SmQj1NzxW_LhU2u35WWxyibTUNWC62STNC_uQrX4g6Mjp2dIieZcxaSHCKlBt0Eb5aEOLqZ__aU8SY9Y5STpl92efMtBJAc4Jtv7bEG90ff-ID-7fhYZOwBx0SuTgeKzcgMOuc9Q8i8pl0nMREylSl_T4QtoOv2ABt2t4pzGm42riwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1d6IPH_ALNsRWS7WZ6hka8vF_bQA%26client%3Dca-pub-3673498704421778%26adurl%3D
IP 178.250.0.138:0
Hash 33d64605f17a8230e761c9cb29fbe058
9ea85ad3b533fee94212f97d91973bc034bfe4e0
a8a96dc9221e67d15253e9d7e43302b13ea5bffec26aed80158fba2ae2e377d1
GET /delivery/r/afr.php?z=Y9s_HwABEUAKGaxJAAJQrzYf5XLltC3n46RQ2Q&u=%7C0KpFto9oRtp8uEWowh5mhgasy8ASZpk%2B96oxk5wYa8w%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcf3eZ29jXGD0YiLLHRwSijT7k5XzVsocl4zILuAsJnz3TCcBccZgBaPfZdhfuVNq2GS3ZkDkhRG8QkfCJ068ho7p2nHV4it1vt7RjJ3CbUjFmcfphmd9TV7QeCext1yWbzwyUpk3KMH_Mqr3bwerJQCoLVMoMdCyYDpbhzXvjYfzH9Nd3PbfGOqODpL2tJeI3Chtq5ijWntx-8ouD9SshTdZkwjosZ-rAKLCMxDzV9Y6T9uvplSgCVJAj0_c5WTRigEWzfEPBhCJCtQv9scBpYurDoYfRCRTbIzUKcerrIvW1fqW-yHisG4Meq8kX73h5ZgTwBckxeYtJ0kVVFJHZkNm5jbqEAT4mv9q1Zzm9SxI9f20i2rSB0DQVPTM4MV36VoYpiGVlDD8qcM9fwh_gaa_cZDw7oGutRODZNATco7G38InDfrbPoEb25I_puToVdXgzcgQgm7u8x3dxi3kQep81JIguMZX87wYVpCJqqpIqd-mr7cgOfn14wCyL5corcu5tjsZC4Cy8BYJv_2Td1&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuaZtHz_bY8CiBMnYZq-hicANyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0zNjczNDk4NzA0NDIxNzc4yAEJqQKaVz4LtW6yPqgDAaoE1QFP0HFA1k9q8H7G_PGo01aNHC-FBUz0ZV3MysUXiCakVdMzAhsLHLpTD9UZCB59AAc80U21OTH-p3gIfSJnN3DorS0ANWsLzY3cy_zQ8NGqlwPKA3zp610QLInZ8D__SmQj1NzxW_LhU2u35WWxyibTUNWC62STNC_uQrX4g6Mjp2dIieZcxaSHCKlBt0Eb5aEOLqZ__aU8SY9Y5STpl92efMtBJAc4Jtv7bEG90ff-ID-7fhYZOwBx0SuTgeKzcgMOuc9Q8i8pl0nMREylSl_T4QtoOv2ABt2t4pzGm42riwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1d6IPH_ALNsRWS7WZ6hka8vF_bQA%26client%3Dca-pub-3673498704421778%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 04:42:07 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=7zESRmqcc-cLqz8wXslfzGEypFo6SohwX9hmdGtCg-dtoEvO_WhPw0D0K9t8AT9eSXR3KYAr1-0DYy1SD4nf_0HaCEHUbp6zJ3MV-K7IvOkIAHMl6XyJHgzjuCfdfR2E3f2GmjTvhLuQftQYCiZon4g5vmyBwaYdQ-hZoeqN2ORtzkp8Q0b9d9kbUfMg62JXkBQ0Lpmeb2sd50wxEam1ugqD9ZcQmr8azkCMs8Avzr4WXsT-WKyjF9IwjEBiBoyUqrGgaUo5_yoxhV6n"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 82931591
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=76&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=596&s=DLwx-mknMWEboNKRNcTgceP-
178.250.0.139200 OK 2.1 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=76&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=596&s=DLwx-mknMWEboNKRNcTgceP-
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 202x76, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7f58fb2e416c7ff2cec3c25d249d424d
ab8b97c07381c9c0b71bb1f71b83c359df3eaee3
3ddf75832e537b8ad21b428faa9a979bc4675460ebe3b125e9057b15938a0183
GET /img/img?h=76&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=596&s=DLwx-mknMWEboNKRNcTgceP- HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31023898
expires: Sat, 27 Jan 2024 06:27:07 GMT
date: Thu, 02 Feb 2023 04:42:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 2088
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=7zESRmqcc-cLqz8wXslfzGEypFo6SohwX9hmdGtCg-dtoEvO_WhPw0D0K9t8AT9eSXR3KYAr1-0DYy1SD4nf_0HaCEHUbp6zJ3MV-K7IvOkIAHMl6XyJHgzjuCfdfR2E3f2GmjTvhLuQftQYCiZon4g5vmyBwaYdQ-hZoeqN2ORtzkp8Q0b9d9kbUfMg62JXkBQ0Lpmeb2sd50wxEam1ugqD9ZcQmr8azkCMs8Avzr4WXsT-WKyjF9IwjEBiBoyUqrGgaUo5_yoxhV6n&sds=2&rev=84569&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=7zESRmqcc-cLqz8wXslfzGEypFo6SohwX9hmdGtCg-dtoEvO_WhPw0D0K9t8AT9eSXR3KYAr1-0DYy1SD4nf_0HaCEHUbp6zJ3MV-K7IvOkIAHMl6XyJHgzjuCfdfR2E3f2GmjTvhLuQftQYCiZon4g5vmyBwaYdQ-hZoeqN2ORtzkp8Q0b9d9kbUfMg62JXkBQ0Lpmeb2sd50wxEam1ugqD9ZcQmr8azkCMs8Avzr4WXsT-WKyjF9IwjEBiBoyUqrGgaUo5_yoxhV6n&sds=2&rev=84569&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=7zESRmqcc-cLqz8wXslfzGEypFo6SohwX9hmdGtCg-dtoEvO_WhPw0D0K9t8AT9eSXR3KYAr1-0DYy1SD4nf_0HaCEHUbp6zJ3MV-K7IvOkIAHMl6XyJHgzjuCfdfR2E3f2GmjTvhLuQftQYCiZon4g5vmyBwaYdQ-hZoeqN2ORtzkp8Q0b9d9kbUfMg62JXkBQ0Lpmeb2sd50wxEam1ugqD9ZcQmr8azkCMs8Avzr4WXsT-WKyjF9IwjEBiBoyUqrGgaUo5_yoxhV6n&sds=2&rev=84569&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 36
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 04:42:09 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=8kRXu2qcc-cLqz8wAoZ9UVHxjWK20e_sAFNbFauDAADiCYq4L2gMtg8-x89fQO8HfowxXJfL7pfTEK_9G__tI0XTO_0B2IjEMxI9qseQAP6REFr0ecNJJ98BEgrT3GZAgLamCyVorAeu2oMJKEY_NgJD4gF9BiRX4FvHvKMczsmcFvKH-ds9t1u-AGcHbC9KZTiJsDLFwrWoCl3dZRtqvPHr_wGcWU7OkH8u2KGhWEjF3oX4ZbBdcAZT3kloQhw91hgGmA&sds=2&rev=84569&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=8kRXu2qcc-cLqz8wAoZ9UVHxjWK20e_sAFNbFauDAADiCYq4L2gMtg8-x89fQO8HfowxXJfL7pfTEK_9G__tI0XTO_0B2IjEMxI9qseQAP6REFr0ecNJJ98BEgrT3GZAgLamCyVorAeu2oMJKEY_NgJD4gF9BiRX4FvHvKMczsmcFvKH-ds9t1u-AGcHbC9KZTiJsDLFwrWoCl3dZRtqvPHr_wGcWU7OkH8u2KGhWEjF3oX4ZbBdcAZT3kloQhw91hgGmA&sds=2&rev=84569&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=8kRXu2qcc-cLqz8wAoZ9UVHxjWK20e_sAFNbFauDAADiCYq4L2gMtg8-x89fQO8HfowxXJfL7pfTEK_9G__tI0XTO_0B2IjEMxI9qseQAP6REFr0ecNJJ98BEgrT3GZAgLamCyVorAeu2oMJKEY_NgJD4gF9BiRX4FvHvKMczsmcFvKH-ds9t1u-AGcHbC9KZTiJsDLFwrWoCl3dZRtqvPHr_wGcWU7OkH8u2KGhWEjF3oX4ZbBdcAZT3kloQhw91hgGmA&sds=2&rev=84569&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 36
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 04:42:10 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=10Abl2qcc-cLqz8wgcIDZ6ATFVGaYtkRsQreBBBaekdFTRKBGjf0qkyE5hcyy6ixRACGIOO3j6ao0LLtf0trQuGWAGryz2MZbTkGaUaz_7BhuVE85qFgGyGodTtJn1F2zm1mhGlJbQfI0uA4ike0the5EUK8nMHHQb0c4KTltzkg0MaXK8AmOoHoaMZrkiIQ3IDbLhm_Jc4nEJHbCyMQdJdO3QHkqMRm42Gm9OSFvkHEswrWdfMJw1J7PtgpDbSXEJJyrQ&sds=2&rev=84569&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=10Abl2qcc-cLqz8wgcIDZ6ATFVGaYtkRsQreBBBaekdFTRKBGjf0qkyE5hcyy6ixRACGIOO3j6ao0LLtf0trQuGWAGryz2MZbTkGaUaz_7BhuVE85qFgGyGodTtJn1F2zm1mhGlJbQfI0uA4ike0the5EUK8nMHHQb0c4KTltzkg0MaXK8AmOoHoaMZrkiIQ3IDbLhm_Jc4nEJHbCyMQdJdO3QHkqMRm42Gm9OSFvkHEswrWdfMJw1J7PtgpDbSXEJJyrQ&sds=2&rev=84569&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=10Abl2qcc-cLqz8wgcIDZ6ATFVGaYtkRsQreBBBaekdFTRKBGjf0qkyE5hcyy6ixRACGIOO3j6ao0LLtf0trQuGWAGryz2MZbTkGaUaz_7BhuVE85qFgGyGodTtJn1F2zm1mhGlJbQfI0uA4ike0the5EUK8nMHHQb0c4KTltzkg0MaXK8AmOoHoaMZrkiIQ3IDbLhm_Jc4nEJHbCyMQdJdO3QHkqMRm42Gm9OSFvkHEswrWdfMJw1J7PtgpDbSXEJJyrQ&sds=2&rev=84569&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 36
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 04:42:09 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=WS_Nnmqcc-cLqz8w7f-872VSa84pK8veOQS-nX0WN8bBbY7-hkimjDmBT1OaXp8fK9VF-eXtzUWwMM70MZaLxDDF_0fMVEjxyxPZJtYLfqG5iNGXuXaWhIUJ9qHiTFhLLkZjR7E3SwLLR9vAN59JhRkhUTv_REtk62fRyLtHtAjm_AUBCo68wLmBBWVzeaWLwpub__hfaqzPTU9BWBJZbvZEs0mB4OPN1D1N83IvL9DmJKeQP0oIerMGgGcFxQtMMgz_6Q&sds=2&rev=84569&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=WS_Nnmqcc-cLqz8w7f-872VSa84pK8veOQS-nX0WN8bBbY7-hkimjDmBT1OaXp8fK9VF-eXtzUWwMM70MZaLxDDF_0fMVEjxyxPZJtYLfqG5iNGXuXaWhIUJ9qHiTFhLLkZjR7E3SwLLR9vAN59JhRkhUTv_REtk62fRyLtHtAjm_AUBCo68wLmBBWVzeaWLwpub__hfaqzPTU9BWBJZbvZEs0mB4OPN1D1N83IvL9DmJKeQP0oIerMGgGcFxQtMMgz_6Q&sds=2&rev=84569&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=WS_Nnmqcc-cLqz8w7f-872VSa84pK8veOQS-nX0WN8bBbY7-hkimjDmBT1OaXp8fK9VF-eXtzUWwMM70MZaLxDDF_0fMVEjxyxPZJtYLfqG5iNGXuXaWhIUJ9qHiTFhLLkZjR7E3SwLLR9vAN59JhRkhUTv_REtk62fRyLtHtAjm_AUBCo68wLmBBWVzeaWLwpub__hfaqzPTU9BWBJZbvZEs0mB4OPN1D1N83IvL9DmJKeQP0oIerMGgGcFxQtMMgz_6Q&sds=2&rev=84569&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 36
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 04:42:10 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/adchoices_en.svg
178.250.2.130200 OK 13 kB URL HTTP/2 static.criteo.net/flash/icon/adchoices_en.svg
IP 178.250.2.130:0
Hash a71478a6f90531fe38fec5092f9b42a7
93c957709f5610643d46a2dad8a1fb34bc947782
5c4ee27e48e2b096a717a1ad741f33dbb983e139b5879e7759d0f0d9950633eb
GET /flash/icon/adchoices_en.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 04:42:09 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
etag: W/"5e42b9ee-759"
expires: Sun, 28 Jan 2024 04:42:09 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy_small.svg
178.250.2.130200 OK 13 kB URL HTTP/2 static.criteo.net/flash/icon/privacy_small.svg
IP 178.250.2.130:0
Hash fa9e16f6b9975dc49a5f95e1b4652d37
9dd69e9293ab84c7df5f5a9fd078c329967e8f85
37dba634b2d14f8bef82d8a34b869fd80b947e613c704157ce4102656c511431
GET /flash/icon/privacy_small.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 04:42:09 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
etag: W/"5e42ba84-6aa"
expires: Sun, 28 Jan 2024 04:42:09 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Q56xwt93wCs3txwqPiSRw8TATw4Uqx3fb6lu8cpz6phhSXFjdgZEX7zwpRYF9NZTx4GnhGt4B2O98xQ5UcgwPe7W0eItnVxIua7dPBxgQ-Iqfkuqor9MAbVPK6YdR8_Qepsx37vY8IYZTlZ1KRA4lRrFmpS0N9kiQMCHxgTmjEfgYAG0EY7GwW-xV-Fe98KwYv8nwP9LMuo8I-2eHhhRPj13Mbxwn5eZUeNkcib5ZYJISGlMumMF0dUMVWkOwBSD-txJO8e2jEkGAQXSOvJx5TtuZNHQIRnYH-AhA2eirWrIP0A1lmt_W0QbEA3T6hTamgRhADfes7DQFC16QHVYFsZk3S6B5gOHkaLpE2UQnATecX1ZJE4TU4PLXYGFmS_ks4N5nzVEeqP5ss19bsYeoPWUK_lBX3s_XNpXPN752ZBO6ZjFeLN0mbJwa7vjv07uw5sVqw
178.250.0.160200 OK 20 kB URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Q56xwt93wCs3txwqPiSRw8TATw4Uqx3fb6lu8cpz6phhSXFjdgZEX7zwpRYF9NZTx4GnhGt4B2O98xQ5UcgwPe7W0eItnVxIua7dPBxgQ-Iqfkuqor9MAbVPK6YdR8_Qepsx37vY8IYZTlZ1KRA4lRrFmpS0N9kiQMCHxgTmjEfgYAG0EY7GwW-xV-Fe98KwYv8nwP9LMuo8I-2eHhhRPj13Mbxwn5eZUeNkcib5ZYJISGlMumMF0dUMVWkOwBSD-txJO8e2jEkGAQXSOvJx5TtuZNHQIRnYH-AhA2eirWrIP0A1lmt_W0QbEA3T6hTamgRhADfes7DQFC16QHVYFsZk3S6B5gOHkaLpE2UQnATecX1ZJE4TU4PLXYGFmS_ks4N5nzVEeqP5ss19bsYeoPWUK_lBX3s_XNpXPN752ZBO6ZjFeLN0mbJwa7vjv07uw5sVqw
IP 178.250.0.160:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 68185b2e1912dbfd443b92b65561c29d
ac7da6c7fb5d5dd4fca4839343391ae0b7548065
041f3ee5c3ad02662285c42bc5ce9cfc2353d7890aa05df585f9102a0b514f63
GET /delivery/lg.php?cppv=3&cpp=Q56xwt93wCs3txwqPiSRw8TATw4Uqx3fb6lu8cpz6phhSXFjdgZEX7zwpRYF9NZTx4GnhGt4B2O98xQ5UcgwPe7W0eItnVxIua7dPBxgQ-Iqfkuqor9MAbVPK6YdR8_Qepsx37vY8IYZTlZ1KRA4lRrFmpS0N9kiQMCHxgTmjEfgYAG0EY7GwW-xV-Fe98KwYv8nwP9LMuo8I-2eHhhRPj13Mbxwn5eZUeNkcib5ZYJISGlMumMF0dUMVWkOwBSD-txJO8e2jEkGAQXSOvJx5TtuZNHQIRnYH-AhA2eirWrIP0A1lmt_W0QbEA3T6hTamgRhADfes7DQFC16QHVYFsZk3S6B5gOHkaLpE2UQnATecX1ZJE4TU4PLXYGFmS_ks4N5nzVEeqP5ss19bsYeoPWUK_lBX3s_XNpXPN752ZBO6ZjFeLN0mbJwa7vjv07uw5sVqw HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 04:42:09 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2859511
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
www.youtube.com/embed/j4QstrrfdKo
142.250.74.78301 Moved Permanently 0 B URL HTTP/1.1 www.youtube.com/embed/j4QstrrfdKo
IP 142.250.74.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/j4QstrrfdKo HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://map1malaysia.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 02 Feb 2023 04:42:10 GMT
Location: https://www.youtube.com/embed/j4QstrrfdKo
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=bLTVpt93wCs3txwqPiSRw8TATw4_aoQW0iWiQVWufdIDe5tsihcmEzhsebfbAKyuXmFdzq4NW-Ir7OnAmg-J3ijleC4Z6DxSNzXuwFhQhPBkNOhyCr3BRNWk6Ew_OqhzYD0eZ7of1E2eMFTve7K5u5V9XxYBqpouF95mKAcJaB71-fTUH8ucbiwGMmRRbAoL-Ty9lF611uQ3wl7Km0QmyTIM2rQ5wU7_Z8jMZjZyVV-fFtBKg8sHM63v1b12SjkKh4XmU6tKwwczIWbtWXMWyq2ASDBgt6E_LIr_dGbNDzQ208Tr6XT2v20rtzA5W2PzDzAFxfNzrut15bQBtUaQVAtUE_QiRXLMv3b55oAH-5JbaZJ09EWukeU3zYZ4ckKapaFB7TSoD-YCbiMSC38k1UrxXt3CN78KnxwdD7SWE7655IEPt9Tf2Q2S372RBWyrJYTmuQ
178.250.0.160200 OK 23 kB URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=bLTVpt93wCs3txwqPiSRw8TATw4_aoQW0iWiQVWufdIDe5tsihcmEzhsebfbAKyuXmFdzq4NW-Ir7OnAmg-J3ijleC4Z6DxSNzXuwFhQhPBkNOhyCr3BRNWk6Ew_OqhzYD0eZ7of1E2eMFTve7K5u5V9XxYBqpouF95mKAcJaB71-fTUH8ucbiwGMmRRbAoL-Ty9lF611uQ3wl7Km0QmyTIM2rQ5wU7_Z8jMZjZyVV-fFtBKg8sHM63v1b12SjkKh4XmU6tKwwczIWbtWXMWyq2ASDBgt6E_LIr_dGbNDzQ208Tr6XT2v20rtzA5W2PzDzAFxfNzrut15bQBtUaQVAtUE_QiRXLMv3b55oAH-5JbaZJ09EWukeU3zYZ4ckKapaFB7TSoD-YCbiMSC38k1UrxXt3CN78KnxwdD7SWE7655IEPt9Tf2Q2S372RBWyrJYTmuQ
IP 178.250.0.160:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 98447503b2fde9c31c31227ff4664e3c
ac86f083e29556298cd5782564d82edc7747060a
2d5e0d2f9b793f26ff0c9e1149939d50eafe9ecb93a6fabc0325c0310bdf9164
GET /delivery/lg.php?cppv=3&cpp=bLTVpt93wCs3txwqPiSRw8TATw4_aoQW0iWiQVWufdIDe5tsihcmEzhsebfbAKyuXmFdzq4NW-Ir7OnAmg-J3ijleC4Z6DxSNzXuwFhQhPBkNOhyCr3BRNWk6Ew_OqhzYD0eZ7of1E2eMFTve7K5u5V9XxYBqpouF95mKAcJaB71-fTUH8ucbiwGMmRRbAoL-Ty9lF611uQ3wl7Km0QmyTIM2rQ5wU7_Z8jMZjZyVV-fFtBKg8sHM63v1b12SjkKh4XmU6tKwwczIWbtWXMWyq2ASDBgt6E_LIr_dGbNDzQ208Tr6XT2v20rtzA5W2PzDzAFxfNzrut15bQBtUaQVAtUE_QiRXLMv3b55oAH-5JbaZJ09EWukeU3zYZ4ckKapaFB7TSoD-YCbiMSC38k1UrxXt3CN78KnxwdD7SWE7655IEPt9Tf2Q2S372RBWyrJYTmuQ HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 04:42:09 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3009904
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/animejs/animejs.js
178.250.2.130200 OK 29 kB URL HTTP/2 static.criteo.net/animejs/animejs.js
IP 178.250.2.130:0
Hash 26374f715ef35dc457484c4abf73162f
a571a8312face0568a83befc1d784b2cac2cc43b
20afb18a1ef0bc4f0662337d7e961b13c1023a72acbb1f10072f1debf21598ec
GET /animejs/animejs.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 04:42:09 GMT
content-type: text/javascript
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
etag: W/"5c9a64eb-3181"
expires: Sun, 28 Jan 2024 04:42:09 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:48:03 GMT
expires: Fri, 26 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 543248
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 16:40:43 GMT
expires: Fri, 26 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 561688
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a456cd9684a2ff020b854f178c06b509
b5a9e34f112cbe6d41b695ce7234cfe83de1356e
75b3ff1ea527598880cd41f65ebc03440b0ed019d53f8de1b4588de04bc4919e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Cookie: IDE=AHWqTUlNHWiXmKSg42vVDr2So1dCkD5HRuirsUfKZtBwSfXPei4-ktsUs9rw2lWk2H0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 04:28:12 GMT
expires: Thu, 02 Feb 2023 04:43:12 GMT
cache-control: public, max-age=900
age: 840
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 1.8 kB IP 142.250.74.131:0
File type gzip compressed data, max compression\012- data
Hash f23599d228c763a53ef1c9c69731504c
22785e3a7f4d73ab814bd16f6f603cbbdba0fdf7
3eece4da7412db63ba082af72e4de8a0d93d6397299ceb1a1088c0a11e94d064
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 02 Feb 2023 04:42:13 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 809a4a119f634a989779b8d2b2f9a52c
4094f04287c156a64a813aebae8868271d1667ab
140af6ba021500a37b4d813a99e945104dbb2be1676e79dd22bca190288edc58
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 02 Feb 2023 04:42:13 GMT
server: ESF
cache-control: private
content-length: 30838
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash df74d0c5bbc711a484e4508808c3357a
304f6b29d37c4f6ae20a4031ec6b3a879f9928c8
14200bd4d7eff065de2b62f1770c31edb357a95390c619867f00660a88e92ae8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/j4QstrrfdKo/sddefault.jpg
142.250.74.182200 OK 19 kB URL HTTP/2 i.ytimg.com/vi/j4QstrrfdKo/sddefault.jpg
IP 142.250.74.182:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash 6eb01d614168baf4e2905b69d279df6d
7ba01977a9db148c0435c678f18a1468448037d5
594f3fd349aee4edf1cb07fabf04dec47d4a238ef243d2795ee60a22941c7ae9
GET /vi/j4QstrrfdKo/sddefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 18735
date: Thu, 02 Feb 2023 04:42:13 GMT
expires: Thu, 02 Feb 2023 06:42:13 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash df74d0c5bbc711a484e4508808c3357a
304f6b29d37c4f6ae20a4031ec6b3a879f9928c8
14200bd4d7eff065de2b62f1770c31edb357a95390c619867f00660a88e92ae8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:42:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/JbiwkTU-ZO-zWM_iNRn4ripFvOXEJUw6i6KOP7LHfhMv42Kf47QkwbURnJSNcTdAkZf1NCh3=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.5 kB URL HTTP/2 yt3.ggpht.com/JbiwkTU-ZO-zWM_iNRn4ripFvOXEJUw6i6KOP7LHfhMv42Kf47QkwbURnJSNcTdAkZf1NCh3=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash a19f53b31f6f8f7a47f0c415e1f73e20
33eb35c3a8c80a5300736f26c41f67903bd77bc7
253e258445626f8c62aaf71c787861bc962b27a414904ce20575c298945f0262
GET /JbiwkTU-ZO-zWM_iNRn4ripFvOXEJUw6i6KOP7LHfhMv42Kf47QkwbURnJSNcTdAkZf1NCh3=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Fri, 03 Feb 2023 04:42:13 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 04:42:13 GMT
server: fife
content-length: 2488
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.criteo.net/design/dt/2978/230117/1f6c137488ae43d38b258000f069e86c_1-1_new-season-home.mp4
178.250.2.130206 Partial Content 2.1 MB URL HTTP/2 static.criteo.net/design/dt/2978/230117/1f6c137488ae43d38b258000f069e86c_1-1_new-season-home.mp4
IP 178.250.2.130:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 2.1 MB (2133404 bytes)
Hash 4fc4f4def3d49c3428a5e44d9390969d
ad9cbfcb59bded630a57aa66308c6105e543828f
0753c3afe97caa0e53e059f6760cd9eac0733a8bc4b14cd766c9955f00a3fd1d
GET /design/dt/2978/230117/1f6c137488ae43d38b258000f069e86c_1-1_new-season-home.mp4 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Thu, 02 Feb 2023 04:42:13 GMT
content-type: video/mp4
content-length: 2096212
last-modified: Tue, 17 Jan 2023 12:45:15 GMT
etag: "63c6985b-1ffc54"
expires: Sun, 28 Jan 2024 04:42:13 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-range: bytes 0-2096211/2096212
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/criteo_logo_2021.svg
178.250.2.130200 OK 17 kB URL HTTP/2 static.criteo.net/flash/icon/criteo_logo_2021.svg
IP 178.250.2.130:0
Hash b17ef40c4ab894edc051ef5d6f78d0ad
8afc98cb3dfcdf55af472a5e6d53bb3513d43386
7ce55f6fcc8b8b5ff5ef8288d7a915f4f77a0ef71d896b8422e97f4336646f47
GET /flash/icon/criteo_logo_2021.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 04:42:09 GMT
content-type: image/svg+xml
last-modified: Thu, 27 May 2021 13:21:59 GMT
etag: W/"60af9cf7-891"
expires: Sun, 28 Jan 2024 04:42:09 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=5y6vMN93wCs3txwqPiSRw8TATw4zCt7-ieGizQUX79nTlEOsJ70S8zgRapT7sejLUnLp1syL-2ldbCy7lVMG-W5YOhhGuoKTcHBFNxtwmRrL7WcHqF8GmXWtuTO1bdle8r21HFGzY_OPJXk_U9mE_HvzEbgxU_mLHQbDqlYyg1yYVJUfIB2Za9R8phhi4DrB-gxaf7BviswsoHYwJ_hazfiKOTYCHH_lWJTqVfdqwRpoCjJ65edwmzVljyFsfE-w0DWa52Iq5ZIivl4QgjZETavMFuDwrpnJM8i1U4PoJc71WRRTnhtaS1eCSHCrF0QdSAPITEr4Myv3VbPpoo-NzxrLJysN8jCw_aks8R8bpXeMFv4as8a_gAhXMWhd4ZE8xOUHGvQ-zUSlG4PAZd9SQ4637KmRicglOXikZvkmE9PFZHY4GMmoOQBO1caJdJKA3aziEQ
178.250.0.160200 OK 0 B URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=5y6vMN93wCs3txwqPiSRw8TATw4zCt7-ieGizQUX79nTlEOsJ70S8zgRapT7sejLUnLp1syL-2ldbCy7lVMG-W5YOhhGuoKTcHBFNxtwmRrL7WcHqF8GmXWtuTO1bdle8r21HFGzY_OPJXk_U9mE_HvzEbgxU_mLHQbDqlYyg1yYVJUfIB2Za9R8phhi4DrB-gxaf7BviswsoHYwJ_hazfiKOTYCHH_lWJTqVfdqwRpoCjJ65edwmzVljyFsfE-w0DWa52Iq5ZIivl4QgjZETavMFuDwrpnJM8i1U4PoJc71WRRTnhtaS1eCSHCrF0QdSAPITEr4Myv3VbPpoo-NzxrLJysN8jCw_aks8R8bpXeMFv4as8a_gAhXMWhd4ZE8xOUHGvQ-zUSlG4PAZd9SQ4637KmRicglOXikZvkmE9PFZHY4GMmoOQBO1caJdJKA3aziEQ
IP 178.250.0.160:0
GET /delivery/lg.php?cppv=3&cpp=5y6vMN93wCs3txwqPiSRw8TATw4zCt7-ieGizQUX79nTlEOsJ70S8zgRapT7sejLUnLp1syL-2ldbCy7lVMG-W5YOhhGuoKTcHBFNxtwmRrL7WcHqF8GmXWtuTO1bdle8r21HFGzY_OPJXk_U9mE_HvzEbgxU_mLHQbDqlYyg1yYVJUfIB2Za9R8phhi4DrB-gxaf7BviswsoHYwJ_hazfiKOTYCHH_lWJTqVfdqwRpoCjJ65edwmzVljyFsfE-w0DWa52Iq5ZIivl4QgjZETavMFuDwrpnJM8i1U4PoJc71WRRTnhtaS1eCSHCrF0QdSAPITEr4Myv3VbPpoo-NzxrLJysN8jCw_aks8R8bpXeMFv4as8a_gAhXMWhd4ZE8xOUHGvQ-zUSlG4PAZd9SQ4637KmRicglOXikZvkmE9PFZHY4GMmoOQBO1caJdJKA3aziEQ HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 04:42:08 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3103660
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y9s_HwAAuCsKGVoMAAC2KLaC34vcIpMi21VNUQ&u=%7C0KpFto9oRtrnpP9jVkC6NY82bwG7MO4pWsIuwBPzMz8%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcf3eZ29jXGD0YiLLHRwSijOqNKTuR6zunqAyYQY5eovhuzCDWpEG_hmILdCmJSbzerKId2HV0CGgjRbQSK19Im5d17JxcpV9H1SUlkw9AyPG0lw_H8fWP2mVpe7qxPXVXo4CS2brjXkWsMVQsYXRAjjb10D5JQG7qyDbeCLqMUIiKY-yXbX_JeDqMKHMFbWrxFWgIPS9DZ-xQqJd4ZgmMVBA0C-EhpBLhGgUQfwp2neV8bm6iY-B-MqlGEcs5H2w-ohKoFIcnRiYDsp2a1LS0oC7SxSd1h2MmjjXU9WMN_snYJ9uU08eMRCe2odOWnUCA7dTaGOT44lz_rYFHT2PipqnTDfUzEQ47BxFTYVD0OdWh5z4Ld1WUmQdKemXPQh8QCZuv1wiAQhVAaKRxOqIlhJl417lKBBjyrUbMow76pqs3mY5mkhznIWiry-T1VmzO5aYtRV9z-aQGRlf8L-CyjdiP34gwtsC_BHwj41d4GfJRXbuGhACp0nSuc_Q3kzpe6MXHUUKeqFA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClrRVHz_bY6vwAoy0ZajsgsAMyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0zNjczNDk4NzA0NDIxNzc4yAEJqQKaVz4LtW6yPqgDAaoE2AFP0KmhCYW00p7TcyeT5ILMeCyOViruky949tQYjQf1f0EGZsWqtJGb_-dOLf_HN81_ey6z1V_fgQBH6fg7lsDziVlu-f35Ut-IRfbYBwxTt5jzM87L2RxlmwWTTf4j9bAAiIFl6TIEptxG5_ATdQf8tHj6fikncO26upLbdYAe4hFuyj84f2WaYzQuHZBL5oxk2THsdG-HXWRf7tGhTxBw0O5uU_7Gb1yUL2TLhc_oX09P1oFTY69G-wkeH4ceD9S0gDE1JufqrZnqb5pcTdO89VBRPnOXfeSABt2t4pzGm42riwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2-ix0TqniDtt_D-gExL33KgXYKig%26client%3Dca-pub-3673498704421778%26adurl%3D
178.250.0.138200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y9s_HwAAuCsKGVoMAAC2KLaC34vcIpMi21VNUQ&u=%7C0KpFto9oRtrnpP9jVkC6NY82bwG7MO4pWsIuwBPzMz8%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcf3eZ29jXGD0YiLLHRwSijOqNKTuR6zunqAyYQY5eovhuzCDWpEG_hmILdCmJSbzerKId2HV0CGgjRbQSK19Im5d17JxcpV9H1SUlkw9AyPG0lw_H8fWP2mVpe7qxPXVXo4CS2brjXkWsMVQsYXRAjjb10D5JQG7qyDbeCLqMUIiKY-yXbX_JeDqMKHMFbWrxFWgIPS9DZ-xQqJd4ZgmMVBA0C-EhpBLhGgUQfwp2neV8bm6iY-B-MqlGEcs5H2w-ohKoFIcnRiYDsp2a1LS0oC7SxSd1h2MmjjXU9WMN_snYJ9uU08eMRCe2odOWnUCA7dTaGOT44lz_rYFHT2PipqnTDfUzEQ47BxFTYVD0OdWh5z4Ld1WUmQdKemXPQh8QCZuv1wiAQhVAaKRxOqIlhJl417lKBBjyrUbMow76pqs3mY5mkhznIWiry-T1VmzO5aYtRV9z-aQGRlf8L-CyjdiP34gwtsC_BHwj41d4GfJRXbuGhACp0nSuc_Q3kzpe6MXHUUKeqFA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClrRVHz_bY6vwAoy0ZajsgsAMyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0zNjczNDk4NzA0NDIxNzc4yAEJqQKaVz4LtW6yPqgDAaoE2AFP0KmhCYW00p7TcyeT5ILMeCyOViruky949tQYjQf1f0EGZsWqtJGb_-dOLf_HN81_ey6z1V_fgQBH6fg7lsDziVlu-f35Ut-IRfbYBwxTt5jzM87L2RxlmwWTTf4j9bAAiIFl6TIEptxG5_ATdQf8tHj6fikncO26upLbdYAe4hFuyj84f2WaYzQuHZBL5oxk2THsdG-HXWRf7tGhTxBw0O5uU_7Gb1yUL2TLhc_oX09P1oFTY69G-wkeH4ceD9S0gDE1JufqrZnqb5pcTdO89VBRPnOXfeSABt2t4pzGm42riwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2-ix0TqniDtt_D-gExL33KgXYKig%26client%3Dca-pub-3673498704421778%26adurl%3D
IP 178.250.0.138:0
GET /delivery/r/afr.php?z=Y9s_HwAAuCsKGVoMAAC2KLaC34vcIpMi21VNUQ&u=%7C0KpFto9oRtrnpP9jVkC6NY82bwG7MO4pWsIuwBPzMz8%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcf3eZ29jXGD0YiLLHRwSijOqNKTuR6zunqAyYQY5eovhuzCDWpEG_hmILdCmJSbzerKId2HV0CGgjRbQSK19Im5d17JxcpV9H1SUlkw9AyPG0lw_H8fWP2mVpe7qxPXVXo4CS2brjXkWsMVQsYXRAjjb10D5JQG7qyDbeCLqMUIiKY-yXbX_JeDqMKHMFbWrxFWgIPS9DZ-xQqJd4ZgmMVBA0C-EhpBLhGgUQfwp2neV8bm6iY-B-MqlGEcs5H2w-ohKoFIcnRiYDsp2a1LS0oC7SxSd1h2MmjjXU9WMN_snYJ9uU08eMRCe2odOWnUCA7dTaGOT44lz_rYFHT2PipqnTDfUzEQ47BxFTYVD0OdWh5z4Ld1WUmQdKemXPQh8QCZuv1wiAQhVAaKRxOqIlhJl417lKBBjyrUbMow76pqs3mY5mkhznIWiry-T1VmzO5aYtRV9z-aQGRlf8L-CyjdiP34gwtsC_BHwj41d4GfJRXbuGhACp0nSuc_Q3kzpe6MXHUUKeqFA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClrRVHz_bY6vwAoy0ZajsgsAMyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0zNjczNDk4NzA0NDIxNzc4yAEJqQKaVz4LtW6yPqgDAaoE2AFP0KmhCYW00p7TcyeT5ILMeCyOViruky949tQYjQf1f0EGZsWqtJGb_-dOLf_HN81_ey6z1V_fgQBH6fg7lsDziVlu-f35Ut-IRfbYBwxTt5jzM87L2RxlmwWTTf4j9bAAiIFl6TIEptxG5_ATdQf8tHj6fikncO26upLbdYAe4hFuyj84f2WaYzQuHZBL5oxk2THsdG-HXWRf7tGhTxBw0O5uU_7Gb1yUL2TLhc_oX09P1oFTY69G-wkeH4ceD9S0gDE1JufqrZnqb5pcTdO89VBRPnOXfeSABt2t4pzGm42riwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2-ix0TqniDtt_D-gExL33KgXYKig%26client%3Dca-pub-3673498704421778%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 04:42:06 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=8kRXu2qcc-cLqz8wAoZ9UVHxjWK20e_sAFNbFauDAADiCYq4L2gMtg8-x89fQO8HfowxXJfL7pfTEK_9G__tI0XTO_0B2IjEMxI9qseQAP6REFr0ecNJJ98BEgrT3GZAgLamCyVorAeu2oMJKEY_NgJD4gF9BiRX4FvHvKMczsmcFvKH-ds9t1u-AGcHbC9KZTiJsDLFwrWoCl3dZRtqvPHr_wGcWU7OkH8u2KGhWEjF3oX4ZbBdcAZT3kloQhw91hgGmA"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 91351093
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/0.1/vast.php?z=Y9s_HwAAx3QCHkm_AALYmxpfo2-4R5NKkYSQTQ&u=%7C0KpFto9oRtpDAWVC0ZzLf07ZdZo2J%2FUOCiogjYfWLPw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlXXlJVkpqPyAfPiepqJGtFP_KNk2HAfZZ7piCIAycs7RB5-hxh-W2gw8dF_6y_se22lj-mDAGcmjZOFlhCoehwBFysuTzs1E9Dic9KUVyD4k3gO9Me7g4YnjTooIKuPiM7GlPhFH_qB9Az1pkHo5FaoNesnqb-oE6mrdO7qVuKbdCt_tf8m8Ld9Kf0Ax1lQG0icMNNza9II261VbZhyXRWJ91B6dYroT9t7HHeQGB1-yJkn0TMK-94dlMo45hgYwqOoMs-y1jJrRzD7WDUsWDBTqNo5_yXokJfEY93bS3VscNckZkpr_YUY3O-pqr9DEfQMxJA41mqkGwXcAOkJBV304IcaMFgO6FABgd6MM5UdY0KfbNAOIeP0iqrLOWkIk-xdB7JoDBkRfD5mV14VlV3J9RVF9Z96GQp8QGnSudi80Qn8RfY4_Laae2LqFrsghjlh2eMKLw8RecZfoJOAhE7LtjxJLYHcfkhxdDuM89hzA3vScUEwPEKtHn8D0OlAAbZnU29aDfWCrdIbPRt-PwuPekxyDhRrXfCveLeUK3AHw&ct0=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCerKZHz_bY_SOA7-T-cAPm7GLuArJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTM2NzM0OTg3MDQ0MjE3NzjIAQWpAppXPgu1brI-qAMByAMCqgTVAU_QG3yPVVf_KYX1VIx0L0CfhEciruOcIChIR9Pmghkn1_tyV6l2o2PQRZYDyvIErViAXCxorE7HBvZWtefpEfsjQ5h6hmPShZgES7crBx355cLYGSfqVQvF3qE0mQMAOa21NNc_OncAvUQkijyNXdD9C3e8iJ9LPAH7fjs0E_3-hh2RSPSC4K7Ndc2BjD7Sxb6pK7hYhk2uv1eb9K2Ext8GcO1kLIFpIqdFJoniGxhFcDX6QOEthmUrq1RmF2LaQhUJwP-SNIqCVn8d4yk26QZEGRDNvoAG1fGc8emguZjzAaAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2DkqQOZswrPAhmIcXvWNllNv16cg%26client%3Dca-pub-3673498704421778%26adurl%3D
178.250.0.138200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/0.1/vast.php?z=Y9s_HwAAx3QCHkm_AALYmxpfo2-4R5NKkYSQTQ&u=%7C0KpFto9oRtpDAWVC0ZzLf07ZdZo2J%2FUOCiogjYfWLPw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlXXlJVkpqPyAfPiepqJGtFP_KNk2HAfZZ7piCIAycs7RB5-hxh-W2gw8dF_6y_se22lj-mDAGcmjZOFlhCoehwBFysuTzs1E9Dic9KUVyD4k3gO9Me7g4YnjTooIKuPiM7GlPhFH_qB9Az1pkHo5FaoNesnqb-oE6mrdO7qVuKbdCt_tf8m8Ld9Kf0Ax1lQG0icMNNza9II261VbZhyXRWJ91B6dYroT9t7HHeQGB1-yJkn0TMK-94dlMo45hgYwqOoMs-y1jJrRzD7WDUsWDBTqNo5_yXokJfEY93bS3VscNckZkpr_YUY3O-pqr9DEfQMxJA41mqkGwXcAOkJBV304IcaMFgO6FABgd6MM5UdY0KfbNAOIeP0iqrLOWkIk-xdB7JoDBkRfD5mV14VlV3J9RVF9Z96GQp8QGnSudi80Qn8RfY4_Laae2LqFrsghjlh2eMKLw8RecZfoJOAhE7LtjxJLYHcfkhxdDuM89hzA3vScUEwPEKtHn8D0OlAAbZnU29aDfWCrdIbPRt-PwuPekxyDhRrXfCveLeUK3AHw&ct0=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCerKZHz_bY_SOA7-T-cAPm7GLuArJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTM2NzM0OTg3MDQ0MjE3NzjIAQWpAppXPgu1brI-qAMByAMCqgTVAU_QG3yPVVf_KYX1VIx0L0CfhEciruOcIChIR9Pmghkn1_tyV6l2o2PQRZYDyvIErViAXCxorE7HBvZWtefpEfsjQ5h6hmPShZgES7crBx355cLYGSfqVQvF3qE0mQMAOa21NNc_OncAvUQkijyNXdD9C3e8iJ9LPAH7fjs0E_3-hh2RSPSC4K7Ndc2BjD7Sxb6pK7hYhk2uv1eb9K2Ext8GcO1kLIFpIqdFJoniGxhFcDX6QOEthmUrq1RmF2LaQhUJwP-SNIqCVn8d4yk26QZEGRDNvoAG1fGc8emguZjzAaAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2DkqQOZswrPAhmIcXvWNllNv16cg%26client%3Dca-pub-3673498704421778%26adurl%3D
IP 178.250.0.138:0
GET /delivery/r/0.1/vast.php?z=Y9s_HwAAx3QCHkm_AALYmxpfo2-4R5NKkYSQTQ&u=%7C0KpFto9oRtpDAWVC0ZzLf07ZdZo2J%2FUOCiogjYfWLPw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlXXlJVkpqPyAfPiepqJGtFP_KNk2HAfZZ7piCIAycs7RB5-hxh-W2gw8dF_6y_se22lj-mDAGcmjZOFlhCoehwBFysuTzs1E9Dic9KUVyD4k3gO9Me7g4YnjTooIKuPiM7GlPhFH_qB9Az1pkHo5FaoNesnqb-oE6mrdO7qVuKbdCt_tf8m8Ld9Kf0Ax1lQG0icMNNza9II261VbZhyXRWJ91B6dYroT9t7HHeQGB1-yJkn0TMK-94dlMo45hgYwqOoMs-y1jJrRzD7WDUsWDBTqNo5_yXokJfEY93bS3VscNckZkpr_YUY3O-pqr9DEfQMxJA41mqkGwXcAOkJBV304IcaMFgO6FABgd6MM5UdY0KfbNAOIeP0iqrLOWkIk-xdB7JoDBkRfD5mV14VlV3J9RVF9Z96GQp8QGnSudi80Qn8RfY4_Laae2LqFrsghjlh2eMKLw8RecZfoJOAhE7LtjxJLYHcfkhxdDuM89hzA3vScUEwPEKtHn8D0OlAAbZnU29aDfWCrdIbPRt-PwuPekxyDhRrXfCveLeUK3AHw&ct0=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCerKZHz_bY_SOA7-T-cAPm7GLuArJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTM2NzM0OTg3MDQ0MjE3NzjIAQWpAppXPgu1brI-qAMByAMCqgTVAU_QG3yPVVf_KYX1VIx0L0CfhEciruOcIChIR9Pmghkn1_tyV6l2o2PQRZYDyvIErViAXCxorE7HBvZWtefpEfsjQ5h6hmPShZgES7crBx355cLYGSfqVQvF3qE0mQMAOa21NNc_OncAvUQkijyNXdD9C3e8iJ9LPAH7fjs0E_3-hh2RSPSC4K7Ndc2BjD7Sxb6pK7hYhk2uv1eb9K2Ext8GcO1kLIFpIqdFJoniGxhFcDX6QOEthmUrq1RmF2LaQhUJwP-SNIqCVn8d4yk26QZEGRDNvoAG1fGc8emguZjzAaAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2DkqQOZswrPAhmIcXvWNllNv16cg%26client%3Dca-pub-3673498704421778%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 04:42:07 GMT
content-type: text/xml
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 4162345
strict-transport-security: max-age=31536000; preload;
vary: Origin, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y9s_HwAAvzACHkiHAA1jZIX-8i_wInMz7m5Giw&u=%7C0KpFto9oRtq7etDDjyE8a9PrCLtTXeJ30Re6018mO6c%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcf3eZ29jXGD0YiLLHRwSijT7k5XzVsocl4zILuAsJnz-f8TtVSeQNrxcLJsVeE9fHDp-9_cydbJRJEbPnVTAVoBFwUJkK92iBd_acrET8u_pBCguW-dDwICIzCKX6SOOr6TrLK6c9nKKvx6okGoygvIHcmFh1Kyxg6T6uXFw-akOdaU0UO8S5SZs9CzYdvEjIwbJVkDjnBTWGmTqGMyGxgfqBj35C8vDSkbcl-Hiw0weCv0OnhED4BMPHo2_xdM4-6paHqnndCdLyaqEdtfjgF2vavrczHp4znpvqI80Df4S3XnT74YTGw43LJ-oG98LuwAvnK281WfUhpLlWIkbC1o5NixNjmWlHqaoGwa-ArsJgfyvGzbVHydRVZf3ORF1ZCiSOujbKoHqeNQr8GWkppr5mNYDTmmc6IZNmuW2gMRjuNEl3aWqSspx6K05THnGG_KbEysImzyASggid9g9OakConaK81eIXeALmOIBYCQTIghOnZx7YDBa1p7qobxYQX64enocYW3GxskzAHjfN7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjOzUHz_bY7D-AoeR-cAP5Ma16AzJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTM2NzM0OTg3MDQ0MjE3NzjIAQmpAppXPgu1brI-qAMBqgTVAU_Q0c_ASWy_qEI20gzf0EsgWY50Ko3vhq7QUMZeWV-hdWt9-2_rIN3vG7vN4yFm20olnxRQgust_QvcgUSLNpRqGBYk3HL4eB4iu-GCNSvpyHDV03eYAE_A5haT-P1kgnYZiQQYTH1glc80N3kzfZ8mWhb0Z7qn8fwYaxifoL6wkCkxOIPPdeS6qooIxOg3vDjf5FBw7nEhPC4X8G6_IuvH_Zn_iKwEN1oX1cUf-2B_DhjTrBREicQs7E-RAmgoi6WpE3db6mLtCL07g8oQrC_HagFo14AG3a3inMabjauLAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Uy5Z_0lqXXAD0rvlC5oNGY3pt9w%26client%3Dca-pub-3673498704421778%26adurl%3D
178.250.0.138200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y9s_HwAAvzACHkiHAA1jZIX-8i_wInMz7m5Giw&u=%7C0KpFto9oRtq7etDDjyE8a9PrCLtTXeJ30Re6018mO6c%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcf3eZ29jXGD0YiLLHRwSijT7k5XzVsocl4zILuAsJnz-f8TtVSeQNrxcLJsVeE9fHDp-9_cydbJRJEbPnVTAVoBFwUJkK92iBd_acrET8u_pBCguW-dDwICIzCKX6SOOr6TrLK6c9nKKvx6okGoygvIHcmFh1Kyxg6T6uXFw-akOdaU0UO8S5SZs9CzYdvEjIwbJVkDjnBTWGmTqGMyGxgfqBj35C8vDSkbcl-Hiw0weCv0OnhED4BMPHo2_xdM4-6paHqnndCdLyaqEdtfjgF2vavrczHp4znpvqI80Df4S3XnT74YTGw43LJ-oG98LuwAvnK281WfUhpLlWIkbC1o5NixNjmWlHqaoGwa-ArsJgfyvGzbVHydRVZf3ORF1ZCiSOujbKoHqeNQr8GWkppr5mNYDTmmc6IZNmuW2gMRjuNEl3aWqSspx6K05THnGG_KbEysImzyASggid9g9OakConaK81eIXeALmOIBYCQTIghOnZx7YDBa1p7qobxYQX64enocYW3GxskzAHjfN7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjOzUHz_bY7D-AoeR-cAP5Ma16AzJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTM2NzM0OTg3MDQ0MjE3NzjIAQmpAppXPgu1brI-qAMBqgTVAU_Q0c_ASWy_qEI20gzf0EsgWY50Ko3vhq7QUMZeWV-hdWt9-2_rIN3vG7vN4yFm20olnxRQgust_QvcgUSLNpRqGBYk3HL4eB4iu-GCNSvpyHDV03eYAE_A5haT-P1kgnYZiQQYTH1glc80N3kzfZ8mWhb0Z7qn8fwYaxifoL6wkCkxOIPPdeS6qooIxOg3vDjf5FBw7nEhPC4X8G6_IuvH_Zn_iKwEN1oX1cUf-2B_DhjTrBREicQs7E-RAmgoi6WpE3db6mLtCL07g8oQrC_HagFo14AG3a3inMabjauLAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Uy5Z_0lqXXAD0rvlC5oNGY3pt9w%26client%3Dca-pub-3673498704421778%26adurl%3D
IP 178.250.0.138:0
GET /delivery/r/afr.php?z=Y9s_HwAAvzACHkiHAA1jZIX-8i_wInMz7m5Giw&u=%7C0KpFto9oRtq7etDDjyE8a9PrCLtTXeJ30Re6018mO6c%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcf3eZ29jXGD0YiLLHRwSijT7k5XzVsocl4zILuAsJnz-f8TtVSeQNrxcLJsVeE9fHDp-9_cydbJRJEbPnVTAVoBFwUJkK92iBd_acrET8u_pBCguW-dDwICIzCKX6SOOr6TrLK6c9nKKvx6okGoygvIHcmFh1Kyxg6T6uXFw-akOdaU0UO8S5SZs9CzYdvEjIwbJVkDjnBTWGmTqGMyGxgfqBj35C8vDSkbcl-Hiw0weCv0OnhED4BMPHo2_xdM4-6paHqnndCdLyaqEdtfjgF2vavrczHp4znpvqI80Df4S3XnT74YTGw43LJ-oG98LuwAvnK281WfUhpLlWIkbC1o5NixNjmWlHqaoGwa-ArsJgfyvGzbVHydRVZf3ORF1ZCiSOujbKoHqeNQr8GWkppr5mNYDTmmc6IZNmuW2gMRjuNEl3aWqSspx6K05THnGG_KbEysImzyASggid9g9OakConaK81eIXeALmOIBYCQTIghOnZx7YDBa1p7qobxYQX64enocYW3GxskzAHjfN7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjOzUHz_bY7D-AoeR-cAP5Ma16AzJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTM2NzM0OTg3MDQ0MjE3NzjIAQmpAppXPgu1brI-qAMBqgTVAU_Q0c_ASWy_qEI20gzf0EsgWY50Ko3vhq7QUMZeWV-hdWt9-2_rIN3vG7vN4yFm20olnxRQgust_QvcgUSLNpRqGBYk3HL4eB4iu-GCNSvpyHDV03eYAE_A5haT-P1kgnYZiQQYTH1glc80N3kzfZ8mWhb0Z7qn8fwYaxifoL6wkCkxOIPPdeS6qooIxOg3vDjf5FBw7nEhPC4X8G6_IuvH_Zn_iKwEN1oX1cUf-2B_DhjTrBREicQs7E-RAmgoi6WpE3db6mLtCL07g8oQrC_HagFo14AG3a3inMabjauLAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Uy5Z_0lqXXAD0rvlC5oNGY3pt9w%26client%3Dca-pub-3673498704421778%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 04:42:07 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=10Abl2qcc-cLqz8wgcIDZ6ATFVGaYtkRsQreBBBaekdFTRKBGjf0qkyE5hcyy6ixRACGIOO3j6ao0LLtf0trQuGWAGryz2MZbTkGaUaz_7BhuVE85qFgGyGodTtJn1F2zm1mhGlJbQfI0uA4ike0the5EUK8nMHHQb0c4KTltzkg0MaXK8AmOoHoaMZrkiIQ3IDbLhm_Jc4nEJHbCyMQdJdO3QHkqMRm42Gm9OSFvkHEswrWdfMJw1J7PtgpDbSXEJJyrQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 84249231
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/vt.php?cppv=3&cpp=iEIOzhsax08AF0NfzVnH6yHZ2Pgqa8ZDcUPsPQQmnEnb9JyjwEHbRYcnjzrEcr8Y_jS_RxJyj0ty2tIF6vppE6u75Czdx94yWYTBm3dk152aQg1sdd9N0Tcv_UFOqHSKrvk4YQn9QMEvkSAM213ENAHQg31Y3BOEg2LuSW-LbW6hMYNzFJtXXh9LZ4cbbQTy9luZB-roPvGCqRhwj1rOQbrdg6fMxnPZ7p_4tF-auDHl9pMd4GLNXuxT6JAs4GWZ2dLjbdqBkQr4-LWYmX_0yWi4u4E&err=400
178.250.0.160200 OK 0 B URL HTTP/2 cat.fr.eu.criteo.com/delivery/vt.php?cppv=3&cpp=iEIOzhsax08AF0NfzVnH6yHZ2Pgqa8ZDcUPsPQQmnEnb9JyjwEHbRYcnjzrEcr8Y_jS_RxJyj0ty2tIF6vppE6u75Czdx94yWYTBm3dk152aQg1sdd9N0Tcv_UFOqHSKrvk4YQn9QMEvkSAM213ENAHQg31Y3BOEg2LuSW-LbW6hMYNzFJtXXh9LZ4cbbQTy9luZB-roPvGCqRhwj1rOQbrdg6fMxnPZ7p_4tF-auDHl9pMd4GLNXuxT6JAs4GWZ2dLjbdqBkQr4-LWYmX_0yWi4u4E&err=400
IP 178.250.0.160:0
GET /delivery/vt.php?cppv=3&cpp=iEIOzhsax08AF0NfzVnH6yHZ2Pgqa8ZDcUPsPQQmnEnb9JyjwEHbRYcnjzrEcr8Y_jS_RxJyj0ty2tIF6vppE6u75Czdx94yWYTBm3dk152aQg1sdd9N0Tcv_UFOqHSKrvk4YQn9QMEvkSAM213ENAHQg31Y3BOEg2LuSW-LbW6hMYNzFJtXXh9LZ4cbbQTy9luZB-roPvGCqRhwj1rOQbrdg6fMxnPZ7p_4tF-auDHl9pMd4GLNXuxT6JAs4GWZ2dLjbdqBkQr4-LWYmX_0yWi4u4E&err=400 HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 04:42:13 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 228185
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/dt/2978/230117/1f6c137488ae43d38b258000f069e86c_1-1_new-season-home.mp4
178.250.2.130206 Partial Content 0 B URL HTTP/2 static.criteo.net/design/dt/2978/230117/1f6c137488ae43d38b258000f069e86c_1-1_new-season-home.mp4
IP 178.250.2.130:0
GET /design/dt/2978/230117/1f6c137488ae43d38b258000f069e86c_1-1_new-season-home.mp4 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Thu, 02 Feb 2023 04:42:13 GMT
content-type: video/mp4
content-length: 2096212
last-modified: Tue, 17 Jan 2023 12:45:15 GMT
etag: "63c6985b-1ffc54"
expires: Sun, 28 Jan 2024 04:42:13 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-range: bytes 0-2096211/2096212
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y9s_HwABPvEKGEPGAAXczerjST6M8hMJV5vq0w&u=%7C0KpFto9oRtrfRgCBz28o7kvyTIUKsYvrUYDfRgcf2Fk%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcf3eZ29jXGD0YiLLHRwSijT7k5XzVsocl4zILuAsJnzy7zntk1gETKgvLPZnXTgJZqYXRdzHDeuTsgdYjLnfsQleU8H7NvXImEY0tKVpMd_KJGsQKJt10R8nZM6c9_lgENOzQcDCTBI8dX9NgF9uqJqH8Xm6CYTxIM7Xz6asjPRmzbhaUjR4_lCoiZFj51ygRslsW1ZknKjT3P2jlwEN76QqkAysDtLEdVsJ8oDNCdTFRcnijOSxzQjb8cb2z3ylL_B5aoga7mBRL9TbTySg4MkIOkveBiIyEPiukOUKJ_mu-YiQ2yr6QrJK9zTJlh2S4RwbsdpDuWK_1Mp4nxVBe7RYFxEKgBI909ClJgaNCJIUnGNaVq00_GeM0siJwLQxMuSUhzPmLuKBjF1oBzvRrzvLDmpptBlYOoCslq_3NJYeaGFuUAzZuO7IBslMa5WfU9X5iC1ZZAdoKZEFabzd_wKFYS_8P-qZwsSmyVD-ay9BfdzlQE3nj2She81FMvqceRsu6nEnv24V2pq9gNtG3c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyfGbHz_bY_H9BMaHYc25l8gFyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0zNjczNDk4NzA0NDIxNzc4yAEJqQKaVz4LtW6yPqgDAaoE1QFP0LCvIO1KIxlDsIygHWFclm7SiyQnOGpXTKGBrCw1XdZPHpL0t0NvjSWLFAHK7uGvAzBMl3Yujt6Ie5hK8349M5Wf5XhufHj81fpMlJbzYJXyQ_yzo7KBVwdib1qN1Q_VGh3ZFDh75x5rXG_Q0iYE9dijPLNbFt9P7slOMQN1GxUi_i73a3HYb1P2es2T4IjT3I4SFfAZQ5y19pCvN1sCRdyKS6lxlz2_X3YU4pPjq_Sam5xuSWrB2hAp5DA_OtSbdVEu02dJDcTUCdqcTE5tsbliJmeABt2t4pzGm42riwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2dnQuA14qk1I9RNVocx4zqdSBOGw%26client%3Dca-pub-3673498704421778%26adurl%3D
178.250.0.138200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y9s_HwABPvEKGEPGAAXczerjST6M8hMJV5vq0w&u=%7C0KpFto9oRtrfRgCBz28o7kvyTIUKsYvrUYDfRgcf2Fk%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcf3eZ29jXGD0YiLLHRwSijT7k5XzVsocl4zILuAsJnzy7zntk1gETKgvLPZnXTgJZqYXRdzHDeuTsgdYjLnfsQleU8H7NvXImEY0tKVpMd_KJGsQKJt10R8nZM6c9_lgENOzQcDCTBI8dX9NgF9uqJqH8Xm6CYTxIM7Xz6asjPRmzbhaUjR4_lCoiZFj51ygRslsW1ZknKjT3P2jlwEN76QqkAysDtLEdVsJ8oDNCdTFRcnijOSxzQjb8cb2z3ylL_B5aoga7mBRL9TbTySg4MkIOkveBiIyEPiukOUKJ_mu-YiQ2yr6QrJK9zTJlh2S4RwbsdpDuWK_1Mp4nxVBe7RYFxEKgBI909ClJgaNCJIUnGNaVq00_GeM0siJwLQxMuSUhzPmLuKBjF1oBzvRrzvLDmpptBlYOoCslq_3NJYeaGFuUAzZuO7IBslMa5WfU9X5iC1ZZAdoKZEFabzd_wKFYS_8P-qZwsSmyVD-ay9BfdzlQE3nj2She81FMvqceRsu6nEnv24V2pq9gNtG3c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyfGbHz_bY_H9BMaHYc25l8gFyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0zNjczNDk4NzA0NDIxNzc4yAEJqQKaVz4LtW6yPqgDAaoE1QFP0LCvIO1KIxlDsIygHWFclm7SiyQnOGpXTKGBrCw1XdZPHpL0t0NvjSWLFAHK7uGvAzBMl3Yujt6Ie5hK8349M5Wf5XhufHj81fpMlJbzYJXyQ_yzo7KBVwdib1qN1Q_VGh3ZFDh75x5rXG_Q0iYE9dijPLNbFt9P7slOMQN1GxUi_i73a3HYb1P2es2T4IjT3I4SFfAZQ5y19pCvN1sCRdyKS6lxlz2_X3YU4pPjq_Sam5xuSWrB2hAp5DA_OtSbdVEu02dJDcTUCdqcTE5tsbliJmeABt2t4pzGm42riwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2dnQuA14qk1I9RNVocx4zqdSBOGw%26client%3Dca-pub-3673498704421778%26adurl%3D
IP 178.250.0.138:0
GET /delivery/r/afr.php?z=Y9s_HwABPvEKGEPGAAXczerjST6M8hMJV5vq0w&u=%7C0KpFto9oRtrfRgCBz28o7kvyTIUKsYvrUYDfRgcf2Fk%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcf3eZ29jXGD0YiLLHRwSijT7k5XzVsocl4zILuAsJnzy7zntk1gETKgvLPZnXTgJZqYXRdzHDeuTsgdYjLnfsQleU8H7NvXImEY0tKVpMd_KJGsQKJt10R8nZM6c9_lgENOzQcDCTBI8dX9NgF9uqJqH8Xm6CYTxIM7Xz6asjPRmzbhaUjR4_lCoiZFj51ygRslsW1ZknKjT3P2jlwEN76QqkAysDtLEdVsJ8oDNCdTFRcnijOSxzQjb8cb2z3ylL_B5aoga7mBRL9TbTySg4MkIOkveBiIyEPiukOUKJ_mu-YiQ2yr6QrJK9zTJlh2S4RwbsdpDuWK_1Mp4nxVBe7RYFxEKgBI909ClJgaNCJIUnGNaVq00_GeM0siJwLQxMuSUhzPmLuKBjF1oBzvRrzvLDmpptBlYOoCslq_3NJYeaGFuUAzZuO7IBslMa5WfU9X5iC1ZZAdoKZEFabzd_wKFYS_8P-qZwsSmyVD-ay9BfdzlQE3nj2She81FMvqceRsu6nEnv24V2pq9gNtG3c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyfGbHz_bY_H9BMaHYc25l8gFyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0zNjczNDk4NzA0NDIxNzc4yAEJqQKaVz4LtW6yPqgDAaoE1QFP0LCvIO1KIxlDsIygHWFclm7SiyQnOGpXTKGBrCw1XdZPHpL0t0NvjSWLFAHK7uGvAzBMl3Yujt6Ie5hK8349M5Wf5XhufHj81fpMlJbzYJXyQ_yzo7KBVwdib1qN1Q_VGh3ZFDh75x5rXG_Q0iYE9dijPLNbFt9P7slOMQN1GxUi_i73a3HYb1P2es2T4IjT3I4SFfAZQ5y19pCvN1sCRdyKS6lxlz2_X3YU4pPjq_Sam5xuSWrB2hAp5DA_OtSbdVEu02dJDcTUCdqcTE5tsbliJmeABt2t4pzGm42riwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2dnQuA14qk1I9RNVocx4zqdSBOGw%26client%3Dca-pub-3673498704421778%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 04:42:07 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=WS_Nnmqcc-cLqz8w7f-872VSa84pK8veOQS-nX0WN8bBbY7-hkimjDmBT1OaXp8fK9VF-eXtzUWwMM70MZaLxDDF_0fMVEjxyxPZJtYLfqG5iNGXuXaWhIUJ9qHiTFhLLkZjR7E3SwLLR9vAN59JhRkhUTv_REtk62fRyLtHtAjm_AUBCo68wLmBBWVzeaWLwpub__hfaqzPTU9BWBJZbvZEs0mB4OPN1D1N83IvL9DmJKeQP0oIerMGgGcFxQtMMgz_6Q"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 106726360
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/0.1/vast.php?z=Y9s_HwABM2oKGU4FAApYCHq3kdBJB4PuWTOrJg&u=%7C0KpFto9oRtop1i7p69X0tuocxRlf4gs3OGyaE5DgxZg%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlXXlJVkpqPyAfPiepqJGtFP_KNk2HAfZZ7piCIAycs7RB5-hxh-W2gw8dF_6y_se2VPhRMPX0nTl6uPqhmKFQII1bdFtJfy5IGsLoJ5kqRlOHRPSD5urkfdaP_aeGte0_-hpVCv3YXvugwccpfysqVkc2YrAqm16rPvZcc7OmrJ3EWJn2Y2_j3yB952Ye_CepE931Umu8xIgni7seuMMoYUkqliVNCzo4nxeI0h5AuOoTEjY7GtN1wC8pZW3CSoM34fLVBnCJSsYjf8gTUnzub-RXcwqOEBuQHSQQ9PxGAn-p9UgzYongbz9HhOeOB-QrlJJCUqLhDjK1nAE6GE7w8XseAuU57Y3b7KYMVLu8nYdPbPnjmOorREPlZJgiRnOvSPzMEyW0CAlPvpxsbJcylgNyK2xMTQA21uQv3dDvXpP_ppM-x_YK4k5UQMOJ28a87DGQlW298z0iB78TqM-cd-FcISUmYFoxFeTReNHE7V3xLVQGK3ILl02k2ejFe2kbO9yoxQRJcr1hXlaBZ3X3I43rP97hn9e5W1JMBnM4jx8&ct0=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeDBDHz_bY-rmBIWcZYiwqcAKyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0zNjczNDk4NzA0NDIxNzc4yAEFqQKaVz4LtW6yPqgDAcgDAqoE2AFP0IDIhBuecGmOHmDwyQM9wxK0wyijJk9_FemVRwHz3pQdT3i9VVdp3xiKFn4QJpX1ar0NACRO_ZyYmBWWKu4LKkluMPoPESSjDZIZNx0r3JzriaGhgkV3bSF_Q-JiIY2OhP8iQGOdknUvKqtSjBFBLsWc6dI6-z3I2Aht7n6Bl7yH1AzqTP78Oela59d61AEovhb6mVrzZIJCQH2_r9TK2K1TFwWQ0Umh6bAb9SR3TCWkT3qdGc3rym0nAYeI4nU8z3i25GeKyXDmlkBjTqxtKP4PPQIx7IuABtXxnPHpoLmY8wGgBiqoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_217eNvzwoiLf65R_ewhMHkTA8Zrw%26client%3Dca-pub-3673498704421778%26adurl%3D
178.250.0.138200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/0.1/vast.php?z=Y9s_HwABM2oKGU4FAApYCHq3kdBJB4PuWTOrJg&u=%7C0KpFto9oRtop1i7p69X0tuocxRlf4gs3OGyaE5DgxZg%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlXXlJVkpqPyAfPiepqJGtFP_KNk2HAfZZ7piCIAycs7RB5-hxh-W2gw8dF_6y_se2VPhRMPX0nTl6uPqhmKFQII1bdFtJfy5IGsLoJ5kqRlOHRPSD5urkfdaP_aeGte0_-hpVCv3YXvugwccpfysqVkc2YrAqm16rPvZcc7OmrJ3EWJn2Y2_j3yB952Ye_CepE931Umu8xIgni7seuMMoYUkqliVNCzo4nxeI0h5AuOoTEjY7GtN1wC8pZW3CSoM34fLVBnCJSsYjf8gTUnzub-RXcwqOEBuQHSQQ9PxGAn-p9UgzYongbz9HhOeOB-QrlJJCUqLhDjK1nAE6GE7w8XseAuU57Y3b7KYMVLu8nYdPbPnjmOorREPlZJgiRnOvSPzMEyW0CAlPvpxsbJcylgNyK2xMTQA21uQv3dDvXpP_ppM-x_YK4k5UQMOJ28a87DGQlW298z0iB78TqM-cd-FcISUmYFoxFeTReNHE7V3xLVQGK3ILl02k2ejFe2kbO9yoxQRJcr1hXlaBZ3X3I43rP97hn9e5W1JMBnM4jx8&ct0=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeDBDHz_bY-rmBIWcZYiwqcAKyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0zNjczNDk4NzA0NDIxNzc4yAEFqQKaVz4LtW6yPqgDAcgDAqoE2AFP0IDIhBuecGmOHmDwyQM9wxK0wyijJk9_FemVRwHz3pQdT3i9VVdp3xiKFn4QJpX1ar0NACRO_ZyYmBWWKu4LKkluMPoPESSjDZIZNx0r3JzriaGhgkV3bSF_Q-JiIY2OhP8iQGOdknUvKqtSjBFBLsWc6dI6-z3I2Aht7n6Bl7yH1AzqTP78Oela59d61AEovhb6mVrzZIJCQH2_r9TK2K1TFwWQ0Umh6bAb9SR3TCWkT3qdGc3rym0nAYeI4nU8z3i25GeKyXDmlkBjTqxtKP4PPQIx7IuABtXxnPHpoLmY8wGgBiqoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_217eNvzwoiLf65R_ewhMHkTA8Zrw%26client%3Dca-pub-3673498704421778%26adurl%3D
IP 178.250.0.138:0
GET /delivery/r/0.1/vast.php?z=Y9s_HwABM2oKGU4FAApYCHq3kdBJB4PuWTOrJg&u=%7C0KpFto9oRtop1i7p69X0tuocxRlf4gs3OGyaE5DgxZg%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlXXlJVkpqPyAfPiepqJGtFP_KNk2HAfZZ7piCIAycs7RB5-hxh-W2gw8dF_6y_se2VPhRMPX0nTl6uPqhmKFQII1bdFtJfy5IGsLoJ5kqRlOHRPSD5urkfdaP_aeGte0_-hpVCv3YXvugwccpfysqVkc2YrAqm16rPvZcc7OmrJ3EWJn2Y2_j3yB952Ye_CepE931Umu8xIgni7seuMMoYUkqliVNCzo4nxeI0h5AuOoTEjY7GtN1wC8pZW3CSoM34fLVBnCJSsYjf8gTUnzub-RXcwqOEBuQHSQQ9PxGAn-p9UgzYongbz9HhOeOB-QrlJJCUqLhDjK1nAE6GE7w8XseAuU57Y3b7KYMVLu8nYdPbPnjmOorREPlZJgiRnOvSPzMEyW0CAlPvpxsbJcylgNyK2xMTQA21uQv3dDvXpP_ppM-x_YK4k5UQMOJ28a87DGQlW298z0iB78TqM-cd-FcISUmYFoxFeTReNHE7V3xLVQGK3ILl02k2ejFe2kbO9yoxQRJcr1hXlaBZ3X3I43rP97hn9e5W1JMBnM4jx8&ct0=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeDBDHz_bY-rmBIWcZYiwqcAKyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0zNjczNDk4NzA0NDIxNzc4yAEFqQKaVz4LtW6yPqgDAcgDAqoE2AFP0IDIhBuecGmOHmDwyQM9wxK0wyijJk9_FemVRwHz3pQdT3i9VVdp3xiKFn4QJpX1ar0NACRO_ZyYmBWWKu4LKkluMPoPESSjDZIZNx0r3JzriaGhgkV3bSF_Q-JiIY2OhP8iQGOdknUvKqtSjBFBLsWc6dI6-z3I2Aht7n6Bl7yH1AzqTP78Oela59d61AEovhb6mVrzZIJCQH2_r9TK2K1TFwWQ0Umh6bAb9SR3TCWkT3qdGc3rym0nAYeI4nU8z3i25GeKyXDmlkBjTqxtKP4PPQIx7IuABtXxnPHpoLmY8wGgBiqoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_217eNvzwoiLf65R_ewhMHkTA8Zrw%26client%3Dca-pub-3673498704421778%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 04:42:08 GMT
content-type: text/xml
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 5410002
strict-transport-security: max-age=31536000; preload;
vary: Origin, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2