r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15095
Expires: Thu, 02 Feb 2023 05:38:57 GMT
Date: Thu, 02 Feb 2023 01:27:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13881
Expires: Thu, 02 Feb 2023 05:18:43 GMT
Date: Thu, 02 Feb 2023 01:27:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9113
Expires: Thu, 02 Feb 2023 03:59:15 GMT
Date: Thu, 02 Feb 2023 01:27:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 00:36:02 GMT
content-type: application/json
age: 3080
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TMwLHiJkWx36K7aF71ItPv4tE51Eg8hxEGZc6HEMfZfofx3qwgP7hTyHrTztOr17xwwC44YzosQ=
x-amz-request-id: J2YRSQH8JVZAF8J4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 00:51:46 GMT
age: 2136
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
minecraftindonesiatutorials.blogspot.com/2016/11
142.250.74.1301 Moved Permanently 198 B URL HTTP/1.1 minecraftindonesiatutorials.blogspot.com/2016/11
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 4eeeee15a771fdec6320009015647bb3
7696decf35ab80b364658934966324bc9d33226c
2d90ad2ff9b3961f01843ab067983d9542f311257e25b32a44f683826807955e
Analyzer Verdict Alert fortinet Malware
GET /2016/11 HTTP/1.1
Host: minecraftindonesiatutorials.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://minecraftindonesiatutorials.blogspot.com/2016/11
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Thu, 02 Feb 2023 01:27:22 GMT
Expires: Thu, 02 Feb 2023 01:27:22 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 198
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 160ff46273e80b1a0523615a5a30b060
7ccdc86678b4cddb5b6c36e42e884ca11866ae59
0eb9af55430b8b3c5c429edae27548a210d638227ba2c23d29a715bc5b79a477
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 01:27:22 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 00:41:43 GMT
age: 2740
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10256
Expires: Thu, 02 Feb 2023 04:18:19 GMT
Date: Thu, 02 Feb 2023 01:27:23 GMT
Connection: keep-alive
minecraftindonesiatutorials.blogspot.com/2016/11
142.250.74.1200 OK 12 kB URL HTTP/2 minecraftindonesiatutorials.blogspot.com/2016/11
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (4488)
Hash f7d67f1e6d88eefe848851666cf2538e
03d436409bf76ca8a94111f26204b4e138abdbb1
dc24db8408ad05ae98cce359978ddba2ccca39ab95bc6273a45ba17b3d3a976e
Analyzer Verdict Alert fortinet Malware
GET /2016/11 HTTP/1.1
Host: minecraftindonesiatutorials.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Thu, 02 Feb 2023 01:27:23 GMT
date: Thu, 02 Feb 2023 01:27:23 GMT
cache-control: private, max-age=0
last-modified: Sat, 22 Oct 2022 02:17:24 GMT
etag: W/"8b5a60bd4156ffb2bd664c5f590bbcb73bebb1e33ca2a2d1b73d2e1fe093cae8"
x-robots-tag: noindex,noodp
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 11811
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 160ff46273e80b1a0523615a5a30b060
7ccdc86678b4cddb5b6c36e42e884ca11866ae59
0eb9af55430b8b3c5c429edae27548a210d638227ba2c23d29a715bc5b79a477
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.10.202.214101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.10.202.214:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3EDTXJIKAGx942KG1XrV5A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: nvmwhmVFouLzZKoe8/tCW3UpgzY=
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 3d29f78f39e32e907ddeeb9cddb2460e
79697c5da8c1a7f0a8c1e4e73c155695ea7a4fce
d5161650375a0a70a98fd4b3f2f2d2d8150133d6cb1722a1dc64973a0ad42934
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 3d29f78f39e32e907ddeeb9cddb2460e
79697c5da8c1a7f0a8c1e4e73c155695ea7a4fce
d5161650375a0a70a98fd4b3f2f2d2d8150133d6cb1722a1dc64973a0ad42934
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
142.250.74.170200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
IP 142.250.74.170:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 18351732b1849ba758e98884e186b3c8
d735af8661eda41ff4ffbf76e6a284a0e2deb81c
bfac625d304d52e04f2caeb19266354749929c888ca09d3d1e3edcbb8770d0f0
GET /ajax/libs/jquery/1.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://minecraftindonesiatutorials.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33333
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 13:13:54 GMT
expires: Fri, 26 Jan 2024 13:13:54 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 562409
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/1149436903-widgets.js
216.58.207.233200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1149436903-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash b78721b4cce75b522d9ec0d1fae9e007
4ceaa4752e3e81867193004fe928875abc0af5ce
e85f67824ac9f31deedecf0b1d58878b6b3993bad9f2b48e8312928154012f06
GET /static/v1/widgets/1149436903-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://minecraftindonesiatutorials.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 02:15:05 GMT
expires: Thu, 01 Feb 2024 02:15:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 23:23:14 GMT
content-type: text/javascript
age: 83538
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
216.58.207.233200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://minecraftindonesiatutorials.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 09:41:18 GMT
expires: Wed, 31 Jan 2024 09:41:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Jan 2023 14:52:06 GMT
content-type: text/css
age: 143165
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6309126041305345
142.250.74.162200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6309126041305345
IP 142.250.74.162:0
File type ASCII text, with very long lines (3649)
Hash 0059d3c917bc1a9698fbcd9d7a784ee0
23e5169c7d28cd8633ef194ef2744d9b9039c8cc
b39a2949e266113602e760d4780375d3b34e4db2a52c95eae626bb0ae0e3958a
GET /pagead/js/adsbygoogle.js?client=ca-pub-6309126041305345 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://minecraftindonesiatutorials.blogspot.com
Connection: keep-alive
Referer: https://minecraftindonesiatutorials.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 02 Feb 2023 01:27:23 GMT
expires: Thu, 02 Feb 2023 01:27:23 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 14676430043804424214
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50260
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 3d29f78f39e32e907ddeeb9cddb2460e
79697c5da8c1a7f0a8c1e4e73c155695ea7a4fce
d5161650375a0a70a98fd4b3f2f2d2d8150133d6cb1722a1dc64973a0ad42934
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2.bp.blogspot.com/-yNE4A_H3C2o/U1E6RPYNEpI/AAAAAAAADRQ/UOP1mUKaxGE/s1600/line.png
735 B URL 2.bp.blogspot.com/-yNE4A_H3C2o/U1E6RPYNEpI/AAAAAAAADRQ/UOP1mUKaxGE/s1600/line.png
IP :0
File type PNG image data, 371 x 5, 8-bit/color RGBA, non-interlaced\012- data
Hash 15ded568eb1e378aa000ab4fc9622c7e
71889b7db45f87fd62dae699575cc2d1dc1aec35
92dc3b64537e4a7710d452daaba3ed22fda5e21df2db4ccfbd81c129df9d5116
GET /-yNE4A_H3C2o/U1E6RPYNEpI/AAAAAAAADRQ/UOP1mUKaxGE/s1600/line.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://minecraftindonesiatutorials.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
googleads.g.doubleclick.net/pagead/html/r20230131/r20190131/zrt_lookup.html
142.250.74.130200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230131/r20190131/zrt_lookup.html
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230131/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://minecraftindonesiatutorials.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:56:08 GMT
expires: Thu, 16 Feb 2023 00:56:08 GMT
cache-control: public, max-age=1209600
age: 1875
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/97q-VzuQ-Mw
142.250.74.163200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/97q-VzuQ-Mw
IP 142.250.74.163:0
Hash b569ee8bc77217891e51ddb365993bb5
8fb3fa1b57821abc44cacde4e602ed3a1f6b5369
1418b5df11b3e04b4eca7c0da6f77a3ea24bd7743e7b3c9861d2d6d97bb10b03
POST /s/gts1p5/97q-VzuQ-Mw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash f44095f8ebc7d211f4ee24d88a703128
97263cb2c5d0237c08bee075fb75c8bddefddf2c
1183ec38cb48e7986d42d545c968616fe9f996f73849f1da6c111eb4ccfbb529
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=minecraftindonesiatutorials.blogspot.com&callback=_gfp_s_&client=ca-pub-6309126041305345
216.58.207.226200 OK 251 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=minecraftindonesiatutorials.blogspot.com&callback=_gfp_s_&client=ca-pub-6309126041305345
IP 216.58.207.226:0
File type ASCII text, with very long lines (391), with no line terminators
Hash 8c08ce761c3e3ef827728cd9d74b1624
2be116c0eaeb69419be9b69138bc9c084f4ab08f
5d59d8f2ba5909e77b6411eba0366ab69888258c9ddf9b0526befe0729c8838a
GET /gampad/cookie.js?domain=minecraftindonesiatutorials.blogspot.com&callback=_gfp_s_&client=ca-pub-6309126041305345 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://minecraftindonesiatutorials.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 01:27:24 GMT
server: cafe
cache-control: private
content-length: 251
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=minecraftindonesiatutorials.blogspot.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=minecraftindonesiatutorials.blogspot.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=minecraftindonesiatutorials.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://minecraftindonesiatutorials.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 01:27:24 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=minecraftindonesiatutorials.blogspot.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=minecraftindonesiatutorials.blogspot.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=minecraftindonesiatutorials.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://minecraftindonesiatutorials.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 01:27:24 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash f44095f8ebc7d211f4ee24d88a703128
97263cb2c5d0237c08bee075fb75c8bddefddf2c
1183ec38cb48e7986d42d545c968616fe9f996f73849f1da6c111eb4ccfbb529
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.66200 OK 49 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.66:0
File type ASCII text, with very long lines (3504)
Hash bd5ae07480c9bdd683635c3f0b52d43c
8e7c08934cf768367d1320a2d77703dafff9e5d8
e09a19f1eb7f2ae3bc71c1b12681c54162e713ffd7027e8abd6abc08f6abacb9
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 49075
date: Thu, 02 Feb 2023 01:27:24 GMT
expires: Thu, 02 Feb 2023 01:27:24 GMT
cache-control: private, max-age=3000
etag: "1675083396089714"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash b204f3abe06417a75a9703b1ed69bb37
f636ae39c412c40c3737e9c3c99a5e2e30a7e861
209edba54e970905fc4efd62b8736ef3f5d5021ccb82ea63e7ebfe0baf3e1896
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash b204f3abe06417a75a9703b1ed69bb37
f636ae39c412c40c3737e9c3c99a5e2e30a7e861
209edba54e970905fc4efd62b8736ef3f5d5021ccb82ea63e7ebfe0baf3e1896
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash b204f3abe06417a75a9703b1ed69bb37
f636ae39c412c40c3737e9c3c99a5e2e30a7e861
209edba54e970905fc4efd62b8736ef3f5d5021ccb82ea63e7ebfe0baf3e1896
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash b204f3abe06417a75a9703b1ed69bb37
f636ae39c412c40c3737e9c3c99a5e2e30a7e861
209edba54e970905fc4efd62b8736ef3f5d5021ccb82ea63e7ebfe0baf3e1896
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t.dtscout.com/i/?l=https%3A%2F%2Fminecraftindonesiatutorials.blogspot.com%2F2016%2F11&j=
141.101.120.10200 OK 2.3 kB URL HTTP/2 t.dtscout.com/i/?l=https%3A%2F%2Fminecraftindonesiatutorials.blogspot.com%2F2016%2F11&j=
IP 141.101.120.10:0
File type ASCII text, with very long lines (2077)
Hash 3c04d843a175e8e12483683939c65937
b85c6abe31942bbbbd5e3e9171b67775dd926a21
95b11599414d43d2caba8214dd251637f31a5e0813cb172fcd6ea5ba776058a5
GET /i/?l=https%3A%2F%2Fminecraftindonesiatutorials.blogspot.com%2F2016%2F11&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://minecraftindonesiatutorials.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:27:24 GMT
content-type: application/javascript
x-s: mtl3
set-cookie: m=1; Domain=dtscout.com; Expires=Thu, 02-Feb-2023 02:50:44 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Thu, 02-Feb-2023 05:27:24 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1675301244; Domain=dtscout.com; Expires=Sat, 13-May-2023 01:27:24 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
x-t: 0.546
expires: Thu, 02 Feb 2023 01:27:23 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C2LFPj3y25xwdLtUXcEg5dSkfE564R9OHpJ0heJ5fLw89PKto64dT%2FVpvrtgYgmKbmfdoKjObNoKHBBVFOVPELJKf3Sc9pJkLk7LQ3Km7atXTJBnpDreMKkdvvCSq9E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792f24e6ef5f0a3b-ARN
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash fd33fb271c10d9a3fe8b114eafaf704e
4eda1f76d4c345b9b5393de39bfdce2c4c76b9fc
2d6345b53f060111aba2d40820d88e3fc7ab9bd76d5298c05fec582381fc4fec
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6400
Cache-Control: max-age=113149
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:24 GMT
Etag: "63da0f79-139"
Expires: Fri, 03 Feb 2023 08:53:13 GMT
Last-Modified: Wed, 01 Feb 2023 07:06:33 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash fd33fb271c10d9a3fe8b114eafaf704e
4eda1f76d4c345b9b5393de39bfdce2c4c76b9fc
2d6345b53f060111aba2d40820d88e3fc7ab9bd76d5298c05fec582381fc4fec
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4585
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:24 GMT
Last-Modified: Thu, 02 Feb 2023 00:10:59 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bae868356becb6470806e213f97e8aa6
1a3c7ffdce0f4e9c1f59aa0cd7715f22bade5117
c9930f2471f9a8a87fddfe3989391d65e1c41b3457a3f0fbf2e2357566f81a1b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4812
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:24 GMT
Last-Modified: Thu, 02 Feb 2023 00:07:12 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 608df7a6e71e4e3008bee31c3153eec7
c917a8425a17a5573a3b897872d99e7fb6a575ec
18717c2d3e1c51799dc8a26f011bc4ac107b9130a8ce1ac074ed7fd8d71157f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18717C2D3E1C51799DC8A26F011BC4AC107B9130A8CE1AC074ED7FD8D71157F4"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9994
Expires: Thu, 02 Feb 2023 04:13:58 GMT
Date: Thu, 02 Feb 2023 01:27:24 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash dd3ecc2b0ec33bb211d9dbb65094b1f9
ec9bdb65c44665d6d322d816c051fc5d3fe68527
070627370037a357bed7d1ca8af8ee03bb26b10d8a502aec7daddde951428f67
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 01:27:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 17:29:19 GMT
Expires: Tue, 07 Feb 2023 17:29:18 GMT
Etag: "ec9bdb65c44665d6d322d816c051fc5d3fe68527"
Cache-Control: max-age=489113,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792f24ea0844b512-OSL
s10.histats.com/js15_gif_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_gif_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11636), with no line terminators
Hash 5404d6d9907006c85a228fd09c521fa5
a6787d6f6221844b8d3afc5cf9500375ed574d26
ce31b8b6038aebb28ee257e0eccac4e1fe0319e8997e1adf1ab3e3520b219361
GET /js15_gif_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://minecraftindonesiatutorials.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:24:20 GMT
etag: "-1789980313"
last-modified: Thu, 16 Apr 2020 10:44:17 GMT
x-request-id: 195367919
content-type: text/javascript
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4360
X-Firefox-Spdy: h2
connect.facebook.net/id_ID/sdk.js
157.240.205.11200 OK 1.7 kB URL HTTP/2 connect.facebook.net/id_ID/sdk.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (1957)
Hash 3a38c5ca10e832efce15718ead876535
91700aeed3ac50185dd014250c4b87ffb5227540
4a935b829b46ec9f1f0796f0d221fe657b7f7e5170774b8b07fe700abaaf5c26
GET /id_ID/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://minecraftindonesiatutorials.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: d0af714f9dfec744d5d7ef001678d0d3
etag: "64fe5a3e02d247a4c91441ba9fddd4d4"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 02 Feb 2023 01:47:24 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: OjjFyhDoMu/OFXGOrYdlNQ==
x-fb-debug: dKrnOsLa018j4JKmkycBf+cs0mWMGzwc9tson2ozbh9R8xCpyoCNZQETqP7dcZ38sSN1feLqd90zRR03AvWh9w==
content-length: 1687
priority: u=3,i
x-fb-trip-id: 1679558926
date: Thu, 02 Feb 2023 01:27:24 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=minecraftindonesiatutorials.blogspot.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=minecraftindonesiatutorials.blogspot.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=minecraftindonesiatutorials.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://minecraftindonesiatutorials.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 01:27:24 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bae868356becb6470806e213f97e8aa6
1a3c7ffdce0f4e9c1f59aa0cd7715f22bade5117
c9930f2471f9a8a87fddfe3989391d65e1c41b3457a3f0fbf2e2357566f81a1b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4812
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:24 GMT
Last-Modified: Thu, 02 Feb 2023 00:07:12 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 34057df66622b763fac26c84b1e33814
096d78a127fbb9dbae567b216c18acb32fdc1721
91bcc8cff97b409a7e83150dbf206d85af01f08f1c8b47372ee2c62a162c7bfb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6072
Cache-Control: max-age=154578
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:24 GMT
Etag: "63dab296-13a"
Expires: Fri, 03 Feb 2023 20:23:42 GMT
Last-Modified: Wed, 01 Feb 2023 18:42:30 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 34057df66622b763fac26c84b1e33814
096d78a127fbb9dbae567b216c18acb32fdc1721
91bcc8cff97b409a7e83150dbf206d85af01f08f1c8b47372ee2c62a162c7bfb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3512
Cache-Control: max-age=152018
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:24 GMT
Etag: "63dab296-13a"
Expires: Fri, 03 Feb 2023 19:41:02 GMT
Last-Modified: Wed, 01 Feb 2023 18:42:30 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 314
t.dtscout.com/pv/?_a=v&_h=minecraftindonesiatutorials.blogspot.com&_ss=4ohw04aaif&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=1pzk&_cb=_dtspv.c
141.101.120.10200 OK 52 B URL HTTP/2 t.dtscout.com/pv/?_a=v&_h=minecraftindonesiatutorials.blogspot.com&_ss=4ohw04aaif&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=1pzk&_cb=_dtspv.c
IP 141.101.120.10:0
File type ASCII text, with no line terminators
Hash 1c43732bf133911fd5e4c8da4945034b
305aed22fd61355d2dae5de02108d4652679674d
e033bf37df399d098bd34e569f38b848db7f9bee169c3438bc0db16c07355440
GET /pv/?_a=v&_h=minecraftindonesiatutorials.blogspot.com&_ss=4ohw04aaif&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=1pzk&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://minecraftindonesiatutorials.blogspot.com/
Cookie: m=1; oa=1; df=1675301244
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:27:24 GMT
content-type: application/javascript
x-t: 0.16
x-c: 0
expires: Thu, 02 Feb 2023 01:27:23 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3HlN0rZK4uHEJjOPM5L1J3%2BELPAVhxIQREVhjcICkeyCcbefDAGFUJLfOv8Jg12A8qO0LAnr1IPIDHLXcRi9Sg5p2UTJ6RHCE%2BgVCpUQZhBf47GuUQx6ijgqwVmT0Pw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792f24e88ff70a3b-ARN
content-encoding: br
X-Firefox-Spdy: h2
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kMCRE7OzWdgFtgGdg2ICAgAAAGHAUrnFLLssEHsR22NxsX3Jto5YFJoNnwASAAAKDkFRVURBZ1lEQWdFQkFn&wp=Y9sRfAACddUDogTtAA59zCnRrQkvFaBOXU9WFg
178.250.2.129200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kMCRE7OzWdgFtgGdg2ICAgAAAGHAUrnFLLssEHsR22NxsX3Jto5YFJoNnwASAAAKDkFRVURBZ1lEQWdFQkFn&wp=Y9sRfAACddUDogTtAA59zCnRrQkvFaBOXU9WFg
IP 178.250.2.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kMCRE7OzWdgFtgGdg2ICAgAAAGHAUrnFLLssEHsR22NxsX3Jto5YFJoNnwASAAAKDkFRVURBZ1lEQWdFQkFn&wp=Y9sRfAACddUDogTtAA59zCnRrQkvFaBOXU9WFg HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 301530
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
connect.facebook.net/id_ID/sdk.js?hash=8fd8e7d85059a26adeb7984d64c7241f
157.240.205.11200 OK 88 kB URL HTTP/2 connect.facebook.net/id_ID/sdk.js?hash=8fd8e7d85059a26adeb7984d64c7241f
IP 157.240.205.11:0
File type ASCII text, with very long lines (18530)
Hash 0077bc6d20bfbdb1ed7672bf0d8b91dd
6c34b311f9fd619fb6223313f92b5c212eb82d4c
13308e243fbaaa2faa9dc02ce16ebccd2628ce15ca9631f09735f0a8103c0395
GET /id_ID/sdk.js?hash=8fd8e7d85059a26adeb7984d64c7241f HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://minecraftindonesiatutorials.blogspot.com
Connection: keep-alive
Referer: https://minecraftindonesiatutorials.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 4e369103432fd978b91d872be6956f52
etag: "822fed3fe7d0a0a6ab565d4b138258c7"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 02 Feb 2024 01:27:24 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: AHe8bSC/vbHtdnK/DYuR3Q==
x-fb-debug: VMYWP8nL2OiROWCnCiffr/qECbRKyzh3fDwu9Hr7JtM8pCDGxt4LvTEVGl+rVsyEeWM6GylpSfpO2Xy39/OWgw==
content-length: 88476
x-fb-trip-id: 1679558926
date: Thu, 02 Feb 2023 01:27:24 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash f8d8478f6fd65ccb723aafc9fa19ac4b
de1c2b7881907cc7c06c816b365da09df429ba7a
e4f4422c14320af3bf6e865e98d42ab5e8f5ef06a41c10f42670ae2d533e534a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 972
Cache-Control: max-age=148449
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:24 GMT
Etag: "63daae91-139"
Expires: Fri, 03 Feb 2023 18:41:33 GMT
Last-Modified: Wed, 01 Feb 2023 18:25:21 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 75f7afd37af1d98d4e2a1369501aa3c3
5f25e040eeda9c29b4ce2666f05d889bd54f07f0
b3c3f088310e8db7b598efb702a7335d5d110d8b0cb5d5a8dc165457a297393a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6486
Cache-Control: max-age=138454
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:24 GMT
Etag: "63da71fc-139"
Expires: Fri, 03 Feb 2023 15:54:58 GMT
Last-Modified: Wed, 01 Feb 2023 14:06:52 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 313
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6906
Expires: Thu, 02 Feb 2023 03:22:30 GMT
Date: Thu, 02 Feb 2023 01:27:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6906
Expires: Thu, 02 Feb 2023 03:22:30 GMT
Date: Thu, 02 Feb 2023 01:27:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 91987222-d376-4099-a4e9-5f877b5212be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzO2FSDIAMFktg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce325e-281a7e062ee3039d42ae8f83;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:08:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SEH32iK4aCkxhxQyu3fSlW8uVM1Oj5hwnl2U09k_THEOdAqdEeVMJw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:03:43 GMT
age: 12221
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0f85742f336de59ca88f7f964a8b33f4
0fc7177f8cb06421a8807e93989f651bda743567
fbd5fd39c39c218b0fa956f8cb8050cbdbfcb109a92303f6175d73cc8c339526
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8642
x-amzn-requestid: f47f7616-41aa-4983-8ada-20f6f0b6856b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frfXtHkUoAMFr1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadf64-083a903959cdab540bd38265;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:53:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UqoeSWse0jZAC3IEIWk5fj9q_4xsAoZRkn67U4m2L5NkayHxsAYmlA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:00:35 GMT
age: 12409
etag: "0fc7177f8cb06421a8807e93989f651bda743567"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 395bb0f71f9eba82f5ca23548d08900f
b1fada280c7ea3eb775a6fa46ce173a51eb045f5
7443babb69532e1ee3ee779e05ad4f62de2c5bf62548bcb5702f8290a527664c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11367
x-amzn-requestid: 67702c15-9a68-46ec-95e5-efb57f08e2f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5OGfBoAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6e-033182ba55fdd0230ad5a270;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Ybz4mmNUwsKOkpz6GFm4nLz7iGX5gJ--EiUjqrs8G92GBLn6qaF7IQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:57:51 GMT
age: 12573
etag: "b1fada280c7ea3eb775a6fa46ce173a51eb045f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6bb5b89e738516f4862491eec286bf6d
8fb46b9ca85f2c578eb2a56d0007859183e12209
7f164a37b675bf39f8473392b07a2a383397da003303965fb190fd4f455bb43b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15051
x-amzn-requestid: 72a3f2ae-538e-40dc-9496-86c28334ba0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc6jGTAIAMFy4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb76-72178ed13a2e70d462785b90;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CKTfQzCvXa4oL6Lm2n8Rw_9Uhj69YfgpDTP9s0zoaX5qW1vcqWIXDA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:54:58 GMT
age: 12746
etag: "8fb46b9ca85f2c578eb2a56d0007859183e12209"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6790e3bf4d10b1ffba32a22dc588c640
cdae35517dfea800134393a1095f44462bc428a5
4f4132588ee7337fff24da64b89e43b277c4ef0a2646acfba37aea08fc0f4256
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9416
x-amzn-requestid: acc48967-4cc1-4bfd-bc33-7bcefd8e6547
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKVGjqIAMFa2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-1d1cd4de0a30760e792d32e5;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: byLFLKpRZa_blxNi2wh_ft4Ule-zNiZtSih_Quv-9BgKS87Y-wJlTA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:00:40 GMT
age: 12404
etag: "cdae35517dfea800134393a1095f44462bc428a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd8c5ba-bd1b-4dda-ae36-680f02b388f8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd8c5ba-bd1b-4dda-ae36-680f02b388f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b91a1323efe4b01a2d1a2e8485117934
43d04a554f6ef512e7b21ac09287efc0e4e5efee
393e3ab81aee9fda022d06c25789be66e56aaf56f81b0514ab5dfec445087bdf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd8c5ba-bd1b-4dda-ae36-680f02b388f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10807
x-amzn-requestid: 9fff89ce-35f7-4b09-b766-6e65b4586c10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ5PHm7oAMFdfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bd07-0ed090976c8a74542e225f4c;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Hhd99jugAUeT4SMDkgOSFkc9q5jWXE0qAq51OVq8ct4juyFrYH0IhA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:23:30 GMT
age: 65034
etag: "43d04a554f6ef512e7b21ac09287efc0e4e5efee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash f778d551c0863c1a21556c8505894dff
2eeaa5eaa20a00dcd52e5912430d5a0819495c78
6eeff9b51275defc26c45f86df2f82a3cb5cce699667c36437d76daebffd2369
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 01:27:25 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 23:33:41 GMT
Expires: Wed, 08 Feb 2023 23:33:40 GMT
Etag: "2eeaa5eaa20a00dcd52e5912430d5a0819495c78"
Cache-Control: max-age=597375,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792f24ecf975b512-OSL
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 39f6ca1b7865aaacade6af8dfb840bb9
d85b74a1c96889491927bca16fe4fb1bc05d066a
8362bae667f163b53b51cfdc6cf0a5269a13dd46a8e93b79409d7eb9adbf5dc7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5097
Cache-Control: max-age=124099
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:25 GMT
Etag: "63da3f57-13a"
Expires: Fri, 03 Feb 2023 11:55:44 GMT
Last-Modified: Wed, 01 Feb 2023 10:30:47 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 39f6ca1b7865aaacade6af8dfb840bb9
d85b74a1c96889491927bca16fe4fb1bc05d066a
8362bae667f163b53b51cfdc6cf0a5269a13dd46a8e93b79409d7eb9adbf5dc7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6432
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:25 GMT
Last-Modified: Wed, 01 Feb 2023 23:40:14 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 314
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kKnZE7OzWe0HfJ2DYgICAAAALQp2i7Ob0ykQexHbYxtT429734PIrNDmABIAAAoOQVFVQkFnWUJBZ0VCQWc&wp=Y9sRfAACV_gDogQ-AAKD5Fa9aqryrVu0U-WSKw
178.250.2.129200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kKnZE7OzWe0HfJ2DYgICAAAALQp2i7Ob0ykQexHbYxtT429734PIrNDmABIAAAoOQVFVQkFnWUJBZ0VCQWc&wp=Y9sRfAACV_gDogQ-AAKD5Fa9aqryrVu0U-WSKw
IP 178.250.2.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kKnZE7OzWe0HfJ2DYgICAAAALQp2i7Ob0ykQexHbYxtT429734PIrNDmABIAAAoOQVFVQkFnWUJBZ0VCQWc&wp=Y9sRfAACV_gDogQ-AAKD5Fa9aqryrVu0U-WSKw HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server-processing-duration-in-ticks: 268635
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y9sRfAACV_gDogQ-AAKD5Fa9aqryrVu0U-WSKw&u=%7CmmAVo7MPKn7445f18dVinVPffU0%2F76mHb5JdAcXiTGY%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUAuabbKvlotkQOlWSrUssLanbsmj9oQkHHJo-ngT-uhbPS4zVF01EuuMVOA3V6V3DoxSnGPTSSPRX543-OFSTiSWU2MNz-eym2SJ44AIGdEGPnGeSixllmhcItJUubGSNRJnVEl5AzqbfiYZ079pLTFQSNnmCb-qhxHh9SuG8pxs1jomGKNOE9P5MfN22iftLod-QXUbSc0razYc6PKiBPOS6CIdLZfZABrspwtkib2b41ac_WOH3J7jrVj6yedSdH8iCIsXcDFbEe9ZcHhiid6bXjgSkgH3T-3BlzuXcr8Eig3WfVq7twnb44Jc8LpQwtKZppjCQBPvgadH-SSVquCjDZgPVUFgsrh8nMBXevnDHXVjVV_HhLoOsm2LVn612PdxxSkxR6yCHbUc8qsncLSIj2rbcj1b8vy1iMUAmXztFF-8T532lDRsX73s0p-IlUh6YeXSWk2Mjgmc3RQz8wi_xjXB1ANihLqojIZugCbQwF1nNDjIgChpeEdjy70sfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4_3sfBHbY_ivCb6IiM0P5IeK6A7JntKxXPWR3r6xAcCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi02MzA5MTI2MDQxMzA1MzQ1yAEJqQKO_GdEmWuyPqgDAaoEqQJP0FADp4tKJ8yqeBDTGPw9n1MU7ARrfyNsLgMJhQY5t451284oC2k5EEHdPguiTjw2-TYAQFomdWzec9_d7lY1pF9oYz1DGmG29n7h5Ol_11NTi9npw8w6nXgWKOpud-MepARpcK_fFRTwXGrR1dBZR_fWRZwjoG5l1A1mY9jmHlGgfY26NFbEleWAsti198wftzeZ8FGOr6iDH8LGxMdFua6wokuViKe16tElNYlnjg1xi0i2F1_qy5q9yjvKjD6y-L2rAIvQ3ejsf2rtN4HkE6xJLXBn5RUEA_k9ikhx8jcjpEqOf2dDNMNc4LxzMVzOqSgOfvm0sn_dOISj_ULUM_p1rLuHdyYUXTWZ6ff7K25ebIf3mM6dnn3XOfdSZbtBEHEzbcwXBOOABvrv4u2Tr7XwUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hracTBZ0jMsZQPAel8JrwjYtTHg%26client%3Dca-pub-6309126041305345%26adurl%3D
178.250.0.138200 OK 54 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y9sRfAACV_gDogQ-AAKD5Fa9aqryrVu0U-WSKw&u=%7CmmAVo7MPKn7445f18dVinVPffU0%2F76mHb5JdAcXiTGY%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUAuabbKvlotkQOlWSrUssLanbsmj9oQkHHJo-ngT-uhbPS4zVF01EuuMVOA3V6V3DoxSnGPTSSPRX543-OFSTiSWU2MNz-eym2SJ44AIGdEGPnGeSixllmhcItJUubGSNRJnVEl5AzqbfiYZ079pLTFQSNnmCb-qhxHh9SuG8pxs1jomGKNOE9P5MfN22iftLod-QXUbSc0razYc6PKiBPOS6CIdLZfZABrspwtkib2b41ac_WOH3J7jrVj6yedSdH8iCIsXcDFbEe9ZcHhiid6bXjgSkgH3T-3BlzuXcr8Eig3WfVq7twnb44Jc8LpQwtKZppjCQBPvgadH-SSVquCjDZgPVUFgsrh8nMBXevnDHXVjVV_HhLoOsm2LVn612PdxxSkxR6yCHbUc8qsncLSIj2rbcj1b8vy1iMUAmXztFF-8T532lDRsX73s0p-IlUh6YeXSWk2Mjgmc3RQz8wi_xjXB1ANihLqojIZugCbQwF1nNDjIgChpeEdjy70sfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4_3sfBHbY_ivCb6IiM0P5IeK6A7JntKxXPWR3r6xAcCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi02MzA5MTI2MDQxMzA1MzQ1yAEJqQKO_GdEmWuyPqgDAaoEqQJP0FADp4tKJ8yqeBDTGPw9n1MU7ARrfyNsLgMJhQY5t451284oC2k5EEHdPguiTjw2-TYAQFomdWzec9_d7lY1pF9oYz1DGmG29n7h5Ol_11NTi9npw8w6nXgWKOpud-MepARpcK_fFRTwXGrR1dBZR_fWRZwjoG5l1A1mY9jmHlGgfY26NFbEleWAsti198wftzeZ8FGOr6iDH8LGxMdFua6wokuViKe16tElNYlnjg1xi0i2F1_qy5q9yjvKjD6y-L2rAIvQ3ejsf2rtN4HkE6xJLXBn5RUEA_k9ikhx8jcjpEqOf2dDNMNc4LxzMVzOqSgOfvm0sn_dOISj_ULUM_p1rLuHdyYUXTWZ6ff7K25ebIf3mM6dnn3XOfdSZbtBEHEzbcwXBOOABvrv4u2Tr7XwUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hracTBZ0jMsZQPAel8JrwjYtTHg%26client%3Dca-pub-6309126041305345%26adurl%3D
IP 178.250.0.138:0
Hash fc460a39d44f2f17d753561613b573d3
4a569d50454a1f5b06c6b7afbd7d3840df43cf3e
09f403db158d7026178b62302e19fed9d4aeccce0c603a851e3466a0272d85ab
GET /delivery/r/afr.php?z=Y9sRfAACV_gDogQ-AAKD5Fa9aqryrVu0U-WSKw&u=%7CmmAVo7MPKn7445f18dVinVPffU0%2F76mHb5JdAcXiTGY%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUAuabbKvlotkQOlWSrUssLanbsmj9oQkHHJo-ngT-uhbPS4zVF01EuuMVOA3V6V3DoxSnGPTSSPRX543-OFSTiSWU2MNz-eym2SJ44AIGdEGPnGeSixllmhcItJUubGSNRJnVEl5AzqbfiYZ079pLTFQSNnmCb-qhxHh9SuG8pxs1jomGKNOE9P5MfN22iftLod-QXUbSc0razYc6PKiBPOS6CIdLZfZABrspwtkib2b41ac_WOH3J7jrVj6yedSdH8iCIsXcDFbEe9ZcHhiid6bXjgSkgH3T-3BlzuXcr8Eig3WfVq7twnb44Jc8LpQwtKZppjCQBPvgadH-SSVquCjDZgPVUFgsrh8nMBXevnDHXVjVV_HhLoOsm2LVn612PdxxSkxR6yCHbUc8qsncLSIj2rbcj1b8vy1iMUAmXztFF-8T532lDRsX73s0p-IlUh6YeXSWk2Mjgmc3RQz8wi_xjXB1ANihLqojIZugCbQwF1nNDjIgChpeEdjy70sfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4_3sfBHbY_ivCb6IiM0P5IeK6A7JntKxXPWR3r6xAcCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi02MzA5MTI2MDQxMzA1MzQ1yAEJqQKO_GdEmWuyPqgDAaoEqQJP0FADp4tKJ8yqeBDTGPw9n1MU7ARrfyNsLgMJhQY5t451284oC2k5EEHdPguiTjw2-TYAQFomdWzec9_d7lY1pF9oYz1DGmG29n7h5Ol_11NTi9npw8w6nXgWKOpud-MepARpcK_fFRTwXGrR1dBZR_fWRZwjoG5l1A1mY9jmHlGgfY26NFbEleWAsti198wftzeZ8FGOr6iDH8LGxMdFua6wokuViKe16tElNYlnjg1xi0i2F1_qy5q9yjvKjD6y-L2rAIvQ3ejsf2rtN4HkE6xJLXBn5RUEA_k9ikhx8jcjpEqOf2dDNMNc4LxzMVzOqSgOfvm0sn_dOISj_ULUM_p1rLuHdyYUXTWZ6ff7K25ebIf3mM6dnn3XOfdSZbtBEHEzbcwXBOOABvrv4u2Tr7XwUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hracTBZ0jMsZQPAel8JrwjYtTHg%26client%3Dca-pub-6309126041305345%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:27:24 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Vn0o8A8Livh25r4ZhPfs2VVklcX7tZcHk0l4ZEG7lxpr7BB4m4CGxncuKp4kwoXRxKNXcuJ55PbzcOlQ_Yo4_mNYe6AWwKvY3GAMUstLkkSYJq2DDUxmfqVc2CJYzIg0aoDxbbZcN1xaNrmi9MGQQ33l89t_z2T5OrqZpRTAhWea499QGWMAn3gGGm9GhHy6IhyRJ8sbDUcO-ymPMOoTj8QLZ7fbc_9vMzr7wuWGTF_YZ4bfOAGXnXScdl_cT3zq-vigpw2ehdstqVoP"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 121753598
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 39f6ca1b7865aaacade6af8dfb840bb9
d85b74a1c96889491927bca16fe4fb1bc05d066a
8362bae667f163b53b51cfdc6cf0a5269a13dd46a8e93b79409d7eb9adbf5dc7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 171
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:27:25 GMT
Last-Modified: Thu, 02 Feb 2023 01:24:34 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 314
pix.eu.criteo.net/img/img?h=108&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=316&s=TwSLFoHqVu_-AJaxU_Ozpn5I
178.250.2.135200 OK 2.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=108&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=316&s=TwSLFoHqVu_-AJaxU_Ozpn5I
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 287x108, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fa1111eafc5a519a57dab90bf652195c
b2b462a1efe5a836d1cefe472c3bc52089e81ba3
0030c72467d93e856298b7ae6e14826618bef94ab24aee1f7aa127b33164201c
GET /img/img?h=108&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=316&s=TwSLFoHqVu_-AJaxU_Ozpn5I HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31035337
expires: Sat, 27 Jan 2024 06:23:02 GMT
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 2948
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Froyal-republiq%2F1300x1700%2Frrq250186119211_cbrown.jpg&v=3&w=400&s=aoH9gbLxX5y_hDJridYnM3hE&b=400
178.250.2.135200 OK 7.3 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Froyal-republiq%2F1300x1700%2Frrq250186119211_cbrown.jpg&v=3&w=400&s=aoH9gbLxX5y_hDJridYnM3hE&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x372, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0eeda7e6493484cfb7f70b2967c08177
35b93c5f4f4652bd480397742e1d7edf02399d31
b1b70f74f765bdeacace86455a42be94b01ab5957f2fbaea09fbba672defef41
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Froyal-republiq%2F1300x1700%2Frrq250186119211_cbrown.jpg&v=3&w=400&s=aoH9gbLxX5y_hDJridYnM3hE&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30521581
expires: Sun, 21 Jan 2024 07:40:26 GMT
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7318
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsvea%2F1300x1700%2Fsve10244_cgrey_v901.jpg&v=3&w=400&s=EXDWfrVLjwla653OTAlKHmXI&b=400
178.250.2.135200 OK 6.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsvea%2F1300x1700%2Fsve10244_cgrey_v901.jpg&v=3&w=400&s=EXDWfrVLjwla653OTAlKHmXI&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 253x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4107b3cce321d0de575e2d09ee500141
ea63bcbed38763856b3c80f6921b2e34648cc2e6
0d5fe42912025a3f0d1d9b825a59bf43a0067e6ccba06d997e75cd7b86e83347
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsvea%2F1300x1700%2Fsve10244_cgrey_v901.jpg&v=3&w=400&s=EXDWfrVLjwla653OTAlKHmXI&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31420632
expires: Wed, 31 Jan 2024 17:24:37 GMT
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6652
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fhan-kjbenhavn-clothing%2F1300x1700%2Fhkcm131890_cfadedblack.jpg&v=3&w=400&s=DWjJS0KF6rA66bx5AemeRoyS&b=400
178.250.2.135200 OK 5.2 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fhan-kjbenhavn-clothing%2F1300x1700%2Fhkcm131890_cfadedblack.jpg&v=3&w=400&s=DWjJS0KF6rA66bx5AemeRoyS&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 356x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash be7eb831b236caef3bd81899d8c3f860
71c416c0b99840bbb2f7f1b8c498f7537b3c2999
0af4392fcde0d5a8bafdca17edfe0adbf2374020ae36969804cdea12f9afd7a2
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fhan-kjbenhavn-clothing%2F1300x1700%2Fhkcm131890_cfadedblack.jpg&v=3&w=400&s=DWjJS0KF6rA66bx5AemeRoyS&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29077042
expires: Thu, 04 Jan 2024 14:24:47 GMT
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5188
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fea7%2F1300x1700%2Fea7pn29z8npb02_cscarab_v1860.jpg&v=3&w=400&s=8g2l6B1f_BVLkId5fVsUYzW_&b=400
178.250.2.135200 OK 18 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fea7%2F1300x1700%2Fea7pn29z8npb02_cscarab_v1860.jpg&v=3&w=400&s=8g2l6B1f_BVLkId5fVsUYzW_&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 329x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1be08f3dc180eeb2ef32b72041c3d7c3
a28f023d105169838d0733fb1c30990dd72f26f3
4ec3a6a2248b238944f6e2671890743aac6d519aa01116fac2e4697322628881
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fea7%2F1300x1700%2Fea7pn29z8npb02_cscarab_v1860.jpg&v=3&w=400&s=8g2l6B1f_BVLkId5fVsUYzW_&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30887795
expires: Thu, 25 Jan 2024 13:24:00 GMT
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 18078
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
s4.histats.com/8000.gif?3626026&@f16&@g1&@h1&@i1&@j1675301268539&@k0&@l1&@mNovember%202016&@n0&@o1000&@q0&@r0&@s8000&@ten-US&@u1280&@b1:-112243515&@b3:1675301269&@b4:js15_gif_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fminecraftindonesiatutorials.blogspot.com%2F2016%2F11&@w
149.56.240.31200 OK 3.0 kB URL HTTP/1.1 s4.histats.com/8000.gif?3626026&@f16&@g1&@h1&@i1&@j1675301268539&@k0&@l1&@mNovember%202016&@n0&@o1000&@q0&@r0&@s8000&@ten-US&@u1280&@b1:-112243515&@b3:1675301269&@b4:js15_gif_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fminecraftindonesiatutorials.blogspot.com%2F2016%2F11&@w
IP 149.56.240.31:0
File type GIF image data, version 89a, 70 x 20\012- data
Hash fd55fb1034a1e2a9b973ddd6a8daf65c
d6efe4d1631bd69ab9408e7cdfd6c1d66151bb7c
1ee4ea7ca97d8cb93905575ca4f8f267f026f7c34f16a92e8c9dd6b590d5bb61
GET /8000.gif?3626026&@f16&@g1&@h1&@i1&@j1675301268539&@k0&@l1&@mNovember%202016&@n0&@o1000&@q0&@r0&@s8000&@ten-US&@u1280&@b1:-112243515&@b3:1675301269&@b4:js15_gif_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fminecraftindonesiatutorials.blogspot.com%2F2016%2F11&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://minecraftindonesiatutorials.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 01:27:25 GMT
Content-Type: image/gif
Content-Length: 3000
Connection: close
ETag: "-2084081477"
Last-Modified: Thu, 16 Apr 2020 10:44:17 GMT
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=MZXBk993wCs3txwqPiSRw8TATw52Vh20t-rjlTxqy4CF_pKCKoM8JYi6p72z9dC7T-z9paM0e2zPd3lr3gXmeSQXi7XIy5sfE1uYer27yMjAgbGysdvF0bI07nRbChY9Rl94xqaeA-T6rICFkQ5vuKA04q6cb_4sociouWXZK_agIzCLiVpvLgYa-O7dJDwjwVwkFRYGIItr77TVB4NSJAxJGGkVNTtkKrerKJ5a9fbF_ZAbaYSlEkRGvRVNVl3QBPmGySwTah8Zp3Ukh-i88OY3zEg7xQj2yiOtaskzKNZqSmDmJFEi9gR0zdOcGRvOmXUH5kibnlHQw5yRBpqGSD80jCogyZuUvsfEc6XHLqlwXw0gbxN4L3iRX8z7UBbisHf0LBdHZh3wOCxNAPFyAWMTJy0NKaFjMQMVMyjemFLvv-Kc
178.250.0.160200 OK 2.6 kB URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=MZXBk993wCs3txwqPiSRw8TATw52Vh20t-rjlTxqy4CF_pKCKoM8JYi6p72z9dC7T-z9paM0e2zPd3lr3gXmeSQXi7XIy5sfE1uYer27yMjAgbGysdvF0bI07nRbChY9Rl94xqaeA-T6rICFkQ5vuKA04q6cb_4sociouWXZK_agIzCLiVpvLgYa-O7dJDwjwVwkFRYGIItr77TVB4NSJAxJGGkVNTtkKrerKJ5a9fbF_ZAbaYSlEkRGvRVNVl3QBPmGySwTah8Zp3Ukh-i88OY3zEg7xQj2yiOtaskzKNZqSmDmJFEi9gR0zdOcGRvOmXUH5kibnlHQw5yRBpqGSD80jCogyZuUvsfEc6XHLqlwXw0gbxN4L3iRX8z7UBbisHf0LBdHZh3wOCxNAPFyAWMTJy0NKaFjMQMVMyjemFLvv-Kc
IP 178.250.0.160:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c1450aec27184f0647f61a91cf489fd2
f4b641f89013f4005136f84a7b21e6f042776981
30b0c001c84dfcafc40860f0b25d6b9ed9702baccdd30f40991272786d22b0c7
GET /delivery/lg.php?cppv=3&cpp=MZXBk993wCs3txwqPiSRw8TATw52Vh20t-rjlTxqy4CF_pKCKoM8JYi6p72z9dC7T-z9paM0e2zPd3lr3gXmeSQXi7XIy5sfE1uYer27yMjAgbGysdvF0bI07nRbChY9Rl94xqaeA-T6rICFkQ5vuKA04q6cb_4sociouWXZK_agIzCLiVpvLgYa-O7dJDwjwVwkFRYGIItr77TVB4NSJAxJGGkVNTtkKrerKJ5a9fbF_ZAbaYSlEkRGvRVNVl3QBPmGySwTah8Zp3Ukh-i88OY3zEg7xQj2yiOtaskzKNZqSmDmJFEi9gR0zdOcGRvOmXUH5kibnlHQw5yRBpqGSD80jCogyZuUvsfEc6XHLqlwXw0gbxN4L3iRX8z7UBbisHf0LBdHZh3wOCxNAPFyAWMTJy0NKaFjMQMVMyjemFLvv-Kc HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:27:23 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3474926
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsuperdry%2F1300x1700%2Fsdw5011411a_crichdeepburgundy.jpg&v=3&w=400&s=6FK8lll0dn3GSruXVCNn5mSb&b=400
178.250.2.135200 OK 4.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsuperdry%2F1300x1700%2Fsdw5011411a_crichdeepburgundy.jpg&v=3&w=400&s=6FK8lll0dn3GSruXVCNn5mSb&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 208x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2c0585a05a94115d214fc9814fc8234e
4768a14fafd653dc13f0756cc383dcc083fb82e1
0d71c198c1852053ad91f73284a51d35b4b93a0e4e68c03aad1cdf17c3bc6aa6
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsuperdry%2F1300x1700%2Fsdw5011411a_crichdeepburgundy.jpg&v=3&w=400&s=6FK8lll0dn3GSruXVCNn5mSb&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29152763
expires: Fri, 05 Jan 2024 11:26:48 GMT
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4918
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fcopenhagen-muse%2F1300x1700%2Fcme126494_cbatikprintbluecol_vcombi1.jpg&v=3&w=400&s=MUHPzV-EYVby5qATbxfvRcJ1&b=400
178.250.2.135200 OK 22 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fcopenhagen-muse%2F1300x1700%2Fcme126494_cbatikprintbluecol_vcombi1.jpg&v=3&w=400&s=MUHPzV-EYVby5qATbxfvRcJ1&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 210x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1cd0a0790530ba7c011b1ba0b5468b9c
fa5ff52ccbcf74c001514f18ae05159946532057
2797bcc85db16a8e29151fe78faa8ebf28f2e7db089cb2ace54e46874f08fc32
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fcopenhagen-muse%2F1300x1700%2Fcme126494_cbatikprintbluecol_vcombi1.jpg&v=3&w=400&s=MUHPzV-EYVby5qATbxfvRcJ1&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30609539
expires: Mon, 22 Jan 2024 08:06:24 GMT
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 21484
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/animejs/animejs.js
178.250.0.130200 OK 30 kB URL HTTP/2 static.criteo.net/animejs/animejs.js
IP 178.250.0.130:0
Hash 22385871d15296dd9982d8701cea22a6
c94b534289cb8ff0d24e0ae157304938b4913591
d1399c73821d848ac92b3467c65a4c8e572c21e07ca0a4a64db07000e8602480
GET /animejs/animejs.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 01:27:24 GMT
content-type: text/javascript
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
etag: W/"5c9a64eb-3181"
expires: Sun, 28 Jan 2024 01:27:24 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftamaris%2F1300x1700%2Ftam112549829_cantelopeuni_v309.jpg&v=3&w=400&s=gpVQdr807YDssiJabmfbxiNl&b=400
178.250.2.135200 OK 4.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftamaris%2F1300x1700%2Ftam112549829_cantelopeuni_v309.jpg&v=3&w=400&s=gpVQdr807YDssiJabmfbxiNl&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 288x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0f672fd89e95e6d08cc28c446bbd83a2
cae1db46cbc74a5045b02e2d13fa32ed434758e3
eca7ed9381a4aab8526a3565063b4d33601ea32bdc80b1c5e0dca61503a91301
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftamaris%2F1300x1700%2Ftam112549829_cantelopeuni_v309.jpg&v=3&w=400&s=gpVQdr807YDssiJabmfbxiNl&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30225307
expires: Wed, 17 Jan 2024 21:22:32 GMT
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4510
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2F2nd-day%2F1300x1700%2F2da2000132513_clightgreymel_v11990.jpg&v=3&w=400&s=PZ4niZ9K9Su0FzItqmT9O1M_&b=400
178.250.2.135200 OK 7.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2F2nd-day%2F1300x1700%2F2da2000132513_clightgreymel_v11990.jpg&v=3&w=400&s=PZ4niZ9K9Su0FzItqmT9O1M_&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 215x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5d45b1ad46afa542ef2aad45843170b0
fd8ec3c7b87e76f1a8f1ef0c01b24f8f27efe756
222e715ccc1490eaf2396ae32516f0361094f45e8fa49d63cb1fdaf2a277d777
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2F2nd-day%2F1300x1700%2F2da2000132513_clightgreymel_v11990.jpg&v=3&w=400&s=PZ4niZ9K9Su0FzItqmT9O1M_&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30778499
expires: Wed, 24 Jan 2024 07:02:24 GMT
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7716
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fea7%2F1300x1700%2Fea7pne1z8npb07_cnightblue_v1578.jpg&v=3&w=400&s=mGcaCeKXQYmph0rSsQjAUf3F&b=400
178.250.2.135200 OK 8.6 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fea7%2F1300x1700%2Fea7pne1z8npb07_cnightblue_v1578.jpg&v=3&w=400&s=mGcaCeKXQYmph0rSsQjAUf3F&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 316x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f2681874b9c2c56f84d7a55a47a9addb
0aa28284733d54b7d900884f95d3d7ae74e7254a
2bade8c4cddb0e86739e1d1fc034af6493c5f9bf1b15e8a3c2d0ef13b13a8212
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fea7%2F1300x1700%2Fea7pne1z8npb07_cnightblue_v1578.jpg&v=3&w=400&s=mGcaCeKXQYmph0rSsQjAUf3F&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30082030
expires: Tue, 16 Jan 2024 05:34:35 GMT
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 8554
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fhunter%2F1300x1700%2Fhunhblkft5068wwu_cblack.jpg&v=3&w=400&s=ziABhNvqQa_h96LC2irxGvZO&b=400
178.250.2.135200 OK 7.4 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fhunter%2F1300x1700%2Fhunhblkft5068wwu_cblack.jpg&v=3&w=400&s=ziABhNvqQa_h96LC2irxGvZO&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 347x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 54fc4716c3416a818a98a1b65a48c991
d7b312529afe5c39d14914a8c69754ed0b6121f3
a48ed7ae231f7cd7ec672061f306f42d8cc1a4771b389b5fa7d68214f8012223
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fhunter%2F1300x1700%2Fhunhblkft5068wwu_cblack.jpg&v=3&w=400&s=ziABhNvqQa_h96LC2irxGvZO&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29569911
expires: Wed, 10 Jan 2024 07:19:16 GMT
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7408
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y9sRfAAChuYKewqDAA2oYtYnWFt4bsZZwS__Zg&u=%7CmmAVo7MPKn6z2x7CECjE5xtnHwhLjxf70dqhj7FXdjk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm0xI9yR5IIJj3vZY7sx6JmuR7bkdVg5BwxRzkoziAzCbZQsvQZRj7c7BpsO63tqa7Vq_2VSKuAJ21X_aJ-L7szk97QiKWp3EduzpYBWoCmN4P2CvIombGvMcQrOp1wcQeUsB7enz1uPdhi_F97C1qMHHG0D3KwF6UA43dhxY7u2tngGE7AQ2M59FheyyJvzw0WDqQWvH-WRH2av3A_G3ZWq_7XBA6lBjgQuwtLQHhGPHaGwf3Ixx9xi3CyWKmT_av3gHmVAHlszuVFcRkkCruCkCyGYTYbZKWFvU-06mg-tFvwGgw_GP1AaxDUH0NWHw6XdddxWtBtRjLe2TiV4ab-G2FbFFzHslswAMf0i_OCqs_zOIfM5FgQhu1cC33kFrRq4jN4W0yAGCxq2vvRLSQL0RENwWO15DJk1z_TC-1yq7XvaXG9UKViNKoew9ULsdTFnRMdv3uIFGPixecWPaok_VJDV3B0oldXcgMLHfNk1dnQQLt0PVNN3lLs9Mj7FrDRjNn3bPCE1CA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSZkYfBHbY-aNCoOV7APi0LboDsme0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNjMwOTEyNjA0MTMwNTM0NcgBCakCjvxnRJlrsj6oAwGqBKgCT9DXxcd1MYImBeqHm9h_iyekaZiVh8zYF3xVncuRUHbsjEkmvG41sPh-fDRdU3qlpocGkUoGiEdeP9mPVdl10FCpovxNxz3F59d3bGcHKApyIBNAHArwLH8BNYX1Cwg6-jebxZfH79iuUzn2aFdo6T4FwCIMy4LZ7Gm1vdOJwnVdyXyOqHnR1eAriLU6TJDM_VBEb6iCUQuVP7ynEIEYJJFDF8o2h3l-lKjfrbu9ry-zk7TXP3x9mKZslgblN2eagV6jidXjjmEYdaNc0n3ToU8zunQ5VdupyBe6NZYVjJ19Azs6RsFVzxKHWtnIS4NFOAWKLXsRkDy0IpdCkOtMsBBSGCPWN8YKwkE-Dxrx_2zYT7HSeSCJxxMMgEYC168qDcJYfQnbIGSABt2t4pzGm42riwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1QP4TENO69LF2TFjyCFaAheiB1YA%26client%3Dca-pub-6309126041305345%26adurl%3D
178.250.0.138200 OK 81 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y9sRfAAChuYKewqDAA2oYtYnWFt4bsZZwS__Zg&u=%7CmmAVo7MPKn6z2x7CECjE5xtnHwhLjxf70dqhj7FXdjk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm0xI9yR5IIJj3vZY7sx6JmuR7bkdVg5BwxRzkoziAzCbZQsvQZRj7c7BpsO63tqa7Vq_2VSKuAJ21X_aJ-L7szk97QiKWp3EduzpYBWoCmN4P2CvIombGvMcQrOp1wcQeUsB7enz1uPdhi_F97C1qMHHG0D3KwF6UA43dhxY7u2tngGE7AQ2M59FheyyJvzw0WDqQWvH-WRH2av3A_G3ZWq_7XBA6lBjgQuwtLQHhGPHaGwf3Ixx9xi3CyWKmT_av3gHmVAHlszuVFcRkkCruCkCyGYTYbZKWFvU-06mg-tFvwGgw_GP1AaxDUH0NWHw6XdddxWtBtRjLe2TiV4ab-G2FbFFzHslswAMf0i_OCqs_zOIfM5FgQhu1cC33kFrRq4jN4W0yAGCxq2vvRLSQL0RENwWO15DJk1z_TC-1yq7XvaXG9UKViNKoew9ULsdTFnRMdv3uIFGPixecWPaok_VJDV3B0oldXcgMLHfNk1dnQQLt0PVNN3lLs9Mj7FrDRjNn3bPCE1CA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSZkYfBHbY-aNCoOV7APi0LboDsme0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNjMwOTEyNjA0MTMwNTM0NcgBCakCjvxnRJlrsj6oAwGqBKgCT9DXxcd1MYImBeqHm9h_iyekaZiVh8zYF3xVncuRUHbsjEkmvG41sPh-fDRdU3qlpocGkUoGiEdeP9mPVdl10FCpovxNxz3F59d3bGcHKApyIBNAHArwLH8BNYX1Cwg6-jebxZfH79iuUzn2aFdo6T4FwCIMy4LZ7Gm1vdOJwnVdyXyOqHnR1eAriLU6TJDM_VBEb6iCUQuVP7ynEIEYJJFDF8o2h3l-lKjfrbu9ry-zk7TXP3x9mKZslgblN2eagV6jidXjjmEYdaNc0n3ToU8zunQ5VdupyBe6NZYVjJ19Azs6RsFVzxKHWtnIS4NFOAWKLXsRkDy0IpdCkOtMsBBSGCPWN8YKwkE-Dxrx_2zYT7HSeSCJxxMMgEYC168qDcJYfQnbIGSABt2t4pzGm42riwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1QP4TENO69LF2TFjyCFaAheiB1YA%26client%3Dca-pub-6309126041305345%26adurl%3D
IP 178.250.0.138:0
Hash 41e2777f7ac0fa2ceb3beb3f2fb89154
e65ae401cd3d764d127e3aa1b183c814b3358029
cbd6ff41c704fb3f7d6aafa00392692c48d73d88ab9032b2c5fc8babd743547c
GET /delivery/r/afr.php?z=Y9sRfAAChuYKewqDAA2oYtYnWFt4bsZZwS__Zg&u=%7CmmAVo7MPKn6z2x7CECjE5xtnHwhLjxf70dqhj7FXdjk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm0xI9yR5IIJj3vZY7sx6JmuR7bkdVg5BwxRzkoziAzCbZQsvQZRj7c7BpsO63tqa7Vq_2VSKuAJ21X_aJ-L7szk97QiKWp3EduzpYBWoCmN4P2CvIombGvMcQrOp1wcQeUsB7enz1uPdhi_F97C1qMHHG0D3KwF6UA43dhxY7u2tngGE7AQ2M59FheyyJvzw0WDqQWvH-WRH2av3A_G3ZWq_7XBA6lBjgQuwtLQHhGPHaGwf3Ixx9xi3CyWKmT_av3gHmVAHlszuVFcRkkCruCkCyGYTYbZKWFvU-06mg-tFvwGgw_GP1AaxDUH0NWHw6XdddxWtBtRjLe2TiV4ab-G2FbFFzHslswAMf0i_OCqs_zOIfM5FgQhu1cC33kFrRq4jN4W0yAGCxq2vvRLSQL0RENwWO15DJk1z_TC-1yq7XvaXG9UKViNKoew9ULsdTFnRMdv3uIFGPixecWPaok_VJDV3B0oldXcgMLHfNk1dnQQLt0PVNN3lLs9Mj7FrDRjNn3bPCE1CA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSZkYfBHbY-aNCoOV7APi0LboDsme0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNjMwOTEyNjA0MTMwNTM0NcgBCakCjvxnRJlrsj6oAwGqBKgCT9DXxcd1MYImBeqHm9h_iyekaZiVh8zYF3xVncuRUHbsjEkmvG41sPh-fDRdU3qlpocGkUoGiEdeP9mPVdl10FCpovxNxz3F59d3bGcHKApyIBNAHArwLH8BNYX1Cwg6-jebxZfH79iuUzn2aFdo6T4FwCIMy4LZ7Gm1vdOJwnVdyXyOqHnR1eAriLU6TJDM_VBEb6iCUQuVP7ynEIEYJJFDF8o2h3l-lKjfrbu9ry-zk7TXP3x9mKZslgblN2eagV6jidXjjmEYdaNc0n3ToU8zunQ5VdupyBe6NZYVjJ19Azs6RsFVzxKHWtnIS4NFOAWKLXsRkDy0IpdCkOtMsBBSGCPWN8YKwkE-Dxrx_2zYT7HSeSCJxxMMgEYC168qDcJYfQnbIGSABt2t4pzGm42riwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1QP4TENO69LF2TFjyCFaAheiB1YA%26client%3Dca-pub-6309126041305345%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:27:24 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=dLn_Nw8Livh25r4Zd7CuZIFpLCDtYy0tapmpoR6JD6pesfzXWpdvyEhRHJT2Xr7XLRZ3m7Y2rriE_Kwt-t0i6AZ1tGd-2Xf4b80UUeJZt8nYljtAhYjSzkE9XWuCAY7m4nPyQPpiWnemIKDxdoR5KjmOgsui1PSvq3UjBr-get7oCtxas00SuZ7kTtHiC4IAtA3XncU9yEnPKtm-KLE7wXd-tmdUC16AJZbua27g4Cz10Tigz4DoZHgxWCsC0SPMDqkqNQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 117874856
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fkari-traa%2F1300x1700%2Fkta622638_cmarin.jpg&v=3&w=400&s=MOV1GpGVqSC0w9X4Q_JCnyia&b=400
178.250.2.135200 OK 4.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fkari-traa%2F1300x1700%2Fkta622638_cmarin.jpg&v=3&w=400&s=MOV1GpGVqSC0w9X4Q_JCnyia&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 334x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 62f00c587a141e13ab7bc21d14b7c662
851c2273b5f605d32c6d87200b2fb773fe412b71
15d2c7b0b6fb84622725435c9202df55d54a3f848c4ce9c8ffdcc06dd142e1bb
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fkari-traa%2F1300x1700%2Fkta622638_cmarin.jpg&v=3&w=400&s=MOV1GpGVqSC0w9X4Q_JCnyia&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30864161
expires: Thu, 25 Jan 2024 06:50:06 GMT
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 3950
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsvea%2F1300x1700%2Fsve10926_cblack_v900.jpg&v=3&w=400&s=QIYQhC2e-T1cOq6pQvVbPEap&b=400
178.250.2.135200 OK 6.2 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsvea%2F1300x1700%2Fsve10926_cblack_v900.jpg&v=3&w=400&s=QIYQhC2e-T1cOq6pQvVbPEap&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 259x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5feb603b148fd3bac55f1006ac3db2fe
0124be6cb567c06216cacfd10b49a0f8f3cad587
eb9b7f95797c74a0bb1e012c34fb8718d7961fec4cce7d48d6fdc9c1af5ee02e
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsvea%2F1300x1700%2Fsve10926_cblack_v900.jpg&v=3&w=400&s=QIYQhC2e-T1cOq6pQvVbPEap&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=29142235
expires: Fri, 05 Jan 2024 08:31:20 GMT
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6202
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmos-mosh%2F1300x1700%2Fmmh129610_cblack_v801.jpg&v=3&w=400&s=YVfMUn6QKVFqprsG4HL9ooN2&b=400
178.250.2.135200 OK 4.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmos-mosh%2F1300x1700%2Fmmh129610_cblack_v801.jpg&v=3&w=400&s=YVfMUn6QKVFqprsG4HL9ooN2&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 214x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash df48d07e961bf485dd88966a00f409ed
7c33496e42d1014a65178405551f40e22bd93e12
5b7f9480061724b374dfd3338e0ea7a38224eb405d0414177658bb05b32fbd52
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmos-mosh%2F1300x1700%2Fmmh129610_cblack_v801.jpg&v=3&w=400&s=YVfMUn6QKVFqprsG4HL9ooN2&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30088395
expires: Tue, 16 Jan 2024 07:20:40 GMT
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4744
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fshine%2F1300x1700%2Fshi207000_cnavy.jpg&v=3&w=400&s=M6PwfZEg_CiuhPG_F2CEGkVZ&b=400
178.250.2.135200 OK 3.3 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fshine%2F1300x1700%2Fshi207000_cnavy.jpg&v=3&w=400&s=M6PwfZEg_CiuhPG_F2CEGkVZ&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 168x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c8734ccafcfe8ba60353d810a5571662
66df2f0f1804d8009e04308ecff9e3d40de8dd8d
e16606c435f7a8da58f7c6677ad2905ca27e35745aaa3ed16d89473f810198c6
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fshine%2F1300x1700%2Fshi207000_cnavy.jpg&v=3&w=400&s=M6PwfZEg_CiuhPG_F2CEGkVZ&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31419070
expires: Wed, 31 Jan 2024 16:58:35 GMT
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 3278
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fyas%2F1300x1700%2Fyas26028129_cmediumgreymelange_v190950.jpg&v=3&w=400&s=Y3tiXLdu2LaVNpvCplr34oT6&b=400
178.250.2.135200 OK 15 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fyas%2F1300x1700%2Fyas26028129_cmediumgreymelange_v190950.jpg&v=3&w=400&s=Y3tiXLdu2LaVNpvCplr34oT6&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 306x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8b18ede5e80e71c02c4e25eab3ded873
13e83bc181cb65a4217c4e964062ed63cb28924d
e9ca480d342ff0531b86e61d920b82b9b312fef310b7b6e50d6f33300e95219b
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fyas%2F1300x1700%2Fyas26028129_cmediumgreymelange_v190950.jpg&v=3&w=400&s=Y3tiXLdu2LaVNpvCplr34oT6&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29991701
expires: Mon, 15 Jan 2024 04:29:06 GMT
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 15360
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fvero-moda%2F1300x1700%2Fvm10247723_cblack_v177868.jpg&v=3&w=400&s=r_JrdZ68TEE_MudByXLy2G-l&b=400
178.250.2.135200 OK 5.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fvero-moda%2F1300x1700%2Fvm10247723_cblack_v177868.jpg&v=3&w=400&s=r_JrdZ68TEE_MudByXLy2G-l&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 233x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b2f8514c6d2bd10c32706b1772abf702
db67d6c7fc281ee918b6891368b73e1a61330af7
4eb64ff32170af7717eea1203258aabf6125c4825d6d3c443182c46ac3b89c9b
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fvero-moda%2F1300x1700%2Fvm10247723_cblack_v177868.jpg&v=3&w=400&s=r_JrdZ68TEE_MudByXLy2G-l&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31395438
expires: Wed, 31 Jan 2024 10:24:43 GMT
date: Thu, 02 Feb 2023 01:27:25 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5666
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fknowledge-cotton-apparel%2F1300x1700%2Fkca80659_cblackjet.jpg&v=3&w=400&s=i9ZLuAkMFVKjNp-jpTGpf4fI&b=400
178.250.2.135200 OK 3.6 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fknowledge-cotton-apparel%2F1300x1700%2Fkca80659_cblackjet.jpg&v=3&w=400&s=i9ZLuAkMFVKjNp-jpTGpf4fI&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 338x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 720afde0f5c543ad9c23fef5ead88389
635c79500b379cbc483caa2203a9a09b0a901f54
65c3a7765f1fd1f65963a8350ffeefc6367f7e09a0d4de706288da1111d9436b
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fknowledge-cotton-apparel%2F1300x1700%2Fkca80659_cblackjet.jpg&v=3&w=400&s=i9ZLuAkMFVKjNp-jpTGpf4fI&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31375491
expires: Wed, 31 Jan 2024 04:52:16 GMT
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 3554
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fkari-traa%2F1300x1700%2Fkta622061_cblack.jpg&v=3&w=400&s=iec3v8LAg5V_zNTDsJQYw4Y5&b=400
178.250.2.135200 OK 12 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fkari-traa%2F1300x1700%2Fkta622061_cblack.jpg&v=3&w=400&s=iec3v8LAg5V_zNTDsJQYw4Y5&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 292x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fd10b3e27cc8e44f3a2f74ab2a492772
da3207ba0a47ae10fb42fa7d6429e9724e2a3ad7
27b0f6d8c51c0a9107d4a259944c49381c74645309f404bff6254ae8557bb351
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fkari-traa%2F1300x1700%2Fkta622061_cblack.jpg&v=3&w=400&s=iec3v8LAg5V_zNTDsJQYw4Y5&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30781048
expires: Wed, 24 Jan 2024 07:44:53 GMT
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 11498
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fecco%2F1300x1700%2Fec207083_cblack_v01001.jpg&v=3&w=400&s=245CQ9W0kIX6F-sXz9FpInoa&b=400
178.250.2.135200 OK 10 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fecco%2F1300x1700%2Fec207083_cblack_v01001.jpg&v=3&w=400&s=245CQ9W0kIX6F-sXz9FpInoa&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x336, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a038be7d3e6d4838b4a63bd8daa28a1e
81f01b450467dfc5a96a6077358e42787edcb977
d9e7a945587d1dc06c2ed3c5734385cc6bf6d8e8de37b21da2530a03c2a76128
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fecco%2F1300x1700%2Fec207083_cblack_v01001.jpg&v=3&w=400&s=245CQ9W0kIX6F-sXz9FpInoa&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=29566160
expires: Wed, 10 Jan 2024 06:16:45 GMT
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10502
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fboel-jan%2F1300x1700%2Fbj23265_cred_vno.jpg&v=3&w=400&s=EWFWvJ7fdFb4L2rDeAI35tBf&b=400
178.250.2.135200 OK 17 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fboel-jan%2F1300x1700%2Fbj23265_cred_vno.jpg&v=3&w=400&s=EWFWvJ7fdFb4L2rDeAI35tBf&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 214x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 77ecf097490025451b4bd1b388d9fc2d
d7d607e313bbb328246a4aaa85019060d175a27e
4180814fca25d76be6fe63fc08ae5c422a94c8ec25cf62d58d950a033009c4b5
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fboel-jan%2F1300x1700%2Fbj23265_cred_vno.jpg&v=3&w=400&s=EWFWvJ7fdFb4L2rDeAI35tBf&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30535444
expires: Sun, 21 Jan 2024 11:31:29 GMT
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 17334
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fremain-birger-christensen%2F1300x1700%2Frbcrm1838_cbakedapple.jpg&v=3&w=400&s=RUOTAgUhLM9TFiDsVDN0N9wr&b=400
178.250.2.135200 OK 41 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fremain-birger-christensen%2F1300x1700%2Frbcrm1838_cbakedapple.jpg&v=3&w=400&s=RUOTAgUhLM9TFiDsVDN0N9wr&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 333x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 96fcc3cf164c840c74e1101ae965b23a
52355dae1edd341b26f9dab4456ca95f0942a02c
db86798ccbeedb91110a42d61cd238973cdc60571ee5df5d146d1a9c8ed7a44c
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fremain-birger-christensen%2F1300x1700%2Frbcrm1838_cbakedapple.jpg&v=3&w=400&s=RUOTAgUhLM9TFiDsVDN0N9wr&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=29673657
expires: Thu, 11 Jan 2024 12:08:22 GMT
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 40668
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F6b2cbc591def47e4ac7422e5a028f464_800x1200_no.png&v=3&w=1200&s=N61iHYqAK5W6DTHZxRSAYnmO
178.250.2.135200 OK 84 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F6b2cbc591def47e4ac7422e5a028f464_800x1200_no.png&v=3&w=1200&s=N61iHYqAK5W6DTHZxRSAYnmO
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash babac81dc2e4da2b8343e7d76bbbb357
c89b8eaf661b9220a82f950997eaaa899dd69ea2
5ba6a375ea3c3582d4aa716da8602fb2551bc8b2dcbfc1b8f5913f49f9466e70
GET /img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F6b2cbc591def47e4ac7422e5a028f464_800x1200_no.png&v=3&w=1200&s=N61iHYqAK5W6DTHZxRSAYnmO HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=28368510
expires: Wed, 27 Dec 2023 09:35:55 GMT
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 84090
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F0%2F302596-0.jpg%3Fcb%3Dc03dcfda314a438c601904c062019f5e&v=3&w=800&s=yiolGpeDJC5L9liJFdiItr5-&b=400
178.250.2.135200 OK 5.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F0%2F302596-0.jpg%3Fcb%3Dc03dcfda314a438c601904c062019f5e&v=3&w=800&s=yiolGpeDJC5L9liJFdiItr5-&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 250x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 69b6062e1ad8d792def8485a19220de4
6a4b489b4ae07debd14b41ae0f69cbf868b0ae56
20667470653b35863db46cf369bf5f920c1d92e3134b631d975dedbeaf7f25be
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F0%2F302596-0.jpg%3Fcb%3Dc03dcfda314a438c601904c062019f5e&v=3&w=800&s=yiolGpeDJC5L9liJFdiItr5-&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31378906
expires: Wed, 31 Jan 2024 05:49:11 GMT
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5878
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=244&m=0&partner=12017&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F12018%2F220214%2F72055d4d681b4db89c08acff858f1b81_chanti-logo-s.jpeg&v=3&w=196&s=RAnksqE9QcN-vYvAlz6oDxLB
178.250.2.135200 OK 1.3 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=244&m=0&partner=12017&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F12018%2F220214%2F72055d4d681b4db89c08acff858f1b81_chanti-logo-s.jpeg&v=3&w=196&s=RAnksqE9QcN-vYvAlz6oDxLB
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 196x196, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 01f33a498f65bf4bb751def8c06a1991
dd3dc1f876dbec906a17869724b8d3284beb37cb
9e92587541f93124197e414774716e7099233aef4b4d56f4d888e9bb649b5362
GET /img/img?h=244&m=0&partner=12017&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F12018%2F220214%2F72055d4d681b4db89c08acff858f1b81_chanti-logo-s.jpeg&v=3&w=196&s=RAnksqE9QcN-vYvAlz6oDxLB HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30087334
expires: Tue, 16 Jan 2024 07:02:59 GMT
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 1298
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/googlefont/opensans/opensans-700.css
178.250.0.130200 OK 7.2 kB URL HTTP/2 static.criteo.net/design/googlefont/opensans/opensans-700.css
IP 178.250.0.130:0
Hash 5d9f38f9d611682d8050022fb22d7117
1d540c99ddf6125d471c2d71949b9941410f8cc9
3f21d9c38b0e5a7cdb803842b07c92e304ea93a45b759fd15d10ea0264ad3edc
GET /design/googlefont/opensans/opensans-700.css HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 01:27:25 GMT
content-type: text/css
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
etag: W/"6391f079-9fe"
expires: Sun, 28 Jan 2024 01:27:25 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F3%2F531975-0.jpg%3Fcb%3D751819d782964baaeaec129cb0883903&v=3&w=800&s=qvbTPGK8GPK_n4C-pFeVkGlG&b=400
178.250.2.135200 OK 8.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F3%2F531975-0.jpg%3Fcb%3D751819d782964baaeaec129cb0883903&v=3&w=800&s=qvbTPGK8GPK_n4C-pFeVkGlG&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 391x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 18cd8a1a5460305e97d7ef88656bcf2b
408fafa44b58215ff33f072b399c388a21951adc
a672e6fec124bf00a334e8a6b631c3f1a92b8e3511f3694d0ababe60109bff4e
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F3%2F531975-0.jpg%3Fcb%3D751819d782964baaeaec129cb0883903&v=3&w=800&s=qvbTPGK8GPK_n4C-pFeVkGlG&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30440723
expires: Sat, 20 Jan 2024 09:12:48 GMT
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 8650
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F7%2F8745306-0.jpg%3Fcb%3D16a3435f560acf8f64365ada01c7a763&v=3&w=800&s=qJfLy8pkadE7DlNEsJ0pVBD0&b=400
178.250.2.135200 OK 7.4 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F7%2F8745306-0.jpg%3Fcb%3D16a3435f560acf8f64365ada01c7a763&v=3&w=800&s=qJfLy8pkadE7DlNEsJ0pVBD0&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 216x234, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f81092c6bc9f827bbb7d4a255b0300ee
21017063803692f95720f5b5c20ae59184505abf
51f8e02e34db8b5eabb9b6b7962003d5a13e5caf1a499d4cebc7955fa75c4534
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F7%2F8745306-0.jpg%3Fcb%3D16a3435f560acf8f64365ada01c7a763&v=3&w=800&s=qJfLy8pkadE7DlNEsJ0pVBD0&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30440830
expires: Sat, 20 Jan 2024 09:14:35 GMT
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7406
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=xl1lvnxNsy-yKT2QHB61fxqL7WhdFPMtveyErPmLHDo7q91e_JwmPH6b7bVJo5qbWaUMiVw333CjzwaJ1JOEqUUDaNrqlB7QOWB5eQBVDUQ2yrqMrLV1delwIO6mfwME7yOp0FV_81rrhsXXWh50iI0TJJ57iG-rGkO0654mnENaFl4mmfcOai-alFSBwHDJku77MWx_c4AfX5b6PNisM4Z7VzvfaKHb_uOxxc4OMwMYcPa_jEEgjlQJU9lF2CueMD7IRypznRMFQsTY_EIqSUQ3ZqzpHcZr7LRAHNeEaPNWwy9i_ZOeK0sNHSYqgSBaYspxp-I-2hHNJjT1P6VXqOb2_yrFiHox60L9XoyH5xkbJPZKCKgUfa4LFuh94KIlBCU30S-hGk7LVyhF2bZgnejLAVDFYZVr0wysQVPavq2yE1TAPHEslhvKOotdJyNrbg9rfQ
178.250.0.160200 OK 10 kB URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=xl1lvnxNsy-yKT2QHB61fxqL7WhdFPMtveyErPmLHDo7q91e_JwmPH6b7bVJo5qbWaUMiVw333CjzwaJ1JOEqUUDaNrqlB7QOWB5eQBVDUQ2yrqMrLV1delwIO6mfwME7yOp0FV_81rrhsXXWh50iI0TJJ57iG-rGkO0654mnENaFl4mmfcOai-alFSBwHDJku77MWx_c4AfX5b6PNisM4Z7VzvfaKHb_uOxxc4OMwMYcPa_jEEgjlQJU9lF2CueMD7IRypznRMFQsTY_EIqSUQ3ZqzpHcZr7LRAHNeEaPNWwy9i_ZOeK0sNHSYqgSBaYspxp-I-2hHNJjT1P6VXqOb2_yrFiHox60L9XoyH5xkbJPZKCKgUfa4LFuh94KIlBCU30S-hGk7LVyhF2bZgnejLAVDFYZVr0wysQVPavq2yE1TAPHEslhvKOotdJyNrbg9rfQ
IP 178.250.0.160:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 10737fa065fe00fc0ee01ee5ef93a4fb
6d8ca143756d78bc0258d1e786483124cdb63c31
838c8c202777cef1265c03caae9ee6949ef3d1ac2ef2f5e5257f6d01a62bd19a
GET /delivery/lg.php?cppv=3&cpp=xl1lvnxNsy-yKT2QHB61fxqL7WhdFPMtveyErPmLHDo7q91e_JwmPH6b7bVJo5qbWaUMiVw333CjzwaJ1JOEqUUDaNrqlB7QOWB5eQBVDUQ2yrqMrLV1delwIO6mfwME7yOp0FV_81rrhsXXWh50iI0TJJ57iG-rGkO0654mnENaFl4mmfcOai-alFSBwHDJku77MWx_c4AfX5b6PNisM4Z7VzvfaKHb_uOxxc4OMwMYcPa_jEEgjlQJU9lF2CueMD7IRypznRMFQsTY_EIqSUQ3ZqzpHcZr7LRAHNeEaPNWwy9i_ZOeK0sNHSYqgSBaYspxp-I-2hHNJjT1P6VXqOb2_yrFiHox60L9XoyH5xkbJPZKCKgUfa4LFuh94KIlBCU30S-hGk7LVyhF2bZgnejLAVDFYZVr0wysQVPavq2yE1TAPHEslhvKOotdJyNrbg9rfQ HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:27:25 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3370638
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139200-2.jpg%3Fcb%3D72681fb4bd2e49c58fcf92f1c0bac50c&v=3&w=800&s=__jgE6TvBTKSB2zQc7JdJUNa&b=400
178.250.2.135200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139200-2.jpg%3Fcb%3D72681fb4bd2e49c58fcf92f1c0bac50c&v=3&w=800&s=__jgE6TvBTKSB2zQc7JdJUNa&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x358, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b4a8b65dd45b5caaf05d7af1a012c211
2d76450cb9247fc5eb904e3d6db3c051c26226ae
bdeedcf8ba166914065e069ca9514b3020cfe22d1239cb8ec86495c301108540
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139200-2.jpg%3Fcb%3D72681fb4bd2e49c58fcf92f1c0bac50c&v=3&w=800&s=__jgE6TvBTKSB2zQc7JdJUNa&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30440722
expires: Sat, 20 Jan 2024 09:12:48 GMT
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10926
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2
178.250.0.130200 OK 17 kB URL HTTP/2 static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2
IP 178.250.0.130:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /design/googlefont/opensans/opensans-400-latin.woff2 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://static.criteo.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 01:27:25 GMT
content-type: text/plain; charset=UTF-8
content-length: 16740
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
etag: "6391f077-4164"
expires: Sun, 28 Jan 2024 01:27:25 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/googlefont/opensans/opensans-700-latin.woff2
178.250.0.130200 OK 16 kB URL HTTP/2 static.criteo.net/design/googlefont/opensans/opensans-700-latin.woff2
IP 178.250.0.130:0
File type Web Open Font Format (Version 2), TrueType, length 16372, version 1.0\012- data
Hash e45478d4d6f15dafda1f25d9e0fb5fa1
52cb490cd0ee4442ede034085cda9652b206f91c
d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72
GET /design/googlefont/opensans/opensans-700-latin.woff2 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://static.criteo.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 01:27:25 GMT
content-type: text/plain; charset=UTF-8
content-length: 16372
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
etag: "6391f079-3ff4"
expires: Sun, 28 Jan 2024 01:27:25 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!u2iuyzjsay&lm=0&ts=1675301268986&dn=TC&iso=0&pu=https%3A%2F%2Fminecraftindonesiatutorials.blogspot.com%2F2016%2F11&ct=Free%20APK%20Android%20Apps%20Google%20Play&t=November%202016
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!u2iuyzjsay&lm=0&ts=1675301268986&dn=TC&iso=0&pu=https%3A%2F%2Fminecraftindonesiatutorials.blogspot.com%2F2016%2F11&ct=Free%20APK%20Android%20Apps%20Google%20Play&t=November%202016
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!u2iuyzjsay&lm=0&ts=1675301268986&dn=TC&iso=0&pu=https%3A%2F%2Fminecraftindonesiatutorials.blogspot.com%2F2016%2F11&ct=Free%20APK%20Android%20Apps%20Google%20Play&t=November%202016 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://minecraftindonesiatutorials.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 02 Feb 2023 01:27:25 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=dLn_Nw8Livh25r4Zd7CuZIFpLCDtYy0tapmpoR6JD6pesfzXWpdvyEhRHJT2Xr7XLRZ3m7Y2rriE_Kwt-t0i6AZ1tGd-2Xf4b80UUeJZt8nYljtAhYjSzkE9XWuCAY7m4nPyQPpiWnemIKDxdoR5KjmOgsui1PSvq3UjBr-get7oCtxas00SuZ7kTtHiC4IAtA3XncU9yEnPKtm-KLE7wXd-tmdUC16AJZbua27g4Cz10Tigz4DoZHgxWCsC0SPMDqkqNQ&sds=2&rev=84569&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=dLn_Nw8Livh25r4Zd7CuZIFpLCDtYy0tapmpoR6JD6pesfzXWpdvyEhRHJT2Xr7XLRZ3m7Y2rriE_Kwt-t0i6AZ1tGd-2Xf4b80UUeJZt8nYljtAhYjSzkE9XWuCAY7m4nPyQPpiWnemIKDxdoR5KjmOgsui1PSvq3UjBr-get7oCtxas00SuZ7kTtHiC4IAtA3XncU9yEnPKtm-KLE7wXd-tmdUC16AJZbua27g4Cz10Tigz4DoZHgxWCsC0SPMDqkqNQ&sds=2&rev=84569&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=dLn_Nw8Livh25r4Zd7CuZIFpLCDtYy0tapmpoR6JD6pesfzXWpdvyEhRHJT2Xr7XLRZ3m7Y2rriE_Kwt-t0i6AZ1tGd-2Xf4b80UUeJZt8nYljtAhYjSzkE9XWuCAY7m4nPyQPpiWnemIKDxdoR5KjmOgsui1PSvq3UjBr-get7oCtxas00SuZ7kTtHiC4IAtA3XncU9yEnPKtm-KLE7wXd-tmdUC16AJZbua27g4Cz10Tigz4DoZHgxWCsC0SPMDqkqNQ&sds=2&rev=84569&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:27:24 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=w!u2iuyzjsay&dn=TC&cc=1&r=&pu=https%3A%2F%2Fminecraftindonesiatutorials.blogspot.com%2F2016%2F11
67.202.105.34200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!u2iuyzjsay&dn=TC&cc=1&r=&pu=https%3A%2F%2Fminecraftindonesiatutorials.blogspot.com%2F2016%2F11
IP 67.202.105.34:0
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!u2iuyzjsay&dn=TC&cc=1&r=&pu=https%3A%2F%2Fminecraftindonesiatutorials.blogspot.com%2F2016%2F11 HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://minecraftindonesiatutorials.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Fri, 03 Feb 2023 01:27:25 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Thu, 02 Feb 2023 01:27:25 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!u2iuyzjsay&lm=0&ts=1675301268986&dn=TC&iso=0&pu=https%3A%2F%2Fminecraftindonesiatutorials.blogspot.com%2F2016%2F11&ct=Free%20APK%20Android%20Apps%20Google%20Play&t=November%202016
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!u2iuyzjsay&lm=0&ts=1675301268986&dn=TC&iso=0&pu=https%3A%2F%2Fminecraftindonesiatutorials.blogspot.com%2F2016%2F11&ct=Free%20APK%20Android%20Apps%20Google%20Play&t=November%202016
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!u2iuyzjsay&lm=0&ts=1675301268986&dn=TC&iso=0&pu=https%3A%2F%2Fminecraftindonesiatutorials.blogspot.com%2F2016%2F11&ct=Free%20APK%20Android%20Apps%20Google%20Play&t=November%202016 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://minecraftindonesiatutorials.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 02 Feb 2023 01:27:25 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!u2iuyzjsay&lm=0&ts=1675301268986&dn=TC&iso=0&pu=https%3A%2F%2Fminecraftindonesiatutorials.blogspot.com%2F2016%2F11&ct=Free%20APK%20Android%20Apps%20Google%20Play
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!u2iuyzjsay&lm=0&ts=1675301268986&dn=TC&iso=0&pu=https%3A%2F%2Fminecraftindonesiatutorials.blogspot.com%2F2016%2F11&ct=Free%20APK%20Android%20Apps%20Google%20Play
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!u2iuyzjsay&lm=0&ts=1675301268986&dn=TC&iso=0&pu=https%3A%2F%2Fminecraftindonesiatutorials.blogspot.com%2F2016%2F11&ct=Free%20APK%20Android%20Apps%20Google%20Play HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://minecraftindonesiatutorials.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 02 Feb 2023 01:27:25 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/close_button.svg
178.250.0.130200 OK 308 B URL HTTP/2 static.criteo.net/flash/icon/close_button.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 1bfe2e290ec4440da74a2e2c249eae2b
0b888a3f9e27d1554f2e21d51e7a1c223d00dbd4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
GET /flash/icon/close_button.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 01:27:25 GMT
content-type: image/svg+xml
content-length: 308
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
etag: "5e46a5e4-134"
expires: Sun, 28 Jan 2024 01:27:25 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/back_button2.svg
178.250.0.130200 OK 293 B URL HTTP/2 static.criteo.net/flash/icon/back_button2.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash d9f776bdc698e1bc9c6a1977218019cd
5763cfb5ac79adf0fa7f03a82bad04eea2dca243
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
GET /flash/icon/back_button2.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 01:27:25 GMT
content-type: image/svg+xml
content-length: 293
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
etag: "626a59dc-125"
expires: Sun, 28 Jan 2024 01:27:25 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=Vn0o8A8Livh25r4ZhPfs2VVklcX7tZcHk0l4ZEG7lxpr7BB4m4CGxncuKp4kwoXRxKNXcuJ55PbzcOlQ_Yo4_mNYe6AWwKvY3GAMUstLkkSYJq2DDUxmfqVc2CJYzIg0aoDxbbZcN1xaNrmi9MGQQ33l89t_z2T5OrqZpRTAhWea499QGWMAn3gGGm9GhHy6IhyRJ8sbDUcO-ymPMOoTj8QLZ7fbc_9vMzr7wuWGTF_YZ4bfOAGXnXScdl_cT3zq-vigpw2ehdstqVoP&sds=2&rev=84569&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=Vn0o8A8Livh25r4ZhPfs2VVklcX7tZcHk0l4ZEG7lxpr7BB4m4CGxncuKp4kwoXRxKNXcuJ55PbzcOlQ_Yo4_mNYe6AWwKvY3GAMUstLkkSYJq2DDUxmfqVc2CJYzIg0aoDxbbZcN1xaNrmi9MGQQ33l89t_z2T5OrqZpRTAhWea499QGWMAn3gGGm9GhHy6IhyRJ8sbDUcO-ymPMOoTj8QLZ7fbc_9vMzr7wuWGTF_YZ4bfOAGXnXScdl_cT3zq-vigpw2ehdstqVoP&sds=2&rev=84569&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=Vn0o8A8Livh25r4ZhPfs2VVklcX7tZcHk0l4ZEG7lxpr7BB4m4CGxncuKp4kwoXRxKNXcuJ55PbzcOlQ_Yo4_mNYe6AWwKvY3GAMUstLkkSYJq2DDUxmfqVc2CJYzIg0aoDxbbZcN1xaNrmi9MGQQ33l89t_z2T5OrqZpRTAhWea499QGWMAn3gGGm9GhHy6IhyRJ8sbDUcO-ymPMOoTj8QLZ7fbc_9vMzr7wuWGTF_YZ4bfOAGXnXScdl_cT3zq-vigpw2ehdstqVoP&sds=2&rev=84569&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:27:25 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!u2iuyzjsay&lm=0&ts=1675301268986&dn=TC&iso=0&pu=https%3A%2F%2Fminecraftindonesiatutorials.blogspot.com%2F2016%2F11&ct=Free%20APK%20Android%20Apps%20Google%20Play
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!u2iuyzjsay&lm=0&ts=1675301268986&dn=TC&iso=0&pu=https%3A%2F%2Fminecraftindonesiatutorials.blogspot.com%2F2016%2F11&ct=Free%20APK%20Android%20Apps%20Google%20Play
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!u2iuyzjsay&lm=0&ts=1675301268986&dn=TC&iso=0&pu=https%3A%2F%2Fminecraftindonesiatutorials.blogspot.com%2F2016%2F11&ct=Free%20APK%20Android%20Apps%20Google%20Play HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://minecraftindonesiatutorials.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 02 Feb 2023 01:27:25 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!u2iuyzjsay&lm=0&ts=1675301268986&dn=TC&iso=0&pu=https%3A%2F%2Fminecraftindonesiatutorials.blogspot.com%2F2016%2F11
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!u2iuyzjsay&lm=0&ts=1675301268986&dn=TC&iso=0&pu=https%3A%2F%2Fminecraftindonesiatutorials.blogspot.com%2F2016%2F11
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!u2iuyzjsay&lm=0&ts=1675301268986&dn=TC&iso=0&pu=https%3A%2F%2Fminecraftindonesiatutorials.blogspot.com%2F2016%2F11 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://minecraftindonesiatutorials.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 02 Feb 2023 01:27:25 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/adchoices_en.svg
178.250.0.130200 OK 1.1 kB URL HTTP/2 static.criteo.net/flash/icon/adchoices_en.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- assembler source, ASCII text, with very long lines (1423)
Hash 4163ae8d6b6314137488958fe8842d27
d1bebefbf4ff7ab422ea8cde7bf13b6e14982474
5fb35012da2f834a633c50ad25e5c0819d80dd8a81e249ff7bf48cc10a76add4
GET /flash/icon/adchoices_en.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 01:27:25 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
etag: W/"5e42b9ee-759"
expires: Sun, 28 Jan 2024 01:27:25 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5YP1bfg0Xj-5IZrzPmD-SLcMaXf0mS7QB-MihD-CDQ0Qf9_Y1wcAfPZurIt7RalRWWPintP23vWtMEXYPOJrML4hL&sig=Cg0ArKJSzN-V76HFBQukEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=729,1000,1000,1000,1000&tos=729,271,0,0,0&v=20230130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1675301268568&rpt=1243&met=ie&wmsd=0&pbe=0&vae=0&spb=0
142.250.74.162200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5YP1bfg0Xj-5IZrzPmD-SLcMaXf0mS7QB-MihD-CDQ0Qf9_Y1wcAfPZurIt7RalRWWPintP23vWtMEXYPOJrML4hL&sig=Cg0ArKJSzN-V76HFBQukEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=729,1000,1000,1000,1000&tos=729,271,0,0,0&v=20230130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1675301268568&rpt=1243&met=ie&wmsd=0&pbe=0&vae=0&spb=0
IP 142.250.74.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjsu5YP1bfg0Xj-5IZrzPmD-SLcMaXf0mS7QB-MihD-CDQ0Qf9_Y1wcAfPZurIt7RalRWWPintP23vWtMEXYPOJrML4hL&sig=Cg0ArKJSzN-V76HFBQukEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=729,1000,1000,1000,1000&tos=729,271,0,0,0&v=20230130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1675301268568&rpt=1243&met=ie&wmsd=0&pbe=0&vae=0&spb=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://googleads.g.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Thu, 02 Feb 2023 01:27:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthlrf_PcQsumPNJJbfG0LeP5WBIsYBBJXk7Z_j0Z1lO7DmUMfiMpGFvTgca2VY85dG4xCFd0JPknX3A0N5pASLZkQ&sig=Cg0ArKJSzE2aXhI-df0SEAE&id=lidar2&mcvt=1005&p=0,0,600,160&mtos=0,1005,1005,1005,1005&tos=0,1005,0,0,0&v=20230130&bin=7&avms=nio&bs=0,0&mc=0.97&if=1&vu=1&app=0&itpl=20&adk=1482238519&rs=2&la=0&cr=0&vs=4&r=v&rst=1675301268087&rpt=1737&met=ie&wmsd=0&pbe=0&vae=0&spb=0
142.250.74.162200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthlrf_PcQsumPNJJbfG0LeP5WBIsYBBJXk7Z_j0Z1lO7DmUMfiMpGFvTgca2VY85dG4xCFd0JPknX3A0N5pASLZkQ&sig=Cg0ArKJSzE2aXhI-df0SEAE&id=lidar2&mcvt=1005&p=0,0,600,160&mtos=0,1005,1005,1005,1005&tos=0,1005,0,0,0&v=20230130&bin=7&avms=nio&bs=0,0&mc=0.97&if=1&vu=1&app=0&itpl=20&adk=1482238519&rs=2&la=0&cr=0&vs=4&r=v&rst=1675301268087&rpt=1737&met=ie&wmsd=0&pbe=0&vae=0&spb=0
IP 142.250.74.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjsthlrf_PcQsumPNJJbfG0LeP5WBIsYBBJXk7Z_j0Z1lO7DmUMfiMpGFvTgca2VY85dG4xCFd0JPknX3A0N5pASLZkQ&sig=Cg0ArKJSzE2aXhI-df0SEAE&id=lidar2&mcvt=1005&p=0,0,600,160&mtos=0,1005,1005,1005,1005&tos=0,1005,0,0,0&v=20230130&bin=7&avms=nio&bs=0,0&mc=0.97&if=1&vu=1&app=0&itpl=20&adk=1482238519&rs=2&la=0&cr=0&vs=4&r=v&rst=1675301268087&rpt=1737&met=ie&wmsd=0&pbe=0&vae=0&spb=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://googleads.g.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Thu, 02 Feb 2023 01:27:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=Vn0o8A8Livh25r4ZhPfs2VVklcX7tZcHk0l4ZEG7lxpr7BB4m4CGxncuKp4kwoXRxKNXcuJ55PbzcOlQ_Yo4_mNYe6AWwKvY3GAMUstLkkSYJq2DDUxmfqVc2CJYzIg0aoDxbbZcN1xaNrmi9MGQQ33l89t_z2T5OrqZpRTAhWea499QGWMAn3gGGm9GhHy6IhyRJ8sbDUcO-ymPMOoTj8QLZ7fbc_9vMzr7wuWGTF_YZ4bfOAGXnXScdl_cT3zq-vigpw2ehdstqVoP&sds=2&rev=84569&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=Vn0o8A8Livh25r4ZhPfs2VVklcX7tZcHk0l4ZEG7lxpr7BB4m4CGxncuKp4kwoXRxKNXcuJ55PbzcOlQ_Yo4_mNYe6AWwKvY3GAMUstLkkSYJq2DDUxmfqVc2CJYzIg0aoDxbbZcN1xaNrmi9MGQQ33l89t_z2T5OrqZpRTAhWea499QGWMAn3gGGm9GhHy6IhyRJ8sbDUcO-ymPMOoTj8QLZ7fbc_9vMzr7wuWGTF_YZ4bfOAGXnXScdl_cT3zq-vigpw2ehdstqVoP&sds=2&rev=84569&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=Vn0o8A8Livh25r4ZhPfs2VVklcX7tZcHk0l4ZEG7lxpr7BB4m4CGxncuKp4kwoXRxKNXcuJ55PbzcOlQ_Yo4_mNYe6AWwKvY3GAMUstLkkSYJq2DDUxmfqVc2CJYzIg0aoDxbbZcN1xaNrmi9MGQQ33l89t_z2T5OrqZpRTAhWea499QGWMAn3gGGm9GhHy6IhyRJ8sbDUcO-ymPMOoTj8QLZ7fbc_9vMzr7wuWGTF_YZ4bfOAGXnXScdl_cT3zq-vigpw2ehdstqVoP&sds=2&rev=84569&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:27:26 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y9sRfAACddUDogTtAA59zCnRrQkvFaBOXU9WFg&u=%7CmmAVo7MPKn4Vkbd64wiBbjdZzEluqdqgy0yiRifvJIk%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiB7qASTXc9cdFetchOmr2L3wN8kwkVaRw7t_fl08rYD-uS66KVeQV2d1770jJ7s3d_1NpOw7B6r4d-1TTJ0nBIU1Ewd87XMnp_5M30s50Wyg8sWwYRJba0gInqt5POArJqaD78oB06SKIZk0skTrZyk8-uHpFVRcN1eZlQl4FxKtjpKasDOoiVJ3ZuKe5DRZQescJltCXwDnoUMTxVg78ueaZ3tQBb2t4TneuC5ZOUj8VO-m38XhB6UB7rx1KaEK4kLP2PQ88WsQtnaQTWKHmwwE8yIO8vd3WfxVmD0FGEv7fcJUYVL7Rf1n8M458WAWgHFfuKFsDz4KnzHV0t6Eq-p3_H6FdFZMQ1vJPUmjSH7xj4WxS4qIzftlitnpz13HcA8DjZxzW2o1_DcbAncohMOaOgEIPaNi29BJYyyY2hJqGPSQJn8CsWb3OhDq88PjxT-_jSkAs8F062cV30XlAGY_MrC-1IQ5eJhVjxwFWzLObfcV-MfHdX9fOkWBrWsKlENj6UddgjzBQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3NYefBHbY9XrCe2JiM0PzPu5wAjJntKxXPXqoYaIAcCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi02MzA5MTI2MDQxMzA1MzQ1yAEJqQKO_GdEmWuyPqgDAaoEqAJP0NxdD5Rzn0nTvjsUnkfKQhAJ4FnebDX2NMbgbeEVs92KqtHVCmtmhDamwP7uhCa3QWolRMatZR-iYlUvnfKPRTKkEPriwEYH-MyQ0ES1e6dmFPBvwdF8buFb2XQ5k894Fx8-fTfGA6FZ-ndDuyct9SC8wk4sCrEhPyz4b4tgANKt-Xmy9hfc726FboQvtw9RHTcELHfsh90HDrHdqEWhrKG_vz3JqrvGaYtjbb5qZvZRN37Op2MFJd47TAJeQAoP_FdKrnPuPI69XDr8S3GoI_5ejPC4m_bNmCZAeob7IHieqzmNRsALTdyKsj5OOAPe0F31XqZlYIxrHggxerT1wYwP0QpUt-npWnaQGvYDNxjpA4HJqyUFBSF83p__GK9jPVGpdXHCQ4AG0eLUz9Cc5NrTAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2W-3Bue_Rq2KvMdFVsCmbdh4NRIg%26client%3Dca-pub-6309126041305345%26adurl%3D
178.250.0.138200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y9sRfAACddUDogTtAA59zCnRrQkvFaBOXU9WFg&u=%7CmmAVo7MPKn4Vkbd64wiBbjdZzEluqdqgy0yiRifvJIk%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiB7qASTXc9cdFetchOmr2L3wN8kwkVaRw7t_fl08rYD-uS66KVeQV2d1770jJ7s3d_1NpOw7B6r4d-1TTJ0nBIU1Ewd87XMnp_5M30s50Wyg8sWwYRJba0gInqt5POArJqaD78oB06SKIZk0skTrZyk8-uHpFVRcN1eZlQl4FxKtjpKasDOoiVJ3ZuKe5DRZQescJltCXwDnoUMTxVg78ueaZ3tQBb2t4TneuC5ZOUj8VO-m38XhB6UB7rx1KaEK4kLP2PQ88WsQtnaQTWKHmwwE8yIO8vd3WfxVmD0FGEv7fcJUYVL7Rf1n8M458WAWgHFfuKFsDz4KnzHV0t6Eq-p3_H6FdFZMQ1vJPUmjSH7xj4WxS4qIzftlitnpz13HcA8DjZxzW2o1_DcbAncohMOaOgEIPaNi29BJYyyY2hJqGPSQJn8CsWb3OhDq88PjxT-_jSkAs8F062cV30XlAGY_MrC-1IQ5eJhVjxwFWzLObfcV-MfHdX9fOkWBrWsKlENj6UddgjzBQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3NYefBHbY9XrCe2JiM0PzPu5wAjJntKxXPXqoYaIAcCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi02MzA5MTI2MDQxMzA1MzQ1yAEJqQKO_GdEmWuyPqgDAaoEqAJP0NxdD5Rzn0nTvjsUnkfKQhAJ4FnebDX2NMbgbeEVs92KqtHVCmtmhDamwP7uhCa3QWolRMatZR-iYlUvnfKPRTKkEPriwEYH-MyQ0ES1e6dmFPBvwdF8buFb2XQ5k894Fx8-fTfGA6FZ-ndDuyct9SC8wk4sCrEhPyz4b4tgANKt-Xmy9hfc726FboQvtw9RHTcELHfsh90HDrHdqEWhrKG_vz3JqrvGaYtjbb5qZvZRN37Op2MFJd47TAJeQAoP_FdKrnPuPI69XDr8S3GoI_5ejPC4m_bNmCZAeob7IHieqzmNRsALTdyKsj5OOAPe0F31XqZlYIxrHggxerT1wYwP0QpUt-npWnaQGvYDNxjpA4HJqyUFBSF83p__GK9jPVGpdXHCQ4AG0eLUz9Cc5NrTAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2W-3Bue_Rq2KvMdFVsCmbdh4NRIg%26client%3Dca-pub-6309126041305345%26adurl%3D
IP 178.250.0.138:0
GET /delivery/r/afr.php?z=Y9sRfAACddUDogTtAA59zCnRrQkvFaBOXU9WFg&u=%7CmmAVo7MPKn4Vkbd64wiBbjdZzEluqdqgy0yiRifvJIk%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiB7qASTXc9cdFetchOmr2L3wN8kwkVaRw7t_fl08rYD-uS66KVeQV2d1770jJ7s3d_1NpOw7B6r4d-1TTJ0nBIU1Ewd87XMnp_5M30s50Wyg8sWwYRJba0gInqt5POArJqaD78oB06SKIZk0skTrZyk8-uHpFVRcN1eZlQl4FxKtjpKasDOoiVJ3ZuKe5DRZQescJltCXwDnoUMTxVg78ueaZ3tQBb2t4TneuC5ZOUj8VO-m38XhB6UB7rx1KaEK4kLP2PQ88WsQtnaQTWKHmwwE8yIO8vd3WfxVmD0FGEv7fcJUYVL7Rf1n8M458WAWgHFfuKFsDz4KnzHV0t6Eq-p3_H6FdFZMQ1vJPUmjSH7xj4WxS4qIzftlitnpz13HcA8DjZxzW2o1_DcbAncohMOaOgEIPaNi29BJYyyY2hJqGPSQJn8CsWb3OhDq88PjxT-_jSkAs8F062cV30XlAGY_MrC-1IQ5eJhVjxwFWzLObfcV-MfHdX9fOkWBrWsKlENj6UddgjzBQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3NYefBHbY9XrCe2JiM0PzPu5wAjJntKxXPXqoYaIAcCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi02MzA5MTI2MDQxMzA1MzQ1yAEJqQKO_GdEmWuyPqgDAaoEqAJP0NxdD5Rzn0nTvjsUnkfKQhAJ4FnebDX2NMbgbeEVs92KqtHVCmtmhDamwP7uhCa3QWolRMatZR-iYlUvnfKPRTKkEPriwEYH-MyQ0ES1e6dmFPBvwdF8buFb2XQ5k894Fx8-fTfGA6FZ-ndDuyct9SC8wk4sCrEhPyz4b4tgANKt-Xmy9hfc726FboQvtw9RHTcELHfsh90HDrHdqEWhrKG_vz3JqrvGaYtjbb5qZvZRN37Op2MFJd47TAJeQAoP_FdKrnPuPI69XDr8S3GoI_5ejPC4m_bNmCZAeob7IHieqzmNRsALTdyKsj5OOAPe0F31XqZlYIxrHggxerT1wYwP0QpUt-npWnaQGvYDNxjpA4HJqyUFBSF83p__GK9jPVGpdXHCQ4AG0eLUz9Cc5NrTAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2W-3Bue_Rq2KvMdFVsCmbdh4NRIg%26client%3Dca-pub-6309126041305345%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:27:23 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=93K1HA8Livh25r4ZV4zfPYCO9h1XTSSFZdGWjCyuq3QcKUZC5gHhd4dmKvlCjxg5Mv473-ZLqKh8KU5hiF_1uiRfdbZNks8C0lO-On1yspSZMI6zMzNHm_nsAK0JhWkiZ-rpQAkVquSe3WnodXJoSC3m1g7AjSjlP5abTMh2x-ToEOTF5ERmM7MP5ah7ERPKmWQ9PPNh0ZJDNuUUtN9_7RZ3yZxH9uJZEzs-dxemuRNIuN8KmxKVFIF2iYNtkApKQohuErXbkS_-mtCa"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 81563258
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy.svg
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy.svg
IP 178.250.0.130:0
GET /flash/icon/privacy.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 01:27:24 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
etag: W/"5e4d1491-646"
expires: Sun, 28 Jan 2024 01:27:24 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/criteo_logo_2021.svg
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/criteo_logo_2021.svg
IP 178.250.0.130:0
GET /flash/icon/criteo_logo_2021.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 01:27:24 GMT
content-type: image/svg+xml
last-modified: Thu, 27 May 2021 13:21:59 GMT
etag: W/"60af9cf7-891"
expires: Sun, 28 Jan 2024 01:27:24 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/googlefont/opensans/opensans-400.css
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/design/googlefont/opensans/opensans-400.css
IP 178.250.0.130:0
GET /design/googlefont/opensans/opensans-400.css HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 01:27:25 GMT
content-type: text/css
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
etag: W/"6391f077-9fe"
expires: Sun, 28 Jan 2024 01:27:25 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230131/r20110914/client/qs_click_protection_fy2021.js
216.58.207.193200 OK 0 B URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230131/r20110914/client/qs_click_protection_fy2021.js
IP 216.58.207.193:0
GET /pagead/js/r20230131/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7647
x-xss-protection: 0
date: Wed, 01 Feb 2023 22:18:58 GMT
expires: Wed, 15 Feb 2023 22:18:58 GMT
cache-control: public, max-age=1209600
age: 11306
etag: 2161395064574532456
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.tynt.com/tc.js
104.18.36.173200 OK 0 B IP 104.18.36.173:0
GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://minecraftindonesiatutorials.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:27:25 GMT
content-type: application/javascript
last-modified: Tue, 10 Jan 2023 20:39:00 GMT
vary: Accept-Encoding
etag: W/"63bdcce4-4571"
content-encoding: gzip
cf-cache-status: HIT
age: 159675
expires: Sun, 05 Feb 2023 01:27:25 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 792f24ed49deb517-OSL
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy_small.svg
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy_small.svg
IP 178.250.0.130:0
GET /flash/icon/privacy_small.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 01:27:25 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
etag: W/"5e42ba84-6aa"
expires: Sun, 28 Jan 2024 01:27:25 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
waust.at/d.js
172.67.71.57200 OK 0 B IP 172.67.71.57:0
GET /d.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://minecraftindonesiatutorials.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:27:23 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Jan 2023 17:19:40 GMT
etag: W/"63c0412c-3972"
expires: Fri, 03 Feb 2023 01:22:02 GMT
cache-control: max-age=86400
access-control-allow-origin: *
cf-cache-status: HIT
age: 321
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KxJjN%2BDeDx9IDGo6mHon1AXpVorKm7%2B%2BIgKkTKvNgvGASvymNy4TJh00dcYHmojHwZ7mOyvyPwL4BPZGaqnzTd9sPu9X52tsVN91tbOf37e4w6zFHBYPHlp8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f24e4caca0b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=asarTDBk8LEGuWAiOQPSK_37FvKvPxnbjCxutliDeV2KqktnOuTDglGPamn4_wRXB-YBGdQ0PD20gGYFreA9V5bzXSlEk9mcV0hPwHVbFPl8DvCaWLZ40FTT7DiqdvXNheaW0MiNz3CeHet-TEuPyWmxmDJZ9i7PgNdH5EExp454Y0eVL4SfeeXxBrZzbzUYpwsmZSt8ranfkmniEiwgbeDemmra333Yifxsp2av6N_q1zA-OGcIi6-C9N4zAHiBnS6lN3Xy9_PxVidLffJVeX1VyRGT2hWaNJQEvUH0iEblWJDevHan5di6oqjzg5Yg4aFuU0ti6xh_VkJyX-qHUYFBgCcqF7l1NVbnRQ92oHj07ue4mQ_b4075L8vEUu1dWqAbZnNdlYoQF3ibHv_JUF892QO08PzEF46ItV9KRVwFWp4-rXl4PRoED1khMm261fPxGg
178.250.0.160200 OK 0 B URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=asarTDBk8LEGuWAiOQPSK_37FvKvPxnbjCxutliDeV2KqktnOuTDglGPamn4_wRXB-YBGdQ0PD20gGYFreA9V5bzXSlEk9mcV0hPwHVbFPl8DvCaWLZ40FTT7DiqdvXNheaW0MiNz3CeHet-TEuPyWmxmDJZ9i7PgNdH5EExp454Y0eVL4SfeeXxBrZzbzUYpwsmZSt8ranfkmniEiwgbeDemmra333Yifxsp2av6N_q1zA-OGcIi6-C9N4zAHiBnS6lN3Xy9_PxVidLffJVeX1VyRGT2hWaNJQEvUH0iEblWJDevHan5di6oqjzg5Yg4aFuU0ti6xh_VkJyX-qHUYFBgCcqF7l1NVbnRQ92oHj07ue4mQ_b4075L8vEUu1dWqAbZnNdlYoQF3ibHv_JUF892QO08PzEF46ItV9KRVwFWp4-rXl4PRoED1khMm261fPxGg
IP 178.250.0.160:0
GET /delivery/lg.php?cppv=3&cpp=asarTDBk8LEGuWAiOQPSK_37FvKvPxnbjCxutliDeV2KqktnOuTDglGPamn4_wRXB-YBGdQ0PD20gGYFreA9V5bzXSlEk9mcV0hPwHVbFPl8DvCaWLZ40FTT7DiqdvXNheaW0MiNz3CeHet-TEuPyWmxmDJZ9i7PgNdH5EExp454Y0eVL4SfeeXxBrZzbzUYpwsmZSt8ranfkmniEiwgbeDemmra333Yifxsp2av6N_q1zA-OGcIi6-C9N4zAHiBnS6lN3Xy9_PxVidLffJVeX1VyRGT2hWaNJQEvUH0iEblWJDevHan5di6oqjzg5Yg4aFuU0ti6xh_VkJyX-qHUYFBgCcqF7l1NVbnRQ92oHj07ue4mQ_b4075L8vEUu1dWqAbZnNdlYoQF3ibHv_JUF892QO08PzEF46ItV9KRVwFWp4-rXl4PRoED1khMm261fPxGg HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:27:25 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3398298
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
whos.amung.us/pingjs/?k=u2iuyzjsay&t=November%202016&c=d&x=https%3A%2F%2Fminecraftindonesiatutorials.blogspot.com%2F2016%2F11&y=&a=0&v=27&r=6985
172.67.8.141200 OK 0 B URL HTTP/2 whos.amung.us/pingjs/?k=u2iuyzjsay&t=November%202016&c=d&x=https%3A%2F%2Fminecraftindonesiatutorials.blogspot.com%2F2016%2F11&y=&a=0&v=27&r=6985
IP 172.67.8.141:0
GET /pingjs/?k=u2iuyzjsay&t=November%202016&c=d&x=https%3A%2F%2Fminecraftindonesiatutorials.blogspot.com%2F2016%2F11&y=&a=0&v=27&r=6985 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://minecraftindonesiatutorials.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:27:24 GMT
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 792f24ea5a8e0b49-OSL
X-Firefox-Spdy: h2