best-proxylist.blogspot.de/2011_12_23_archive.html
142.250.74.161302 Moved Temporarily 201 B URL HTTP/1.1 best-proxylist.blogspot.de/2011_12_23_archive.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 9f89d952572839ec4548b48a4a9bc553
bec1c64fc1eafc92e61621487a8824a14994de6c
0db122708a7be65df98110789272953e42a021d9b6ab7193028d23dec9ec321e
Analyzer Verdict Alert fortinet Malware
GET /2011_12_23_archive.html HTTP/1.1
Host: best-proxylist.blogspot.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://best-proxylist.blogspot.com/2011_12_23_archive.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sat, 26 Nov 2022 12:35:56 GMT
Expires: Sat, 26 Nov 2022 12:35:56 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 201
Server: GSE
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16290
Expires: Sat, 26 Nov 2022 17:07:26 GMT
Date: Sat, 26 Nov 2022 12:35:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2380
Expires: Sat, 26 Nov 2022 13:15:37 GMT
Date: Sat, 26 Nov 2022 12:35:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4987
Cache-Control: max-age=170298
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:35:57 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:54:15 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BQB40y3ip/Tt1agGlSbVYq3fRFSCsG0VrUBksMXpObyiwplu2+VozOFRhLqOKEV0V/vxK7KQJGw=
x-amz-request-id: VK0DQZ5XM3DP6MK0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 11:44:13 GMT
age: 3104
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 12:17:32 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1105
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 12:35:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 12:11:12 GMT
cache-control: public,max-age=3600
age: 1485
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5337
Cache-Control: max-age=165591
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:35:57 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:35:48 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.163.62.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.62.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cWPBsbY4+SToSbfG7R9i1A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gkw1AhlHSUftUMwz2E3XpAbvptY=
best-proxylist.blogspot.com/2011_12_23_archive.html
142.250.74.161200 OK 37 kB URL HTTP/1.1 best-proxylist.blogspot.com/2011_12_23_archive.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4354)
Hash 5e3ebcd9a5185b33e68c5cf5b32407a3
b2bd0ef727bc4961fa4184adfb15c60509002034
0b2e0d6e779c71348b95944e46c4ef8330b5aca8b78a50c19049a66b59ee3236
Analyzer Verdict Alert fortinet Malware
GET /2011_12_23_archive.html HTTP/1.1
Host: best-proxylist.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Sat, 26 Nov 2022 12:35:57 GMT
Date: Sat, 26 Nov 2022 12:35:57 GMT
Cache-Control: private, max-age=0
Last-Modified: Fri, 18 Nov 2022 09:47:29 GMT
ETag: W/"b408ae4b4fcb34b3cc8983459d668d57922a6034f5e4a594cd9696f4fb9f0ea4"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 37294
Server: GSE
best-proxylist.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 best-proxylist.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: best-proxylist.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/2011_12_23_archive.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 04:20:13 GMT
Expires: Wed, 30 Nov 2022 04:20:13 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 22 Nov 2022 21:54:19 GMT
Content-Type: text/javascript
Age: 288945
pagead2.googlesyndication.com/pagead/show_ads.js
216.58.211.2200 OK 36 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/show_ads.js
IP 216.58.211.2:0
File type ASCII text, with very long lines (3577)
Hash e93aa8aca50c136489c62a0599c0ffdb
0f56e6bfc025a4945d158862febed743e05ad0a9
c10724e18408bdfeada6d53e5a77c4cc83badc67fff4cfa225fcc589e15f3134
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Sat, 26 Nov 2022 12:35:58 GMT
Expires: Sat, 26 Nov 2022 12:35:58 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 13930673845493489509
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 36278
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6983392700438f228fa9b5bba4594fc5
d27c65105b44a2e1ff7663ba0021a475b5b30cd2
557627dbab910f61773f0f818efc6b18bb2b5816175199b997684a799c1c97e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6983392700438f228fa9b5bba4594fc5
d27c65105b44a2e1ff7663ba0021a475b5b30cd2
557627dbab910f61773f0f818efc6b18bb2b5816175199b997684a799c1c97e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f575aee4f3f9ed92647e6efd5d92b195
ed485eaa177873f0cb7f42817c6d0a4435cf3a76
ef7c5f6de7d3e3c93a6863c1e6525d172fe699807f79ea3183d69dece05f0009
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6983392700438f228fa9b5bba4594fc5
d27c65105b44a2e1ff7663ba0021a475b5b30cd2
557627dbab910f61773f0f818efc6b18bb2b5816175199b997684a799c1c97e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
resources.blogblog.com/img/icon18_email.gif
142.250.74.105200 OK 164 B URL HTTP/2 resources.blogblog.com/img/icon18_email.gif
IP 142.250.74.105:0
File type GIF image data, version 89a, 18 x 13\012- data
Hash 36b9f993db1b953f3b9b08040aaf9af4
18248661b307586dc291fd2dff4bb59cf7579475
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
GET /img/icon18_email.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 15:02:17 GMT
expires: Tue, 29 Nov 2022 15:02:17 GMT
cache-control: public, max-age=604800
last-modified: Mon, 21 Nov 2022 18:53:15 GMT
content-type: image/gif
age: 336821
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
142.250.74.105200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 142.250.74.105:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 20:32:38 GMT
expires: Wed, 22 Nov 2023 20:32:38 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 12:53:21 GMT
content-type: text/css
age: 317000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
142.250.74.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Sat, 26 Nov 2022 12:35:58 GMT
expires: Sat, 26 Nov 2022 12:35:58 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2342155703-widgets.js
142.250.74.105200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 16:02:03 GMT
expires: Tue, 21 Nov 2023 16:02:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 00:52:59 GMT
content-type: text/javascript
age: 419635
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6983392700438f228fa9b5bba4594fc5
d27c65105b44a2e1ff7663ba0021a475b5b30cd2
557627dbab910f61773f0f818efc6b18bb2b5816175199b997684a799c1c97e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6983392700438f228fa9b5bba4594fc5
d27c65105b44a2e1ff7663ba0021a475b5b30cd2
557627dbab910f61773f0f818efc6b18bb2b5816175199b997684a799c1c97e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
216.58.211.2200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 216.58.211.2:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Fri, 25 Nov 2022 22:47:20 GMT
Expires: Fri, 09 Dec 2022 22:47:20 GMT
Cache-Control: public, max-age=1209600
Age: 49718
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
142.250.74.174200 OK 58 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP 142.250.74.174:0
File type ASCII text, with very long lines (580)
Hash 813b15c3004464f6bd39fd0773b04757
bd2218fe1e647f61132aad70d29cd91fd0416f26
446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 09:56:18 GMT
expires: Thu, 23 Nov 2023 09:56:18 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
age: 268780
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/dyn-css/authorization.css?targetBlogID=8405251274239367815&zx=a286f577-5d18-48e5-830e-7d9355fd4f61
142.250.74.105200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=8405251274239367815&zx=a286f577-5d18-48e5-830e-7d9355fd4f61
IP 142.250.74.105:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=8405251274239367815&zx=a286f577-5d18-48e5-830e-7d9355fd4f61 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 26 Nov 2022 12:35:58 GMT
last-modified: Sat, 26 Nov 2022 12:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=pub-8116085563943069&plah=best-proxylist.blogspot.com
216.58.211.2200 OK 120 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=pub-8116085563943069&plah=best-proxylist.blogspot.com
IP 216.58.211.2:0
File type ASCII text, with very long lines (6090)
Size 120 kB (119607 bytes)
Hash 70f6f5368da96c0060db8ead29f0720b
d0d7c6cd45dad7a82b956bd505c70c5445c8f2e9
38928ec17c7a5d5d5c273a881a139f552e9927688455e08e68c1613bd7b9ba73
GET /pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=pub-8116085563943069&plah=best-proxylist.blogspot.com HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 26 Nov 2022 12:35:58 GMT
expires: Sat, 26 Nov 2022 12:35:58 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 4328671440324293398
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 119607
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/ga.js
142.250.74.174200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Sat, 26 Nov 2022 11:05:59 GMT
Expires: Sat, 26 Nov 2022 13:05:59 GMT
Cache-Control: public, max-age=7200
Age: 5399
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1824833565&utmhn=best-proxylist.blogspot.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Anonymizer%20%7C%20Proxy%20List%20%7C%20Free%20HTTPS%3A%2023%20%D0%B4%D0%B5%D0%BA.%202011%20%D0%B3.&utmhid=1394805840&utmr=-&utmp=%2F2011_12_23_archive.html&utmht=1669466157941&utmac=UA-915775-25&utmcc=__utma%3D48685877.1575272159.1669466158.1669466158.1669466158.1%3B%2B__utmz%3D48685877.1669466158.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2038345847&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
142.250.74.174200 OK 35 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1824833565&utmhn=best-proxylist.blogspot.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Anonymizer%20%7C%20Proxy%20List%20%7C%20Free%20HTTPS%3A%2023%20%D0%B4%D0%B5%D0%BA.%202011%20%D0%B3.&utmhid=1394805840&utmr=-&utmp=%2F2011_12_23_archive.html&utmht=1669466157941&utmac=UA-915775-25&utmcc=__utma%3D48685877.1575272159.1669466158.1669466158.1669466158.1%3B%2B__utmz%3D48685877.1669466158.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2038345847&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1824833565&utmhn=best-proxylist.blogspot.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Anonymizer%20%7C%20Proxy%20List%20%7C%20Free%20HTTPS%3A%2023%20%D0%B4%D0%B5%D0%BA.%202011%20%D0%B3.&utmhid=1394805840&utmr=-&utmp=%2F2011_12_23_archive.html&utmht=1669466157941&utmac=UA-915775-25&utmcc=__utma%3D48685877.1575272159.1669466158.1669466158.1669466158.1%3B%2B__utmz%3D48685877.1669466158.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2038345847&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Sat, 26 Nov 2022 12:35:58 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=best-proxylist.blogspot.com
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=best-proxylist.blogspot.com
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=best-proxylist.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 26 Nov 2022 12:35:58 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=best-proxylist.blogspot.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=best-proxylist.blogspot.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=best-proxylist.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 26 Nov 2022 12:35:58 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 69b4c95baca69139e9e4f7e5ffa6bace
a33af721a9defcb815716234aafdb69de7169455
9f752625bea112bc5402067fd695ba893590e6de9844de640a663e4e8fdc1475
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=best-proxylist.blogspot.com&callback=_gfp_s_&client=ca-pub-8116085563943069&gpid_exp=1
172.217.21.162200 OK 254 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=best-proxylist.blogspot.com&callback=_gfp_s_&client=ca-pub-8116085563943069&gpid_exp=1
IP 172.217.21.162:0
File type ASCII text, with very long lines (391), with no line terminators
Hash ab7ddbe7a76b8cdc4c8ae37bd253095b
9d15b5518cb7682095b2f22fb789c890435c2b9d
7ddaaab466c751fa3d012c94689912b9b5a52237a0379a21fd01ed09a7815972
GET /gampad/cookie.js?domain=best-proxylist.blogspot.com&callback=_gfp_s_&client=ca-pub-8116085563943069&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 26 Nov 2022 12:35:58 GMT
server: cafe
cache-control: private
content-length: 254
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 69b4c95baca69139e9e4f7e5ffa6bace
a33af721a9defcb815716234aafdb69de7169455
9f752625bea112bc5402067fd695ba893590e6de9844de640a663e4e8fdc1475
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
best-proxylist.blogspot.com/favicon.ico
142.250.74.161200 OK 412 B URL HTTP/1.1 best-proxylist.blogspot.com/favicon.ico
IP 142.250.74.161:0
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: best-proxylist.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/2011_12_23_archive.html
Cookie: __utma=48685877.1575272159.1669466158.1669466158.1669466158.1; __utmb=48685877.1.10.1669466158; __utmc=48685877; __utmz=48685877.1669466158.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Content-Type: image/x-icon
Expires: Sat, 26 Nov 2022 12:35:58 GMT
Date: Sat, 26 Nov 2022 12:35:58 GMT
Cache-Control: private, max-age=86400
Last-Modified: Fri, 18 Nov 2022 09:47:29 GMT
ETag: W/"b408ae4b4fcb34b3cc8983459d668d57922a6034f5e4a594cd9696f4fb9f0ea4"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8116085563943069&output=html&h=90&adk=173538299&adf=1374884920&w=728&lmt=1668764849&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=336699&color_text=333333&color_url=999999&url=http%3A%2F%2Fbest-proxylist.blogspot.com%2F2011_12_23_archive.html&host=pub-1556223355139109&h_ch=00000&wgl=1&dt=1669466157494&bpp=55&bdt=294&idt=401&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&correlator=5722986355245&frm=20&pv=2&ga_vid=1575272159.1669466158&ga_sid=1669466158&ga_hid=1394805840&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=39&ady=144&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31070762&oid=2&pvsid=3460359419003780&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Eg7B1Rgw4C&p=http%3A//best-proxylist.blogspot.com&dtd=531
142.250.74.2200 OK 9.5 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8116085563943069&output=html&h=90&adk=173538299&adf=1374884920&w=728&lmt=1668764849&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=336699&color_text=333333&color_url=999999&url=http%3A%2F%2Fbest-proxylist.blogspot.com%2F2011_12_23_archive.html&host=pub-1556223355139109&h_ch=00000&wgl=1&dt=1669466157494&bpp=55&bdt=294&idt=401&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&correlator=5722986355245&frm=20&pv=2&ga_vid=1575272159.1669466158&ga_sid=1669466158&ga_hid=1394805840&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=39&ady=144&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31070762&oid=2&pvsid=3460359419003780&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Eg7B1Rgw4C&p=http%3A//best-proxylist.blogspot.com&dtd=531
IP 142.250.74.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (21411), with no line terminators
Hash 1fc54fcc4819aa31c2cfa05af6c84b76
f712a06a2635486d026476bdcbc810a6f6422701
119afc14b36da47fd3ae1c28eaa4dceb66d90ba29e257cc53af2f2d97f09d880
GET /pagead/ads?client=ca-pub-8116085563943069&output=html&h=90&adk=173538299&adf=1374884920&w=728&lmt=1668764849&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=336699&color_text=333333&color_url=999999&url=http%3A%2F%2Fbest-proxylist.blogspot.com%2F2011_12_23_archive.html&host=pub-1556223355139109&h_ch=00000&wgl=1&dt=1669466157494&bpp=55&bdt=294&idt=401&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&correlator=5722986355245&frm=20&pv=2&ga_vid=1575272159.1669466158&ga_sid=1669466158&ga_hid=1394805840&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=39&ady=144&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31070762&oid=2&pvsid=3460359419003780&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Eg7B1Rgw4C&p=http%3A//best-proxylist.blogspot.com&dtd=531 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 26 Nov 2022 12:35:59 GMT
server: cafe
content-length: 9459
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 26-Nov-2022 12:50:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 26 Nov 2022 12:35:59 GMT
cache-control: private
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8116085563943069&output=html&h=600&adk=2676577121&adf=3745148778&w=160&lmt=1668764849&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=336699&color_text=333333&color_url=336699&url=http%3A%2F%2Fbest-proxylist.blogspot.com%2F2011_12_23_archive.html&host=pub-1556223355139109&h_ch=00000&alternate_ad_url=http%3A%2F%2Fwww.blogger.com%2Fimg%2Fblogger_ad160x600.html&wgl=1&dt=1669466157801&bpp=9&bdt=602&idt=309&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=5722986355245&pv_h_ch=00000&frm=20&pv=1&ga_vid=1575272159.1669466158&ga_sid=1669466158&ga_hid=1394805840&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=882&ady=144&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31070762&oid=2&pvsid=3460359419003780&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=dCm858w81I&p=http%3A//best-proxylist.blogspot.com&dtd=364
142.250.74.2200 OK 9.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8116085563943069&output=html&h=600&adk=2676577121&adf=3745148778&w=160&lmt=1668764849&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=336699&color_text=333333&color_url=336699&url=http%3A%2F%2Fbest-proxylist.blogspot.com%2F2011_12_23_archive.html&host=pub-1556223355139109&h_ch=00000&alternate_ad_url=http%3A%2F%2Fwww.blogger.com%2Fimg%2Fblogger_ad160x600.html&wgl=1&dt=1669466157801&bpp=9&bdt=602&idt=309&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=5722986355245&pv_h_ch=00000&frm=20&pv=1&ga_vid=1575272159.1669466158&ga_sid=1669466158&ga_hid=1394805840&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=882&ady=144&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31070762&oid=2&pvsid=3460359419003780&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=dCm858w81I&p=http%3A//best-proxylist.blogspot.com&dtd=364
IP 142.250.74.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (21404), with no line terminators
Hash 81c96c7dd45ae257f031228981ad5fb4
1b131df4a8970abc87abc6d543336077ab7b1d4f
09489284994e940a7b367955be773d0f0225ba2ee97f75da53d7d20d5c19b152
GET /pagead/ads?client=ca-pub-8116085563943069&output=html&h=600&adk=2676577121&adf=3745148778&w=160&lmt=1668764849&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=336699&color_text=333333&color_url=336699&url=http%3A%2F%2Fbest-proxylist.blogspot.com%2F2011_12_23_archive.html&host=pub-1556223355139109&h_ch=00000&alternate_ad_url=http%3A%2F%2Fwww.blogger.com%2Fimg%2Fblogger_ad160x600.html&wgl=1&dt=1669466157801&bpp=9&bdt=602&idt=309&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=5722986355245&pv_h_ch=00000&frm=20&pv=1&ga_vid=1575272159.1669466158&ga_sid=1669466158&ga_hid=1394805840&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=882&ady=144&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31070762&oid=2&pvsid=3460359419003780&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=dCm858w81I&p=http%3A//best-proxylist.blogspot.com&dtd=364 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 26 Nov 2022 12:35:59 GMT
server: cafe
content-length: 9444
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 26-Nov-2022 12:50:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 26 Nov 2022 12:35:59 GMT
cache-control: private
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19165
Expires: Sat, 26 Nov 2022 17:55:24 GMT
Date: Sat, 26 Nov 2022 12:35:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19165
Expires: Sat, 26 Nov 2022 17:55:24 GMT
Date: Sat, 26 Nov 2022 12:35:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 926df9839ec3d924b563b55d8bccace8
c47a3884465fc02b5c57faa5ffbd986ba29c64c2
a97cd625959aa81bc516024628315b2c6e2ce94f76cd579751a686a6611cc4d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: eede6332-5376-4f9c-83fc-f894430c1f4b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWWYFFgoAMFhaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381375b-66d7ffc70f7d901420a503da;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -6kE-HDfLIQMtzuaOuArCjtxgpQUgxMrpjcT7pDIdY7CDlJNK1GZWA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:24 GMT
etag: "c47a3884465fc02b5c57faa5ffbd986ba29c64c2"
content-type: image/jpeg
age: 53375
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 816d70da869514eb692b661a8226d9c1
a89905476481099656b3461acd454ad11ad5584d
cd03b16cdd0d63deb1336dec06481a119a46359358605c8faca8955f90939a34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:35:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.66200 OK 48 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.66:0
File type ASCII text, with very long lines (3502)
Hash 297e24828abaf97fb29460fd75369140
e9e02d737f1bcf9874a55562edff5f795a1c170c
cdbe4e689ca060e94f00f0aa4c45a89efacddac90df42929ff42a3bff44a9d3e
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 48265
date: Sat, 26 Nov 2022 12:35:59 GMT
expires: Sat, 26 Nov 2022 12:35:59 GMT
cache-control: private, max-age=3000
etag: "1668095300071091"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a783df85f30f9c555f9df6b99f61744d
61f9bed607e81606be78285596acdc5e0e4f4994
19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QS3ZKYetcm87GNwSr34eRPF2d4r8ppwf3fT19aV-u84f7ObX4bU8wQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 07:13:26 GMT
age: 19353
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 816d70da869514eb692b661a8226d9c1
a89905476481099656b3461acd454ad11ad5584d
cd03b16cdd0d63deb1336dec06481a119a46359358605c8faca8955f90939a34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:35:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7c216e6-fb54-4285-8656-a1e15990a37a.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7c216e6-fb54-4285-8656-a1e15990a37a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70fae9ac56bb7676177d4252757f0180
bd3027af47f20f4bb9ac36cd9e4493e28e6b041c
1378749f1b28b6c56b8e76418fc5dd59cf608a4e64c1e1067b4f19df10233afc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7c216e6-fb54-4285-8656-a1e15990a37a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8078
x-amzn-requestid: e199b062-09f2-46b8-a8ee-6d7b782f7359
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVC7GT2oAMF5XA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813545-485ea8fd3e785be748834efd;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yJdSAEHw1AFVsBFBSX5G6rqED3Kpi_P69vtTrVVE1vFDtl3XMsyJ4g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:03:54 GMT
age: 52325
etag: "bd3027af47f20f4bb9ac36cd9e4493e28e6b041c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 96437d0cb1ceaffa77124f0dcfeb38cf
3f4a47cdd9ea3bbd20fec37e4a9dbfa9af2acc50
89244601b0a4bc150033e52dc56cf0fbe2846ebba7532c477146258a70783e05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7799
x-amzn-requestid: 4b3bf619-fb69-4cfe-b8e7-7de4ea127853
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXADFOvoAMFXQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813866-77f561ae3496d84c75541300;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:49:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mxC9qkJyuCX0NOEgkK3Z0LWPpxbTcFIvkrDAJ6KBnMFLHToB50AEFg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:02:20 GMT
age: 52419
etag: "3f4a47cdd9ea3bbd20fec37e4a9dbfa9af2acc50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffad04f54-f199-4bc1-a785-cf5c76640147.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffad04f54-f199-4bc1-a785-cf5c76640147.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0f860248042a8499ffb1701a880b2ba
845842c789e6e97fd1687e668d446bbb8309ffc7
9eca5258c7b6e4e145ca6576a3f3791f1324714404ffd7a56a61961f81e7bd44
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffad04f54-f199-4bc1-a785-cf5c76640147.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11150
x-amzn-requestid: 0b773c28-feda-41a2-9de6-8b559bd773eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVC5EukoAMFxfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813545-3bfe118939abc352072c5af1;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RBv0V5RyDoApQfc5QIHFxVzmasUJvYZ6X4-kTTfI9UhtdjUWitlkJA==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:24 GMT
etag: "845842c789e6e97fd1687e668d446bbb8309ffc7"
content-type: image/jpeg
age: 53375
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
142.250.74.33200 OK 1.2 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1054)
Hash 169edf919beed1ee17c8a752ef12132e
b7fbae15ed7789984ee59618845b914aae37bf3e
2bcf9aebfd80a2558d54f39de59542c3df52610616fb2e4380d9f3d976cc13fc
GET /pagead/js/r20221110/r20110914/client/window_focus_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1236
x-xss-protection: 0
date: Fri, 25 Nov 2022 15:55:15 GMT
expires: Fri, 09 Dec 2022 15:55:15 GMT
cache-control: public, max-age=1209600
age: 74444
etag: 15004572836499977866
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
142.250.74.33200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1540)
Hash d22e40b1bc4f1b0f1727b96a0f32f7dd
57030c5040f0013120cca1e77fe38af35d4610e0
6f6d3797f9b19ffcd2f416a7566a58cf70fd4fb0ab17dec03fa5b690c6939494
GET /pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7458
x-xss-protection: 0
date: Fri, 25 Nov 2022 15:55:37 GMT
expires: Fri, 09 Dec 2022 15:55:37 GMT
cache-control: public, max-age=1209600
age: 74422
etag: 16870613375306414947
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 22992fd74cd15d18bd692f6beda86d99
0d7bcf1d3bd47c158f8644725686f3789f637473
7cd4e32f3564daacbed1b6b25b53a4cf696e5355172133c9aa663facc62eefb4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1011
Cache-Control: max-age=125650
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:35:59 GMT
Etag: "63814c0e-139"
Expires: Sun, 27 Nov 2022 23:30:09 GMT
Last-Modified: Fri, 25 Nov 2022 23:13:18 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 22992fd74cd15d18bd692f6beda86d99
0d7bcf1d3bd47c158f8644725686f3789f637473
7cd4e32f3564daacbed1b6b25b53a4cf696e5355172133c9aa663facc62eefb4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1011
Cache-Control: max-age=125650
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:35:59 GMT
Etag: "63814c0e-139"
Expires: Sun, 27 Nov 2022 23:30:09 GMT
Last-Modified: Fri, 25 Nov 2022 23:13:18 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 313
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
104.17.25.14200 OK 4.4 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (2171)
Hash 44c72b9bddfecacc9114e84d685dd085
38f3ff57b9b64a38fc2153eb30564b7fc1c86349
c82afd4f2d89288b4b79244f0c24264810b11326670710ac8e28e7bfc87c7991
GET /ajax/libs/webfont/1.6.28/webfontloader.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 12:36:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 4420
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04030-30d9"
last-modified: Mon, 04 May 2020 16:17:52 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 202802
expires: Thu, 16 Nov 2023 12:36:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7GntxuS3YRvAoNtoLDwkj%2Fn75%2FZEpLssVgKerKog%2BPz7byr8pfpC1tDFjC4ZJdkudr0bHMEWnHc57K5GXI21tdDUf%2FwlIn7dV8JSnNh%2Byl7%2BXXEj4sdj7R1LDhVjpoPxBidEcoFY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7702aacbff1f0b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 65efe7f3aa922f3aa44fa09cb6a2a4bb
3f52b1246b4267831ff0e90ec5e4159aba69c54c
51f678bf96aab273d791b2fbea9dacd21a2585bdf8c2951f1f0bc1815af825c3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1937
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:36:00 GMT
Etag: "63811c12-1d7"
Last-Modified: Sat, 26 Nov 2022 12:03:43 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 3852b37eaf8eba233a2ee7fe68e5e37a
3bdd2fd87ab90d0d47bc13c4f7f62574ed227a76
bda9bbb7a73b5f06187e8e2e307643de64055d7c0107b7a07a9a71034978ed4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4482
Cache-Control: max-age=157921
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:36:00 GMT
Etag: "6381bc8f-13a"
Expires: Mon, 28 Nov 2022 08:28:01 GMT
Last-Modified: Sat, 26 Nov 2022 07:13:19 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 075b978d5014c00a9cb96e9971337061
68c7c339233a16b5ab4c2e4814fe479b1b467ebd
8f6a792b948278a69165b1c2108c488cfd8df36b3d21e7b3964f5ca3cc879422
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6382
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:36:00 GMT
Last-Modified: Sat, 26 Nov 2022 10:49:38 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 3852b37eaf8eba233a2ee7fe68e5e37a
3bdd2fd87ab90d0d47bc13c4f7f62574ed227a76
bda9bbb7a73b5f06187e8e2e307643de64055d7c0107b7a07a9a71034978ed4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3308
Cache-Control: max-age=156747
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:36:00 GMT
Etag: "6381bc8f-13a"
Expires: Mon, 28 Nov 2022 08:08:27 GMT
Last-Modified: Sat, 26 Nov 2022 07:13:19 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 075b978d5014c00a9cb96e9971337061
68c7c339233a16b5ab4c2e4814fe479b1b467ebd
8f6a792b948278a69165b1c2108c488cfd8df36b3d21e7b3964f5ca3cc879422
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6382
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:36:00 GMT
Last-Modified: Sat, 26 Nov 2022 10:49:38 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 075b978d5014c00a9cb96e9971337061
68c7c339233a16b5ab4c2e4814fe479b1b467ebd
8f6a792b948278a69165b1c2108c488cfd8df36b3d21e7b3964f5ca3cc879422
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6377
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:36:00 GMT
Last-Modified: Sat, 26 Nov 2022 10:49:43 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 312
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPenErOzWdgFWp2DYgICAAAASv5VHY2HERUQLgiCY7EaDen8F6lMHFJNABIAAA&wp=Y4IILgAOrSIKGCeBAAfYT6uLUVjWn_bWy5hp7g
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPenErOzWdgFWp2DYgICAAAASv5VHY2HERUQLgiCY7EaDen8F6lMHFJNABIAAA&wp=Y4IILgAOrSIKGCeBAAfYT6uLUVjWn_bWy5hp7g
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kPenErOzWdgFWp2DYgICAAAASv5VHY2HERUQLgiCY7EaDen8F6lMHFJNABIAAA&wp=Y4IILgAOrSIKGCeBAAfYT6uLUVjWn_bWy5hp7g HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 302025
date: Sat, 26 Nov 2022 12:35:59 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 075b978d5014c00a9cb96e9971337061
68c7c339233a16b5ab4c2e4814fe479b1b467ebd
8f6a792b948278a69165b1c2108c488cfd8df36b3d21e7b3964f5ca3cc879422
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6382
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:36:00 GMT
Last-Modified: Sat, 26 Nov 2022 10:49:38 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 312
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:36:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.criteo.net/flash/icon/close_button.svg
178.250.0.130200 OK 308 B URL HTTP/2 static.criteo.net/flash/icon/close_button.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 1bfe2e290ec4440da74a2e2c249eae2b
0b888a3f9e27d1554f2e21d51e7a1c223d00dbd4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
GET /flash/icon/close_button.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 12:36:00 GMT
content-type: image/svg+xml
content-length: 308
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
etag: "5e46a5e4-134"
expires: Tue, 21 Nov 2023 12:36:00 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kM71FLOzWaAB2ASdg2ICAgAAAEr-VR2NhxEVEC4IgmNIFm8cQEuuQlZ33gASAAA&wp=Y4IILwAA_Y4KGBiRAAFhcYVEo7ftAhe8sdIjXg
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kM71FLOzWaAB2ASdg2ICAgAAAEr-VR2NhxEVEC4IgmNIFm8cQEuuQlZ33gASAAA&wp=Y4IILwAA_Y4KGBiRAAFhcYVEo7ftAhe8sdIjXg
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kM71FLOzWaAB2ASdg2ICAgAAAEr-VR2NhxEVEC4IgmNIFm8cQEuuQlZ33gASAAA&wp=Y4IILwAA_Y4KGBiRAAFhcYVEo7ftAhe8sdIjXg HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 244629
date: Sat, 26 Nov 2022 12:36:00 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/dt/93075/221121/406576ffee6f4787b9bfa811bc5feb53_cpn_728x90_2.jpg
178.250.0.130200 OK 24 kB URL HTTP/2 static.criteo.net/design/dt/93075/221121/406576ffee6f4787b9bfa811bc5feb53_cpn_728x90_2.jpg
IP 178.250.0.130:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 728x90, components 3\012- data
Hash be71ffce6d2966a6477b84e1e476dfc5
cfe25b90491d8fe47c5ec3dab5d76df1acc22c50
9447a58797c99fab778259f03eb64a039cefa6c4cb5adc5d983bb9407f087724
GET /design/dt/93075/221121/406576ffee6f4787b9bfa811bc5feb53_cpn_728x90_2.jpg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 12:36:00 GMT
content-type: image/jpeg
content-length: 23601
last-modified: Mon, 21 Nov 2022 15:51:35 GMT
etag: "637b9e87-5c31"
expires: Tue, 21 Nov 2023 12:36:00 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/back_button2.svg
178.250.0.130200 OK 293 B URL HTTP/2 static.criteo.net/flash/icon/back_button2.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash d9f776bdc698e1bc9c6a1977218019cd
5763cfb5ac79adf0fa7f03a82bad04eea2dca243
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
GET /flash/icon/back_button2.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 12:36:00 GMT
content-type: image/svg+xml
content-length: 293
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
etag: "626a59dc-125"
expires: Tue, 21 Nov 2023 12:36:00 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/dt/93075/221121/640d07120aed47e09f43e9e75039c29d_cpn_728x90_1.jpg
178.250.0.130200 OK 7.1 kB URL HTTP/2 static.criteo.net/design/dt/93075/221121/640d07120aed47e09f43e9e75039c29d_cpn_728x90_1.jpg
IP 178.250.0.130:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 130x90, components 3\012- data
Hash b414bc54bd42c2b579db376f072bbda3
e70e6113311a747ca3a0e68c57e9bf669fb8170b
e1e4c3a29a2440feb54ac4bad65bf63c7b019b997bf286db49724a9aa67f31f8
GET /design/dt/93075/221121/640d07120aed47e09f43e9e75039c29d_cpn_728x90_1.jpg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 12:36:00 GMT
content-type: image/jpeg
content-length: 7110
last-modified: Mon, 21 Nov 2022 15:51:35 GMT
etag: "637b9e87-1bc6"
expires: Tue, 21 Nov 2023 12:36:00 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y4IILwAA_Y4KGBiRAAFhcYVEo7ftAhe8sdIjXg&u=%7Cio43ZikWei6Kru%2FZ%2Fnqg95KH3FV5pJVUmuJbhaO67aY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TyHgKyU7CHfZQh1UF6orTb06MUy63yn2dTosMorqylnrxB7eSfhGDmJrs1OalI8t1SA_0ReNUGmXjqzwtembE8yTZdz3Q9MMxeuZzdMUhZCP2YJJOQzCv4L_j0glrsWUBrLj7D7DldYeM3tJvHwqJZus-z1zk46R1kxCbioorWWl-etXJEczCpSDcFV2hYwP2l00m5dsMxBCqZwg_KkkhB0rmQw3xUpXGuFyVXBMrQDP2IlG3ijBRAz5901HhS3Ai5lMvUj2Wdh7h0Ub-YEv10rr2_uug1tWgZgW8BUHsPLXU0A4UyuYkbBbo9nt5TLPpXkS-eRd2bXSetyS2zmX97_-lKM3lrT1VU4PpXzsRwsX7jPFdXY8gKt6CGmr9tnH0vCJpcpye7mnSZbve3YV4TgdrdbXG3aXiFcjbtGdz8biBhxr6le5QGrghbmV28VQC9urzLMXeiAfP-IzIWG4i-mIH9LgIpe0XKcFWuv79CZ1k1iajmKbREo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi6B1LwiCY477A5GxYPHChcgByZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi04MTE2MDg1NTYzOTQzMDY5yAEJqQL9XeJ6n3CxPqgDAaoE5wFP0A88TAoQOXkBnxtYjbXn_z_UaRusL9_lpaZKHPBqyYfhBnRc7p6EmRZTVnhh-88qn-nITw9Yywp1cbnV5rgXNVpkih7vyMWGb3JB12fHfv8AWbPfZJ1JLatXLlavlABXAYzBftFGxiOwc2ImDK8VM89gEpWoLTC8QJuZY6a3oNYQomIsumgd9fBnP1A-Qk0EUvEgFWYIqQ2w_fELMalSweqLISKteFV040b90bg4gLq6jw-L7pY_bCQtvPn2aN2Tvl9l57RmPAaNpJden13-o7dOXgd0chyR9Q1SGNGyjRq37l548EiABrLG24WHmazcZaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2cLsIq227J1P4CQO0mte-EkUFHcg%26client%3Dca-pub-8116085563943069%26adurl%3D
178.250.2.65200 OK 55 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y4IILwAA_Y4KGBiRAAFhcYVEo7ftAhe8sdIjXg&u=%7Cio43ZikWei6Kru%2FZ%2Fnqg95KH3FV5pJVUmuJbhaO67aY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TyHgKyU7CHfZQh1UF6orTb06MUy63yn2dTosMorqylnrxB7eSfhGDmJrs1OalI8t1SA_0ReNUGmXjqzwtembE8yTZdz3Q9MMxeuZzdMUhZCP2YJJOQzCv4L_j0glrsWUBrLj7D7DldYeM3tJvHwqJZus-z1zk46R1kxCbioorWWl-etXJEczCpSDcFV2hYwP2l00m5dsMxBCqZwg_KkkhB0rmQw3xUpXGuFyVXBMrQDP2IlG3ijBRAz5901HhS3Ai5lMvUj2Wdh7h0Ub-YEv10rr2_uug1tWgZgW8BUHsPLXU0A4UyuYkbBbo9nt5TLPpXkS-eRd2bXSetyS2zmX97_-lKM3lrT1VU4PpXzsRwsX7jPFdXY8gKt6CGmr9tnH0vCJpcpye7mnSZbve3YV4TgdrdbXG3aXiFcjbtGdz8biBhxr6le5QGrghbmV28VQC9urzLMXeiAfP-IzIWG4i-mIH9LgIpe0XKcFWuv79CZ1k1iajmKbREo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi6B1LwiCY477A5GxYPHChcgByZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi04MTE2MDg1NTYzOTQzMDY5yAEJqQL9XeJ6n3CxPqgDAaoE5wFP0A88TAoQOXkBnxtYjbXn_z_UaRusL9_lpaZKHPBqyYfhBnRc7p6EmRZTVnhh-88qn-nITw9Yywp1cbnV5rgXNVpkih7vyMWGb3JB12fHfv8AWbPfZJ1JLatXLlavlABXAYzBftFGxiOwc2ImDK8VM89gEpWoLTC8QJuZY6a3oNYQomIsumgd9fBnP1A-Qk0EUvEgFWYIqQ2w_fELMalSweqLISKteFV040b90bg4gLq6jw-L7pY_bCQtvPn2aN2Tvl9l57RmPAaNpJden13-o7dOXgd0chyR9Q1SGNGyjRq37l548EiABrLG24WHmazcZaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2cLsIq227J1P4CQO0mte-EkUFHcg%26client%3Dca-pub-8116085563943069%26adurl%3D
IP 178.250.2.65:0
Hash 03b0c2a01f25326570fdb79b32276d76
fb5f43facc976f1ee658b3f4da186340de7fbcfd
f837cae8e44403503a313c5bae447090c93db63b6fe5aaa0a703b88d64987b7b
GET /delivery/r/afr.php?z=Y4IILwAA_Y4KGBiRAAFhcYVEo7ftAhe8sdIjXg&u=%7Cio43ZikWei6Kru%2FZ%2Fnqg95KH3FV5pJVUmuJbhaO67aY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TyHgKyU7CHfZQh1UF6orTb06MUy63yn2dTosMorqylnrxB7eSfhGDmJrs1OalI8t1SA_0ReNUGmXjqzwtembE8yTZdz3Q9MMxeuZzdMUhZCP2YJJOQzCv4L_j0glrsWUBrLj7D7DldYeM3tJvHwqJZus-z1zk46R1kxCbioorWWl-etXJEczCpSDcFV2hYwP2l00m5dsMxBCqZwg_KkkhB0rmQw3xUpXGuFyVXBMrQDP2IlG3ijBRAz5901HhS3Ai5lMvUj2Wdh7h0Ub-YEv10rr2_uug1tWgZgW8BUHsPLXU0A4UyuYkbBbo9nt5TLPpXkS-eRd2bXSetyS2zmX97_-lKM3lrT1VU4PpXzsRwsX7jPFdXY8gKt6CGmr9tnH0vCJpcpye7mnSZbve3YV4TgdrdbXG3aXiFcjbtGdz8biBhxr6le5QGrghbmV28VQC9urzLMXeiAfP-IzIWG4i-mIH9LgIpe0XKcFWuv79CZ1k1iajmKbREo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi6B1LwiCY477A5GxYPHChcgByZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi04MTE2MDg1NTYzOTQzMDY5yAEJqQL9XeJ6n3CxPqgDAaoE5wFP0A88TAoQOXkBnxtYjbXn_z_UaRusL9_lpaZKHPBqyYfhBnRc7p6EmRZTVnhh-88qn-nITw9Yywp1cbnV5rgXNVpkih7vyMWGb3JB12fHfv8AWbPfZJ1JLatXLlavlABXAYzBftFGxiOwc2ImDK8VM89gEpWoLTC8QJuZY6a3oNYQomIsumgd9fBnP1A-Qk0EUvEgFWYIqQ2w_fELMalSweqLISKteFV040b90bg4gLq6jw-L7pY_bCQtvPn2aN2Tvl9l57RmPAaNpJden13-o7dOXgd0chyR9Q1SGNGyjRq37l548EiABrLG24WHmazcZaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2cLsIq227J1P4CQO0mte-EkUFHcg%26client%3Dca-pub-8116085563943069%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 12:35:59 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=A8kUdCy1UV7cpxphq9XJRmcUvGlxb3xTLHR-JZ6wIdRvsFeNTTWobMSyOMpjriG3cPoQ1jh2pJg8cMsJSu5Pphqx3rlNd8DjjljWNd-DcydbgdRrB2VtjAiKzk_dN7YOzputU_DM7EU9_Hzc0rDd9zmmHq-VBEZOwXs5BbjcKDNNSoeUoAa_0S9colt8i2XdorJbqXQuIWMvZvDLqr_GmR9V1VAlrg7gHYfbbd6bVou3HKSqbdCsZGfcvP4X11bvZypI6gIRy9xrN6dH"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 97817000
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash bfeca0cee3e1e4c7a1cc17748442d9e4
66d6f00f250d953376d1f8238bfdbce12eee7496
41154f4b9a3a1fd3f5e12fd434325d9a0ab1c9e24ab430aa9afff13db53d8e0b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2094
Cache-Control: max-age=171362
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:36:00 GMT
Etag: "6381fa64-138"
Expires: Mon, 28 Nov 2022 12:12:02 GMT
Last-Modified: Sat, 26 Nov 2022 11:37:08 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash bfeca0cee3e1e4c7a1cc17748442d9e4
66d6f00f250d953376d1f8238bfdbce12eee7496
41154f4b9a3a1fd3f5e12fd434325d9a0ab1c9e24ab430aa9afff13db53d8e0b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2094
Cache-Control: max-age=171362
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:36:00 GMT
Etag: "6381fa64-138"
Expires: Mon, 28 Nov 2022 12:12:02 GMT
Last-Modified: Sat, 26 Nov 2022 11:37:08 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash bfeca0cee3e1e4c7a1cc17748442d9e4
66d6f00f250d953376d1f8238bfdbce12eee7496
41154f4b9a3a1fd3f5e12fd434325d9a0ab1c9e24ab430aa9afff13db53d8e0b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2069
Cache-Control: max-age=171337
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:36:00 GMT
Etag: "6381fa64-138"
Expires: Mon, 28 Nov 2022 12:11:37 GMT
Last-Modified: Sat, 26 Nov 2022 11:37:08 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 312
pix.eu.criteo.net/img/img?h=176&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=256&s=IkzmAjmKrInPF7Hn6GEdwhJ4
178.250.2.135200 OK 15 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=176&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=256&s=IkzmAjmKrInPF7Hn6GEdwhJ4
IP 178.250.2.135:0
File type PNG image data, 256 x 145, 8-bit/color RGBA, non-interlaced\012- data
Hash f523639639c51c1f52be993b13aa86ec
3ba529e6f3bcff01bbe83fe095bab40b53ee690f
2122c838a0001f16eea9494948ef3d446acaafd1c36aba4798ef78cd6eca23d1
GET /img/img?h=176&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=256&s=IkzmAjmKrInPF7Hn6GEdwhJ4 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30980299
expires: Mon, 20 Nov 2023 02:14:20 GMT
date: Sat, 26 Nov 2022 12:36:00 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 15162
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgeox%2F1300x1700%2Fgeoj16apa022fu_cbrwnblack.jpg&v=3&w=400&s=UakDE38gEZWqzLeCfrH5qG3H&b=400
178.250.2.135200 OK 18 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgeox%2F1300x1700%2Fgeoj16apa022fu_cbrwnblack.jpg&v=3&w=400&s=UakDE38gEZWqzLeCfrH5qG3H&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 337x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash af24b6b57d1893b237f3e863b2a45819
bdac3fd17503b79c4ca9c7fd95dfd5a4a9fced61
dc8740cee8deccdf7ef8858a1926715c4c6921df89fc4b375a561b5e5a5184c0
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgeox%2F1300x1700%2Fgeoj16apa022fu_cbrwnblack.jpg&v=3&w=400&s=UakDE38gEZWqzLeCfrH5qG3H&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31096233
expires: Tue, 21 Nov 2023 10:26:33 GMT
date: Sat, 26 Nov 2022 12:36:00 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 17546
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:36:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fcoach%2F1300x1700%2Foacc0695_cblue.jpg&v=3&w=400&s=b1UApUQBNoCpqQiQLrdCsnDu&b=400
178.250.2.135200 OK 16 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fcoach%2F1300x1700%2Foacc0695_cblue.jpg&v=3&w=400&s=b1UApUQBNoCpqQiQLrdCsnDu&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x244, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ad1f41fdee65edba1438b21551920603
3a78d74a603d0237adb9fff7064266af8c21de2a
1d90ebebf750336d4fb5ab746cc6f683ca2892225829584fef7bb060cf43e1a4
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fcoach%2F1300x1700%2Foacc0695_cblue.jpg&v=3&w=400&s=b1UApUQBNoCpqQiQLrdCsnDu&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29047436
expires: Sat, 28 Oct 2023 17:19:56 GMT
date: Sat, 26 Nov 2022 12:35:59 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 15628
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/criteo_logo_2021.svg
178.250.0.130200 OK 11 kB URL HTTP/2 static.criteo.net/flash/icon/criteo_logo_2021.svg
IP 178.250.0.130:0
Hash 57f25fcc270d135a903d2323da3b24bc
922a8e81e1a5bfc30b03abffb11856c076493bc7
5cd3d45d8dcd96d3f4c8f2d6a26dfcf9de262ef7b216706a577c0094cfbbe6f2
GET /flash/icon/criteo_logo_2021.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 12:36:00 GMT
content-type: image/svg+xml
last-modified: Thu, 27 May 2021 13:21:59 GMT
etag: W/"60af9cf7-891"
expires: Tue, 21 Nov 2023 12:36:00 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy_small.svg
178.250.0.130200 OK 3.1 kB URL HTTP/2 static.criteo.net/flash/icon/privacy_small.svg
IP 178.250.0.130:0
Hash 9c98bc992d566bb00301e5b4c4a3a592
de004e68c05ee60356f3c5f11aabffc8945beee6
0109b65127bf9c9e073fa83e7c4aef961f29583efd9ab9444f2a9d49bb040bf5
GET /flash/icon/privacy_small.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 12:36:00 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
etag: W/"5e42ba84-6aa"
expires: Tue, 21 Nov 2023 12:36:00 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:36:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgap%2F1300x1700%2Fgap000600113_cdarkindigo9_v443.jpg&v=3&w=400&s=SAbx18TcNHYzRcBn_q3k7D3H&b=400
178.250.2.135200 OK 5.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgap%2F1300x1700%2Fgap000600113_cdarkindigo9_v443.jpg&v=3&w=400&s=SAbx18TcNHYzRcBn_q3k7D3H&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 163x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9c3e8ee64a10166df29046723912aa0e
725446fa012e50ed239284ad8c446f0175f9c7e8
19170ac8b35d298598418fa538a5e48ffc2a356a3482069c86419600658a90c3
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgap%2F1300x1700%2Fgap000600113_cdarkindigo9_v443.jpg&v=3&w=400&s=SAbx18TcNHYzRcBn_q3k7D3H&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30399800
expires: Mon, 13 Nov 2023 08:59:20 GMT
date: Sat, 26 Nov 2022 12:35:59 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5742
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsecond-female-ob%2F1300x1700%2Fsfo56473_cblack_v8001.jpg&v=3&w=400&s=Ag1GVRcxApOQjMJj9Zc1MAEC&b=400
178.250.2.135200 OK 28 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsecond-female-ob%2F1300x1700%2Fsfo56473_cblack_v8001.jpg&v=3&w=400&s=Ag1GVRcxApOQjMJj9Zc1MAEC&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 258x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8b6c8e21b06589d139ac9f376a5e8737
8b69480b321ca61849599cef45ed73671312c481
76a3935f220a330c8d21e71fbb86580c84c36406b66dffc40ff7b8512a2c25ef
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsecond-female-ob%2F1300x1700%2Fsfo56473_cblack_v8001.jpg&v=3&w=400&s=Ag1GVRcxApOQjMJj9Zc1MAEC&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30093860
expires: Thu, 09 Nov 2023 20:00:20 GMT
date: Sat, 26 Nov 2022 12:35:59 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 27484
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash f6a800119071c7159cbf159aa1f82995
ee97010129796d6d854fa4cbd218c8e179012623
bab27de2b2881e381b7bc9c8b95ef023514af2597ad6df54caff7d3a592e3a01
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6536
Cache-Control: max-age=96595
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:36:00 GMT
Etag: "6380c4fb-13a"
Expires: Sun, 27 Nov 2022 15:25:55 GMT
Last-Modified: Fri, 25 Nov 2022 13:36:59 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 314
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:36:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 16:40:18 GMT
expires: Fri, 24 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 158142
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fpavement%2F1300x1700%2Fpav20005_cblack.jpg&v=3&w=400&s=43INzk6fE7wULic-_4NaJnMT&b=400
178.250.2.135200 OK 4.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fpavement%2F1300x1700%2Fpav20005_cblack.jpg&v=3&w=400&s=43INzk6fE7wULic-_4NaJnMT&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 302x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 19179ddbc49c228b7b218b6e7e471d27
eca995c6f2b1e852a400c5ba2e98da05b9720c4c
c32d9a918ba13f75701cc38c6a73c8adb337b09fac17a966cd45e7f199ca711f
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fpavement%2F1300x1700%2Fpav20005_cblack.jpg&v=3&w=400&s=43INzk6fE7wULic-_4NaJnMT&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29178621
expires: Mon, 30 Oct 2023 05:46:21 GMT
date: Sat, 26 Nov 2022 12:35:59 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4686
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flindbergh%2F1300x1700%2Flin30203312_clightblue.jpg&v=3&w=400&s=HrvXs61nMJwgLiedp-Z6DhaI&b=400
178.250.2.135200 OK 5.8 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flindbergh%2F1300x1700%2Flin30203312_clightblue.jpg&v=3&w=400&s=HrvXs61nMJwgLiedp-Z6DhaI&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 311x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ffaf71a059d70e800dc1c151d997f4c4
110894496e4e9b966d8226c23d8639c3987b676b
929b6e5d0058d1ac73e189dbaff25625290d1ab2b9ef6609fc4aa75c41deafb6
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flindbergh%2F1300x1700%2Flin30203312_clightblue.jpg&v=3&w=400&s=HrvXs61nMJwgLiedp-Z6DhaI&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29422246
expires: Thu, 02 Nov 2023 01:26:46 GMT
date: Sat, 26 Nov 2022 12:36:00 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5774
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fadidas-originals%2F1300x1700%2Fadign8453_cblackwhite.jpg&v=3&w=400&s=7tFFx3u0-LSPZfao7KUFC7o7&b=400
178.250.2.135200 OK 2.6 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fadidas-originals%2F1300x1700%2Fadign8453_cblackwhite.jpg&v=3&w=400&s=7tFFx3u0-LSPZfao7KUFC7o7&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 157x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ea1496cd997599a63bd2b81b7c7373ef
32cbac1ac033b0f92edc2b3aa7543afc15bcd657
a1d5caf4685b90bcef9c488a9a06e281c85adc7cafa94d12b34f95b0a635da8d
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fadidas-originals%2F1300x1700%2Fadign8453_cblackwhite.jpg&v=3&w=400&s=7tFFx3u0-LSPZfao7KUFC7o7&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31429271
expires: Sat, 25 Nov 2023 06:57:11 GMT
date: Sat, 26 Nov 2022 12:36:00 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 2616
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.195200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 17:10:21 GMT
expires: Wed, 22 Nov 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 329139
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=6382082fc35fc40fd5b933ec6df9be58
37.157.5.141302 Found 14 kB URL HTTP/2 a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=6382082fc35fc40fd5b933ec6df9be58
IP 37.157.5.141:0
Hash 0789458d59d0376e727ba934b06d4520
541ab249e084a50516adef40136565a199b28d9a
8f62a69e58820e2ae90216361fe89344c7fd867617c278ed2cba0d5b72625c73
GET /adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=6382082fc35fc40fd5b933ec6df9be58 HTTP/1.1
Host: a1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 26 Nov 2022 12:36:00 GMT
content-type: text/html; charset=utf-8
location: https://mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=55670&adfrmid=0
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmango%2F1300x1700%2Fman37084753_cpastelpink.jpg&v=3&w=400&s=npAQxTsIgH9pVJ-7CN26Qo_v&b=400
178.250.2.135200 OK 22 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmango%2F1300x1700%2Fman37084753_cpastelpink.jpg&v=3&w=400&s=npAQxTsIgH9pVJ-7CN26Qo_v&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x338, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a4d2b3c6390d0935056aec77b38b96a6
adc0ba091a438d569058417378187e3c61955b6a
b5746a86c78f3c71c71c45f49f4d3b41968b8d18ce83d4aef1eb4ed94977bcde
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmango%2F1300x1700%2Fman37084753_cpastelpink.jpg&v=3&w=400&s=npAQxTsIgH9pVJ-7CN26Qo_v&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31445151
expires: Sat, 25 Nov 2023 11:21:51 GMT
date: Sat, 26 Nov 2022 12:35:59 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 22204
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbruun-stengade%2F1300x1700%2Fbrs210211006_cnavy.jpg&v=3&w=400&s=qM82TXnaAzO_3esToU3KJxiB&b=400
178.250.2.135200 OK 5.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbruun-stengade%2F1300x1700%2Fbrs210211006_cnavy.jpg&v=3&w=400&s=qM82TXnaAzO_3esToU3KJxiB&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 277x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bbf8e57f736dfd429b601c89decbf050
292299139b27a1dde8dfe1fef4f3500338114ec4
bc342fc64e7f9752e897d948ca858e08051f4ae0039c8aa7d44dcba4c399b0e5
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbruun-stengade%2F1300x1700%2Fbrs210211006_cnavy.jpg&v=3&w=400&s=qM82TXnaAzO_3esToU3KJxiB&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29396615
expires: Wed, 01 Nov 2023 18:19:36 GMT
date: Sat, 26 Nov 2022 12:35:59 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5482
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fhackett%2F1300x1700%2Fhachm702820_cnavy.jpg&v=3&w=400&s=P9gNp5ZzXEz68s8qqzkbjLSl&b=400
178.250.2.135200 OK 4.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fhackett%2F1300x1700%2Fhachm702820_cnavy.jpg&v=3&w=400&s=P9gNp5ZzXEz68s8qqzkbjLSl&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 330x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4993cb7d0c4b804cfcc441e48ea6f69a
edd4cc7afa11b261169eafb2abadffc8f4a92072
e617cd218c87ebbae244884416749723bcf6a5da2c8f8aacbdd889730aaa0a24
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fhackett%2F1300x1700%2Fhachm702820_cnavy.jpg&v=3&w=400&s=P9gNp5ZzXEz68s8qqzkbjLSl&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=28965252
expires: Fri, 27 Oct 2023 18:30:12 GMT
date: Sat, 26 Nov 2022 12:35:59 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4532
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash f6a800119071c7159cbf159aa1f82995
ee97010129796d6d854fa4cbd218c8e179012623
bab27de2b2881e381b7bc9c8b95ef023514af2597ad6df54caff7d3a592e3a01
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6536
Cache-Control: max-age=96595
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:36:00 GMT
Etag: "6380c4fb-13a"
Expires: Sun, 27 Nov 2022 15:25:55 GMT
Last-Modified: Fri, 25 Nov 2022 13:36:59 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 314
static.criteo.net/animejs/animejs.js
178.250.0.130200 OK 75 kB URL HTTP/2 static.criteo.net/animejs/animejs.js
IP 178.250.0.130:0
Hash 83493fa4d6142b7019169c2f7aaef39d
ee092587fa332882752b4b99edc7dddbc2128513
e208c7ad66e46f0e8aee5873fbf4398911d72e50517ac78b6898f1f0fc911df3
GET /animejs/animejs.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 12:36:00 GMT
content-type: text/javascript
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
etag: W/"5c9a64eb-3181"
expires: Tue, 21 Nov 2023 12:36:00 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fdagmar%2F1300x1700%2Fdag215f717_cwhite_v001.jpg&v=3&w=400&s=fIHmuKes8UuaANNWrsCiqZHb&b=400
178.250.2.135200 OK 1.8 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fdagmar%2F1300x1700%2Fdag215f717_cwhite_v001.jpg&v=3&w=400&s=fIHmuKes8UuaANNWrsCiqZHb&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 194x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6c60144f2b2b361f5b709f93b87d1c6b
bb523e09cdedeb0ab0bacba417a714b5656eaea9
5bf5cb5878277a8c458639e1ca7cf5f0a57376501371ffb5bdbb250fe6a63338
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fdagmar%2F1300x1700%2Fdag215f717_cwhite_v001.jpg&v=3&w=400&s=fIHmuKes8UuaANNWrsCiqZHb&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31360946
expires: Fri, 24 Nov 2023 11:58:26 GMT
date: Sat, 26 Nov 2022 12:35:59 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 1800
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl86221_ccharcoalmelange_v90.jpg&v=3&w=400&s=Ncmo3FXTKYtEaPrlmYnleZHQ&b=400
178.250.2.135200 OK 14 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl86221_ccharcoalmelange_v90.jpg&v=3&w=400&s=Ncmo3FXTKYtEaPrlmYnleZHQ&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 337x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 28327b8f11b743b49bb13d5dec540f49
958227e5a641ccc5370c3de8e7248ef3f0f1d491
ff38758e20236b356b1ab44ce3c3c4dda68a73371e6b3e11eab5504244a3698f
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl86221_ccharcoalmelange_v90.jpg&v=3&w=400&s=Ncmo3FXTKYtEaPrlmYnleZHQ&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30779336
expires: Fri, 17 Nov 2023 18:24:56 GMT
date: Sat, 26 Nov 2022 12:35:59 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 13666
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A56592be8-3f02-48af-b6dd-fc0d4384d0d5%2FMelia_Caribe_Beach_1_800x800.jpg&v=3&w=800&s=vdImqrxCZvlG-Vs1MI53LwZo&b=400
178.250.2.135200 OK 25 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A56592be8-3f02-48af-b6dd-fc0d4384d0d5%2FMelia_Caribe_Beach_1_800x800.jpg&v=3&w=800&s=vdImqrxCZvlG-Vs1MI53LwZo&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5f20cbb64d092ce7df97f73991a3bebc
5e003d22dc22c75ce79a71e8dab023a93cfdee6d
976e0ca2020a24c4b489082560c7bd3b25a17a55cc1d9914415af2790afd269b
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A56592be8-3f02-48af-b6dd-fc0d4384d0d5%2FMelia_Caribe_Beach_1_800x800.jpg&v=3&w=800&s=vdImqrxCZvlG-Vs1MI53LwZo&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=0
expires: Sat, 26 Nov 2022 12:36:00 GMT
date: Sat, 26 Nov 2022 12:36:00 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 24746
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fguess-jeans%2F1300x1700%2Fgjsw2gk82d4lt1_cleafgreenwash_vlfgw.jpg&v=3&w=400&s=iBF-1uddjy7SO4GwiSXgAJiu&b=400
178.250.2.135200 OK 12 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fguess-jeans%2F1300x1700%2Fgjsw2gk82d4lt1_cleafgreenwash_vlfgw.jpg&v=3&w=400&s=iBF-1uddjy7SO4GwiSXgAJiu&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 256x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2ea008cbe03aa6a977058e9eb89292e3
fad3ac101763e3c4f35bd2c68106a71f94127f46
d75520283aa1dbc30bd1056a792470ccab67294a91724c60f2806e5a42b40380
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fguess-jeans%2F1300x1700%2Fgjsw2gk82d4lt1_cleafgreenwash_vlfgw.jpg&v=3&w=400&s=iBF-1uddjy7SO4GwiSXgAJiu&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=29185982
expires: Mon, 30 Oct 2023 07:49:02 GMT
date: Sat, 26 Nov 2022 12:35:59 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 11810
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:36:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.criteo.net/flash/icon/privacy.svg
178.250.0.130200 OK 886 B URL HTTP/2 static.criteo.net/flash/icon/privacy.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1395)
Hash 44c80266d5401960b665061f11f5a996
f03acc506e468a92770e49bfc9c5f53de5679d2f
36df47a9faeef0180764da68b89166c036e4bd25ef1f9acf5cb8f3e9a521c1f7
GET /flash/icon/privacy.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 12:36:00 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
etag: W/"5e4d1491-646"
expires: Tue, 21 Nov 2023 12:36:00 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=55670&adfrmid=0
109.232.197.110200 OK 43 B URL HTTP/1.1 mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=55670&adfrmid=0
IP 109.232.197.110:0
ASN #50234 Eulerian Technologies S.a.s.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 718e8bd317b47c1018a861f423615c1c
874d28c9586324d5d16558065197cea533f10b67
11e3a37194c2691ff2eb5c2237cb14a9269c30e844dc48047f9324391477f11f
GET /dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=55670&adfrmid=0 HTTP/1.1
Host: mml1.melia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.eu.criteo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 12:36:00 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 43
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Content-Type: image/gif
Set-Cookie: etuix=IeC2TTONkTHof8WxGk3iEet9fKnUaY8J.KdRWfXyZ2mOXCpUGp5pSg--; expires=Sun, 24 Dec 2023 12:36:00 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
et0=PKS88UUldJgjbPVNCpqBcHKrBHKCpyUpFiJXeV10xwPNEUkcfarhlacpYVirlahDmNevoGM0rWKiptKlt3Zr5XRR4BJc3l5hdWCk_FSm4DA3SbVg7dd8taNcPtgp9HXKdEY-; expires=Sun, 24 Dec 2023 12:36:00 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
et=1; expires=Sun, 24 Dec 2023 12:36:00 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
csm.eu.criteo.net/all?cppv=3&cpp=O2WOcyy1UV7cpxphsnvhgEuDDhhm3YTlJCM9Xb5vzC5802be-Obordkr7hCu7mzvEyq1oI_5dvwKd2Mm1FW8TOr2aztc0ta9_vwYFR073A8NjLNr2siIu29bDRk80OA04lb-9UCLU2F9vEWQjfjtaoXmfl7KNWTEnCRJ2mMQt06huVNmNIJMCoLpr7p5BFShU7UmfKJzTUCEqiuorNyPSS22RVMAgzzEWqkDd5U5jIL97brWlHadVFAyMe7-ITXfsnGaRLN-5OtyYgZm&sds=2&rev=83599&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=O2WOcyy1UV7cpxphsnvhgEuDDhhm3YTlJCM9Xb5vzC5802be-Obordkr7hCu7mzvEyq1oI_5dvwKd2Mm1FW8TOr2aztc0ta9_vwYFR073A8NjLNr2siIu29bDRk80OA04lb-9UCLU2F9vEWQjfjtaoXmfl7KNWTEnCRJ2mMQt06huVNmNIJMCoLpr7p5BFShU7UmfKJzTUCEqiuorNyPSS22RVMAgzzEWqkDd5U5jIL97brWlHadVFAyMe7-ITXfsnGaRLN-5OtyYgZm&sds=2&rev=83599&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=O2WOcyy1UV7cpxphsnvhgEuDDhhm3YTlJCM9Xb5vzC5802be-Obordkr7hCu7mzvEyq1oI_5dvwKd2Mm1FW8TOr2aztc0ta9_vwYFR073A8NjLNr2siIu29bDRk80OA04lb-9UCLU2F9vEWQjfjtaoXmfl7KNWTEnCRJ2mMQt06huVNmNIJMCoLpr7p5BFShU7UmfKJzTUCEqiuorNyPSS22RVMAgzzEWqkDd5U5jIL97brWlHadVFAyMe7-ITXfsnGaRLN-5OtyYgZm&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 12:35:59 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=A8kUdCy1UV7cpxphq9XJRmcUvGlxb3xTLHR-JZ6wIdRvsFeNTTWobMSyOMpjriG3cPoQ1jh2pJg8cMsJSu5Pphqx3rlNd8DjjljWNd-DcydbgdRrB2VtjAiKzk_dN7YOzputU_DM7EU9_Hzc0rDd9zmmHq-VBEZOwXs5BbjcKDNNSoeUoAa_0S9colt8i2XdorJbqXQuIWMvZvDLqr_GmR9V1VAlrg7gHYfbbd6bVou3HKSqbdCsZGfcvP4X11bvZypI6gIRy9xrN6dH&sds=2&rev=83599&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=A8kUdCy1UV7cpxphq9XJRmcUvGlxb3xTLHR-JZ6wIdRvsFeNTTWobMSyOMpjriG3cPoQ1jh2pJg8cMsJSu5Pphqx3rlNd8DjjljWNd-DcydbgdRrB2VtjAiKzk_dN7YOzputU_DM7EU9_Hzc0rDd9zmmHq-VBEZOwXs5BbjcKDNNSoeUoAa_0S9colt8i2XdorJbqXQuIWMvZvDLqr_GmR9V1VAlrg7gHYfbbd6bVou3HKSqbdCsZGfcvP4X11bvZypI6gIRy9xrN6dH&sds=2&rev=83599&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=A8kUdCy1UV7cpxphq9XJRmcUvGlxb3xTLHR-JZ6wIdRvsFeNTTWobMSyOMpjriG3cPoQ1jh2pJg8cMsJSu5Pphqx3rlNd8DjjljWNd-DcydbgdRrB2VtjAiKzk_dN7YOzputU_DM7EU9_Hzc0rDd9zmmHq-VBEZOwXs5BbjcKDNNSoeUoAa_0S9colt8i2XdorJbqXQuIWMvZvDLqr_GmR9V1VAlrg7gHYfbbd6bVou3HKSqbdCsZGfcvP4X11bvZypI6gIRy9xrN6dH&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 12:36:00 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 30f833b25d6e5af2229d9584c6f6cf97
ee79c3fa994d53c1d0687ca61353d63cce459e25
1bc091991c4663dbc86ae735e47ddc3e887a24661050ad9f24b8d458bfd11a6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:36:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 511 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 2d19f525a42b88227bd7cba2f7c54377
6aac2935d3246e5042a7b3e197d092adbd8fc109
8275858ad2530e15930596d0fb7699a58b2b4f8874f81805a0c03d2f1ba2e25e
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 26 Nov 2022 12:36:00 GMT
date: Sat, 26 Nov 2022 12:36:00 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-whRsebMiS_ypl6TaZYuctQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=O2WOcyy1UV7cpxphsnvhgEuDDhhm3YTlJCM9Xb5vzC5802be-Obordkr7hCu7mzvEyq1oI_5dvwKd2Mm1FW8TOr2aztc0ta9_vwYFR073A8NjLNr2siIu29bDRk80OA04lb-9UCLU2F9vEWQjfjtaoXmfl7KNWTEnCRJ2mMQt06huVNmNIJMCoLpr7p5BFShU7UmfKJzTUCEqiuorNyPSS22RVMAgzzEWqkDd5U5jIL97brWlHadVFAyMe7-ITXfsnGaRLN-5OtyYgZm&sds=2&rev=83599&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=O2WOcyy1UV7cpxphsnvhgEuDDhhm3YTlJCM9Xb5vzC5802be-Obordkr7hCu7mzvEyq1oI_5dvwKd2Mm1FW8TOr2aztc0ta9_vwYFR073A8NjLNr2siIu29bDRk80OA04lb-9UCLU2F9vEWQjfjtaoXmfl7KNWTEnCRJ2mMQt06huVNmNIJMCoLpr7p5BFShU7UmfKJzTUCEqiuorNyPSS22RVMAgzzEWqkDd5U5jIL97brWlHadVFAyMe7-ITXfsnGaRLN-5OtyYgZm&sds=2&rev=83599&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=O2WOcyy1UV7cpxphsnvhgEuDDhhm3YTlJCM9Xb5vzC5802be-Obordkr7hCu7mzvEyq1oI_5dvwKd2Mm1FW8TOr2aztc0ta9_vwYFR073A8NjLNr2siIu29bDRk80OA04lb-9UCLU2F9vEWQjfjtaoXmfl7KNWTEnCRJ2mMQt06huVNmNIJMCoLpr7p5BFShU7UmfKJzTUCEqiuorNyPSS22RVMAgzzEWqkDd5U5jIL97brWlHadVFAyMe7-ITXfsnGaRLN-5OtyYgZm&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 12:36:01 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=A8kUdCy1UV7cpxphq9XJRmcUvGlxb3xTLHR-JZ6wIdRvsFeNTTWobMSyOMpjriG3cPoQ1jh2pJg8cMsJSu5Pphqx3rlNd8DjjljWNd-DcydbgdRrB2VtjAiKzk_dN7YOzputU_DM7EU9_Hzc0rDd9zmmHq-VBEZOwXs5BbjcKDNNSoeUoAa_0S9colt8i2XdorJbqXQuIWMvZvDLqr_GmR9V1VAlrg7gHYfbbd6bVou3HKSqbdCsZGfcvP4X11bvZypI6gIRy9xrN6dH&sds=2&rev=83599&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=A8kUdCy1UV7cpxphq9XJRmcUvGlxb3xTLHR-JZ6wIdRvsFeNTTWobMSyOMpjriG3cPoQ1jh2pJg8cMsJSu5Pphqx3rlNd8DjjljWNd-DcydbgdRrB2VtjAiKzk_dN7YOzputU_DM7EU9_Hzc0rDd9zmmHq-VBEZOwXs5BbjcKDNNSoeUoAa_0S9colt8i2XdorJbqXQuIWMvZvDLqr_GmR9V1VAlrg7gHYfbbd6bVou3HKSqbdCsZGfcvP4X11bvZypI6gIRy9xrN6dH&sds=2&rev=83599&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=A8kUdCy1UV7cpxphq9XJRmcUvGlxb3xTLHR-JZ6wIdRvsFeNTTWobMSyOMpjriG3cPoQ1jh2pJg8cMsJSu5Pphqx3rlNd8DjjljWNd-DcydbgdRrB2VtjAiKzk_dN7YOzputU_DM7EU9_Hzc0rDd9zmmHq-VBEZOwXs5BbjcKDNNSoeUoAa_0S9colt8i2XdorJbqXQuIWMvZvDLqr_GmR9V1VAlrg7gHYfbbd6bVou3HKSqbdCsZGfcvP4X11bvZypI6gIRy9xrN6dH&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 12:36:01 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/adchoices_en.svg
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/adchoices_en.svg
IP 178.250.0.130:0
GET /flash/icon/adchoices_en.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 12:36:00 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
etag: W/"5e42b9ee-759"
expires: Tue, 21 Nov 2023 12:36:00 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Source+Sans+Pro:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
IP 142.250.74.10:0
GET /css?family=Source+Sans+Pro:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 12:36:00 GMT
date: Sat, 26 Nov 2022 12:36:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=qEygtSPcXEEotVk8xXoJnxpbKa9NFFH4n9wz2x6frfbkKjX7yhnqop0TrClSRKcPVyf9yXpJYUK774P8VTK8feg1gK4bUbD71GCZPvNcbKoU2VJ6cx10kVu48nN8Ac-T1OuB7FnOE6VsUgi3O1xsB-bE2zMq2vq4jTHWgsHxzzB_sETWaNHMzvblnf5qnn1rfqt0e2ooZpQTDmJXawUvgYnxzFf9AiHeIuxoHWUTBDKPexi3YeETzjz79yvwXyXbr1PUBeNJZf-7e68I2Op3Emc-14m8Wd86Vvf7KkIgCvd-yQzxazpcYjGHZPFPA097Np4MiN7KW1dVeNaA-XP1x8zFw8qYeZ3xoNaXPBgsb8obEtvTPz_1e_KKtomjVSNeDl11eoR464W1oRxtfmyTOC-ZTu9I_W2Y2yetzAY0aFO6oJ_b
178.250.2.148200 OK 0 B URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=qEygtSPcXEEotVk8xXoJnxpbKa9NFFH4n9wz2x6frfbkKjX7yhnqop0TrClSRKcPVyf9yXpJYUK774P8VTK8feg1gK4bUbD71GCZPvNcbKoU2VJ6cx10kVu48nN8Ac-T1OuB7FnOE6VsUgi3O1xsB-bE2zMq2vq4jTHWgsHxzzB_sETWaNHMzvblnf5qnn1rfqt0e2ooZpQTDmJXawUvgYnxzFf9AiHeIuxoHWUTBDKPexi3YeETzjz79yvwXyXbr1PUBeNJZf-7e68I2Op3Emc-14m8Wd86Vvf7KkIgCvd-yQzxazpcYjGHZPFPA097Np4MiN7KW1dVeNaA-XP1x8zFw8qYeZ3xoNaXPBgsb8obEtvTPz_1e_KKtomjVSNeDl11eoR464W1oRxtfmyTOC-ZTu9I_W2Y2yetzAY0aFO6oJ_b
IP 178.250.2.148:0
GET /delivery/lg.php?cppv=3&cpp=qEygtSPcXEEotVk8xXoJnxpbKa9NFFH4n9wz2x6frfbkKjX7yhnqop0TrClSRKcPVyf9yXpJYUK774P8VTK8feg1gK4bUbD71GCZPvNcbKoU2VJ6cx10kVu48nN8Ac-T1OuB7FnOE6VsUgi3O1xsB-bE2zMq2vq4jTHWgsHxzzB_sETWaNHMzvblnf5qnn1rfqt0e2ooZpQTDmJXawUvgYnxzFf9AiHeIuxoHWUTBDKPexi3YeETzjz79yvwXyXbr1PUBeNJZf-7e68I2Op3Emc-14m8Wd86Vvf7KkIgCvd-yQzxazpcYjGHZPFPA097Np4MiN7KW1dVeNaA-XP1x8zFw8qYeZ3xoNaXPBgsb8obEtvTPz_1e_KKtomjVSNeDl11eoR464W1oRxtfmyTOC-ZTu9I_W2Y2yetzAY0aFO6oJ_b HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 12:35:59 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2894047
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y4IILgAOrSIKGCeBAAfYT6uLUVjWn_bWy5hp7g&u=%7Cio43ZikWei5OPq%2BqE0s8u818gR5F6CSDVpE8wCIZN10%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANVoEdisV7DxsPKeQ55vF_HfIU1nFV65u7YtQ-19TC5byWetx93rtTwtq2JesjkwKo9lIOAYlFwzrbAZkLeepDKuaqG3qbAKzMnsMCDrXD5SL_7Hkkyx8OdisYt9g2uWvXwRjJCwi_b4gA8GSsW9OBl_PEKEL8KvBdvAkmxOGSxFGXxkM8PsUfH5YLtxefPa1DeqqsU_v0VB7xT7uOkU_Hyd-4sCajqGdroJyvH6cF7DbhHicb2HOjs7C50LSNFxx0i7PRblTDmjTAoqM4yE4tx0HIRbdtXHNkziUG_12Ky1a5rtPx6BjLl96Gl2ofVyxZlGo8kTUAtXY21y75tdLnX-I7_-f1NHLt35PfIMaVinCnbR8JQjhhfM90-HsUrlcXUGGfGLtd8xouazw_P1cELIHfAuBUfi4veo5KwabprFQLsTEePwz4GzIG7aw3nlZqoS_sb68z9yB7p2wzkA22fr2oc4SgncCZi1TAvJc__ilS2Mja7mrMdWkz5XyTbb88m-3cTdmpFdM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUI1nLgiCY6LaOoHPYM-wn8gGyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi04MTE2MDg1NTYzOTQzMDY5yAEJqQL9XeJ6n3CxPqgDAaoE5gFP0IuTuTU8tSqXD8Ajezc1zHUksn1_tl3TEwmfcBFjEv6GwQnenfKGrtLPO4CxFvUsN5hQCGUyaSXCxk2K6lCH1uqCehKCPu8p8u1n19pmlIcHfCIH3Ze2Wd2J2Dg6g-2HeJPFKF7m5hE9rb1Ig3oYpAx1xRekaOWEy9_vp34azNHLQLToAEcdQLV1AJMrg8DhoxP9XMMAmq-sp-7FTQnjOmfTMV5NfXXT_hV3UYxs3v-cnsQiRwCDCnAtHE8xMrkdHEyevatZdRj7oKjA0a7PusTB85RQmbOMLdYqk_nTaPISLf-7IIAG65Gf2cf9v4LSAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Zo_RVwx3kF8NiHxChqZ4yDQzK7g%26client%3Dca-pub-8116085563943069%26adurl%3D
178.250.2.65200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y4IILgAOrSIKGCeBAAfYT6uLUVjWn_bWy5hp7g&u=%7Cio43ZikWei5OPq%2BqE0s8u818gR5F6CSDVpE8wCIZN10%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANVoEdisV7DxsPKeQ55vF_HfIU1nFV65u7YtQ-19TC5byWetx93rtTwtq2JesjkwKo9lIOAYlFwzrbAZkLeepDKuaqG3qbAKzMnsMCDrXD5SL_7Hkkyx8OdisYt9g2uWvXwRjJCwi_b4gA8GSsW9OBl_PEKEL8KvBdvAkmxOGSxFGXxkM8PsUfH5YLtxefPa1DeqqsU_v0VB7xT7uOkU_Hyd-4sCajqGdroJyvH6cF7DbhHicb2HOjs7C50LSNFxx0i7PRblTDmjTAoqM4yE4tx0HIRbdtXHNkziUG_12Ky1a5rtPx6BjLl96Gl2ofVyxZlGo8kTUAtXY21y75tdLnX-I7_-f1NHLt35PfIMaVinCnbR8JQjhhfM90-HsUrlcXUGGfGLtd8xouazw_P1cELIHfAuBUfi4veo5KwabprFQLsTEePwz4GzIG7aw3nlZqoS_sb68z9yB7p2wzkA22fr2oc4SgncCZi1TAvJc__ilS2Mja7mrMdWkz5XyTbb88m-3cTdmpFdM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUI1nLgiCY6LaOoHPYM-wn8gGyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi04MTE2MDg1NTYzOTQzMDY5yAEJqQL9XeJ6n3CxPqgDAaoE5gFP0IuTuTU8tSqXD8Ajezc1zHUksn1_tl3TEwmfcBFjEv6GwQnenfKGrtLPO4CxFvUsN5hQCGUyaSXCxk2K6lCH1uqCehKCPu8p8u1n19pmlIcHfCIH3Ze2Wd2J2Dg6g-2HeJPFKF7m5hE9rb1Ig3oYpAx1xRekaOWEy9_vp34azNHLQLToAEcdQLV1AJMrg8DhoxP9XMMAmq-sp-7FTQnjOmfTMV5NfXXT_hV3UYxs3v-cnsQiRwCDCnAtHE8xMrkdHEyevatZdRj7oKjA0a7PusTB85RQmbOMLdYqk_nTaPISLf-7IIAG65Gf2cf9v4LSAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Zo_RVwx3kF8NiHxChqZ4yDQzK7g%26client%3Dca-pub-8116085563943069%26adurl%3D
IP 178.250.2.65:0
GET /delivery/r/afr.php?z=Y4IILgAOrSIKGCeBAAfYT6uLUVjWn_bWy5hp7g&u=%7Cio43ZikWei5OPq%2BqE0s8u818gR5F6CSDVpE8wCIZN10%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANVoEdisV7DxsPKeQ55vF_HfIU1nFV65u7YtQ-19TC5byWetx93rtTwtq2JesjkwKo9lIOAYlFwzrbAZkLeepDKuaqG3qbAKzMnsMCDrXD5SL_7Hkkyx8OdisYt9g2uWvXwRjJCwi_b4gA8GSsW9OBl_PEKEL8KvBdvAkmxOGSxFGXxkM8PsUfH5YLtxefPa1DeqqsU_v0VB7xT7uOkU_Hyd-4sCajqGdroJyvH6cF7DbhHicb2HOjs7C50LSNFxx0i7PRblTDmjTAoqM4yE4tx0HIRbdtXHNkziUG_12Ky1a5rtPx6BjLl96Gl2ofVyxZlGo8kTUAtXY21y75tdLnX-I7_-f1NHLt35PfIMaVinCnbR8JQjhhfM90-HsUrlcXUGGfGLtd8xouazw_P1cELIHfAuBUfi4veo5KwabprFQLsTEePwz4GzIG7aw3nlZqoS_sb68z9yB7p2wzkA22fr2oc4SgncCZi1TAvJc__ilS2Mja7mrMdWkz5XyTbb88m-3cTdmpFdM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUI1nLgiCY6LaOoHPYM-wn8gGyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi04MTE2MDg1NTYzOTQzMDY5yAEJqQL9XeJ6n3CxPqgDAaoE5gFP0IuTuTU8tSqXD8Ajezc1zHUksn1_tl3TEwmfcBFjEv6GwQnenfKGrtLPO4CxFvUsN5hQCGUyaSXCxk2K6lCH1uqCehKCPu8p8u1n19pmlIcHfCIH3Ze2Wd2J2Dg6g-2HeJPFKF7m5hE9rb1Ig3oYpAx1xRekaOWEy9_vp34azNHLQLToAEcdQLV1AJMrg8DhoxP9XMMAmq-sp-7FTQnjOmfTMV5NfXXT_hV3UYxs3v-cnsQiRwCDCnAtHE8xMrkdHEyevatZdRj7oKjA0a7PusTB85RQmbOMLdYqk_nTaPISLf-7IIAG65Gf2cf9v4LSAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Zo_RVwx3kF8NiHxChqZ4yDQzK7g%26client%3Dca-pub-8116085563943069%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 12:35:59 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=O2WOcyy1UV7cpxphsnvhgEuDDhhm3YTlJCM9Xb5vzC5802be-Obordkr7hCu7mzvEyq1oI_5dvwKd2Mm1FW8TOr2aztc0ta9_vwYFR073A8NjLNr2siIu29bDRk80OA04lb-9UCLU2F9vEWQjfjtaoXmfl7KNWTEnCRJ2mMQt06huVNmNIJMCoLpr7p5BFShU7UmfKJzTUCEqiuorNyPSS22RVMAgzzEWqkDd5U5jIL97brWlHadVFAyMe7-ITXfsnGaRLN-5OtyYgZm"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 41997665
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=cRmnM993wCs3txwqPiSRw8TATw549Pzs80vGeUqFXzVhjui69pSay-Jsj-QZbFWkKJX8h7CLk2li09Cj_ZPLuLPNB7q79MxcHmARvCYzPBu7ovHiqro2CPETbvkNflIEQAiMcrGwqtxq-sbl5uwXmHw9qgKUTt3fRj2Skj1s3mwQ0vuaooiHPJ6AaviGNeVqJqPpNq3UddsKhTGmVpLRbG05dMYhvNUoS7A2qlxgpmh0f9R-QqwSSS6ar7Zamc0bUXbPoLPNPxHEJyNxpQ-h9g04mm1dLVTAr1sPXAwJc2iStKn8qtpE4mi2DogpNL9QvlIrZne2uiOvujD-mdgRDePTTsbtiw_fEl_aTOGbCpgWO0sQKP6yuOjI-aQoZBR2qGJAc3eauJ3c8lOTEAoLBd1fLDQhut3FETdE-K4A92TIq8fp
178.250.2.148200 OK 0 B URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=cRmnM993wCs3txwqPiSRw8TATw549Pzs80vGeUqFXzVhjui69pSay-Jsj-QZbFWkKJX8h7CLk2li09Cj_ZPLuLPNB7q79MxcHmARvCYzPBu7ovHiqro2CPETbvkNflIEQAiMcrGwqtxq-sbl5uwXmHw9qgKUTt3fRj2Skj1s3mwQ0vuaooiHPJ6AaviGNeVqJqPpNq3UddsKhTGmVpLRbG05dMYhvNUoS7A2qlxgpmh0f9R-QqwSSS6ar7Zamc0bUXbPoLPNPxHEJyNxpQ-h9g04mm1dLVTAr1sPXAwJc2iStKn8qtpE4mi2DogpNL9QvlIrZne2uiOvujD-mdgRDePTTsbtiw_fEl_aTOGbCpgWO0sQKP6yuOjI-aQoZBR2qGJAc3eauJ3c8lOTEAoLBd1fLDQhut3FETdE-K4A92TIq8fp
IP 178.250.2.148:0
GET /delivery/lg.php?cppv=3&cpp=cRmnM993wCs3txwqPiSRw8TATw549Pzs80vGeUqFXzVhjui69pSay-Jsj-QZbFWkKJX8h7CLk2li09Cj_ZPLuLPNB7q79MxcHmARvCYzPBu7ovHiqro2CPETbvkNflIEQAiMcrGwqtxq-sbl5uwXmHw9qgKUTt3fRj2Skj1s3mwQ0vuaooiHPJ6AaviGNeVqJqPpNq3UddsKhTGmVpLRbG05dMYhvNUoS7A2qlxgpmh0f9R-QqwSSS6ar7Zamc0bUXbPoLPNPxHEJyNxpQ-h9g04mm1dLVTAr1sPXAwJc2iStKn8qtpE4mi2DogpNL9QvlIrZne2uiOvujD-mdgRDePTTsbtiw_fEl_aTOGbCpgWO0sQKP6yuOjI-aQoZBR2qGJAc3eauJ3c8lOTEAoLBd1fLDQhut3FETdE-K4A92TIq8fp HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 12:35:59 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3395275
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2