best-proxylist.blogspot.mx/2012_06_28_archive.html
142.250.74.161302 Moved Temporarily 202 B URL HTTP/1.1 best-proxylist.blogspot.mx/2012_06_28_archive.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash c7f6c94e971d8443114d7510902233e7
305c9e2d79ecec792296031c41cf93a505e8fd86
3e92d1afc1a10684fa1c3204dc635e83fcb7578b6c523b9edaed8a9257cc47ae
Analyzer Verdict Alert fortinet Malware
GET /2012_06_28_archive.html HTTP/1.1
Host: best-proxylist.blogspot.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://best-proxylist.blogspot.com/2012_06_28_archive.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Thu, 08 Dec 2022 22:57:33 GMT
Expires: Thu, 08 Dec 2022 22:57:33 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 202
Server: GSE
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10820
Expires: Fri, 09 Dec 2022 01:57:53 GMT
Date: Thu, 08 Dec 2022 22:57:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8894
Expires: Fri, 09 Dec 2022 01:25:47 GMT
Date: Thu, 08 Dec 2022 22:57:33 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 22:08:15 GMT
content-type: application/json
age: 2958
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c3470f9f0a4df8c1496b577fa9435ff6
f83b0226bb57ed0f3e1acdad61b940414add135d
f542579e3a3577a646babde862282c2afda6ed784360a915143216100f7a3d91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F542579E3A3577A646BABDE862282C2AFDA6ED784360A915143216100F7A3D91"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3060
Expires: Thu, 08 Dec 2022 23:48:33 GMT
Date: Thu, 08 Dec 2022 22:57:33 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZQupyCZPUuGm3jLetoUk/bo3WBIh6fxrq0DtCLiq5auc5wBrZ6NFDogefFhY7yejr52G2bf9wRE=
x-amz-request-id: MRBGD8B7DS00EV0Q
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 22:48:05 GMT
age: 568
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 22:57:33 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 22:07:58 GMT
age: 2976
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5686
Cache-Control: max-age=128644
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:34 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:41:38 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.213.140.56101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.140.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ebMxhWecxaYq+qbqFts3CQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TD3fzXHp5YN7v5dYcO5KEO99FY8=
pagead2.googlesyndication.com/pagead/show_ads.js
172.217.21.162200 OK 36 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/show_ads.js
IP 172.217.21.162:0
File type ASCII text, with very long lines (3577)
Hash 145e0c557b19c7b19fed04f5743ff0b2
44340bf90683f4b32286128b7257128030ca31d4
645521def87e44c60d47a589aabe36b99eba79cab6ffe303d06bee4dd5fb8d1a
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Thu, 08 Dec 2022 22:57:35 GMT
Expires: Thu, 08 Dec 2022 22:57:35 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 2290538710640704181
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 36184
X-XSS-Protection: 0
best-proxylist.blogspot.com/2012_06_28_archive.html
142.250.74.161200 OK 38 kB URL HTTP/1.1 best-proxylist.blogspot.com/2012_06_28_archive.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5118)
Hash 4008d1694fa019766c4a72915713cf0a
e7ec6d21e2377209cdf4e8b76f0808e78416bc88
9561094ee11cbe26df75f9ea3aeffb34803f04d09a76f01f4b1a5e24b279234d
Analyzer Verdict Alert fortinet Malware
GET /2012_06_28_archive.html HTTP/1.1
Host: best-proxylist.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Thu, 08 Dec 2022 22:57:34 GMT
Date: Thu, 08 Dec 2022 22:57:34 GMT
Cache-Control: private, max-age=0
Last-Modified: Sun, 27 Nov 2022 11:12:58 GMT
ETag: W/"3f55650ad5de9d30b77f25c2af989863e35e69749f6ded0381b079aec994b9d1"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 37658
Server: GSE
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 4b1c4d797d1d2fef94993a69a7cb423a
d4d0f3b2eccd29dddef0f1ec51309de97c6c05a4
d2f98268392005d93b5bce9c019c360400b09ac369fc8e8cbc1edba7ed6d929d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 4b1c4d797d1d2fef94993a69a7cb423a
d4d0f3b2eccd29dddef0f1ec51309de97c6c05a4
d2f98268392005d93b5bce9c019c360400b09ac369fc8e8cbc1edba7ed6d929d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
resources.blogblog.com/img/icon18_email.gif
142.250.74.41200 OK 164 B URL HTTP/2 resources.blogblog.com/img/icon18_email.gif
IP 142.250.74.41:0
File type GIF image data, version 89a, 18 x 13\012- data
Hash 36b9f993db1b953f3b9b08040aaf9af4
18248661b307586dc291fd2dff4bb59cf7579475
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
GET /img/icon18_email.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 14:19:21 GMT
expires: Tue, 13 Dec 2022 14:19:21 GMT
cache-control: public, max-age=604800
last-modified: Tue, 06 Dec 2022 07:54:23 GMT
content-type: image/gif
age: 203894
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
142.250.74.41200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 142.250.74.41:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 14:01:43 GMT
expires: Wed, 06 Dec 2023 14:01:43 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 19:52:21 GMT
content-type: text/css
age: 204952
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
best-proxylist.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 best-proxylist.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: best-proxylist.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/2012_06_28_archive.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 05:25:41 GMT
Expires: Thu, 15 Dec 2022 05:25:41 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 07 Dec 2022 20:54:14 GMT
Content-Type: text/javascript
Age: 63114
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 88340a984105f6537a74a5198a569c8a
eca386f9fafa3be5aae2696dca30406bace829b4
2da3703b37eb2327164cbbe9f8e267e8daa93328692fb381c62e095bab37275c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/3222695235-widgets.js
142.250.74.41200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/3222695235-widgets.js
IP 142.250.74.41:0
File type ASCII text, with very long lines (2221)
Hash 9f2f688aec73940034a0266a2a6266da
af9875c8064027204827b311250191c87e55366e
a78a0cfbae13cfc525657e31c2033d5c0281c5fbec2cf3e493ff75a7e097a02a
GET /static/v1/widgets/3222695235-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56718
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 02:14:06 GMT
expires: Thu, 07 Dec 2023 02:14:06 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Dec 2022 00:52:16 GMT
content-type: text/javascript
age: 161009
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 4b1c4d797d1d2fef94993a69a7cb423a
d4d0f3b2eccd29dddef0f1ec51309de97c6c05a4
d2f98268392005d93b5bce9c019c360400b09ac369fc8e8cbc1edba7ed6d929d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 441b529e2ca0056bb63de39cc6799309
a04959efdd659a6f23c253a2fe72fca75831da45
b8f306586f1ad4c1ce7fb8486ae25638e5ec06304af8bdf6f0022af290246b02
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
172.217.21.162200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 172.217.21.162:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 14:48:45 GMT
Expires: Thu, 22 Dec 2022 14:48:45 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Age: 29330
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
142.250.74.46200 OK 58 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP 142.250.74.46:0
File type ASCII text, with very long lines (580)
Hash 813b15c3004464f6bd39fd0773b04757
bd2218fe1e647f61132aad70d29cd91fd0416f26
446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 17:26:49 GMT
expires: Thu, 07 Dec 2023 17:26:49 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
age: 106246
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash a938af990a97b9856e1174d11c72cbf7
b57716fd0ea9a1e9e0a0595ff593f939560c0abf
6ab769333b231097d077edfbc1c3fc9560de5ae9bfeb5b8360dea8b7fadbcb44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/dyn-css/authorization.css?targetBlogID=8405251274239367815&zx=837cd1a2-9d60-44f6-8060-e287125b51be
142.250.74.41200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=8405251274239367815&zx=837cd1a2-9d60-44f6-8060-e287125b51be
IP 142.250.74.41:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=8405251274239367815&zx=837cd1a2-9d60-44f6-8060-e287125b51be HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 08 Dec 2022 22:57:35 GMT
last-modified: Thu, 08 Dec 2022 22:57:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_with_ama_fy2021.js?client=pub-8116085563943069&plah=best-proxylist.blogspot.com&bust=31071078
172.217.21.162200 OK 120 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_with_ama_fy2021.js?client=pub-8116085563943069&plah=best-proxylist.blogspot.com&bust=31071078
IP 172.217.21.162:0
File type ASCII text, with very long lines (5918)
Size 120 kB (119783 bytes)
Hash 61db5ff42f6721b91d490089acf7ae77
84edda877303313a72d13e9be115f277943b9c88
717cf5d28c6da3d2b715632a81808f3ca0f1fc3a99e066d1db8860b9b63c714c
GET /pagead/managed/js/adsense/m202211300101/show_ads_impl_with_ama_fy2021.js?client=pub-8116085563943069&plah=best-proxylist.blogspot.com&bust=31071078 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 08 Dec 2022 22:57:35 GMT
expires: Thu, 08 Dec 2022 22:57:35 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 9432042334482819100
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 119783
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/ga.js
142.250.74.14200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Thu, 08 Dec 2022 22:32:54 GMT
Expires: Fri, 09 Dec 2022 00:32:54 GMT
Cache-Control: public, max-age=7200
Age: 1481
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7164
Expires: Fri, 09 Dec 2022 00:56:59 GMT
Date: Thu, 08 Dec 2022 22:57:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7164
Expires: Fri, 09 Dec 2022 00:56:59 GMT
Date: Thu, 08 Dec 2022 22:57:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7164
Expires: Fri, 09 Dec 2022 00:56:59 GMT
Date: Thu, 08 Dec 2022 22:57:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7164
Expires: Fri, 09 Dec 2022 00:56:59 GMT
Date: Thu, 08 Dec 2022 22:57:35 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: N-zFZ8yeL7RrOZ5xfqvfBaE3zcXWecvr6Jd-93nKiUZlCXp2n2_Bgw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 03:42:37 GMT
age: 69298
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7164
Expires: Fri, 09 Dec 2022 00:56:59 GMT
Date: Thu, 08 Dec 2022 22:57:35 GMT
Connection: keep-alive
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1272333916&utmhn=best-proxylist.blogspot.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Anonymizer%20%7C%20Proxy%20List%20%7C%20Free%20HTTPS%3A%2028%20%D0%B8%D1%8E%D0%BD.%202012%20%D0%B3.&utmhid=1175738646&utmr=-&utmp=%2F2012_06_28_archive.html&utmht=1670540254995&utmac=UA-915775-25&utmcc=__utma%3D48685877.2008604825.1670540255.1670540255.1670540255.1%3B%2B__utmz%3D48685877.1670540255.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1979248972&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
142.250.74.14200 OK 35 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1272333916&utmhn=best-proxylist.blogspot.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Anonymizer%20%7C%20Proxy%20List%20%7C%20Free%20HTTPS%3A%2028%20%D0%B8%D1%8E%D0%BD.%202012%20%D0%B3.&utmhid=1175738646&utmr=-&utmp=%2F2012_06_28_archive.html&utmht=1670540254995&utmac=UA-915775-25&utmcc=__utma%3D48685877.2008604825.1670540255.1670540255.1670540255.1%3B%2B__utmz%3D48685877.1670540255.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1979248972&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1272333916&utmhn=best-proxylist.blogspot.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Anonymizer%20%7C%20Proxy%20List%20%7C%20Free%20HTTPS%3A%2028%20%D0%B8%D1%8E%D0%BD.%202012%20%D0%B3.&utmhid=1175738646&utmr=-&utmp=%2F2012_06_28_archive.html&utmht=1670540254995&utmac=UA-915775-25&utmcc=__utma%3D48685877.2008604825.1670540255.1670540255.1670540255.1%3B%2B__utmz%3D48685877.1670540255.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1979248972&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Thu, 08 Dec 2022 22:57:35 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F042317d8-45b6-4c5f-8767-ff9367c24193.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F042317d8-45b6-4c5f-8767-ff9367c24193.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 46275ec87d8221804dbb99f95b035131
c47af4e5770daad212f4290527b00321285105f8
2118ec68c738683d8f7e11b95239ca92fda2b9b5054aa7b128267eec0d0634c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F042317d8-45b6-4c5f-8767-ff9367c24193.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8803
x-amzn-requestid: e8516be3-5ce9-4f15-b522-c81c1e57a0e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjtK9GavoAMFjpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af579-538cc8f300938698004f2241;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:06:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MiOdXHxd9Vmeji8Yqd8LG_EqYoMGf0YBy6by9bhfjb12y1OxKVvvqw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 12:36:28 GMT
age: 37267
etag: "c47af4e5770daad212f4290527b00321285105f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 400d1465-ecbf-4d95-8aa8-4dce5dca0716
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctluwGo4oAMFhTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee991-6dba29ae7065d5347a1a420d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Lazl-stakC-31gMuQ2WzH9uFkIb0g7HaaM3xkwSFdFJMWKTaKqrBEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 12:33:10 GMT
age: 37465
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fa81aa5-4138-458e-9bd7-de9d6211763c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fa81aa5-4138-458e-9bd7-de9d6211763c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8d1605154a552a8c3165c1358ea2e185
2e677da1f57c112d984180ead80481e8797ff2e8
12b075ad3e786dc68ab3fab1e4ce9d6f7810bdebc7bdafd993e19bc5bc7c0abc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fa81aa5-4138-458e-9bd7-de9d6211763c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11027
x-amzn-requestid: e0d56100-13aa-44e5-ae80-bedfeece87db
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwV19EUOIAMFjcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900359-5a5402381d61db921a00404d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:07:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7ET6kgGgWAKa4_CFCgSwnN8m7FnplxP7zOp8lEyodxn5lmlIIHD4vQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 04:37:30 GMT
age: 66005
etag: "2e677da1f57c112d984180ead80481e8797ff2e8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash a0905812e8498e6c5c0a9b4b584b972f
039b784fd1e0152ec7f49a54ba027f0b2bd1e833
ee3531ef0f334dcd73a86b1e4365a020d5db69ff7b82bad136eaf1a8e9d3b47f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 730ba1a8edb79ba6f83b46d1ba5aed7b
55a236fedf6f5f7ca2bb88ae13e20846a50fd36d
f8043e76265c59073d111987fd4c08d05a3ac80989af9269cca9ebcc21af4013
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12748
x-amzn-requestid: edd028e3-c23e-4985-b12d-d3ebe760df47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjuciEptIAMFj9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af783-1c151eb66f590c9c0e0c4c82;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:15:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -y4-_OwHl5_OFykJYYZSqwIopjKoYy1MhaGTpVXd4Grq2EsUP2c3IA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 13:49:59 GMT
age: 32856
etag: "55a236fedf6f5f7ca2bb88ae13e20846a50fd36d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8ff35a0-24dc-4158-b67e-a5f03f5a9022.jpeg
34.120.237.76200 OK 1.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8ff35a0-24dc-4158-b67e-a5f03f5a9022.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4f6cfc43170be4dd0264f2b0b6bcc329
9ad22ea868f3b72832243fd11315c68117c7542b
f5cc67d46241c2f5aebc2515bf8828889f8ceda8112b78cdf925a260b82fd833
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8ff35a0-24dc-4158-b67e-a5f03f5a9022.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 1584
x-amzn-requestid: 7743c8a6-118c-4c69-b833-a9e2f5561a54
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw5VEGV8IAMFcOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903c20-41fdf6d004b388f51fa70833;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:09:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: whmRQYshKD6d2Pz3Z0ZCCFr_MEPR1rEek7nVZqf5XeiWpt1LIcjvBQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 07:34:55 GMT
age: 55360
etag: "9ad22ea868f3b72832243fd11315c68117c7542b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 18cc322e73c8b494d8f43b0922588f04
e328ef83b8b4735aa93cd68ab1eb850f16c10c81
4f8f8fa8fd32fb03501eedd8474a922a448744d0464844314923ba1672c995bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=best-proxylist.blogspot.com
216.58.207.194200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=best-proxylist.blogspot.com
IP 216.58.207.194:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=best-proxylist.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 08 Dec 2022 22:57:35 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=best-proxylist.blogspot.com&callback=_gfp_s_&client=ca-pub-8116085563943069&gpid_exp=1
216.58.207.226200 OK 255 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=best-proxylist.blogspot.com&callback=_gfp_s_&client=ca-pub-8116085563943069&gpid_exp=1
IP 216.58.207.226:0
File type ASCII text, with very long lines (391), with no line terminators
Hash 211b550ded05e26ac4368d6e3cf6efe7
cf773669e02df8c3656284ace4af1eb9cb1001e6
182d5464b7e7b77e3a3682c5d4a4796888c2e8dfc06b434bf5cc15074128fe77
GET /gampad/cookie.js?domain=best-proxylist.blogspot.com&callback=_gfp_s_&client=ca-pub-8116085563943069&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 08 Dec 2022 22:57:35 GMT
server: cafe
cache-control: private
content-length: 255
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=best-proxylist.blogspot.com
142.250.74.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=best-proxylist.blogspot.com
IP 142.250.74.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=best-proxylist.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 08 Dec 2022 22:57:35 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 18cc322e73c8b494d8f43b0922588f04
e328ef83b8b4735aa93cd68ab1eb850f16c10c81
4f8f8fa8fd32fb03501eedd8474a922a448744d0464844314923ba1672c995bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash a0905812e8498e6c5c0a9b4b584b972f
039b784fd1e0152ec7f49a54ba027f0b2bd1e833
ee3531ef0f334dcd73a86b1e4365a020d5db69ff7b82bad136eaf1a8e9d3b47f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 48487c86e61361cb1055f9ab315d3b4e
8bb6ce1c9bbd0315b9bf8173ba6d2c21f2c120ef
9899e720c3cf6f0b777190c161de072637351830d45236355ae08db668a98eba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 07a86cf9d9c8389ebd9c52303c83b27f
fd3524d701bdf111c541b6fc9e038bffcc3b5d6c
de08c944b2cb2671078e452d870757622e286f7214d736ab2c1b1d1c2ab8dcfb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=best-proxylist.blogspot.com
142.250.74.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=best-proxylist.blogspot.com
IP 142.250.74.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=best-proxylist.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 08 Dec 2022 22:57:35 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8116085563943069&output=html&h=90&adk=173538299&adf=1374884920&w=728&lmt=1669547578&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=336699&color_text=333333&color_url=999999&url=http%3A%2F%2Fbest-proxylist.blogspot.com%2F2012_06_28_archive.html&host=pub-1556223355139109&h_ch=00000&wgl=1&dt=1670540254544&bpp=31&bdt=235&idt=388&shv=r20221130&mjsv=m202211300101&ptt=5&saldr=sa&abxe=1&correlator=6329340524386&frm=20&pv=2&ga_vid=2008604825.1670540255&ga_sid=1670540255&ga_hid=1175738646&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=39&ady=144&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071078%2C44779957%2C44769662&oid=2&pvsid=1038746685972495&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&cms=1&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=tgn335jDex&p=http%3A//best-proxylist.blogspot.com&dtd=567
142.250.74.34200 OK 9.5 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8116085563943069&output=html&h=90&adk=173538299&adf=1374884920&w=728&lmt=1669547578&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=336699&color_text=333333&color_url=999999&url=http%3A%2F%2Fbest-proxylist.blogspot.com%2F2012_06_28_archive.html&host=pub-1556223355139109&h_ch=00000&wgl=1&dt=1670540254544&bpp=31&bdt=235&idt=388&shv=r20221130&mjsv=m202211300101&ptt=5&saldr=sa&abxe=1&correlator=6329340524386&frm=20&pv=2&ga_vid=2008604825.1670540255&ga_sid=1670540255&ga_hid=1175738646&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=39&ady=144&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071078%2C44779957%2C44769662&oid=2&pvsid=1038746685972495&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&cms=1&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=tgn335jDex&p=http%3A//best-proxylist.blogspot.com&dtd=567
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (21401), with no line terminators
Hash 94eae9481f064731fa7eb9521b234958
1a2dd084a9a3375ecd1890c5056afec09a2ef79a
9c953d902ef1bae4e2faf26b4a05423621e735d7345611ceee41e0af804eda25
GET /pagead/ads?client=ca-pub-8116085563943069&output=html&h=90&adk=173538299&adf=1374884920&w=728&lmt=1669547578&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=336699&color_text=333333&color_url=999999&url=http%3A%2F%2Fbest-proxylist.blogspot.com%2F2012_06_28_archive.html&host=pub-1556223355139109&h_ch=00000&wgl=1&dt=1670540254544&bpp=31&bdt=235&idt=388&shv=r20221130&mjsv=m202211300101&ptt=5&saldr=sa&abxe=1&correlator=6329340524386&frm=20&pv=2&ga_vid=2008604825.1670540255&ga_sid=1670540255&ga_hid=1175738646&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=39&ady=144&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071078%2C44779957%2C44769662&oid=2&pvsid=1038746685972495&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&cms=1&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=tgn335jDex&p=http%3A//best-proxylist.blogspot.com&dtd=567 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 08 Dec 2022 22:57:36 GMT
server: cafe
content-length: 9450
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 08-Dec-2022 23:12:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 08 Dec 2022 22:57:36 GMT
cache-control: private
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8116085563943069&output=html&h=600&adk=2676577121&adf=3745148778&w=160&lmt=1669547578&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=336699&color_text=333333&color_url=336699&url=http%3A%2F%2Fbest-proxylist.blogspot.com%2F2012_06_28_archive.html&host=pub-1556223355139109&h_ch=00000&alternate_ad_url=http%3A%2F%2Fwww.blogger.com%2Fimg%2Fblogger_ad160x600.html&wgl=1&dt=1670540254832&bpp=9&bdt=522&idt=344&shv=r20221130&mjsv=m202211300101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=6329340524386&pv_h_ch=00000&frm=20&pv=1&ga_vid=2008604825.1670540255&ga_sid=1670540255&ga_hid=1175738646&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=882&ady=144&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071078%2C44779957%2C44769662&oid=2&pvsid=1038746685972495&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=qqqzJnJxde&p=http%3A//best-proxylist.blogspot.com&dtd=412
142.250.74.34200 OK 9.5 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8116085563943069&output=html&h=600&adk=2676577121&adf=3745148778&w=160&lmt=1669547578&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=336699&color_text=333333&color_url=336699&url=http%3A%2F%2Fbest-proxylist.blogspot.com%2F2012_06_28_archive.html&host=pub-1556223355139109&h_ch=00000&alternate_ad_url=http%3A%2F%2Fwww.blogger.com%2Fimg%2Fblogger_ad160x600.html&wgl=1&dt=1670540254832&bpp=9&bdt=522&idt=344&shv=r20221130&mjsv=m202211300101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=6329340524386&pv_h_ch=00000&frm=20&pv=1&ga_vid=2008604825.1670540255&ga_sid=1670540255&ga_hid=1175738646&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=882&ady=144&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071078%2C44779957%2C44769662&oid=2&pvsid=1038746685972495&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=qqqzJnJxde&p=http%3A//best-proxylist.blogspot.com&dtd=412
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (21419), with no line terminators
Hash 91a32836593e4a5e79c50a46c765194d
adf38b58901e1768a844ca0fabd46ca836c2b5d5
ea7d66aa05d5cf10994738785b0161af179549208314f1124ad09b9b92a66562
GET /pagead/ads?client=ca-pub-8116085563943069&output=html&h=600&adk=2676577121&adf=3745148778&w=160&lmt=1669547578&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=336699&color_text=333333&color_url=336699&url=http%3A%2F%2Fbest-proxylist.blogspot.com%2F2012_06_28_archive.html&host=pub-1556223355139109&h_ch=00000&alternate_ad_url=http%3A%2F%2Fwww.blogger.com%2Fimg%2Fblogger_ad160x600.html&wgl=1&dt=1670540254832&bpp=9&bdt=522&idt=344&shv=r20221130&mjsv=m202211300101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=6329340524386&pv_h_ch=00000&frm=20&pv=1&ga_vid=2008604825.1670540255&ga_sid=1670540255&ga_hid=1175738646&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=882&ady=144&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071078%2C44779957%2C44769662&oid=2&pvsid=1038746685972495&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=qqqzJnJxde&p=http%3A//best-proxylist.blogspot.com&dtd=412 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 08 Dec 2022 22:57:36 GMT
server: cafe
content-length: 9460
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 08-Dec-2022 23:12:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 08 Dec 2022 22:57:36 GMT
cache-control: private
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 07a86cf9d9c8389ebd9c52303c83b27f
fd3524d701bdf111c541b6fc9e038bffcc3b5d6c
de08c944b2cb2671078e452d870757622e286f7214d736ab2c1b1d1c2ab8dcfb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash cd459fc7e8633ad842eace59db652f5a
a2723a4cae2f7910e832490e588db1af285c8bd7
380d84de92bfa406214d8aa5d146fe7b944e99c913e0d8c9dd03283a07992a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 090c0d90762a09ad645f2c83d39d1678
703e7261f071d6ab7c85a28b78b8372ebb46d154
158e9b3ad4f84a9e4c47fea31495a9e6b5c024f2a3019f9766c78b1cd6b4d183
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 090c0d90762a09ad645f2c83d39d1678
703e7261f071d6ab7c85a28b78b8372ebb46d154
158e9b3ad4f84a9e4c47fea31495a9e6b5c024f2a3019f9766c78b1cd6b4d183
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js
216.58.211.1200 OK 1.2 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1054)
Hash 169edf919beed1ee17c8a752ef12132e
b7fbae15ed7789984ee59618845b914aae37bf3e
2bcf9aebfd80a2558d54f39de59542c3df52610616fb2e4380d9f3d976cc13fc
GET /pagead/js/r20221206/r20110914/client/window_focus_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1236
x-xss-protection: 0
date: Thu, 08 Dec 2022 18:31:16 GMT
expires: Thu, 22 Dec 2022 18:31:16 GMT
cache-control: public, max-age=1209600
age: 15980
etag: 15004572836499977866
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js
216.58.211.1200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1542)
Hash 6f59900fa87e133bae329372aebefe36
260937d2934233c07b112f3564ec9eca7b529fd7
156c12ec7d6973b5742504716567b70740dd66bee9cc0e1a1608df56e77011fd
GET /pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7480
x-xss-protection: 0
date: Thu, 08 Dec 2022 18:31:16 GMT
expires: Thu, 22 Dec 2022 18:31:16 GMT
cache-control: public, max-age=1209600
age: 15980
etag: 15631949847000551034
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 090c0d90762a09ad645f2c83d39d1678
703e7261f071d6ab7c85a28b78b8372ebb46d154
158e9b3ad4f84a9e4c47fea31495a9e6b5c024f2a3019f9766c78b1cd6b4d183
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
best-proxylist.blogspot.com/favicon.ico
142.250.74.161200 OK 412 B URL HTTP/1.1 best-proxylist.blogspot.com/favicon.ico
IP 142.250.74.161:0
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: best-proxylist.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/2012_06_28_archive.html
Cookie: __utma=48685877.2008604825.1670540255.1670540255.1670540255.1; __utmb=48685877.1.10.1670540255; __utmc=48685877; __utmz=48685877.1670540255.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Content-Type: image/x-icon
Expires: Thu, 08 Dec 2022 22:57:36 GMT
Date: Thu, 08 Dec 2022 22:57:36 GMT
Cache-Control: private, max-age=86400
Last-Modified: Sun, 27 Nov 2022 11:12:58 GMT
ETag: W/"3f55650ad5de9d30b77f25c2af989863e35e69749f6ded0381b079aec994b9d1"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash b991a259d1f5ed59f771c6717d37d319
3d27e198a13a8b503653a55c7dff4502fde93b4f
943d09ffc57eaa5f8786fe4877c949ab50ba5fb001ca4901a05d5eab57536716
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3111
Cache-Control: max-age=90455
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:36 GMT
Etag: "63911e10-139"
Expires: Sat, 10 Dec 2022 00:05:11 GMT
Last-Modified: Wed, 07 Dec 2022 23:13:20 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash b991a259d1f5ed59f771c6717d37d319
3d27e198a13a8b503653a55c7dff4502fde93b4f
943d09ffc57eaa5f8786fe4877c949ab50ba5fb001ca4901a05d5eab57536716
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3991
Cache-Control: max-age=91335
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:36 GMT
Etag: "63911e10-139"
Expires: Sat, 10 Dec 2022 00:19:51 GMT
Last-Modified: Wed, 07 Dec 2022 23:13:20 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash bc97b26376f5787bfa0a6fdfb759e5ce
9561aece4fb95ccfebf881ead6d424ff2854d341
9fd160380e77f1017d5f2c0af94d05ca84977e4d4b42f6fd385a815fbf672556
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1305
Cache-Control: max-age=142264
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:36 GMT
Etag: "6391ef7f-139"
Expires: Sat, 10 Dec 2022 14:28:40 GMT
Last-Modified: Thu, 08 Dec 2022 14:06:55 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash bc97b26376f5787bfa0a6fdfb759e5ce
9561aece4fb95ccfebf881ead6d424ff2854d341
9fd160380e77f1017d5f2c0af94d05ca84977e4d4b42f6fd385a815fbf672556
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1328
Cache-Control: max-age=142287
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:36 GMT
Etag: "6391ef7f-139"
Expires: Sat, 10 Dec 2022 14:29:03 GMT
Last-Modified: Thu, 08 Dec 2022 14:06:55 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPenErOzWaAB2ASdg2ICAgAAAEr-VR2NhxEVEN9rkmNeOmDhyH9TtORtuQASAAA&wp=Y5Jr4AAAfT0CO83SAAAfUpUlNoGKBT7yf0LuOg
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPenErOzWaAB2ASdg2ICAgAAAEr-VR2NhxEVEN9rkmNeOmDhyH9TtORtuQASAAA&wp=Y5Jr4AAAfT0CO83SAAAfUpUlNoGKBT7yf0LuOg
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kPenErOzWaAB2ASdg2ICAgAAAEr-VR2NhxEVEN9rkmNeOmDhyH9TtORtuQASAAA&wp=Y5Jr4AAAfT0CO83SAAAfUpUlNoGKBT7yf0LuOg HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 260334
date: Thu, 08 Dec 2022 22:57:35 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kKnZE7OzWdgFWp2DYgICAAAASv5VHY2HERUQ32uSY3FUHYuFzmKqiQFGABIAAA&wp=Y5Jr3wAOjTACO8hAAAxxXInyOcPHEt4I1dY0bQ
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kKnZE7OzWdgFWp2DYgICAAAASv5VHY2HERUQ32uSY3FUHYuFzmKqiQFGABIAAA&wp=Y5Jr3wAOjTACO8hAAAxxXInyOcPHEt4I1dY0bQ
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kKnZE7OzWdgFWp2DYgICAAAASv5VHY2HERUQ32uSY3FUHYuFzmKqiQFGABIAAA&wp=Y5Jr3wAOjTACO8hAAAxxXInyOcPHEt4I1dY0bQ HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 246849
date: Thu, 08 Dec 2022 22:57:36 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
104.17.25.14200 OK 4.4 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (2171)
Hash 44c72b9bddfecacc9114e84d685dd085
38f3ff57b9b64a38fc2153eb30564b7fc1c86349
c82afd4f2d89288b4b79244f0c24264810b11326670710ac8e28e7bfc87c7991
GET /ajax/libs/webfont/1.6.28/webfontloader.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:57:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 4420
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04030-30d9"
last-modified: Mon, 04 May 2020 16:17:52 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 106062
expires: Tue, 28 Nov 2023 22:57:36 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AAcor%2F8fV8wDYbSGpWB1MfqvyH%2BiCXfMfKGUVJlZJMJsGHVMUE1KqMy5A8KtcS2KWM%2Bi5z1fci0HhPWJVZ2W2lje5Rj9fbfO6zy0sbKKq5VYn63jO30Mppm17GAypjVM%2BLtL18Oc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 776919dc6b93b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 80bc0f96ea96fde678243ff6ac1a2b22
09f6a7dd77cae8777a0a105926f6f8a38635d5a4
fa517d4d2dd08a6bdc676d703e216ba5b48fc658698bc628961854dbd25dbdc5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5356
Cache-Control: max-age=87261
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:36 GMT
Etag: "639108d1-139"
Expires: Fri, 09 Dec 2022 23:11:57 GMT
Last-Modified: Wed, 07 Dec 2022 21:42:41 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 80bc0f96ea96fde678243ff6ac1a2b22
09f6a7dd77cae8777a0a105926f6f8a38635d5a4
fa517d4d2dd08a6bdc676d703e216ba5b48fc658698bc628961854dbd25dbdc5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5385
Cache-Control: max-age=87290
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:36 GMT
Etag: "639108d1-139"
Expires: Fri, 09 Dec 2022 23:12:26 GMT
Last-Modified: Wed, 07 Dec 2022 21:42:41 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 313
ads.eu.criteo.com/delivery/r/afr.php?z=Y5Jr3wAOjTACO8hAAAxxXInyOcPHEt4I1dY0bQ&u=%7Cb0%2BZpCk3Py4zAm6ZDCaMQrC1c5gUEtN0RcD2gXnxAsc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANVoEdisV7DxsKoZ_B5KwGvVeKeSL30bqKH_0ioWCSh0O_7d-TkLldpiu_Bf-dxDDJ21PICFeEGU8BeLCUrXTo12zAhtwYv2UKFLvMU9ULlDaS5fj93rozJKystOfZZF9KxEx4I2Lie29B-C_Wq_A5gzkuhU6EO-9AG4qcicZtzS0HqHx196OwrmlnMjpJc49G_Kjrq6rFqCNhZeclVNG9Ojie_H4-Y_GXga8bW6iAl4WR7cGdXTLa0yw653rvQbyZx0cweFWt3QVpx4A5imEP7xRECTvi2xTp9600GlyGhHN0F1Cib633vTi3jxJkpQKljF1M83nTfGC230PwGRh8_fchMzs2_tbSjFXywi16PNJkDNCbucFVghGLmqlLuw5M8gUAFMpfa18lshLNweXLu_oC9Kcxdns0CPfx-h8Sc9FVOFzGLapFJElacwwF72fkmCZLWsvoZutLiuUHxClwQG2yINKZGgFd5OFZ1zLeSkO9oCVt1hoG8TOu6ZpWhkQ1Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEJ4532uSY7CaOsCQ78EP3OKxmATJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTgxMTYwODU1NjM5NDMwNjnIAQmpAtM_RZHLsrE-qAMBqgTqAU_QPKi350DSljUI6LuKTzZ7lu7fgYlbTXaDieEM4Xe7kA6rcS4JrbD3gAcI4QTJ2RPQs6NySmZwd089FIlYQQtTztYrggQs_gwKvYN_KYTNmrds7P_3YgnGleR-c6bQvsg6Xcv4Y98R-PKAY2DcYUldLviseo7A1G_iv0qOiUctFcAoFdY7-RkoIYLNBxPfp99wB4VSAPo36mTMZhhRuXyoNW4sFm5yPOubZsWPup1l-ddIfPrsVPbFq4SnLvR_4LQG54Een7cYNMq5sQzKecDQOsptwM_7BBiGP4vWVDx7EEEG5L7AIwlynIAGvPjI2YiMoLbmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_14iMl6BbQncDyAMk2Wk1I4GzszCA%26client%3Dca-pub-8116085563943069%26adurl%3D
178.250.2.65200 OK 65 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y5Jr3wAOjTACO8hAAAxxXInyOcPHEt4I1dY0bQ&u=%7Cb0%2BZpCk3Py4zAm6ZDCaMQrC1c5gUEtN0RcD2gXnxAsc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANVoEdisV7DxsKoZ_B5KwGvVeKeSL30bqKH_0ioWCSh0O_7d-TkLldpiu_Bf-dxDDJ21PICFeEGU8BeLCUrXTo12zAhtwYv2UKFLvMU9ULlDaS5fj93rozJKystOfZZF9KxEx4I2Lie29B-C_Wq_A5gzkuhU6EO-9AG4qcicZtzS0HqHx196OwrmlnMjpJc49G_Kjrq6rFqCNhZeclVNG9Ojie_H4-Y_GXga8bW6iAl4WR7cGdXTLa0yw653rvQbyZx0cweFWt3QVpx4A5imEP7xRECTvi2xTp9600GlyGhHN0F1Cib633vTi3jxJkpQKljF1M83nTfGC230PwGRh8_fchMzs2_tbSjFXywi16PNJkDNCbucFVghGLmqlLuw5M8gUAFMpfa18lshLNweXLu_oC9Kcxdns0CPfx-h8Sc9FVOFzGLapFJElacwwF72fkmCZLWsvoZutLiuUHxClwQG2yINKZGgFd5OFZ1zLeSkO9oCVt1hoG8TOu6ZpWhkQ1Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEJ4532uSY7CaOsCQ78EP3OKxmATJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTgxMTYwODU1NjM5NDMwNjnIAQmpAtM_RZHLsrE-qAMBqgTqAU_QPKi350DSljUI6LuKTzZ7lu7fgYlbTXaDieEM4Xe7kA6rcS4JrbD3gAcI4QTJ2RPQs6NySmZwd089FIlYQQtTztYrggQs_gwKvYN_KYTNmrds7P_3YgnGleR-c6bQvsg6Xcv4Y98R-PKAY2DcYUldLviseo7A1G_iv0qOiUctFcAoFdY7-RkoIYLNBxPfp99wB4VSAPo36mTMZhhRuXyoNW4sFm5yPOubZsWPup1l-ddIfPrsVPbFq4SnLvR_4LQG54Een7cYNMq5sQzKecDQOsptwM_7BBiGP4vWVDx7EEEG5L7AIwlynIAGvPjI2YiMoLbmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_14iMl6BbQncDyAMk2Wk1I4GzszCA%26client%3Dca-pub-8116085563943069%26adurl%3D
IP 178.250.2.65:0
Hash d2f8c41c9240f5d1df3e7baecdc3245c
a32721de12d5e90bb9af7a29d8a93e32deb5c107
debc18e863ed96aab83ca36775ffd7b1abd4c366aff4bbcb030f9ec79543334a
GET /delivery/r/afr.php?z=Y5Jr3wAOjTACO8hAAAxxXInyOcPHEt4I1dY0bQ&u=%7Cb0%2BZpCk3Py4zAm6ZDCaMQrC1c5gUEtN0RcD2gXnxAsc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANVoEdisV7DxsKoZ_B5KwGvVeKeSL30bqKH_0ioWCSh0O_7d-TkLldpiu_Bf-dxDDJ21PICFeEGU8BeLCUrXTo12zAhtwYv2UKFLvMU9ULlDaS5fj93rozJKystOfZZF9KxEx4I2Lie29B-C_Wq_A5gzkuhU6EO-9AG4qcicZtzS0HqHx196OwrmlnMjpJc49G_Kjrq6rFqCNhZeclVNG9Ojie_H4-Y_GXga8bW6iAl4WR7cGdXTLa0yw653rvQbyZx0cweFWt3QVpx4A5imEP7xRECTvi2xTp9600GlyGhHN0F1Cib633vTi3jxJkpQKljF1M83nTfGC230PwGRh8_fchMzs2_tbSjFXywi16PNJkDNCbucFVghGLmqlLuw5M8gUAFMpfa18lshLNweXLu_oC9Kcxdns0CPfx-h8Sc9FVOFzGLapFJElacwwF72fkmCZLWsvoZutLiuUHxClwQG2yINKZGgFd5OFZ1zLeSkO9oCVt1hoG8TOu6ZpWhkQ1Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEJ4532uSY7CaOsCQ78EP3OKxmATJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTgxMTYwODU1NjM5NDMwNjnIAQmpAtM_RZHLsrE-qAMBqgTqAU_QPKi350DSljUI6LuKTzZ7lu7fgYlbTXaDieEM4Xe7kA6rcS4JrbD3gAcI4QTJ2RPQs6NySmZwd089FIlYQQtTztYrggQs_gwKvYN_KYTNmrds7P_3YgnGleR-c6bQvsg6Xcv4Y98R-PKAY2DcYUldLviseo7A1G_iv0qOiUctFcAoFdY7-RkoIYLNBxPfp99wB4VSAPo36mTMZhhRuXyoNW4sFm5yPOubZsWPup1l-ddIfPrsVPbFq4SnLvR_4LQG54Een7cYNMq5sQzKecDQOsptwM_7BBiGP4vWVDx7EEEG5L7AIwlynIAGvPjI2YiMoLbmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_14iMl6BbQncDyAMk2Wk1I4GzszCA%26client%3Dca-pub-8116085563943069%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:57:36 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=8FGJw8ckWlGmP4xPTSK8qv2sgRrQMhUMUR3SlXd0_FR7-ARO9BgweqBhhuzuug-k27Vh7hzZ2NLucev8WereKXm3FqbTXfCCQVXTEQLd0KhxqpnZIslriJz1PSi-Puv95dICmz3bdQ4ewVmpROXyhpD1x4jLY4ImKVfENWQPBF-0FxcmHgSBRwgZHSYL91r5OS8a9b9_Mm3xfdku1ZxPMBKsYy1-Rh10NGMCar3Ir0VimtxIVpvrGGgF_YdAg2TnPnDjXg"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 132997903
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 80bc0f96ea96fde678243ff6ac1a2b22
09f6a7dd77cae8777a0a105926f6f8a38635d5a4
fa517d4d2dd08a6bdc676d703e216ba5b48fc658698bc628961854dbd25dbdc5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5375
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:36 GMT
Last-Modified: Thu, 08 Dec 2022 21:28:01 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 80bc0f96ea96fde678243ff6ac1a2b22
09f6a7dd77cae8777a0a105926f6f8a38635d5a4
fa517d4d2dd08a6bdc676d703e216ba5b48fc658698bc628961854dbd25dbdc5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5385
Cache-Control: max-age=87290
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:36 GMT
Etag: "639108d1-139"
Expires: Fri, 09 Dec 2022 23:12:26 GMT
Last-Modified: Wed, 07 Dec 2022 21:42:41 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 518bf2ed51b00f8f798831d424dadf44
82ef1b85e2721fbcdc58cf54f55e827e7e6d7492
35b5e785c53e5e9a4be75c4086777542da459649bcd0c596a7918c0cd70ef661
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3626
Cache-Control: max-age=142788
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:36 GMT
Etag: "6391e87a-139"
Expires: Sat, 10 Dec 2022 14:37:24 GMT
Last-Modified: Thu, 08 Dec 2022 13:36:58 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 835f17b15cc8623fe0c65ccbef72c084
e0b3f6daa2cbc515f461cd65c856f3c0e85f25da
950f2646856281db9391c79e9eb4d927e69af9ba999b9e96bcf61d42d45a52eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5266
Cache-Control: max-age=166718
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:36 GMT
Etag: "63923f8c-1d7"
Expires: Sat, 10 Dec 2022 21:16:14 GMT
Last-Modified: Thu, 08 Dec 2022 19:48:28 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
static.criteo.net/design/dt/93075/221201/afec17cbecd64676891a8ed983c55597_cpn_160x600_1.jpeg
178.250.2.130200 OK 124 kB URL HTTP/2 static.criteo.net/design/dt/93075/221201/afec17cbecd64676891a8ed983c55597_cpn_160x600_1.jpeg
IP 178.250.2.130:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x600, components 3\012- data
Size 124 kB (124453 bytes)
Hash 070949a13a58344485c2348bb53e4025
5eef6daa80b13e3cd30284bca419573c020d93b4
d495e0703fadfaa0fc14b8f4c20890b611a2764d458f58680d05498b0992c227
GET /design/dt/93075/221201/afec17cbecd64676891a8ed983c55597_cpn_160x600_1.jpeg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 22:57:36 GMT
content-type: image/jpeg
content-length: 124453
last-modified: Thu, 01 Dec 2022 23:01:49 GMT
etag: "6389325d-1e625"
expires: Sun, 03 Dec 2023 22:57:36 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/close_button.svg
178.250.2.130200 OK 308 B URL HTTP/2 static.criteo.net/flash/icon/close_button.svg
IP 178.250.2.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 1bfe2e290ec4440da74a2e2c249eae2b
0b888a3f9e27d1554f2e21d51e7a1c223d00dbd4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
GET /flash/icon/close_button.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 22:57:36 GMT
content-type: image/svg+xml
content-length: 308
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
etag: "5e46a5e4-134"
expires: Sun, 03 Dec 2023 22:57:36 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/back_button2.svg
178.250.2.130200 OK 293 B URL HTTP/2 static.criteo.net/flash/icon/back_button2.svg
IP 178.250.2.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash d9f776bdc698e1bc9c6a1977218019cd
5763cfb5ac79adf0fa7f03a82bad04eea2dca243
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
GET /flash/icon/back_button2.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 22:57:36 GMT
content-type: image/svg+xml
content-length: 293
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
etag: "626a59dc-125"
expires: Sun, 03 Dec 2023 22:57:36 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash d61883097c47c0fcb4a15cafc5bdbdfc
54411aba43093cafd1cb2acea7c2b4c69184611f
0aef2b974544f530bd591dd0201909a9c2a6b3f4451c69288bafc126d9a37e2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 98f8af26b00325bf9086a697fb7e9931
4393fab2dbe807c5b0323a7f200754ac54a8cd10
7fd58e94c14ad131f33b9b6a962417b051f69e7473131cfd8f380ff80644fbd7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4921
Cache-Control: max-age=136890
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:37 GMT
Etag: "6391cc62-13a"
Expires: Sat, 10 Dec 2022 12:59:07 GMT
Last-Modified: Thu, 08 Dec 2022 11:37:06 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 98f8af26b00325bf9086a697fb7e9931
4393fab2dbe807c5b0323a7f200754ac54a8cd10
7fd58e94c14ad131f33b9b6a962417b051f69e7473131cfd8f380ff80644fbd7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4921
Cache-Control: max-age=136890
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:37 GMT
Etag: "6391cc62-13a"
Expires: Sat, 10 Dec 2022 12:59:07 GMT
Last-Modified: Thu, 08 Dec 2022 11:37:06 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 98f8af26b00325bf9086a697fb7e9931
4393fab2dbe807c5b0323a7f200754ac54a8cd10
7fd58e94c14ad131f33b9b6a962417b051f69e7473131cfd8f380ff80644fbd7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4927
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:37 GMT
Last-Modified: Thu, 08 Dec 2022 21:35:30 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 314
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Ad73c8379-bf91-4d74-864a-b86b2031c722%2FHotel_SPA_Porta_Maris_1SQUARE_800X800.jpg&v=3&w=800&s=4X0X-Nu4RfmYu4fZ7RRnlTf1&b=400
178.250.0.139200 OK 44 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Ad73c8379-bf91-4d74-864a-b86b2031c722%2FHotel_SPA_Porta_Maris_1SQUARE_800X800.jpg&v=3&w=800&s=4X0X-Nu4RfmYu4fZ7RRnlTf1&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c8ff08c075236ba4e925d1faf40802e8
3d431faaea572b190081a95caa024ccf30441bc3
fb8c3d12c4bbeef1c1e5ba9b9bdd31d8b2f9de9a51e4449b140eec52ea6266bb
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Ad73c8379-bf91-4d74-864a-b86b2031c722%2FHotel_SPA_Porta_Maris_1SQUARE_800X800.jpg&v=3&w=800&s=4X0X-Nu4RfmYu4fZ7RRnlTf1&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=0
expires: Thu, 08 Dec 2022 22:57:37 GMT
date: Thu, 08 Dec 2022 22:57:36 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 44252
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F7%2F8745305-0_1.jpg%3Fcb%3D2e488550b615282557262ac84c814723&v=3&w=800&s=Vc6Pon26rbePUOh_pUQco3H0&b=400
178.250.0.139200 OK 8.8 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F7%2F8745305-0_1.jpg%3Fcb%3D2e488550b615282557262ac84c814723&v=3&w=800&s=Vc6Pon26rbePUOh_pUQco3H0&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x366, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 13895989dc05fcf23a679e38e9e0dc48
7904a43e4dc123949ba1e959c79f1af1f2e53933
08141176b999f75da363b95c7f21083e3f7ab2de565a64c012ff8ec3486d19be
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F7%2F8745305-0_1.jpg%3Fcb%3D2e488550b615282557262ac84c814723&v=3&w=800&s=Vc6Pon26rbePUOh_pUQco3H0&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29768120
expires: Sat, 18 Nov 2023 11:52:57 GMT
date: Thu, 08 Dec 2022 22:57:36 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 8784
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F0%2F302553-0_1.jpg%3Fcb%3D93802c0ddc2b8f54f92ffa47425fffc2&v=3&w=800&s=wESwYSBm8TEFK3gTo2hcnbt7&b=400
178.250.0.139200 OK 14 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F0%2F302553-0_1.jpg%3Fcb%3D93802c0ddc2b8f54f92ffa47425fffc2&v=3&w=800&s=wESwYSBm8TEFK3gTo2hcnbt7&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 367x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0fef7101dcb7bd3b5debbd24257a9a0e
0e2ffc692472fcad29cd2ff470d1ca4f93431e7b
0c82692aea40572228a088055af57adc832461f9351fc2c08207b296b0ec32e9
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F0%2F302553-0_1.jpg%3Fcb%3D93802c0ddc2b8f54f92ffa47425fffc2&v=3&w=800&s=wESwYSBm8TEFK3gTo2hcnbt7&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30450342
expires: Sun, 26 Nov 2023 09:23:19 GMT
date: Thu, 08 Dec 2022 22:57:36 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 13604
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.criteo.net/flash/icon/adchoices_en.svg
178.250.2.130200 OK 8.7 kB URL HTTP/2 static.criteo.net/flash/icon/adchoices_en.svg
IP 178.250.2.130:0
Hash aa2f6bb03939dbb3f480e9136d565dcf
123e76fa3977ab5d08eb4e9b59ff165398489690
85b77ad295529afe3f55889b59d3490c8fe94bbfc597b2fa063e1e128888d30e
GET /flash/icon/adchoices_en.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 22:57:36 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
etag: W/"5e42b9ee-759"
expires: Sun, 03 Dec 2023 22:57:36 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=4eWKGnxNsy-yKT2QHB61fxqL7WjURjqw7exITAZJWKXLqZW9-qkzr4GaEWoX75HRoM6_6n4ReKrVaV0G6677Rh9-05ik13-9Wr7SUERuoTO0BsmthxJF--_-X785Py50NtHQf6EYMeRF3o3IWxucNzLPGEy2PwMBIFA26v2SCCgfBUQ2ST5wrLAy13Kvar4kwwi4-qNrZS6gW0NjtwRz3ziQx482AVV2cRTuHHuZ7Fhe4YgE4m8zS0PXVNCOQcmUKIrIsWaaHjTBbjSzIBfvjrYQ-QGzN-abjMtfTAgSkRKTicY7-BgsgPNbmbz6vv4QnX2ULXx7U_NkELkrO0AYCKQO87yRWkGdIrBDY61j61itVZf3T8Bho0b-T9nWwitxeECxHODlpmc1q1gmAhTCiaTa1hp-wdjjYhLYDZNQUzSQYNh5ETBhwE_-6CcAiV2YRGkOnA
178.250.2.148200 OK 6.6 kB URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=4eWKGnxNsy-yKT2QHB61fxqL7WjURjqw7exITAZJWKXLqZW9-qkzr4GaEWoX75HRoM6_6n4ReKrVaV0G6677Rh9-05ik13-9Wr7SUERuoTO0BsmthxJF--_-X785Py50NtHQf6EYMeRF3o3IWxucNzLPGEy2PwMBIFA26v2SCCgfBUQ2ST5wrLAy13Kvar4kwwi4-qNrZS6gW0NjtwRz3ziQx482AVV2cRTuHHuZ7Fhe4YgE4m8zS0PXVNCOQcmUKIrIsWaaHjTBbjSzIBfvjrYQ-QGzN-abjMtfTAgSkRKTicY7-BgsgPNbmbz6vv4QnX2ULXx7U_NkELkrO0AYCKQO87yRWkGdIrBDY61j61itVZf3T8Bho0b-T9nWwitxeECxHODlpmc1q1gmAhTCiaTa1hp-wdjjYhLYDZNQUzSQYNh5ETBhwE_-6CcAiV2YRGkOnA
IP 178.250.2.148:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ca6493347fa137127da1aff05062c14d
4ceae6a74707c617d11609fdcdbfff03353b76ff
f42b2eecd68f23ea66bbf4d561f8aa99700c881607d00ece163d8240f8f0d143
GET /delivery/lg.php?cppv=3&cpp=4eWKGnxNsy-yKT2QHB61fxqL7WjURjqw7exITAZJWKXLqZW9-qkzr4GaEWoX75HRoM6_6n4ReKrVaV0G6677Rh9-05ik13-9Wr7SUERuoTO0BsmthxJF--_-X785Py50NtHQf6EYMeRF3o3IWxucNzLPGEy2PwMBIFA26v2SCCgfBUQ2ST5wrLAy13Kvar4kwwi4-qNrZS6gW0NjtwRz3ziQx482AVV2cRTuHHuZ7Fhe4YgE4m8zS0PXVNCOQcmUKIrIsWaaHjTBbjSzIBfvjrYQ-QGzN-abjMtfTAgSkRKTicY7-BgsgPNbmbz6vv4QnX2ULXx7U_NkELkrO0AYCKQO87yRWkGdIrBDY61j61itVZf3T8Bho0b-T9nWwitxeECxHODlpmc1q1gmAhTCiaTa1hp-wdjjYhLYDZNQUzSQYNh5ETBhwE_-6CcAiV2YRGkOnA HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:57:36 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2942077
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F5%2F355108-0.jpg%3Fcb%3Df38a9887d70fe8a67810b481f0a291d6&v=3&w=800&s=ekWzKlSihnPPhhiVOAr6Oc6b&b=400
178.250.0.139200 OK 8.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F5%2F355108-0.jpg%3Fcb%3Df38a9887d70fe8a67810b481f0a291d6&v=3&w=800&s=ekWzKlSihnPPhhiVOAr6Oc6b&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4467a9ae13171b5f3278e6d2ce727bf2
7a21d7b0cd66f63d7e8b4c66be59f97f3368c44e
17f148460d5036a7ab08c77538b8899d3aa8a5e65c77cbcc51ba01539b1a7d09
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F5%2F355108-0.jpg%3Fcb%3Df38a9887d70fe8a67810b481f0a291d6&v=3&w=800&s=ekWzKlSihnPPhhiVOAr6Oc6b&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29585906
expires: Thu, 16 Nov 2023 09:16:03 GMT
date: Thu, 08 Dec 2022 22:57:36 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 8504
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F3%2F6349-0.jpg%3Fcb%3D9055279200116f2e4a8672847426951d&v=3&w=800&s=f8AgwWDlqiH4tW0kUAJ8YaiW&b=400
178.250.0.139200 OK 5.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F3%2F6349-0.jpg%3Fcb%3D9055279200116f2e4a8672847426951d&v=3&w=800&s=f8AgwWDlqiH4tW0kUAJ8YaiW&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ab422e7c2e948609e5d52bb6e4b4c77c
5d17e9cb404ea9d5ffb73f97563f5bebc1fcfaf6
15ee9ba7a34cbac34c5ab3a350ef2492507944e46da5384ba5ee3b31fdd03b13
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F3%2F6349-0.jpg%3Fcb%3D9055279200116f2e4a8672847426951d&v=3&w=800&s=f8AgwWDlqiH4tW0kUAJ8YaiW&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29921339
expires: Mon, 20 Nov 2023 06:26:36 GMT
date: Thu, 08 Dec 2022 22:57:37 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5948
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:400%7CMontserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
142.250.74.106200 OK 4.9 kB URL HTTP/2 fonts.googleapis.com/css?family=Lato:400%7CMontserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
IP 142.250.74.106:0
Hash 67b8a23d8f4536b3507e4e8fb0cc12c7
1964ba6fbdf55a8f43f6e1b2159a3db36fce75d8
408e6b1dd15dbb42abc40193bcc584a543e629e68df51d26c280ae7f1573b7d1
GET /css?family=Lato:400%7CMontserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Dec 2022 22:57:36 GMT
date: Thu, 08 Dec 2022 22:57:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F7%2F178GR0017Z-0.jpg%3Fcb%3Dd2275143653c8b6c1a4d350e9a49880d&v=3&w=800&s=7wigCJUIAXxmnmfN-3L1JKFM&b=400
178.250.0.139200 OK 6.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F7%2F178GR0017Z-0.jpg%3Fcb%3Dd2275143653c8b6c1a4d350e9a49880d&v=3&w=800&s=7wigCJUIAXxmnmfN-3L1JKFM&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 165x241, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 834be1e94b97b3046f72dc7e1655cbc2
01763b030849d82d7d401131d540ffc118c9e230
0cf7663e5fafa148537e1fd7f65fab5540d4e0a84662b5c71f3c27c26994f289
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F7%2F178GR0017Z-0.jpg%3Fcb%3Dd2275143653c8b6c1a4d350e9a49880d&v=3&w=800&s=7wigCJUIAXxmnmfN-3L1JKFM&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29674679
expires: Fri, 17 Nov 2023 09:55:36 GMT
date: Thu, 08 Dec 2022 22:57:37 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6922
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F1%2F21886020-0_1.jpg%3Fcb%3D5a54cd9d7f575730a08d4a141df6d38c&v=3&w=800&s=-uRdRMiMQFz0wqrlLH2IBYOz&b=400
178.250.0.139200 OK 7.1 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F1%2F21886020-0_1.jpg%3Fcb%3D5a54cd9d7f575730a08d4a141df6d38c&v=3&w=800&s=-uRdRMiMQFz0wqrlLH2IBYOz&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 286x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 54cacfa33c8ceaa943fb766aecef0d05
5d7ac9c37a1e20928660363e5b8aab357de9b000
41ceec71f7ebaea69836a1ce22dce0c27650bea84143a8cf2685971cd13527b1
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F1%2F21886020-0_1.jpg%3Fcb%3D5a54cd9d7f575730a08d4a141df6d38c&v=3&w=800&s=-uRdRMiMQFz0wqrlLH2IBYOz&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31486635
expires: Fri, 08 Dec 2023 09:14:53 GMT
date: Thu, 08 Dec 2022 22:57:36 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7134
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 06:30:11 GMT
expires: Sat, 02 Dec 2023 06:30:11 GMT
cache-control: public, max-age=31536000
age: 577646
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy_small.svg
178.250.2.130200 OK 12 kB URL HTTP/2 static.criteo.net/flash/icon/privacy_small.svg
IP 178.250.2.130:0
Hash 8d49e1299dfa354ec8bd67c3a1dccf50
2afacd63306925f8c71e33dcf8a1e0cf70bc499b
1b9be5bbb6f5aa00bfa3c5d01f4390e0dcaf9b6d7b16cf8cf0381e5deaeae5f2
GET /flash/icon/privacy_small.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 22:57:36 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
etag: W/"5e42ba84-6aa"
expires: Sun, 03 Dec 2023 22:57:36 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F3%2F831689-0.jpg%3Fcb%3D746e2191fd141dce838dd5582b8661be&v=3&w=800&s=Y5it0pNvlWWNRETajU_g5wvm&b=400
178.250.0.139200 OK 3.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F3%2F831689-0.jpg%3Fcb%3D746e2191fd141dce838dd5582b8661be&v=3&w=800&s=Y5it0pNvlWWNRETajU_g5wvm&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 205x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3682dacb7a94af61dee15aa78045a9a5
abcfe697906b924e5a296a4720d72fc30d5e56b2
c8099a2a55044610080b73376df81d8050a41b3dead8b147381fc523037c9d50
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F3%2F831689-0.jpg%3Fcb%3D746e2191fd141dce838dd5582b8661be&v=3&w=800&s=Y5it0pNvlWWNRETajU_g5wvm&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30526319
expires: Mon, 27 Nov 2023 06:29:36 GMT
date: Thu, 08 Dec 2022 22:57:37 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 3670
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F7%2F8745311-0_1.jpg%3Fcb%3D120aa6ab1f73f9250573069ae3eb362e&v=3&w=800&s=xEhAoAxSZyHBtLr1iy7wIjKr&b=400
178.250.0.139200 OK 9.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F7%2F8745311-0_1.jpg%3Fcb%3D120aa6ab1f73f9250573069ae3eb362e&v=3&w=800&s=xEhAoAxSZyHBtLr1iy7wIjKr&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x389, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5a1b5172120326300089ce65762a5af4
38b0a766a16589c866f8aca9eb317204a3c7566e
eb70307be1d1a2eb6dd69c7db8df13ba74228a693e7db0f5f57369009f7958d8
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F7%2F8745311-0_1.jpg%3Fcb%3D120aa6ab1f73f9250573069ae3eb362e&v=3&w=800&s=xEhAoAxSZyHBtLr1iy7wIjKr&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30351582
expires: Sat, 25 Nov 2023 05:57:19 GMT
date: Thu, 08 Dec 2022 22:57:36 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9892
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F0%2F302424-0.jpg%3Fcb%3D165110a46c70156bfc34baaf80d2ebaf&v=3&w=800&s=0B5S42Ju-FXDZ2kvjhzxRMVp&b=400
178.250.0.139200 OK 8.4 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F0%2F302424-0.jpg%3Fcb%3D165110a46c70156bfc34baaf80d2ebaf&v=3&w=800&s=0B5S42Ju-FXDZ2kvjhzxRMVp&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 310x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 868a272801728e58df07d85fdfbccd64
57a1a56ba3414c05b60a4fc27b731c9bc7a58793
804e39f2933ca78531bfbead0aa2768ae95a93d37a145b59ce4e8194f6fedbc9
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F0%2F302424-0.jpg%3Fcb%3D165110a46c70156bfc34baaf80d2ebaf&v=3&w=800&s=0B5S42Ju-FXDZ2kvjhzxRMVp&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29693168
expires: Fri, 17 Nov 2023 15:03:46 GMT
date: Thu, 08 Dec 2022 22:57:36 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 8404
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=H01gLvnTBSVdD-mFds6_mLz8BV85ptdSyKzOWMj2HLSZMbJhWyh0XmEVMt5uFL5YV_Df8dIy66rCRexMJVx6EPcxGQoVP1TrKFoxawA6RaiBxwlBBvM1pQQsrgb4XFKEu09W7EVGVjHLNEOqSQX5-4wlP3DhRksrRgVHyAvALoRodI_Izpi_n7WVsRhWEmpYGKlccDSk6-f5SBi11B922OyyuCvtCZGo5Y1coH1ctBqHS7fB985A0eimNafM21D6_B2Vd3NKRfYdLDzRqAO97hJA8SyCki4zksQkPTxQzk6ELpFNGD6YCk4uFy-jZ1s-UaCZll02gtBuBki1GFvhITIsykyW4mySvvHZ-p5S1aZOe2ZzTDdgYBjIfiFWk_ux5q5AqdhC8RmZVEcaW2Bk8LSFCLDY7QPfuLqhOVJ5Z-J0NeqnHGkasWq4AVoldOGPQTaACg
178.250.2.148200 OK 8.0 kB URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=H01gLvnTBSVdD-mFds6_mLz8BV85ptdSyKzOWMj2HLSZMbJhWyh0XmEVMt5uFL5YV_Df8dIy66rCRexMJVx6EPcxGQoVP1TrKFoxawA6RaiBxwlBBvM1pQQsrgb4XFKEu09W7EVGVjHLNEOqSQX5-4wlP3DhRksrRgVHyAvALoRodI_Izpi_n7WVsRhWEmpYGKlccDSk6-f5SBi11B922OyyuCvtCZGo5Y1coH1ctBqHS7fB985A0eimNafM21D6_B2Vd3NKRfYdLDzRqAO97hJA8SyCki4zksQkPTxQzk6ELpFNGD6YCk4uFy-jZ1s-UaCZll02gtBuBki1GFvhITIsykyW4mySvvHZ-p5S1aZOe2ZzTDdgYBjIfiFWk_ux5q5AqdhC8RmZVEcaW2Bk8LSFCLDY7QPfuLqhOVJ5Z-J0NeqnHGkasWq4AVoldOGPQTaACg
IP 178.250.2.148:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c844ed59894eaedb80484975c9010f12
d99d49b74a0c4996a4256d3c24b0a8eff51556d1
3df4d3bb30c1bf441a69dff7ace7b37f7cc2d7bb21230750b4a67b4fc864e42b
GET /delivery/lg.php?cppv=3&cpp=H01gLvnTBSVdD-mFds6_mLz8BV85ptdSyKzOWMj2HLSZMbJhWyh0XmEVMt5uFL5YV_Df8dIy66rCRexMJVx6EPcxGQoVP1TrKFoxawA6RaiBxwlBBvM1pQQsrgb4XFKEu09W7EVGVjHLNEOqSQX5-4wlP3DhRksrRgVHyAvALoRodI_Izpi_n7WVsRhWEmpYGKlccDSk6-f5SBi11B922OyyuCvtCZGo5Y1coH1ctBqHS7fB985A0eimNafM21D6_B2Vd3NKRfYdLDzRqAO97hJA8SyCki4zksQkPTxQzk6ELpFNGD6YCk4uFy-jZ1s-UaCZll02gtBuBki1GFvhITIsykyW4mySvvHZ-p5S1aZOe2ZzTDdgYBjIfiFWk_ux5q5AqdhC8RmZVEcaW2Bk8LSFCLDY7QPfuLqhOVJ5Z-J0NeqnHGkasWq4AVoldOGPQTaACg HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:57:36 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2681205
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 17:11:08 GMT
expires: Wed, 06 Dec 2023 17:11:08 GMT
cache-control: public, max-age=31536000
age: 193589
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F3%2F53858-0.jpg%3Fcb%3Df661ebfe7e8461b1aa776d9647b44d74&v=3&w=800&s=IlDQVF_Fuv2E4tLS8BUAz5vh&b=400
178.250.0.139200 OK 5.1 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F3%2F53858-0.jpg%3Fcb%3Df661ebfe7e8461b1aa776d9647b44d74&v=3&w=800&s=IlDQVF_Fuv2E4tLS8BUAz5vh&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x287, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5dff790a5bb26782110b9d621212e3b5
0b9bdb39b2fbb7823b6a6b80845206df692e80c2
1eedd2a7f883999396b0c2877a2512186f875339b3e284c34601ebb9a71fb8e0
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F3%2F53858-0.jpg%3Fcb%3Df661ebfe7e8461b1aa776d9647b44d74&v=3&w=800&s=IlDQVF_Fuv2E4tLS8BUAz5vh&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30345134
expires: Sat, 25 Nov 2023 04:09:51 GMT
date: Thu, 08 Dec 2022 22:57:36 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5062
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy.svg
178.250.2.130200 OK 2.0 kB URL HTTP/2 static.criteo.net/flash/icon/privacy.svg
IP 178.250.2.130:0
Hash fbfa94687ab515cfe2248c8bf4840553
a4abe1337015057776b4e89b665d4e9f670f2fbd
17c199f1d8bd7531d5750c01a215b62013cfe89ac56d495ad8746b7f5e9c7a26
GET /flash/icon/privacy.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 22:57:36 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
etag: W/"5e4d1491-646"
expires: Sun, 03 Dec 2023 22:57:36 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F7%2F67187-0.jpg%3Fcb%3D8f2c9d56d8e65a9dfe885d23b18da27b&v=3&w=800&s=EOOC6pUJIBhyjzgkL295oz-e&b=400
178.250.0.139200 OK 6.1 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F7%2F67187-0.jpg%3Fcb%3D8f2c9d56d8e65a9dfe885d23b18da27b&v=3&w=800&s=EOOC6pUJIBhyjzgkL295oz-e&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 232x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c0196b116edf7d2928e2894651067f74
b414322ffd0103f76f22ace0b236283add879881
a0457b45bdf51c091f3125db9392013b0c3851eac85de0d258fc11ea43cceff8
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F7%2F67187-0.jpg%3Fcb%3D8f2c9d56d8e65a9dfe885d23b18da27b&v=3&w=800&s=EOOC6pUJIBhyjzgkL295oz-e&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31469271
expires: Fri, 08 Dec 2023 04:25:28 GMT
date: Thu, 08 Dec 2022 22:57:36 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6082
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F2%2F82325-0.jpg%3Fcb%3D4f9ea491f3f42bd9991861fa937f6251&v=3&w=800&s=05dF--W0jlIet9YbuEJXRaoE&b=400
178.250.0.139200 OK 6.1 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F2%2F82325-0.jpg%3Fcb%3D4f9ea491f3f42bd9991861fa937f6251&v=3&w=800&s=05dF--W0jlIet9YbuEJXRaoE&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 236x229, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash db8beda79ae8da65ef024af12bbe4c99
6451ee6854a05c1d8a8f6db818f9f0f7221f5b80
4124272ef870b9a590da4ef36f0b8039dcde99e501a654e0506bd8ced76ffefd
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F2%2F82325-0.jpg%3Fcb%3D4f9ea491f3f42bd9991861fa937f6251&v=3&w=800&s=05dF--W0jlIet9YbuEJXRaoE&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30086038
expires: Wed, 22 Nov 2023 04:11:35 GMT
date: Thu, 08 Dec 2022 22:57:37 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6078
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y5Jr4AAAfT0CO83SAAAfUpUlNoGKBT7yf0LuOg&u=%7Cb0%2BZpCk3Py5fOuIRK0BX5FTS1qmUcFjcTzz8zer9URM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TyHgKyU7CHfZbIqo3eOHzDXHqTFWR4-19t3qCAuTuYwErALmqsTo4uvFJ655nN_eCmgNweIStEmiLqJR-OiOpq2YSI-178L05A9ZcuuAgzm9CM6WJ-6vl1NFBAkLmnV9e04wWH9ICZfegeqtP6-OWsS2eh30lnWJWEj66gStz7ui6vwPH7f5aud8B7iLLZrd7W5NF3jyNJcHftQXBMEAkTz_CvKhe9lKXluAH77xkfdTZw2QjlvATa9ZyfG1oEKJz4pvgDI-eNGPaBZ_5nakBwl29NwXERr9WnOSjFgM9WZq5HgyV9FcEmrO8EyimDrd5ED6d-P9BmeJINj5rc1WLimTA-F_0g76ojvGQRPKcrNKDxATJRv3h1IbgL_-vPt2BILnYftqihZunA_bmV_IQTQV_sm6k1_A63V90SWNvhXlFn1moMULuzOccRrTebJO-BvyUZRZChDtQz-XM7umumkIPE5nInpq4Pezfx5HEyAX0AmShRbPTxTZ8BAGLMlWz9XnX1a2KV8b&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdxTJ4GuSY736AdKb78EP0r6AoAXJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTgxMTYwODU1NjM5NDMwNjnIAQmpAtM_RZHLsrE-qAMBqgTrAU_QuTNjFAOJLDx3qnmLpjT1blwN1vwk6-nLpROB9Zt0DYzZgIV3sA1ZuneYT8-SD3Da0KzVs54zuyJ3ArCjrbaE0X5hX3c81fl3HLG03ARxdoaiH_NJUCwSKKYfY4w7eXWZAyA0l29BTcU3-NNF0OqfNnzl_SNYpfIx7q7FOQfswPxU0Q2-7IqPAM5k3q9k-7HlDgz9MCpYn4EWzVfqwreVrbOweavIgwXv5pZzZIok-Tn0lo8a4zS_U5E75_Z9gTJhyoKAyZZZhyPkWz5WUZgskq5VMuwqoiQBNfl1-IgCLZD_hjXTDKJNxyWABuuRn9nH_b-C0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uyj5sUwLvXrwE2sVchJiPFTdcYA%26client%3Dca-pub-8116085563943069%26adurl%3D
178.250.2.65200 OK 51 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y5Jr4AAAfT0CO83SAAAfUpUlNoGKBT7yf0LuOg&u=%7Cb0%2BZpCk3Py5fOuIRK0BX5FTS1qmUcFjcTzz8zer9URM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TyHgKyU7CHfZbIqo3eOHzDXHqTFWR4-19t3qCAuTuYwErALmqsTo4uvFJ655nN_eCmgNweIStEmiLqJR-OiOpq2YSI-178L05A9ZcuuAgzm9CM6WJ-6vl1NFBAkLmnV9e04wWH9ICZfegeqtP6-OWsS2eh30lnWJWEj66gStz7ui6vwPH7f5aud8B7iLLZrd7W5NF3jyNJcHftQXBMEAkTz_CvKhe9lKXluAH77xkfdTZw2QjlvATa9ZyfG1oEKJz4pvgDI-eNGPaBZ_5nakBwl29NwXERr9WnOSjFgM9WZq5HgyV9FcEmrO8EyimDrd5ED6d-P9BmeJINj5rc1WLimTA-F_0g76ojvGQRPKcrNKDxATJRv3h1IbgL_-vPt2BILnYftqihZunA_bmV_IQTQV_sm6k1_A63V90SWNvhXlFn1moMULuzOccRrTebJO-BvyUZRZChDtQz-XM7umumkIPE5nInpq4Pezfx5HEyAX0AmShRbPTxTZ8BAGLMlWz9XnX1a2KV8b&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdxTJ4GuSY736AdKb78EP0r6AoAXJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTgxMTYwODU1NjM5NDMwNjnIAQmpAtM_RZHLsrE-qAMBqgTrAU_QuTNjFAOJLDx3qnmLpjT1blwN1vwk6-nLpROB9Zt0DYzZgIV3sA1ZuneYT8-SD3Da0KzVs54zuyJ3ArCjrbaE0X5hX3c81fl3HLG03ARxdoaiH_NJUCwSKKYfY4w7eXWZAyA0l29BTcU3-NNF0OqfNnzl_SNYpfIx7q7FOQfswPxU0Q2-7IqPAM5k3q9k-7HlDgz9MCpYn4EWzVfqwreVrbOweavIgwXv5pZzZIok-Tn0lo8a4zS_U5E75_Z9gTJhyoKAyZZZhyPkWz5WUZgskq5VMuwqoiQBNfl1-IgCLZD_hjXTDKJNxyWABuuRn9nH_b-C0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uyj5sUwLvXrwE2sVchJiPFTdcYA%26client%3Dca-pub-8116085563943069%26adurl%3D
IP 178.250.2.65:0
Hash 66dabd5adeadcf6d4807544d37f6e259
2a747f59f57d466b0594c96512242b0094288d3d
c5e45bf6072d69003445682160eca78f0c2cb412d1b9cb46f00366ec87deee56
GET /delivery/r/afr.php?z=Y5Jr4AAAfT0CO83SAAAfUpUlNoGKBT7yf0LuOg&u=%7Cb0%2BZpCk3Py5fOuIRK0BX5FTS1qmUcFjcTzz8zer9URM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TyHgKyU7CHfZbIqo3eOHzDXHqTFWR4-19t3qCAuTuYwErALmqsTo4uvFJ655nN_eCmgNweIStEmiLqJR-OiOpq2YSI-178L05A9ZcuuAgzm9CM6WJ-6vl1NFBAkLmnV9e04wWH9ICZfegeqtP6-OWsS2eh30lnWJWEj66gStz7ui6vwPH7f5aud8B7iLLZrd7W5NF3jyNJcHftQXBMEAkTz_CvKhe9lKXluAH77xkfdTZw2QjlvATa9ZyfG1oEKJz4pvgDI-eNGPaBZ_5nakBwl29NwXERr9WnOSjFgM9WZq5HgyV9FcEmrO8EyimDrd5ED6d-P9BmeJINj5rc1WLimTA-F_0g76ojvGQRPKcrNKDxATJRv3h1IbgL_-vPt2BILnYftqihZunA_bmV_IQTQV_sm6k1_A63V90SWNvhXlFn1moMULuzOccRrTebJO-BvyUZRZChDtQz-XM7umumkIPE5nInpq4Pezfx5HEyAX0AmShRbPTxTZ8BAGLMlWz9XnX1a2KV8b&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdxTJ4GuSY736AdKb78EP0r6AoAXJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTgxMTYwODU1NjM5NDMwNjnIAQmpAtM_RZHLsrE-qAMBqgTrAU_QuTNjFAOJLDx3qnmLpjT1blwN1vwk6-nLpROB9Zt0DYzZgIV3sA1ZuneYT8-SD3Da0KzVs54zuyJ3ArCjrbaE0X5hX3c81fl3HLG03ARxdoaiH_NJUCwSKKYfY4w7eXWZAyA0l29BTcU3-NNF0OqfNnzl_SNYpfIx7q7FOQfswPxU0Q2-7IqPAM5k3q9k-7HlDgz9MCpYn4EWzVfqwreVrbOweavIgwXv5pZzZIok-Tn0lo8a4zS_U5E75_Z9gTJhyoKAyZZZhyPkWz5WUZgskq5VMuwqoiQBNfl1-IgCLZD_hjXTDKJNxyWABuuRn9nH_b-C0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uyj5sUwLvXrwE2sVchJiPFTdcYA%26client%3Dca-pub-8116085563943069%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:57:36 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=XUjXwcckWlGmP4xPLj5cNuBOkvykurixstVru-rw2pUcqf_CvDHlCmVcaH0qhos3qaha9MgDG6Yh9S0H7piAxg3bUjZbUHXOnPbv0bq_IWDxM_XPd7UK5fGCcc3r8fR19iIQ8-32gbvMA9fm2ShevYaZKO4cZOnfILSEiFhgX06ekB5Y-f_0t6iZZwY08AoEuRLlv6_PB2jyrz2UNrOe5d2HfHpLo6UBUPUvZs9UDro1R-G-zR1Kg4ke2D0Lb0VvO2CFHg"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 42108871
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:41 GMT
expires: Tue, 05 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 273896
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=108&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2Fa21d783007334b99b7401f1425c637a2_horizontal_gray.png&v=3&w=316&s=ulooLtAtiYQmGlykU1JLbTld
178.250.0.139200 OK 9.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=108&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2Fa21d783007334b99b7401f1425c637a2_horizontal_gray.png&v=3&w=316&s=ulooLtAtiYQmGlykU1JLbTld
IP 178.250.0.139:0
File type PNG image data, 316 x 79, 8-bit/color RGBA, non-interlaced\012- data
Hash 144da97a9207083a49983f04d880b34e
eef82a7c16c1e52dc5501c6c527531f50ad29d1a
1af44b1581b500a0d19809c57dca3a293b82555b9d63a09b105da81b4141c566
GET /img/img?h=108&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2Fa21d783007334b99b7401f1425c637a2_horizontal_gray.png&v=3&w=316&s=ulooLtAtiYQmGlykU1JLbTld HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=29898338
expires: Mon, 20 Nov 2023 00:03:16 GMT
date: Thu, 08 Dec 2022 22:57:37 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9512
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139200-2.jpg%3Fcb%3Df4bbfffcc691f0d09fed11ab574d2c15&v=3&w=800&s=ELGNwAEysDJJFXqMz4SRd9vY&b=400
178.250.0.139200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139200-2.jpg%3Fcb%3Df4bbfffcc691f0d09fed11ab574d2c15&v=3&w=800&s=ELGNwAEysDJJFXqMz4SRd9vY&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x358, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b4a8b65dd45b5caaf05d7af1a012c211
2d76450cb9247fc5eb904e3d6db3c051c26226ae
bdeedcf8ba166914065e069ca9514b3020cfe22d1239cb8ec86495c301108540
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139200-2.jpg%3Fcb%3Df4bbfffcc691f0d09fed11ab574d2c15&v=3&w=800&s=ELGNwAEysDJJFXqMz4SRd9vY&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30009820
expires: Tue, 21 Nov 2023 07:01:17 GMT
date: Thu, 08 Dec 2022 22:57:36 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10926
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/criteo_logo_2021.svg
178.250.2.130200 OK 7.6 kB URL HTTP/2 static.criteo.net/flash/icon/criteo_logo_2021.svg
IP 178.250.2.130:0
Hash b61d21505d7b830a8c17738e8e8a47b4
8d12eabda3b0caf7122feac738c744dd14929fe2
6c1aa817e761d6af40184c9c43be4ed8cff9917dd6f57f023f9c29d5eb468c9f
GET /flash/icon/criteo_logo_2021.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 22:57:36 GMT
content-type: image/svg+xml
last-modified: Thu, 27 May 2021 13:21:59 GMT
etag: W/"60af9cf7-891"
expires: Sun, 03 Dec 2023 22:57:36 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F0%2F50134-0.jpg%3Fcb%3D87087f83da99da8dce505a5c4952669c&v=3&w=800&s=8lnX3Qo5Gq1MepTQRS9kh0fI&b=400
178.250.0.139200 OK 17 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F0%2F50134-0.jpg%3Fcb%3D87087f83da99da8dce505a5c4952669c&v=3&w=800&s=8lnX3Qo5Gq1MepTQRS9kh0fI&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 288x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0174c89cd42b0a33c6b2d6151df118c7
ad26d2d114ef7c82bc5463afe92a5d4a65d8d1eb
22d6e040a7588605290d05e2a68c398a3868d83b592c3839821aa41365a6f3f5
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F0%2F50134-0.jpg%3Fcb%3D87087f83da99da8dce505a5c4952669c&v=3&w=800&s=8lnX3Qo5Gq1MepTQRS9kh0fI&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31229503
expires: Tue, 05 Dec 2023 09:49:20 GMT
date: Thu, 08 Dec 2022 22:57:36 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 16714
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=19207&adfrmid=0
109.232.197.33302 Found 0 B URL HTTP/1.1 mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=19207&adfrmid=0
IP 109.232.197.33:0
ASN #50234 Eulerian Technologies S.a.s.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=19207&adfrmid=0 HTTP/1.1
Host: mm.melia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.eu.criteo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 08 Dec 2022 22:57:37 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 0
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Location: https://mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=19207&adfrmid=0
csm.eu.criteo.net/all?cppv=3&cpp=XUjXwcckWlGmP4xPLj5cNuBOkvykurixstVru-rw2pUcqf_CvDHlCmVcaH0qhos3qaha9MgDG6Yh9S0H7piAxg3bUjZbUHXOnPbv0bq_IWDxM_XPd7UK5fGCcc3r8fR19iIQ8-32gbvMA9fm2ShevYaZKO4cZOnfILSEiFhgX06ekB5Y-f_0t6iZZwY08AoEuRLlv6_PB2jyrz2UNrOe5d2HfHpLo6UBUPUvZs9UDro1R-G-zR1Kg4ke2D0Lb0VvO2CFHg&sds=2&rev=83862.2&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=XUjXwcckWlGmP4xPLj5cNuBOkvykurixstVru-rw2pUcqf_CvDHlCmVcaH0qhos3qaha9MgDG6Yh9S0H7piAxg3bUjZbUHXOnPbv0bq_IWDxM_XPd7UK5fGCcc3r8fR19iIQ8-32gbvMA9fm2ShevYaZKO4cZOnfILSEiFhgX06ekB5Y-f_0t6iZZwY08AoEuRLlv6_PB2jyrz2UNrOe5d2HfHpLo6UBUPUvZs9UDro1R-G-zR1Kg4ke2D0Lb0VvO2CFHg&sds=2&rev=83862.2&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=XUjXwcckWlGmP4xPLj5cNuBOkvykurixstVru-rw2pUcqf_CvDHlCmVcaH0qhos3qaha9MgDG6Yh9S0H7piAxg3bUjZbUHXOnPbv0bq_IWDxM_XPd7UK5fGCcc3r8fR19iIQ8-32gbvMA9fm2ShevYaZKO4cZOnfILSEiFhgX06ekB5Y-f_0t6iZZwY08AoEuRLlv6_PB2jyrz2UNrOe5d2HfHpLo6UBUPUvZs9UDro1R-G-zR1Kg4ke2D0Lb0VvO2CFHg&sds=2&rev=83862.2&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:57:36 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=19207&adfrmid=0
109.232.197.110200 OK 43 B URL HTTP/1.1 mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=19207&adfrmid=0
IP 109.232.197.110:0
ASN #50234 Eulerian Technologies S.a.s.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 718e8bd317b47c1018a861f423615c1c
874d28c9586324d5d16558065197cea533f10b67
11e3a37194c2691ff2eb5c2237cb14a9269c30e844dc48047f9324391477f11f
GET /dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=19207&adfrmid=0 HTTP/1.1
Host: mml1.melia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.eu.criteo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 22:57:37 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 43
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Content-Type: image/gif
Set-Cookie: etuix=1OQBYb2vSQ0hUSTITQXZCXB7TuVltKmFwucQbNObTu1jumd6YDZ8dA--; expires=Fri, 05 Jan 2024 22:57:37 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
et0=kHF.hnyZo.ktQepSwKRRCuTNMnece6vV4OlKqK9Td4OR2jAbYHdS0y5z203FYIABDRC5dXsplFQzUPKS4uYZkYIL3wyzyF3Uzyb0l5kRVRq7j.4vu7rJNuo7pvEaGu_gLac-; expires=Fri, 05 Jan 2024 22:57:37 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
et=1; expires=Fri, 05 Jan 2024 22:57:37 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
csm.eu.criteo.net/all?cppv=3&cpp=8FGJw8ckWlGmP4xPTSK8qv2sgRrQMhUMUR3SlXd0_FR7-ARO9BgweqBhhuzuug-k27Vh7hzZ2NLucev8WereKXm3FqbTXfCCQVXTEQLd0KhxqpnZIslriJz1PSi-Puv95dICmz3bdQ4ewVmpROXyhpD1x4jLY4ImKVfENWQPBF-0FxcmHgSBRwgZHSYL91r5OS8a9b9_Mm3xfdku1ZxPMBKsYy1-Rh10NGMCar3Ir0VimtxIVpvrGGgF_YdAg2TnPnDjXg&sds=2&rev=83862.2&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=8FGJw8ckWlGmP4xPTSK8qv2sgRrQMhUMUR3SlXd0_FR7-ARO9BgweqBhhuzuug-k27Vh7hzZ2NLucev8WereKXm3FqbTXfCCQVXTEQLd0KhxqpnZIslriJz1PSi-Puv95dICmz3bdQ4ewVmpROXyhpD1x4jLY4ImKVfENWQPBF-0FxcmHgSBRwgZHSYL91r5OS8a9b9_Mm3xfdku1ZxPMBKsYy1-Rh10NGMCar3Ir0VimtxIVpvrGGgF_YdAg2TnPnDjXg&sds=2&rev=83862.2&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=8FGJw8ckWlGmP4xPTSK8qv2sgRrQMhUMUR3SlXd0_FR7-ARO9BgweqBhhuzuug-k27Vh7hzZ2NLucev8WereKXm3FqbTXfCCQVXTEQLd0KhxqpnZIslriJz1PSi-Puv95dICmz3bdQ4ewVmpROXyhpD1x4jLY4ImKVfENWQPBF-0FxcmHgSBRwgZHSYL91r5OS8a9b9_Mm3xfdku1ZxPMBKsYy1-Rh10NGMCar3Ir0VimtxIVpvrGGgF_YdAg2TnPnDjXg&sds=2&rev=83862.2&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:57:37 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8274b291596906eb3779dccb82ec41cb
b2ec554df1fa55e18a4316b76ac617dc626b7598
69129be0a1c2e3d1dfc602aea4ef004ea01b3bfa6c5863bd225843472f1bb7c8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:57:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
216.58.211.4200 OK 512 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 216.58.211.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 7ca21d9a1c26d765a2e1a5d2b1d465c0
eefd0132df9e211d0753048ca7160861589226d8
cf212138752d39f08fe8df688fd0ec2ee1866bcbb81a1fdc533f5aa8aeaafbbf
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://best-proxylist.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 08 Dec 2022 22:57:37 GMT
date: Thu, 08 Dec 2022 22:57:37 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-MdgbUbI_FZtN_wUe45zwoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=XUjXwcckWlGmP4xPLj5cNuBOkvykurixstVru-rw2pUcqf_CvDHlCmVcaH0qhos3qaha9MgDG6Yh9S0H7piAxg3bUjZbUHXOnPbv0bq_IWDxM_XPd7UK5fGCcc3r8fR19iIQ8-32gbvMA9fm2ShevYaZKO4cZOnfILSEiFhgX06ekB5Y-f_0t6iZZwY08AoEuRLlv6_PB2jyrz2UNrOe5d2HfHpLo6UBUPUvZs9UDro1R-G-zR1Kg4ke2D0Lb0VvO2CFHg&sds=2&rev=83862.2&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=XUjXwcckWlGmP4xPLj5cNuBOkvykurixstVru-rw2pUcqf_CvDHlCmVcaH0qhos3qaha9MgDG6Yh9S0H7piAxg3bUjZbUHXOnPbv0bq_IWDxM_XPd7UK5fGCcc3r8fR19iIQ8-32gbvMA9fm2ShevYaZKO4cZOnfILSEiFhgX06ekB5Y-f_0t6iZZwY08AoEuRLlv6_PB2jyrz2UNrOe5d2HfHpLo6UBUPUvZs9UDro1R-G-zR1Kg4ke2D0Lb0VvO2CFHg&sds=2&rev=83862.2&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=XUjXwcckWlGmP4xPLj5cNuBOkvykurixstVru-rw2pUcqf_CvDHlCmVcaH0qhos3qaha9MgDG6Yh9S0H7piAxg3bUjZbUHXOnPbv0bq_IWDxM_XPd7UK5fGCcc3r8fR19iIQ8-32gbvMA9fm2ShevYaZKO4cZOnfILSEiFhgX06ekB5Y-f_0t6iZZwY08AoEuRLlv6_PB2jyrz2UNrOe5d2HfHpLo6UBUPUvZs9UDro1R-G-zR1Kg4ke2D0Lb0VvO2CFHg&sds=2&rev=83862.2&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:57:37 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=8FGJw8ckWlGmP4xPTSK8qv2sgRrQMhUMUR3SlXd0_FR7-ARO9BgweqBhhuzuug-k27Vh7hzZ2NLucev8WereKXm3FqbTXfCCQVXTEQLd0KhxqpnZIslriJz1PSi-Puv95dICmz3bdQ4ewVmpROXyhpD1x4jLY4ImKVfENWQPBF-0FxcmHgSBRwgZHSYL91r5OS8a9b9_Mm3xfdku1ZxPMBKsYy1-Rh10NGMCar3Ir0VimtxIVpvrGGgF_YdAg2TnPnDjXg&sds=2&rev=83862.2&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=8FGJw8ckWlGmP4xPTSK8qv2sgRrQMhUMUR3SlXd0_FR7-ARO9BgweqBhhuzuug-k27Vh7hzZ2NLucev8WereKXm3FqbTXfCCQVXTEQLd0KhxqpnZIslriJz1PSi-Puv95dICmz3bdQ4ewVmpROXyhpD1x4jLY4ImKVfENWQPBF-0FxcmHgSBRwgZHSYL91r5OS8a9b9_Mm3xfdku1ZxPMBKsYy1-Rh10NGMCar3Ir0VimtxIVpvrGGgF_YdAg2TnPnDjXg&sds=2&rev=83862.2&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=8FGJw8ckWlGmP4xPTSK8qv2sgRrQMhUMUR3SlXd0_FR7-ARO9BgweqBhhuzuug-k27Vh7hzZ2NLucev8WereKXm3FqbTXfCCQVXTEQLd0KhxqpnZIslriJz1PSi-Puv95dICmz3bdQ4ewVmpROXyhpD1x4jLY4ImKVfENWQPBF-0FxcmHgSBRwgZHSYL91r5OS8a9b9_Mm3xfdku1ZxPMBKsYy1-Rh10NGMCar3Ir0VimtxIVpvrGGgF_YdAg2TnPnDjXg&sds=2&rev=83862.2&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 22:57:38 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/animejs/animejs.js
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/animejs/animejs.js
IP 178.250.2.130:0
GET /animejs/animejs.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 22:57:36 GMT
content-type: text/javascript
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
etag: W/"5c9a64eb-3181"
expires: Sun, 03 Dec 2023 22:57:36 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=63926be067df4e1e73ba1a40e754b776
37.157.6.233302 Found 0 B URL HTTP/2 a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=63926be067df4e1e73ba1a40e754b776
IP 37.157.6.233:0
GET /adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=63926be067df4e1e73ba1a40e754b776 HTTP/1.1
Host: a1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 08 Dec 2022 22:57:32 GMT
content-type: text/html; charset=utf-8
location: https://mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=19207&adfrmid=0
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2