r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8949
Expires: Thu, 10 Nov 2022 13:56:04 GMT
Date: Thu, 10 Nov 2022 11:26:55 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a19a5555cc9ea92581b0cc504cb64345
01a86ce33d5eb33420ed76266360f32c62a96f31
9ebd48b4053bb4a7a27718670c44075b1f35d037be7fd16750fcbc3ffd68b18c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1338
Cache-Control: max-age=170790
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:55 GMT
Etag: "636cd2eb-1d7"
Expires: Sat, 12 Nov 2022 10:53:25 GMT
Last-Modified: Thu, 10 Nov 2022 10:31:07 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a19a5555cc9ea92581b0cc504cb64345
01a86ce33d5eb33420ed76266360f32c62a96f31
9ebd48b4053bb4a7a27718670c44075b1f35d037be7fd16750fcbc3ffd68b18c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1338
Cache-Control: max-age=170790
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:55 GMT
Etag: "636cd2eb-1d7"
Expires: Sat, 12 Nov 2022 10:53:25 GMT
Last-Modified: Thu, 10 Nov 2022 10:31:07 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2b57492bf85f4ae6abbd1641b17dc9ab
008e71ec05d47bf025ca64e17da2ea1bd8e71111
17894427c471f7fa02ca274795dc55df1bfc99d7bd83f9ee36249394035110fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17894427C471F7FA02CA274795DC55DF1BFC99D7BD83F9EE36249394035110FD"
Last-Modified: Wed, 09 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18168
Expires: Thu, 10 Nov 2022 16:29:43 GMT
Date: Thu, 10 Nov 2022 11:26:55 GMT
Connection: keep-alive
fr.wordssidekick.com/28112-how-brain-mapping-works
172.67.155.249200 OK 15 kB URL HTTP/1.1 fr.wordssidekick.com/28112-how-brain-mapping-works
IP 172.67.155.249:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4082), with CRLF, CR, LF line terminators
Hash 745eeac84dd9b83c32870d24c59d2590
93752d783395692f52e3fafdbf4475c1b45ba86e
f460bb8a463add409538a0129cc63b7e1d5c41dc299cab4c95afb7f76421e31c
GET /28112-how-brain-mapping-works HTTP/1.1
Host: fr.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.13
Cache-Control: max-age=604800
Expires: Thu, 17 Nov 2022 11:26:55 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUH3ym7DBCTHmDvhoZQ84Np1iiNUhHkq%2F0S53%2BmAPXVHwJ1iFsK48a4LXDhaWlQXnvCnogFXo2lQk2Vm3DbmkJgtY9bfR8gx8qYWTvimtpJNuj%2FR%2FWvXVbAxs6SEOeQ22lpOyWRXGA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 767e6f9a7990b50b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 9G3lFdRZ3NyEJe2ychu1dHR/a43SoMt79RPpGD26RAI3m1RmNqY23vuZi11+TVblst74D0PBJI1ZCIPwqLW2Ag==
x-amz-request-id: AA8FS1QZG8J48CGM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 10 Nov 2022 11:12:07 GMT
age: 888
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 11:26:55 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cmp.optad360.io/items/5bb3dbdc-3b25-4b7c-92c3-400ebe0f5e4c.min.js
54.230.111.24200 OK 497 B URL HTTP/1.1 cmp.optad360.io/items/5bb3dbdc-3b25-4b7c-92c3-400ebe0f5e4c.min.js
IP 54.230.111.24:0
File type ASCII text, with very long lines (496)
Hash 7acdc116a0830ba0aef5e087010246ba
44c6d5659727be623750ef5da32c2da279997694
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
GET /items/5bb3dbdc-3b25-4b7c-92c3-400ebe0f5e4c.min.js HTTP/1.1
Host: cmp.optad360.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 497
Connection: keep-alive
Date: Thu, 10 Nov 2022 01:27:01 GMT
Last-Modified: Mon, 12 Apr 2021 08:54:56 GMT
ETag: "7acdc116a0830ba0aef5e087010246ba"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Error from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8g4tmuHEd-EEKQAdf-RHR1TuITuu5meDP67tJrPEhkFQ7M8TCyM8Ug==
Age: 35995
cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css
151.101.85.229301 Moved Permanently 0 B URL HTTP/1.1 cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css
IP 151.101.85.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npm/cookieconsent@3/build/cookieconsent.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css
Accept-Ranges: bytes
Date: Thu, 10 Nov 2022 11:26:55 GMT
X-Served-By: cache-bma1635-BMA
X-Cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
get.optad360.io/sf/a9fa8f4d-dc27-4de6-b483-93c3d60fca0b/plugin.min.js
54.230.111.124200 OK 57 kB URL HTTP/1.1 get.optad360.io/sf/a9fa8f4d-dc27-4de6-b483-93c3d60fca0b/plugin.min.js
IP 54.230.111.124:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9d9e8089c860c839546675168e110650
835ca2ac0010f7932ce2fabe6d4f4884c414f0e2
7f13828f58d1578e09ad793a14daf1d543df3c8829bbf668de0265fbb4bbaa52
GET /sf/a9fa8f4d-dc27-4de6-b483-93c3d60fca0b/plugin.min.js HTTP/1.1
Host: get.optad360.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 09 Nov 2022 13:46:40 GMT
Last-Modified: Wed, 09 Nov 2022 13:45:51 GMT
ETag: W/"9f1df05debfe049596edfc6de376ce9e"
Cache-Control: public, max-age=604800
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: rfcSCcFL1BIRAsCSL9zjEns4YcTxhHWoGICMfxhNZ-SjDwN6AeJ-qQ==
Age: 78016
fr.wordssidekick.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
172.67.155.249200 OK 655 B URL HTTP/1.1 fr.wordssidekick.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 172.67.155.249:0
File type HTML document, ASCII text, with very long lines (1238)
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: fr.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/28112-how-brain-mapping-works
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 08 Nov 2022 13:16:42 GMT
ETag: W/"636a56ba-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DbHoxrNGLtgCNonb%2Bgz40ETpqcYm9XF35OJiRhDs2cZFDeq1ym0gfXc2OiXtMFqF7OGSqe66tjCLJx1C%2B2NMprHwt%2Be5hJacGWi%2FcvPIszTEnSsiZIYBpSXz6vF38S5%2F4np0kv1wNw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6f9dff34b518-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Sat, 12 Nov 2022 11:26:55 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
fr.wordssidekick.com/template/Science/css/index.css
172.67.155.249200 OK 16 kB URL HTTP/1.1 fr.wordssidekick.com/template/Science/css/index.css
IP 172.67.155.249:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 26b32d4f86880fb8bbbe2485fd1d08d1
c017736e7e04c0bc43fe09815541ff48ea68833d
6592aa23a26c89b468d2f96b982f1dd262c210a200249bcd0637c2647c513592
GET /template/Science/css/index.css HTTP/1.1
Host: fr.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/28112-how-brain-mapping-works
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:55 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=604800
Cf-Bgj: minify
Cf-Polished: origSize=114570
ETag: W/"1bf8a-5af429a4e967a"
Expires: Mon, 14 Nov 2022 08:55:34 GMT
Last-Modified: Mon, 14 Sep 2020 09:24:35 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7pKYhAgrOZ36Q9hU78IBtKCE05pKvIJH5ZqDj%2F44K3u2jdkvNpwwQ2cUPWjQofoq09MrV0LPVW0Q4wlQo4rA0TKaVgwUS2BG8wn4QtSHB87NsfEQ8fTc6%2BMe5AJHo2%2B2SHW4MvHgAA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 767e6f9dcca7b50b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js
151.101.85.229301 Moved Permanently 0 B URL HTTP/1.1 cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js
IP 151.101.85.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npm/cookieconsent@3/build/cookieconsent.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js
Accept-Ranges: bytes
Date: Thu, 10 Nov 2022 11:26:55 GMT
X-Served-By: cache-bma1624-BMA
X-Cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
code.jquery.com/jquery-2.2.1.min.js
69.16.175.42200 OK 30 kB URL HTTP/1.1 code.jquery.com/jquery-2.2.1.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (32019)
Hash 5b423a4bde44e2d03668c8fc2e230758
60fb13614d1bfe3685d09e070ffc654f2b0729f4
26a46a57e001319776582d64bc222e2bb0fccb213486d170fa60980996f70bce
GET /jquery-2.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:55 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 29882
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 16 Feb 2022 10:50:39 GMT
Accept-Ranges: bytes
Server: nginx
ETag: W/"620cd6ff-14e7e"
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
X-HW: 1668079615.dop203.sk1.t,1668079615.cds263.sk1.c
fr.wordssidekick.com/template/Science/js/menu.js
172.67.155.249200 OK 1.8 kB URL HTTP/1.1 fr.wordssidekick.com/template/Science/js/menu.js
IP 172.67.155.249:0
File type ASCII text, with very long lines (861)
Hash e7957aab62b335a9b69582a643ae2b2b
5ed7df491092eade691d1fd12d61dc33fc5ea026
dc0302d88360339c9756fc338f6d5be6001f979083211b51cf029cbac096dec1
GET /template/Science/js/menu.js HTTP/1.1
Host: fr.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/28112-how-brain-mapping-works
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=604800
Cf-Bgj: minify
Cf-Polished: origSize=9825
ETag: W/"2661-5ea9ab5b4c719"
Expires: Mon, 14 Nov 2022 08:55:34 GMT
Last-Modified: Sun, 09 Oct 2022 14:17:57 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUPCfPbMRUW23UBp%2FsAfTzppto0lT4JyMciYPAoNZSkeCa5ziMETiRJ%2FBmzWSzRtos%2BOrwi9goSmuG9H%2F6SAIP2DoYHOLtWoBf4mn5C%2FKCHCdtO58uUVlBDqTGGo2qyZKZRHLJJcSA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 767e6f9e0f46b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c5ade91310a030dadfd04da3f0de0dd4
6187e781625041c9c1ca6c09d97e2292b25ab985
e58624ba905f7f43df705e5ad73ec04491fbf7d26a316163cc74ab8095a57088
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6235
Cache-Control: max-age=109066
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:55 GMT
Etag: "636bceaf-117"
Expires: Fri, 11 Nov 2022 17:44:41 GMT
Last-Modified: Wed, 09 Nov 2022 16:00:47 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
fr.wordssidekick.com/template/Science/js/jquery.unveil2.js
172.67.155.249200 OK 1.7 kB URL HTTP/1.1 fr.wordssidekick.com/template/Science/js/jquery.unveil2.js
IP 172.67.155.249:0
File type ASCII text, with very long lines (1096)
Hash 7264ffd633d89c5ff1fa01c16ddbb03a
39503ff26fe702fceb3930260ccc78ce00f4d2e0
81aa631d80f53d4dd4e881c3728cfcec5e8722b865db533244ceac06902d91bb
GET /template/Science/js/jquery.unveil2.js HTTP/1.1
Host: fr.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/28112-how-brain-mapping-works
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=604800
Cf-Bgj: minify
Cf-Polished: origSize=13000
ETag: W/"32c8-5ea9ab5b48c81"
Expires: Wed, 16 Nov 2022 17:44:11 GMT
Last-Modified: Sun, 09 Oct 2022 14:17:57 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5GC6HPEdln1rPn2VOKrJ6cmdwU0LbrhAIBvM7T2iJDwYDotp1Bn1Fvv73gAEjTxljZ4588lbZEc7YlZE8oT3zAOGM57HAvElRGZruUtuoDbUmrFdcjZ1DsP3wE9ViZwuPG3l1wuiYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 767e6f9dff3bb518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fr.wordssidekick.com/template/Science/js/more.js
172.67.155.249200 OK 735 B URL HTTP/1.1 fr.wordssidekick.com/template/Science/js/more.js
IP 172.67.155.249:0
File type ASCII text, with very long lines (654)
Hash c2950a6f77b7c820dfdda31b2bfe695b
17a110ba359cb6b669fc248d1d52b582caaca7e8
3695589e8a32d582873f44db18cef4d6b2b43a78344b0a081a9f72822030693e
GET /template/Science/js/more.js HTTP/1.1
Host: fr.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/28112-how-brain-mapping-works
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=604800
Cf-Bgj: minify
Cf-Polished: origSize=2721
ETag: W/"aa1-5ea9ab5b480c9"
Expires: Mon, 14 Nov 2022 08:55:34 GMT
Last-Modified: Sun, 09 Oct 2022 14:17:57 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHLpnodMNiRWLw7pL5tTIZ%2B5YE7o2vmrDw2OHy2T2S0H%2B4dHNqSQ3vpcuy0CLUzAf91LGSZm6tJQ8zFKEolbYUCqnx2yUiO4vpl%2BEtYB7BzsI2Gtn2q9B3YS1rd8cizEyM7CVeCPuA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 767e6f9e0dc01c16-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fr.wordssidekick.com/template/Science/js/hor.js
172.67.155.249200 OK 453 B URL HTTP/1.1 fr.wordssidekick.com/template/Science/js/hor.js
IP 172.67.155.249:0
Hash 3e9d958636516a86f40db960f7633c3e
1c26c2fc989b7879633d1a26f105818147c455db
f1cb96ac7313b2d547307e94cb932d6be8f93abcfcc55b86fd4f4b433650da16
GET /template/Science/js/hor.js HTTP/1.1
Host: fr.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/28112-how-brain-mapping-works
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=604800
Cf-Bgj: minify
Cf-Polished: origSize=1524
ETag: W/"5f4-5ea9ab5b459b9"
Expires: Mon, 14 Nov 2022 08:55:34 GMT
Last-Modified: Sun, 09 Oct 2022 14:17:57 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkG4XsqL40CKyw7yaKPt5oYVzHoeFsAEcKPASMQcdDT4xyC0EsRZW2jkwypn8UfAlFA5OkE7Q%2FirhLbhB89pKKwXxkn0doIU%2FknK%2Bp73RQqWUMJCKWfhnX5UQlYYEYSRSr01IGo9wA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 767e6f9e0a610b4d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fr.wordssidekick.com/template/Science/img/logo_wpr.png
172.67.155.249200 OK 9.3 kB URL HTTP/1.1 fr.wordssidekick.com/template/Science/img/logo_wpr.png
IP 172.67.155.249:0
File type PNG image data, 269 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash b399e4043a0383b3db09f7c19948a16c
7c44a92dfe63198ee8dd5b3f74b7806446122610
81bea819a1a25acfa2e30290f2ba0a05f638d42dbe29a3fd26e706cf84b7d92e
GET /template/Science/img/logo_wpr.png HTTP/1.1
Host: fr.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/28112-how-brain-mapping-works
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:55 GMT
Content-Type: image/png
Content-Length: 9263
Connection: keep-alive
Last-Modified: Mon, 14 Sep 2020 09:24:36 GMT
ETag: "242f-5af429a612478"
Cache-Control: max-age=2592000
Expires: Wed, 07 Dec 2022 08:55:34 GMT
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kpAfb0bwqwuSgj4AHTM%2FHZtGrDuiugbMFezq3F0GyKmxPUJL47Wlsc%2FZfvaFgCMcv5qB04buyrQLHIY5T2focXzMb1puI7EhxsZQx4%2FnsULX7xah54giTTPZAZunaaA83mj5w1vjNA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6f9e0bf8b505-OSL
alt-svc: h2=":443"; ma=60
fr.wordssidekick.com/template/Science/img/bclose.png
172.67.155.249200 OK 4.5 kB URL HTTP/1.1 fr.wordssidekick.com/template/Science/img/bclose.png
IP 172.67.155.249:0
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash cc0a36174339ad87be6da69df5eec0de
e913f0af298cc74947198798f33c9ea10e7cb1c7
44795dbb2951e5b13d30b9ad4f15cfcaf15a3ef865d9c1bf88d7049cd5a110c6
GET /template/Science/img/bclose.png HTTP/1.1
Host: fr.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/28112-how-brain-mapping-works
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:55 GMT
Content-Type: image/png
Content-Length: 4529
Connection: keep-alive
Last-Modified: Mon, 14 Sep 2020 09:24:36 GMT
ETag: "11b1-5af429a5f5b70"
Cache-Control: max-age=2592000
Expires: Wed, 07 Dec 2022 08:55:34 GMT
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9NyFKXLaqtVq8z3%2FRb9rDkuKF%2Bj1U0iycVW0eouLjYh9KHwIFfyLvA8gkpnPGcI9HpMyUL6P58Tshh6wKpd71gyRqk7siJZrtUhAtAV%2FutV7MwIONd2o8BhsMjcHIu0JaI977aAbsg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6f9e4f9bb518-OSL
alt-svc: h2=":443"; ma=60
fr.wordssidekick.com/template/Science/img/top_search.png
172.67.155.249200 OK 1.1 kB URL HTTP/1.1 fr.wordssidekick.com/template/Science/img/top_search.png
IP 172.67.155.249:0
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 4cebe97c246e36bda3fe6cf67459f1aa
db7c45c3dd3c8dfc04631cde5133f3b7cced25d2
deedd7bf7f5195b63e455d704825527f86bc3c8cc194830d34d08d14ba0ca30a
GET /template/Science/img/top_search.png HTTP/1.1
Host: fr.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/28112-how-brain-mapping-works
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:55 GMT
Content-Type: image/png
Content-Length: 1087
Connection: keep-alive
Last-Modified: Mon, 14 Sep 2020 09:24:36 GMT
ETag: "43f-5af429a61dff7"
Cache-Control: max-age=2592000
Expires: Wed, 07 Dec 2022 08:55:34 GMT
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZ0SOdsHuVYGNKXWR6QMbdI5hqW827AnS5lesVIGCO4yf3BKKdcwnPfdq9qOg9FhYIwwCW6h5tFYbZLYcA1JVl9qKK1Lwul609mFf9jKKBNTD7ues8881qn05Q%2BH3Mj6Nh0Yx7kkyw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6f9e4df51c16-OSL
alt-svc: h2=":443"; ma=60
fr.wordssidekick.com/template/Science/img/top_menu.png
172.67.155.249200 OK 392 B URL HTTP/1.1 fr.wordssidekick.com/template/Science/img/top_menu.png
IP 172.67.155.249:0
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash aadd50b42b8959a36caaa082573b0285
3bc9494e72eebdf22c48116acb91e706f1f30e6c
d199d672569f95242069a482c6afd323f51a871c8da955dd8d81a1cf832e12e2
GET /template/Science/img/top_menu.png HTTP/1.1
Host: fr.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/28112-how-brain-mapping-works
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:55 GMT
Content-Type: image/png
Content-Length: 392
Connection: keep-alive
Last-Modified: Mon, 14 Sep 2020 09:24:36 GMT
ETag: "188-5af429a61d827"
Cache-Control: max-age=2592000
Expires: Wed, 07 Dec 2022 08:55:34 GMT
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHnOEKOTadCXDNJUHuyWB%2BD%2B%2Byr9e93PHt1u0XSZNkSAoRg3So8DZz3LYRanPE29y1ybuKp92HxEMyqdzG%2Bxked79%2F0ZaiURsEiG5hV3QqX0H%2F%2B2AcprhmGSoPqxJ9BhLLM3fgGqTg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6f9e4a990b4d-OSL
alt-svc: h2=":443"; ma=60
fr.wordssidekick.com/template/Science/img/ft_logo.png
172.67.155.249200 OK 14 kB URL HTTP/1.1 fr.wordssidekick.com/template/Science/img/ft_logo.png
IP 172.67.155.249:0
File type PNG image data, 222 x 168, 8-bit/color RGBA, non-interlaced\012- data
Hash faf41f8a323d72145125e993c80400e0
a183e0622f963816be0ed8ba76106c200ef66867
53b0616cebe603dfa8159f3f6b102e290db66688da6f8843ebd01d39bdd325fb
GET /template/Science/img/ft_logo.png HTTP/1.1
Host: fr.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/28112-how-brain-mapping-works
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:55 GMT
Content-Type: image/png
Content-Length: 14009
Connection: keep-alive
Last-Modified: Mon, 14 Sep 2020 09:24:36 GMT
ETag: "36b9-5af429a606128"
Cache-Control: max-age=2592000
Expires: Wed, 07 Dec 2022 08:55:34 GMT
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFYE5ionrWYINEeSM9Toc6sKiXHqZUBvF8eWTKvc7XB3dHrSVL%2FNQ70Dla4WVVCbR9U2j146fYwhHy1oHHa%2BrLznBzo61rs6U0gNVUgtN6qP%2FWEhuUq6t9QMoGuMU5z4OLYOjDbe9g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6f9e3f8eb518-OSL
alt-svc: h2=":443"; ma=60
cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css
151.101.85.229200 OK 1.3 kB URL HTTP/2 cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css
IP 151.101.85.229:0
File type ASCII text, with very long lines (1460)
Hash 8786cd8041431d860694eed4e4df5493
ad176b25138137c05527a1a93f9b1d2bd9819bb6
2f1ab64452cbd8b4a75b5f778aaadd7f8a9c194ef48c5e2e9132393b68d21a85
GET /npm/cookieconsent@3/build/cookieconsent.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fr.wordssidekick.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 3.1.1
x-jsd-version-type: version
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 10 Nov 2022 11:26:55 GMT
age: 18138
x-served-by: cache-fra-eddf8230021-FRA, cache-bma1625-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1299
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js
151.101.85.229200 OK 6.8 kB URL HTTP/2 cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (20693), with no line terminators
Hash 58a872ad8da4bad737e618cf78b55feb
1917e7662a1c0d1034c3056c6ebd0e9ae2d542f1
5ddc446ff4623ed98a827c66171c9d5d2809d7f679b0681eb088765e272849bb
GET /npm/cookieconsent@3/build/cookieconsent.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fr.wordssidekick.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.1.1
x-jsd-version-type: version
etag: W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 10 Nov 2022 11:26:55 GMT
age: 18106
x-served-by: cache-fra-eddf8230087-FRA, cache-bma1625-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6756
X-Firefox-Spdy: h2
science.wordssidekick.com/animals/adorable-american-pika-is-disappearing-due-to-climate-change.jpg
104.21.66.39200 OK 85 kB URL HTTP/1.1 science.wordssidekick.com/animals/adorable-american-pika-is-disappearing-due-to-climate-change.jpg
IP 104.21.66.39:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 650x487, components 3\012- data
Hash a9fd0d7d5f23c3062f0c2b4e2771237e
0b8fdec91570516e89e0ed82663b0ca1c5532f48
cdf008190f037f15f4a3ce01eca30d39eccc12ebabad8c68345b5c661f52c98a
GET /animals/adorable-american-pika-is-disappearing-due-to-climate-change.jpg HTTP/1.1
Host: science.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:55 GMT
Content-Type: image/jpeg
Content-Length: 84737
Connection: keep-alive
Last-Modified: Mon, 03 Dec 2018 13:21:16 GMT
ETag: "5c052dcc-14b01"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6fbUZFHAo68yFhM%2F7lzAP59uBB8H7xYjLkKntgJjOsP0%2B14OCbpflldvcjr6lNAGCVugh2N9xsqshvcgH051bUaN8xQWXPPeww1bN961Gb1ItjCxnBtUnDrFYmkudJxTqMY1RsElmEanNpb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6f9e7c2e1bfa-OSL
alt-svc: h2=":443"; ma=60
science.wordssidekick.com/lab/fr/2018_environmental-science/what-is-thermal-technology.jpg
104.21.66.39404 Not Found 225 B URL HTTP/1.1 science.wordssidekick.com/lab/fr/2018_environmental-science/what-is-thermal-technology.jpg
IP 104.21.66.39:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 649bc7ea18186b54cca6a02c9bd09702
a1d4f3f4a711100add6f724d3837f766dc25a428
fddb61abfe248bbde6a8a7e37db32ab34f1640f0bb21b21e13aae4b2bab01ab1
GET /lab/fr/2018_environmental-science/what-is-thermal-technology.jpg HTTP/1.1
Host: science.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
HTTP/1.1 404 Not Found
Date: Thu, 10 Nov 2022 11:26:55 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kC9RUOJEQ2zuY9hp3t2z8GkUof2VevQ4gpEkBgMJJzVGk0CSC%2B6EWjgGJmJwFfKESpVS4Af%2FownBj8zguVKEz3B0ERB62F1U49GaZefv1hqPZNJxadJZTkikGwUqoy8%2BXVoR7eeaQRCc3xl4"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6f9e6bf3b4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
science.wordssidekick.com/lab/fr/2016_strange-news/looking-for-bigfoot.jpg
104.21.66.39200 OK 59 kB URL HTTP/1.1 science.wordssidekick.com/lab/fr/2016_strange-news/looking-for-bigfoot.jpg
IP 104.21.66.39:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 564x377, components 3\012- data
Hash e9d3f81aaf5765691f06d7ac8872ce3b
e4efc085b10a9e029730a37f0bd6643f2107e2d3
f5167b69b3433fc3f36d61601d670ad0f180077936f206b0b3951645121555bd
GET /lab/fr/2016_strange-news/looking-for-bigfoot.jpg HTTP/1.1
Host: science.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:55 GMT
Content-Type: image/jpeg
Content-Length: 58949
Connection: keep-alive
Last-Modified: Sat, 21 Sep 2019 01:36:22 GMT
ETag: "5d857e96-e645"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJRPTyOjxzAFXZoxi%2BJEdAdHn%2Bp40rAxMFNm9DGQNG33g95zSYnUoWDQIKZm%2FuYfsQ1rwxEYcHnG0khlvSu%2BHmozyMM5p9oWwe%2FG4GZH237SEJ3hobPjsZKVtO5DjKVzHcaNoF6k%2Fo%2FDWVUX"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6f9e1928b51e-OSL
alt-svc: h2=":443"; ma=60
web-ptica.ru/VRV-files/knopkavverh/22.js
91.201.43.63200 OK 1.7 kB URL HTTP/1.1 web-ptica.ru/VRV-files/knopkavverh/22.js
IP 91.201.43.63:0
File type Unicode text, UTF-8 (with BOM) text
Hash 9b26e6e08a4d7a56cd038d3c9bb7152c
47841d033df8823a70d12c34592eb83d68633aed
c8a4cb4cb0e3c8c0fb72665afaede6484936dba8e36bbc26cefc45f438c25f0d
GET /VRV-files/knopkavverh/22.js HTTP/1.1
Host: web-ptica.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 11:26:55 GMT
Content-Type: application/javascript
Last-Modified: Sun, 03 Dec 2017 20:48:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5a246306-ebd"
Expires: Sun, 20 Nov 2022 11:26:55 GMT
Cache-Control: max-age=864000
Content-Encoding: gzip
science.wordssidekick.com/lab/fr/2018_history/photos-2-000-year-old-roman-road-and-coins-discovered-in-israel.jpg
104.21.66.39200 OK 56 kB URL HTTP/1.1 science.wordssidekick.com/lab/fr/2018_history/photos-2-000-year-old-roman-road-and-coins-discovered-in-israel.jpg
IP 104.21.66.39:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 550x309, components 3\012- data
Hash edf6840267bc8d1337636a3e946c18d6
6e6804ff846d069295fbcbeb2e970750ccf61535
29a3777c3cef487e4953aab376c9088a12416eb19ee684bea19d5b2b66bd8357
GET /lab/fr/2018_history/photos-2-000-year-old-roman-road-and-coins-discovered-in-israel.jpg HTTP/1.1
Host: science.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:55 GMT
Content-Type: image/jpeg
Content-Length: 55897
Connection: keep-alive
Last-Modified: Sat, 21 Sep 2019 00:43:20 GMT
ETag: "5d857228-da59"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6PwqkQBXwUroag2fYk6rpWUsIWm1fZELE5YxfymdObhGaHYiYvrncf%2BS8PM4lPR26N53SN%2BDRrW%2BtOxbeovNXsUv0nE99QyU7G7f1sER%2Fa4WLxwooLXpy4zyrQBtaURivADB3dIRoHscCvbm"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6f9e4e50b509-OSL
alt-svc: h2=":443"; ma=60
science.wordssidekick.com/life-science/how-brain-mapping-works-3.jpg
104.21.66.39200 OK 19 kB URL HTTP/1.1 science.wordssidekick.com/life-science/how-brain-mapping-works-3.jpg
IP 104.21.66.39:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 345x238, components 3\012- data
Hash 6c5c316731a78535911627cc0b5e9245
4429015db407b0813d4fc5d959c87b887eb5d740
1436dffd5cbcbd12d58f0ae492fba463dad61ade4e0b7ed69287b66c926395c2
GET /life-science/how-brain-mapping-works-3.jpg HTTP/1.1
Host: science.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:55 GMT
Content-Type: image/jpeg
Content-Length: 19175
Connection: keep-alive
Last-Modified: Mon, 03 Dec 2018 03:16:44 GMT
ETag: "5c04a01c-4ae7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYEoWfs1ORJBRzrlSZjEmNSsCbUv0EEA0S7Tov8PTu5ZKa%2FD1gYG4YOdh1Ef5gnM1kuIGXRB5fdB2i9LxVAObfjr7aVYJZRTFIGn5MhBV5TI0ZUXKMuOMiaGzu5UpVwxWniIjfcas2ta2IFx"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6f9edeb01c06-OSL
alt-svc: h2=":443"; ma=60
science.wordssidekick.com/lab/fr/2015_culture/lost-art-photos-of-paintings-stolen-from-gardner-museum.jpg
104.21.66.39200 OK 58 kB URL HTTP/1.1 science.wordssidekick.com/lab/fr/2015_culture/lost-art-photos-of-paintings-stolen-from-gardner-museum.jpg
IP 104.21.66.39:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 563x369, components 3\012- data
Hash d97bd7a290bd77eef34502405f29af31
ebd12c7fe5cce571a904cd60bd77db142626c5df
4e36684efc6775ffbe4a946b1b5ccf48cb93754536466d2094d5534826508cd4
GET /lab/fr/2015_culture/lost-art-photos-of-paintings-stolen-from-gardner-museum.jpg HTTP/1.1
Host: science.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:55 GMT
Content-Type: image/jpeg
Content-Length: 58040
Connection: keep-alive
Last-Modified: Sat, 21 Sep 2019 01:35:52 GMT
ETag: "5d857e78-e2b8"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g4Xo9EpMEv%2BRJX3a7LzzAOIajVsHfgRtvlbfbrYdxaE26HgdJmjqitRs1be42taYemN7yiU%2BKj85YapgmWDAtBKqpZQlmQ8eq%2BBiZuokVcc6NOO97vSN4rU7yfCGx7ApdhDTUpXQJfBYGw2V"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6f9f1fb2b500-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8053296ed7cef42b818ba0df5c4669e
c73adf1e2fb251139ecfc12c5b522183e11e42e3
65d9c7590f1ff9791c28c0d25f0963d0ce3c8fde8adc3df321d9308b35692aca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D9C7590F1FF9791C28C0D25F0963D0CE3C8FDE8ADC3DF321D9308B35692ACA"
Last-Modified: Wed, 09 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7586
Expires: Thu, 10 Nov 2022 13:33:21 GMT
Date: Thu, 10 Nov 2022 11:26:55 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c5ade91310a030dadfd04da3f0de0dd4
6187e781625041c9c1ca6c09d97e2292b25ab985
e58624ba905f7f43df705e5ad73ec04491fbf7d26a316163cc74ab8095a57088
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6235
Cache-Control: max-age=109066
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:55 GMT
Etag: "636bceaf-117"
Expires: Fri, 11 Nov 2022 17:44:41 GMT
Last-Modified: Wed, 09 Nov 2022 16:00:47 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
fr.wordssidekick.com/template/Science/css/gerbera-light-webfont-western.woff2
172.67.155.249200 OK 45 kB URL HTTP/1.1 fr.wordssidekick.com/template/Science/css/gerbera-light-webfont-western.woff2
IP 172.67.155.249:0
File type Web Open Font Format (Version 2), TrueType, length 45400, version 1.0\012- data
Hash c38d2b6f56e2fa269b0d3c96e5366032
16a407b82d92eb744d9d0ce466432d07a006d6ca
c715dacd0ac445fd521d977b187fa04cccca2cda2312480bc4ff1fe0ac2aedcc
GET /template/Science/css/gerbera-light-webfont-western.woff2 HTTP/1.1
Host: fr.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://fr.wordssidekick.com/template/Science/css/index.css
Cookie: __oagr=true
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:55 GMT
Content-Length: 45400
Connection: keep-alive
Last-Modified: Mon, 14 Sep 2020 09:24:34 GMT
ETag: "b158-5af429a4cb9eb"
Cache-Control: max-age=604800
Expires: Wed, 16 Nov 2022 10:35:54 GMT
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FODHBA5ySf5tQeiP%2B3X%2FLXz9nKtSURQMq%2BbcS0Ub34TbCtMAzAE44D7PnQIBfi38ttBxFgHXxVnGgrr5eR6sp%2F5bLL%2BU0rYx9TLlfOhP9P8O8L8OIP3E8gNDH8Q3sQv4H%2FOfAtb%2FxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6f9f9e2bb505-OSL
alt-svc: h2=":443"; ma=60
fr.wordssidekick.com/template/Science/css/3d7cf876-114c-43b2-9cd3-e41100d59495.woff2
172.67.155.249200 OK 25 kB URL HTTP/1.1 fr.wordssidekick.com/template/Science/css/3d7cf876-114c-43b2-9cd3-e41100d59495.woff2
IP 172.67.155.249:0
File type Web Open Font Format (Version 2), TrueType, length 24848, version 1.0\012- data
Hash 76a2aa61c086b6157a8a06f268ba6491
a7482aea581a9e7eb1354abe5d547767f247a13f
6fd942cdbdaa5828a5dff23e2c6873abb906ba18ad47568b881d0cbe956c9ce2
GET /template/Science/css/3d7cf876-114c-43b2-9cd3-e41100d59495.woff2 HTTP/1.1
Host: fr.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://fr.wordssidekick.com/template/Science/css/index.css
Cookie: __oagr=true
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:55 GMT
Content-Length: 24848
Connection: keep-alive
Last-Modified: Mon, 14 Sep 2020 09:24:34 GMT
ETag: "6110-5af429a4a605b"
Cache-Control: max-age=604800
Expires: Wed, 16 Nov 2022 10:32:47 GMT
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUQsuj0Id7M9dvBn0WPpRLO%2FMOQaOzkwbvmgc%2BEfxAwLaQnGQNQaXA5PjtEQh%2BzMwUngwbuVlTU4cRv64EUQl%2Flz1BeiqOP%2FvwGiyIsCX9VQZQ59r%2FcJCf4JQE7ss8kCMdYCovgP5g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6f9f995ab518-OSL
alt-svc: h2=":443"; ma=60
fr.wordssidekick.com/template/Science/css/17fb8f17-deac-465b-9b87-00478ef3658c.woff2
172.67.155.249200 OK 29 kB URL HTTP/1.1 fr.wordssidekick.com/template/Science/css/17fb8f17-deac-465b-9b87-00478ef3658c.woff2
IP 172.67.155.249:0
File type Web Open Font Format (Version 2), TrueType, length 29132, version 0.0\012- data
Hash 2be6ea2dfd979320ce38e82f92df0f24
32b9a5fc282d10fccf7039cf0f6dc288c956efd2
8291b84161cbbdb4f51be8979d0ed4996c63f1d013600b5b6d121bb7bef379ce
GET /template/Science/css/17fb8f17-deac-465b-9b87-00478ef3658c.woff2 HTTP/1.1
Host: fr.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://fr.wordssidekick.com/template/Science/css/index.css
Cookie: __oagr=true
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:55 GMT
Content-Length: 29132
Connection: keep-alive
Last-Modified: Mon, 14 Sep 2020 09:24:34 GMT
ETag: "71cc-5af429a4a0a6b"
Cache-Control: max-age=604800
Expires: Wed, 16 Nov 2022 10:32:47 GMT
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKa11noXNYogNMx%2BgF9PCzoxcaZcsYe01SYS0Prd%2B0db4q%2FMDqJqVk02RYFUlE5xvRIJtunhAO3%2B3NxVX%2BGcmN4xWqy%2B1Qh97qpupGMy0WHsR7GoJiGhExZI4xTpmKHlFFUjnI67TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6f9f995db518-OSL
alt-svc: h2=":443"; ma=60
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 3d73132f98b3ca81710d1b41e0a18026
d34fee31a8aa0d6b44e70d13b578b3a2c056d5e4
9b0a3191cb38eb9ed0614abf18bbb5dfcfb5bf752c53e95d251792041e790b20
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:55 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "A6C15589290EB4D74B7B5E376A222857B6F88FF0"
Expires: Thu, 10 Nov 2022 22:00:00 GMT
Last-Modified: Thu, 10 Nov 2022 10:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 589
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6f9fdcefb4f3-OSL
fr.wordssidekick.com/template/Science/css/61126bf1-4007-4a86-8906-5a96056c4838.woff2
172.67.155.249200 OK 25 kB URL HTTP/1.1 fr.wordssidekick.com/template/Science/css/61126bf1-4007-4a86-8906-5a96056c4838.woff2
IP 172.67.155.249:0
File type Web Open Font Format (Version 2), TrueType, length 25304, version 1.0\012- data
Hash c533ff09e98488ddc90081c1a9058cf6
6962c80a4de2224a05fade6257f7f1c99368f3f5
95a95fa4ec3396a9328d0660e09c073ab9c0af0cc4f9256b7a2a04ea84ef301b
GET /template/Science/css/61126bf1-4007-4a86-8906-5a96056c4838.woff2 HTTP/1.1
Host: fr.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://fr.wordssidekick.com/template/Science/css/index.css
Cookie: __oagr=true
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:55 GMT
Content-Length: 25304
Connection: keep-alive
Last-Modified: Mon, 14 Sep 2020 09:24:34 GMT
ETag: "62d8-5af429a4aa2c3"
Cache-Control: max-age=604800
Expires: Wed, 16 Nov 2022 10:32:47 GMT
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRNfBrqW8mW%2F3Nt61YxylKUowJsV%2FgyaWWnty%2B3rspOMp4k4ctTPkGlSrq7D2r21Zrf0oJIKMv5qc8BPF3Ooso5K9nOr98rkx6pEhCDhIzD1h1RAJOywys4j2Y7%2BRkVp7Ykr18aThg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6f9fcf281c16-OSL
alt-svc: h2=":443"; ma=60
fr.wordssidekick.com/template/Science/css/gerbera-medium-webfont-western.woff2
172.67.155.249200 OK 44 kB URL HTTP/1.1 fr.wordssidekick.com/template/Science/css/gerbera-medium-webfont-western.woff2
IP 172.67.155.249:0
File type Web Open Font Format (Version 2), TrueType, length 43796, version 1.0\012- data
Hash 293870b68403e7bcc17ae4f1d450dded
edef533ffb6c0ca53c9cf65afb78b01249139e66
acea56a14ddf972f9ca073cda0c434e1decd66c73cc55e85fd771563ef47056c
GET /template/Science/css/gerbera-medium-webfont-western.woff2 HTTP/1.1
Host: fr.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://fr.wordssidekick.com/template/Science/css/index.css
Cookie: __oagr=true
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:56 GMT
Content-Length: 43796
Connection: keep-alive
Last-Modified: Mon, 14 Sep 2020 09:24:35 GMT
ETag: "ab14-5af429a4d4e5b"
Cache-Control: max-age=604800
Expires: Wed, 16 Nov 2022 10:32:47 GMT
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XudpRrB7D6voE%2FtfHntFHpoE%2BW%2Fz9CaxfZtJUac3DKUPNaMBv1B7%2FT5r%2BxfAbt1lOkChmr45dKKGmRwDoYn9p6f9oxcEKKj1X8kpXj20xzoqVp%2Fy%2FGbYkCMwVpg5wJJ%2FqlAw35GPTA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6f9fde75b505-OSL
alt-svc: h2=":443"; ma=60
fr.wordssidekick.com/template/Science/css/op.png
172.67.155.249200 OK 2.8 kB URL HTTP/1.1 fr.wordssidekick.com/template/Science/css/op.png
IP 172.67.155.249:0
File type PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data
Hash e9c759e1064213744cce31dcf00fec3b
469befbdb0ee99a391d55a5625f69eb1477d6b90
fe5f20651476b109f207b8287b2ce5baa15ea921d2ed03be13fc951041b09a36
GET /template/Science/css/op.png HTTP/1.1
Host: fr.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/template/Science/css/index.css
Cookie: __oagr=true
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:56 GMT
Content-Type: image/png
Content-Length: 2791
Connection: keep-alive
Last-Modified: Mon, 14 Sep 2020 09:24:35 GMT
ETag: "ae7-5af429a54bcb2"
Cache-Control: max-age=2592000
Expires: Sat, 10 Dec 2022 02:42:04 GMT
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IFYw%2BSerMiKkWzGn8qrMYZdLg1n4F1Ixn4wQ8C6AklRoj%2BNYqNkjDiOaaXOHMtsYdAvtwXPNQNZlX1Iiyg27FpGEu2dZeaBDZyxb%2Btg9tw0rEGWZdJGaTZAYRL4dbvMAdhpJ3J4KAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6f9fd994b518-OSL
alt-svc: h2=":443"; ma=60
fr.wordssidekick.com/template/Science/css/scale_point.png
172.67.155.249200 OK 2.9 kB URL HTTP/1.1 fr.wordssidekick.com/template/Science/css/scale_point.png
IP 172.67.155.249:0
File type PNG image data, 9 x 9, 8-bit/color RGB, non-interlaced\012- data
Hash e7d9b2cd8a574d281b400378c863c7ed
3d1bc200ba0fc75880dcd24e67263d6e55f45144
ea8ce9be7b9e4a405122bc9490cbb4905c38e1ba68d2fbe4d4ff182aa40fa15d
GET /template/Science/css/scale_point.png HTTP/1.1
Host: fr.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/template/Science/css/index.css
Cookie: __oagr=true
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:56 GMT
Content-Type: image/png
Content-Length: 2913
Connection: keep-alive
Last-Modified: Mon, 14 Sep 2020 09:24:35 GMT
ETag: "b61-5af429a569559"
Cache-Control: max-age=2592000
Expires: Sat, 10 Dec 2022 04:36:43 GMT
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JyMLRU3i5wbfVA0F4ro431rNHNPk4X8GCjhq8%2F5oUUvoKL1Z4OGJ0%2FezKDGGRjetuM248CYoKiLlfeWfUVpGD17jYvej5kMdVeUDjSEG8UzLPv2DBHSrtPdq6KrkYcX8X2btDBD1LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6f9fe9abb518-OSL
alt-svc: h2=":443"; ma=60
fr.wordssidekick.com/template/Science/css/logo_home_top.png
172.67.155.249200 OK 11 kB URL HTTP/1.1 fr.wordssidekick.com/template/Science/css/logo_home_top.png
IP 172.67.155.249:0
File type PNG image data, 404 x 63, 8-bit/color RGBA, non-interlaced\012- data
Hash 7bbd851c3dd5512e0d57c1b7eab2096e
400ce52f4beff346358d216121037e31da9331fd
02947c61814b3646185af12a3678df797b90c4564bd9551d0b21d7d03a309a14
GET /template/Science/css/logo_home_top.png HTTP/1.1
Host: fr.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/template/Science/css/index.css
Cookie: __oagr=true
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:56 GMT
Content-Type: image/png
Content-Length: 11226
Connection: keep-alive
Last-Modified: Mon, 14 Sep 2020 09:24:35 GMT
ETag: "2bda-5af429a519032"
Cache-Control: max-age=2592000
Expires: Sat, 10 Dec 2022 04:36:43 GMT
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2Bi4%2FYhc1PRKrykl%2F2jenFuUKfg2Fd1BdT%2B2fFvtrk7%2FZjZl8H50LXKUNeOWWsgMvyiKOThD%2B9e5CmCAOOxiBvEWJQckfbOGpiDOo2GGQkoTdEjhqrm3H2jvC%2FduuOvb9suoC7SNTA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6f9febf50b4d-OSL
alt-svc: h2=":443"; ma=60
fr.wordssidekick.com/template/Science/css/scale_point_active.png
172.67.155.249200 OK 3.2 kB URL HTTP/1.1 fr.wordssidekick.com/template/Science/css/scale_point_active.png
IP 172.67.155.249:0
File type PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced\012- data
Hash 83ffb62e81d9a386f61c3cc2765e5eb4
4bac18b3968243bf3457ee2ca962c53f4428755b
3a4385da597d1e674ed4e02c4ac086ff8139265fc3c2a4427acc1f8b59968a7e
GET /template/Science/css/scale_point_active.png HTTP/1.1
Host: fr.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/template/Science/css/index.css
Cookie: __oagr=true
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:56 GMT
Content-Type: image/png
Content-Length: 3158
Connection: keep-alive
Last-Modified: Mon, 14 Sep 2020 09:24:35 GMT
ETag: "c56-5af429a569d29"
Cache-Control: max-age=2592000
Expires: Fri, 09 Dec 2022 09:28:40 GMT
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bk2ZA9P1v1133umbLxUU9aIVbfk0ypHj5Mu2gncF%2BxWNe55Gf2pY%2Bi55ePTIq%2FtuT9C9huK%2FQClc0ou2ec2iy04DP0NSZSyozugXu4F9V2FxqbPdNISikydZp8C6sViwb1cLzEwBlA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6f9fff3bb50b-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 9cec7fd19118aaeb5702dd97a8dd2b0e
40769764dfe2e1d216aeb0f18b935ad9e2fd9b11
0d10421ffd21c60df554fc54330fb769ea6cf59b8a795c14500defff88f8b366
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
science.wordssidekick.com/lab/fr/2018_life-science/how-brain-mapping-works.jpg
104.21.66.39200 OK 22 kB URL HTTP/1.1 science.wordssidekick.com/lab/fr/2018_life-science/how-brain-mapping-works.jpg
IP 104.21.66.39:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 528x235, components 3\012- data
Hash d23a1a1470271a3cd258d0e2ea917e98
dfe04db6ea0baa4061fc90af65a6d9f686b672ea
bbbf6b99ea7be574017c799cbb7efb50525a86570bfaafed81db33846f6e52c9
GET /lab/fr/2018_life-science/how-brain-mapping-works.jpg HTTP/1.1
Host: science.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:56 GMT
Content-Type: image/jpeg
Content-Length: 21662
Connection: keep-alive
Last-Modified: Sat, 21 Sep 2019 02:51:08 GMT
ETag: "5d85901c-549e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Age: 1
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJXzMzioLR26sCOkXsUS8LAv%2FM%2FpVWWN7HeAINog3elpXnrTkZ9mj0iSbpcKz4pDqgcd4tRgm0%2FRzM7ZO8LR%2F4e05sm%2FU8Ox6gWL08Lo%2BAi8GMeVT7qZgRhxqVN%2BqU4sYJcYiCQTonApJYqz"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6fa02a64b50f-OSL
alt-svc: h2=":443"; ma=60
fr.wordssidekick.com/template/Science/css/prev_arr.png
172.67.155.249200 OK 3.1 kB URL HTTP/1.1 fr.wordssidekick.com/template/Science/css/prev_arr.png
IP 172.67.155.249:0
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 130481e443ee9255cb334b61990a651b
a954a8746f21d268fab186134ff8d98734340885
5471f6593b5a96b2db90b1679f95a719bcd53628a3ee04f24daa7ed945baecdc
GET /template/Science/css/prev_arr.png HTTP/1.1
Host: fr.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/template/Science/css/index.css
Cookie: __oagr=true
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:56 GMT
Content-Type: image/png
Content-Length: 3080
Connection: keep-alive
Last-Modified: Mon, 14 Sep 2020 09:24:35 GMT
ETag: "c08-5af429a559771"
Cache-Control: max-age=2592000
Expires: Fri, 09 Dec 2022 19:53:39 GMT
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJjC7t%2FnxFSrexqIzJY%2BhZcIyss2vlFypDf38QXBlOP2p68SPrjjiwvBL8GUaF9LiCdzTPzqlR0xkan%2F6VOB0O4xG3aAOLq2x45OwcLi9d40iqbpXLof%2B0ZQnVKR0L6Tzo%2Bpx3lyZA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6fa00f5c1c16-OSL
alt-svc: h2=":443"; ma=60
science.wordssidekick.com/default.jpg
104.21.66.39200 OK 128 kB URL HTTP/1.1 science.wordssidekick.com/default.jpg
IP 104.21.66.39:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1024x1024, components 3\012- data
Size 128 kB (128475 bytes)
Hash 7e2122aa75ff932485cc541deb1f2aad
25eac4efeb078b6642d4ca8f977313332846f6a9
385800802455357df43ffcdd2ac3626335365e453cdd084f213b34947f955e4d
GET /default.jpg HTTP/1.1
Host: science.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:56 GMT
Content-Type: image/jpeg
Content-Length: 128475
Connection: keep-alive
Last-Modified: Tue, 04 Dec 2018 10:05:03 GMT
ETag: "5c06514f-1f5db"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Age: 5615782
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r922dinqHWgwRawt6qO%2FRTaVSZ23GML0DbenDNc%2FXJ2kw7Hko6EpIBgXOB%2FGy39C0i3tqMx9uihsTEOn8%2FrUxhi9QovyWkhtcWzK5TnQJgbhRPI5Z6dWtLHlL4J6CSQDX8%2BeEQaO8Itc6jpK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6fa02c8fb529-OSL
alt-svc: h2=":443"; ma=60
fr.wordssidekick.com/template/Science/css/next_arr.png
172.67.155.249200 OK 3.1 kB URL HTTP/1.1 fr.wordssidekick.com/template/Science/css/next_arr.png
IP 172.67.155.249:0
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 696b8e63191da95665decad870b3b050
649bed8f2c6a5eefb43d83440522d932f2c83ccc
1fd1a584d8eeb9e1da9d61f35115273c443ae76826e7a4829b690ce556964f40
GET /template/Science/css/next_arr.png HTTP/1.1
Host: fr.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/template/Science/css/index.css
Cookie: __oagr=true
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:56 GMT
Content-Type: image/png
Content-Length: 3071
Connection: keep-alive
Last-Modified: Mon, 14 Sep 2020 09:24:35 GMT
ETag: "bff-5af429a54a15a"
Cache-Control: max-age=2592000
Expires: Wed, 07 Dec 2022 08:55:34 GMT
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XVe952neiHMgaBlWEOcCnerOoHElOBCUc1I7gjczEM%2BSdDu6Nzoq%2BaQn470N0hh82vE4lQERr5jOHCbUUJxys0YlC00wAoeyw4x%2FsKzhupL4qSbxYSgFlhcKyvttRyEWstTrUrsO3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6fa00eacb505-OSL
alt-svc: h2=":443"; ma=60
web-ptica.ru/VRV-files/knopkavverh/22.png
91.201.43.63200 OK 2.7 kB URL HTTP/1.1 web-ptica.ru/VRV-files/knopkavverh/22.png
IP 91.201.43.63:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash d89498b736d59af868ea8ad606e876f0
21238b24f192e11e4d54442fa392b84529ff089d
e8bfcc6a4f18b17db84818f44069475941be897f0538896a914544b6f1fe0a44
GET /VRV-files/knopkavverh/22.png HTTP/1.1
Host: web-ptica.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 11:26:56 GMT
Content-Type: image/png
Content-Length: 2677
Last-Modified: Sun, 03 Dec 2017 20:48:06 GMT
Connection: keep-alive
ETag: "5a246306-a75"
Expires: Sun, 20 Nov 2022 11:26:56 GMT
Cache-Control: max-age=864000
Accept-Ranges: bytes
fr.wordssidekick.com/template/Science/css/37bc5c68-ee8b-4780-9eed-46b648578231.woff2
172.67.155.249200 OK 41 kB URL HTTP/1.1 fr.wordssidekick.com/template/Science/css/37bc5c68-ee8b-4780-9eed-46b648578231.woff2
IP 172.67.155.249:0
File type Web Open Font Format (Version 2), CFF, length 40940, version 0.0\012- data
Hash c382aac76a4592b64565c7c545873b75
8142d38e1abbf61ff52afb362a8de2638b374c6a
fd96b538d255a47f6e48ca92ea01f22f1953ae85f612dbf2b15e6047dd254625
GET /template/Science/css/37bc5c68-ee8b-4780-9eed-46b648578231.woff2 HTTP/1.1
Host: fr.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://fr.wordssidekick.com/template/Science/css/index.css
Cookie: __oagr=true
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:56 GMT
Content-Length: 40940
Connection: keep-alive
Last-Modified: Mon, 14 Sep 2020 09:24:34 GMT
ETag: "9fec-5af429a4a48eb"
Cache-Control: max-age=604800
Expires: Wed, 16 Nov 2022 10:32:47 GMT
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6cfR%2BDSxAUqVh9ghXst8esxvJFP5mX2vyxBEUr0PCpTmdMfgXmPS7vxyfI3rdQJ1KNyU5dpyxjrdZJrHQppx7BKAArav3NxnEmZBzaDX5ngtq2lf3S9KeBE6xymJ0FZH0NeDWWQPIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6fa03a10b518-OSL
alt-svc: h2=":443"; ma=60
static.addtoany.com/menu/svg/icons.31.svg.js
172.67.39.148200 OK 75 kB URL HTTP/2 static.addtoany.com/menu/svg/icons.31.svg.js
IP 172.67.39.148:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash e1de1c9cafa69f71c7d8c5917cfbc365
ac227cd640864386acfec7d60e9e30276035b10d
6759aa2f5c9168351d4baa4a53cb89afccebba6e572c431bda87e72c918ff208
GET /menu/svg/icons.31.svg.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 11:26:55 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000, immutable
cf-bgj: minify
access-control-allow-origin: *
etag: W/"130d9-5eb55bd13de3f"
last-modified: Tue, 18 Oct 2022 21:26:00 GMT
vary: Accept-Encoding
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1919167
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 767e6f9fa9e1b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
science.wordssidekick.com/lab/fr/2017_history/eiffel-tower-information-facts.jpg
104.21.66.39200 OK 44 kB URL HTTP/1.1 science.wordssidekick.com/lab/fr/2017_history/eiffel-tower-information-facts.jpg
IP 104.21.66.39:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 550x309, components 3\012- data
Hash ecce58c3c02f4964f0c3edbebfbb81cd
7ac9b34bc834c24c324e4309d9bb3fb3d4cc692a
a180b27aa0c15c4b1f85fb84b462f88eace5b435e1e06a9f9895fddb4ca33395
GET /lab/fr/2017_history/eiffel-tower-information-facts.jpg HTTP/1.1
Host: science.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:56 GMT
Content-Type: image/jpeg
Content-Length: 44532
Connection: keep-alive
Last-Modified: Sat, 21 Sep 2019 03:43:38 GMT
ETag: "5d859c6a-adf4"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfAwBsT0d9J8v%2B0yfoP5YOHCsSwKmBFY3Exfu2%2BIWgQzHji8ylUyykXlhFPe%2BlIBpsIETIAZ0ijuoSqX%2FqO0Oa%2BesoSzx4d%2FviJK7MxNKdyBFenMfhnS5rVTl3X60G8Rj5zcdjE5NhXO5OUe"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6fa02dc7b4f7-OSL
alt-svc: h2=":443"; ma=60
www.youtube.com/s/player/c4225c42/player_ias.vflset/en_US/base.js
216.58.211.14200 OK 589 kB URL HTTP/2 www.youtube.com/s/player/c4225c42/player_ias.vflset/en_US/base.js
IP 216.58.211.14:0
File type ASCII text, with very long lines (573)
Size 589 kB (588928 bytes)
Hash 3c61e04a6271d4bd4d300ac9a59cf528
0b10d7deda462da8d0d8da1743efdc86307b6081
e1ff4de147ece58d8999e47403beb0610e251b18635f18a356f3b0129998fa4d
GET /s/player/c4225c42/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/he9rh-bOOXk?rel=0&modestbranding=1&wmode=opaque
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 588928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 17:56:44 GMT
expires: Tue, 07 Nov 2023 17:56:44 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
content-type: text/javascript
age: 235812
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 9cec7fd19118aaeb5702dd97a8dd2b0e
40769764dfe2e1d216aeb0f18b935ad9e2fd9b11
0d10421ffd21c60df554fc54330fb769ea6cf59b8a795c14500defff88f8b366
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/fetch-polyfill.js
216.58.211.14200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/fetch-polyfill.js
IP 216.58.211.14:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/c4225c42/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/he9rh-bOOXk?rel=0&modestbranding=1&wmode=opaque
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 05:48:26 GMT
expires: Fri, 10 Nov 2023 05:48:26 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
content-type: text/javascript
age: 20310
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
science.wordssidekick.com/lab/fr/2016_health/25-of-calories-now-come-from-snacks.jpg
104.21.66.39200 OK 33 kB URL HTTP/1.1 science.wordssidekick.com/lab/fr/2016_health/25-of-calories-now-come-from-snacks.jpg
IP 104.21.66.39:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 530x240, components 3\012- data
Hash d1c5916928ba98e717fa92ecf619940e
91852838c66fad3d20477870160f1cf7126b17f0
1156bd3c431960fd2a25bbc5ea9d75a1490b65692657f1b7cf06e07efc58f5b4
GET /lab/fr/2016_health/25-of-calories-now-come-from-snacks.jpg HTTP/1.1
Host: science.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:56 GMT
Content-Type: image/jpeg
Content-Length: 33026
Connection: keep-alive
Last-Modified: Sat, 21 Sep 2019 05:19:22 GMT
ETag: "5d85b2da-8102"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Age: 0
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wm7b10jd6VyOcT%2FBGckTsUZHVgE66LEU%2Bb5%2FPjDHm6uLxMEZ%2FVjmOqitATFsGRP8wLiDfvz9jBZ52Kd5tvDku5YvUve%2FWMc%2F9bnrodXcnk2TS1sNDBgnSbZHD9nXbDiY%2BgcAG6xZNxdgr58f"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6fa02dee0b06-OSL
alt-svc: h2=":443"; ma=60
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Nov 2022 12:31:58 GMT
expires: Sun, 05 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 428098
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
optad360.mgr.consensu.org/icons/branding-ads.svg
54.230.111.73200 OK 61 kB URL HTTP/2 optad360.mgr.consensu.org/icons/branding-ads.svg
IP 54.230.111.73:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2776), with CRLF, LF line terminators
Hash f2a4a78aa68c8cb4ceb84c0a69ba4bce
59f06b2cf8d19873326a69d11103fb95bc5efdb2
f913d8db05db17bbc91807e803f126297c61598b15e17ec7a3695166dda76e05
GET /icons/branding-ads.svg HTTP/1.1
Host: optad360.mgr.consensu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 10 Nov 2022 09:03:08 GMT
cache-control: public, max-age=360000000
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: S9DTE8PXkCTtkTqATZflrYVpAzU2uHH1LB3BGsprd_b0JuuLSuJzrA==
age: 8629
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fr.wordssidekick.com/favicon.ico
172.67.155.249200 OK 9.4 kB URL HTTP/1.1 fr.wordssidekick.com/favicon.ico
IP 172.67.155.249:0
File type MS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel\012- data
Hash f14fdc2d1cf661e73942536efa805ee1
e9415dc1624a7dd74191a09d7e1cad06bc3b5618
60c8ea346134fe4005f183877ee744c48a77879a963d03696f00da5e38dc1a35
GET /favicon.ico HTTP/1.1
Host: fr.wordssidekick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/28112-how-brain-mapping-works
Cookie: __oagr=true
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:56 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 14 Sep 2020 09:24:36 GMT
ETag: W/"5f5f36d4-1083e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGqLmmeSIEO0i%2BvYeXxDDFPTXHYgHhRrnNLqpzj1Jl4dWSJRXt9L7CCJ3QYgRqVAXYYE43xYIrccCOwu5Qo65iEFkUWahO8%2F1H9VJJRwGpubYByLGS2ifO%2BNxgi8GU0yb9cDg3Ux1w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6fa249abb505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 7c89768eee117880b59f8644d2138e52
49a829a38293c8f1eb86dbbccc82017f1d5d86bb
c512960cca090441f3c7e9ffea25448965eb4068d1506b8afa6d391b3c3a07be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
counter.yadro.ru/hit?r;s1280*1024*24;uhttp%3A//fr.wordssidekick.com/28112-how-brain-mapping-works;0.46812270152282165
88.212.201.204302 Moved Temporarily 32 B URL HTTP/1.1 counter.yadro.ru/hit?r;s1280*1024*24;uhttp%3A//fr.wordssidekick.com/28112-how-brain-mapping-works;0.46812270152282165
IP 88.212.201.204:0
ASN #39134 United Network LLC
File type HTML document, ASCII text
Hash 3e9c09a8c5a87f266e047a596f48578c
07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254
GET /hit?r;s1280*1024*24;uhttp%3A//fr.wordssidekick.com/28112-how-brain-mapping-works;0.46812270152282165 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
HTTP/1.1 302 Moved Temporarily
Date: Thu, 10 Nov 2022 11:26:56 GMT
Server: 0W/0.8c
Content-Type: text/html
Location: https://counter.yadro.ru/hit?r;s1280*1024*24;uhttp%3A//fr.wordssidekick.com/28112-how-brain-mapping-works;0.46812270152282165
Content-Length: 32
Expires: Tue, 09 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 081ea13ba4390a4baab25cf57c2672f3
30cc9c329228e3d7bc6041f1aa553f06f8136eed
5a48c189581edd8ae4a4e58e2d54359bb75ba769828436394e4c256fe861814e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3229
Cache-Control: max-age=167626
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:56 GMT
Etag: "636cbf2d-1d7"
Expires: Sat, 12 Nov 2022 10:00:42 GMT
Last-Modified: Thu, 10 Nov 2022 09:06:53 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221110
151.101.85.229200 OK 918 B URL HTTP/2 cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221110
IP 151.101.85.229:0
File type JSON data\012- , ASCII text, with very long lines (1639), with no line terminators
Hash 837fb23ed979e1599d345d04357221a2
266d0bfca5fcfbe3d9af60a5e05d30a255a128ac
333a433bc53cd5e5f3aa9ed98ae4567c276ee9e587636e1ef8daf7cc50ca5f16
GET /gh/prebid/currency-file@1/latest.json?date=20221110 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: http://fr.wordssidekick.com
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.1519
x-jsd-version-type: version
etag: W/"667-uUj5gf5dt/YxoDEfGr8LlrRaszc"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 10 Nov 2022 11:26:56 GMT
age: 30330
x-served-by: cache-fra-eddf8230021-FRA, cache-bma1676-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 918
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/tag/js/gpt.js
216.58.207.194200 OK 27 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 216.58.207.194:0
File type ASCII text, with very long lines (40332)
Hash 72ddb84e41679c6ca82c99b4e996ad8c
1abc347965c923d505fc06b937bc40f0fc9f575e
67e4968f1f64191f45eedc5e44fb345c74ecf48945a284751f2b978ebf3444c3
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27321
date: Thu, 10 Nov 2022 11:26:56 GMT
expires: Thu, 10 Nov 2022 11:26:56 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1389 / 439 of 1000 / last-modified: 1668073447"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 0199c838a6cf3e8761c2a131e576d81e
8bfaf0dded97db944bef86e6a62f0613a015fdf9
bc7961c7ba42bb3d08cab11877f29f3b5d5741047bf1aa18542ec08b2b236f22
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2858
Cache-Control: max-age=126568
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:56 GMT
Etag: "636c203e-116"
Expires: Fri, 11 Nov 2022 22:36:24 GMT
Last-Modified: Wed, 09 Nov 2022 21:48:46 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9d778d249270135c5aa6dfee5ae8c9dd
bdcfc3bd4793b891453ce89acecb8d1f82ccd225
9e51c84076240a2608a4abc15edd507ca42d4554eb37e082ba5120d44bc8819b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9E51C84076240A2608A4ABC15EDD507CA42D4554EB37E082BA5120D44BC8819B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6672
Expires: Thu, 10 Nov 2022 13:18:08 GMT
Date: Thu, 10 Nov 2022 11:26:56 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3b4b40a79685cf01e8e4d1280159e70e
5bc387a14e898e3de43c6c9246daa971aa6fffaf
49bad53af36fe88538038c498a0d94e2713d2c2f941cf9f3e2ee8371f9b7dcf2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2546
Cache-Control: max-age=119039
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:56 GMT
Etag: "636c040d-1d7"
Expires: Fri, 11 Nov 2022 20:30:55 GMT
Last-Modified: Wed, 09 Nov 2022 19:48:29 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bc72f408d8b98eefa793678ad1bac0fd
470fb576744b90a752f306f746b69b633a53a8c5
fe8570f28dcc014d91c46611187d2ba15dd5fddd6903f56028a22f9e994fd017
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4538
Cache-Control: max-age=144116
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:56 GMT
Etag: "636c5e3a-1d7"
Expires: Sat, 12 Nov 2022 03:28:52 GMT
Last-Modified: Thu, 10 Nov 2022 02:13:14 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 7c89768eee117880b59f8644d2138e52
49a829a38293c8f1eb86dbbccc82017f1d5d86bb
c512960cca090441f3c7e9ffea25448965eb4068d1506b8afa6d391b3c3a07be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 842cb69094a222c6f86c83dfbcf87b19
a95fec07faf993b1d71d716053f849a7814baf41
2436f57abcc38d8a2e64fee6df74b40ffabf81a53554b610a037f11165cba5dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6295
Cache-Control: max-age=139390
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:56 GMT
Etag: "636c44e7-139"
Expires: Sat, 12 Nov 2022 02:10:06 GMT
Last-Modified: Thu, 10 Nov 2022 00:25:11 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 313
adx.adform.net/adx/openrtb
37.157.4.40204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 737
Origin: http://fr.wordssidekick.com
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 10 Nov 2022 11:26:56 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: http://fr.wordssidekick.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 944
Origin: http://fr.wordssidekick.com
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: http://fr.wordssidekick.com
cache-control: max-age=0, private, must-revalidate
date: Thu, 10 Nov 2022 11:26:55 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 695
Origin: http://fr.wordssidekick.com
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 10 Nov 2022 11:26:56 GMT
access-control-allow-origin: http://fr.wordssidekick.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
onetag-sys.com/prebid-request
51.89.9.254200 OK 41 B URL HTTP/2 onetag-sys.com/prebid-request
IP 51.89.9.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1c15203d1319c02fe2a06d78bc45eccf
40386992654bdda331c8f6eb21ac79de396119ee
cc81a9c5e7147dba347b0ffd34f64e9a7c40f25782569fec5c3fc68b4017badb
POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1245
Origin: http://fr.wordssidekick.com
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://fr.wordssidekick.com
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 58ad273c5ead6b1184f0bae78c306a52
a044ddd19e4523d2ddb42bfd4343aa1a0d3c4bce
71b62e94dda1d7d3c0ba08ca34c487e819b424b2da7f7cb3ec2120fb5b049b20
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssp.wp.pl/bidder/?bdver=5.7&pbver=7.17.0&inver=0
212.77.99.29204 No Content 0 B URL HTTP/2 ssp.wp.pl/bidder/?bdver=5.7&pbver=7.17.0&inver=0
IP 212.77.99.29:0
ASN #12827 Wirtualna Polska Media S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/?bdver=5.7&pbver=7.17.0&inver=0 HTTP/1.1
Host: ssp.wp.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 916
Origin: http://fr.wordssidekick.com
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 10 Nov 2022 11:26:56 GMT
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime: 604800
access-control-allow-credentials: true
access-control-allow-origin: http://fr.wordssidekick.com
uber-trace-id: 0000000000000000ee23fbc165dfeff7:1a5991adeffa72c3:0:0
vary: Origin
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20221108/r20190131/zrt_lookup.html
216.58.211.2200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221108/r20190131/zrt_lookup.html
IP 216.58.211.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221108/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Thu, 10 Nov 2022 00:37:11 GMT
expires: Thu, 24 Nov 2022 00:37:11 GMT
cache-control: public, max-age=1209600
age: 38985
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.171.53200 OK 140 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.53:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a3cde4a05eb94c4b9d5de16a2dc4dc29
12f28229ea0dd24db79dca75f6b2a7f95d270f3b
18ca9cd1add01cd5c550d8791e0599b9b750692d56e535daba679e8a610381f6
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 814
Origin: http://fr.wordssidekick.com
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 10 Nov 2022 11:26:56 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 140
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://fr.wordssidekick.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 3b56889d-7f8b-462b-bdc7-5f169895d93e
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
useast.quantumdex.io/auction/pbjs
104.22.37.96500 Internal Server Error 0 B URL HTTP/2 useast.quantumdex.io/auction/pbjs
IP 104.22.37.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /auction/pbjs HTTP/1.1
Host: useast.quantumdex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 819
Origin: http://fr.wordssidekick.com
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 500 Internal Server Error
date: Thu, 10 Nov 2022 11:26:56 GMT
content-length: 0
access-control-allow-origin: http://fr.wordssidekick.com
access-control-allow-credentials: true
access-control-allow-methods: POST, GET
x-reason: [Inventory] site.domain not match RootDomain, wordssidekick.com != theplanetsworld.com
set-cookie: uid=5d3ea196-4d62-408b-9361-aa49fd89b0ff; expires=Sat, 10 Dec 2022 11:26:56 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 767e6fa36b4e09b5-ARN
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 58ad273c5ead6b1184f0bae78c306a52
a044ddd19e4523d2ddb42bfd4343aa1a0d3c4bce
71b62e94dda1d7d3c0ba08ca34c487e819b424b2da7f7cb3ec2120fb5b049b20
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/gen_204?id=modern_js&fy=2021&supports=true&c=2012&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070809%2C44775016
142.250.74.98204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/gen_204?id=modern_js&fy=2021&supports=true&c=2012&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070809%2C44775016
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/gen_204?id=modern_js&fy=2021&supports=true&c=2012&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070809%2C44775016 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 11:26:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/gen_204?id=abg::amalserr&status=tcto&guarding=true&timeout=50&rate=0.01&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070809%2C44775016
142.250.74.98204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/gen_204?id=abg::amalserr&status=tcto&guarding=true&timeout=50&rate=0.01&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070809%2C44775016
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/gen_204?id=abg::amalserr&status=tcto&guarding=true&timeout=50&rate=0.01&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070809%2C44775016 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 11:26:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 745c078c09088a21fda15d50127efd51
9f226a7b4b93c395c7811e4df7fa7f9e65638bbf
4d51b7c57227dafcfecdf36b83f7588420caa17280818eff25b102c067fbde70
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:26:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 14 Nov 2022 09:48:58 GMT
ETag: "9f226a7b4b93c395c7811e4df7fa7f9e65638bbf"
Last-Modified: Thu, 10 Nov 2022 09:48:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2263
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767e6fa49d7fb509-OSL
pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=false&host_v=false&frequency=0.01&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070809%2C44775016
142.250.74.98204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=false&host_v=false&frequency=0.01&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070809%2C44775016
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/gen_204?id=new_abg_tag&value=false&host_v=false&frequency=0.01&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070809%2C44775016 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 11:26:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.40.161.235101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.40.161.235:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Z0YjrCe6FVAhXswcout1ag==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 59P0qffOlmpvqAXV9n1iOuX0T74=
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4782124024814850&plah=fr.wordssidekick.com&bust=31070809
142.250.74.98200 OK 120 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4782124024814850&plah=fr.wordssidekick.com&bust=31070809
IP 142.250.74.98:0
File type ASCII text, with very long lines (6118)
Size 120 kB (119452 bytes)
Hash 4b559eebcbeacc3d6bddb950dd0c7b5d
e3b097548ffbf11477e8da1303c4a0ea50eda4a9
04f3761060a1851885975a5799ccab82d87f588437dda689d99d3b8a05fb3c69
GET /pagead/managed/js/adsense/m202211070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4782124024814850&plah=fr.wordssidekick.com&bust=31070809 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 10 Nov 2022 11:26:56 GMT
expires: Thu, 10 Nov 2022 11:26:56 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 10863739813932933268
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 119452
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
counter.yadro.ru/hit?r;s1280*1024*24;uhttp%3A//fr.wordssidekick.com/28112-how-brain-mapping-works;0.46812270152282165
88.212.201.204200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit?r;s1280*1024*24;uhttp%3A//fr.wordssidekick.com/28112-how-brain-mapping-works;0.46812270152282165
IP 88.212.201.204:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit?r;s1280*1024*24;uhttp%3A//fr.wordssidekick.com/28112-how-brain-mapping-works;0.46812270152282165 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fr.wordssidekick.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 10 Nov 2022 11:26:56 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Tue, 09 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 62d835d5c67b5c11824d794b8f69cd59
4d51e3cb378f22b82e1bb79bf7a0430679ab39c2
bafb9e7627b08ccd0bf68fe0e5f0865ed2682005673c5fa8672b5c4a576d746e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 11:14:05 GMT
expires: Thu, 10 Nov 2022 11:29:05 GMT
cache-control: public, max-age=900
age: 771
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 62d835d5c67b5c11824d794b8f69cd59
4d51e3cb378f22b82e1bb79bf7a0430679ab39c2
bafb9e7627b08ccd0bf68fe0e5f0865ed2682005673c5fa8672b5c4a576d746e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 83b99092f19a38763c0b6ffc5e05e5aa
4cacf0a4adc46e28bc867d666a3fb45738dd1501
168478f1e03d83548fbfeed6dfad20ef23cb5a1dbf18f7312e5cf6dd290e9339
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 83b99092f19a38763c0b6ffc5e05e5aa
4cacf0a4adc46e28bc867d666a3fb45738dd1501
168478f1e03d83548fbfeed6dfad20ef23cb5a1dbf18f7312e5cf6dd290e9339
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 10 Nov 2022 11:26:57 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9b27d0bfaf6ec30690eba902f50ce1ce
b274adea0a925d814dfd0ad80d1888dd06f4e269
f66f94bb109a214e8d83f5112c7468c729357833cf65e2d7db4f49564fac3485
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 0f913ba1e9531014cdba188fcf41d376
e3b37dcf93559ce5597a92a2040e411b21ed69b8
ff7548d918650d549cd19457e6d2d985151ec4c1ca316a6348758727e217fa5a
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 10 Nov 2022 11:26:57 GMT
server: ESF
cache-control: private
content-length: 30852
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (35974)
Hash 89da5756c3061bf086f28e85c062ea28
d46d62afb0048e31e65c624e26fc5620eb1e7fdd
7c5e7453571c65550671610b433b6a9ce831d3532c6c503539f8a060e5b264df
GET /js/th/EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14351
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:36:34 GMT
expires: Thu, 09 Nov 2023 18:36:34 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 20 Oct 2022 10:30:00 GMT
content-type: text/javascript
age: 60623
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 83b99092f19a38763c0b6ffc5e05e5aa
4cacf0a4adc46e28bc867d666a3fb45738dd1501
168478f1e03d83548fbfeed6dfad20ef23cb5a1dbf18f7312e5cf6dd290e9339
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 98d2dcb84a37daa2fb23c827ff88b340
0044d5f3939f68f1dd840bf8fcc0a136beda6ae3
7eb6cb22996da7036eb151d07a2fcc0df7018d5111f19e84a911e7edefe3e327
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 280937c8e5118a2c79b44455ac814cc8
2b0739876899dadc94292c8d3a25d41eb18d979d
3175e8f22bc806bd6c5c60852e76e969f33040b090384c70db75fc5326ee90c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 24f7571e306d068f1f196a316eb95c9b
b0afe7bf2d22d3e30eb97ef7ee160e1fe1e0c114
82e26881a116c8484b307b9b45aac1c09078231c57941bbaa506b1708e1389b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=fr.wordssidekick.com&callback=_gfp_s_&client=ca-pub-4782124024814850&gpid_exp=1
172.217.21.162200 OK 256 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=fr.wordssidekick.com&callback=_gfp_s_&client=ca-pub-4782124024814850&gpid_exp=1
IP 172.217.21.162:0
File type ASCII text, with very long lines (401), with no line terminators
Hash fd627692db6515b6ffe31485c347087d
7f65e8f56f212e9ce1f730ae525a65a325b082fd
5704fc5bf6b9752b38cdec8cd68d382a462c76ec703409442ddf108a2501f653
GET /gampad/cookie.js?domain=fr.wordssidekick.com&callback=_gfp_s_&client=ca-pub-4782124024814850&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 10 Nov 2022 11:26:57 GMT
server: cafe
cache-control: private
content-length: 256
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash da6ea2384d89dcf08521ba15aaa8c085
141a73f1f12700389cecb3548d37c2d5286e7a95
db36322a9271b8e877ba3b1b59c0b8783eb5e9ac8cddd9ecce4180904e7a1088
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=fr.wordssidekick.com
172.217.21.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=fr.wordssidekick.com
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=fr.wordssidekick.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 10 Nov 2022 11:26:57 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=fr.wordssidekick.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=fr.wordssidekick.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=fr.wordssidekick.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 10 Nov 2022 11:26:57 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 98d2dcb84a37daa2fb23c827ff88b340
0044d5f3939f68f1dd840bf8fcc0a136beda6ae3
7eb6cb22996da7036eb151d07a2fcc0df7018d5111f19e84a911e7edefe3e327
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2817ce33ca8b3667491f155a141abfa7
c39855bf058d975083bd145b944a438b47307a36
33bb12b05df7cb1e19ba5647d57b5cc5f0a79095a2ca40a04e5fe076b7e33422
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/he9rh-bOOXk/maxresdefault.webp
142.250.74.182200 OK 46 kB URL HTTP/2 i.ytimg.com/vi_webp/he9rh-bOOXk/maxresdefault.webp
IP 142.250.74.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 342aa9ebc1adde58948df9e84a740649
106124986c97b66f74aaab8e4e358fc5c1f4c0ff
73ec5e4ec40d59f1f6a89268a658cdd9c826b5b27e94061be46be2a29a83b391
GET /vi_webp/he9rh-bOOXk/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 46020
date: Thu, 10 Nov 2022 11:26:57 GMT
expires: Thu, 10 Nov 2022 13:26:57 GMT
cache-control: public, max-age=7200
etag: "1513602522"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash da6ea2384d89dcf08521ba15aaa8c085
141a73f1f12700389cecb3548d37c2d5286e7a95
db36322a9271b8e877ba3b1b59c0b8783eb5e9ac8cddd9ecce4180904e7a1088
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=fr.wordssidekick.com
172.217.21.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=fr.wordssidekick.com
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=fr.wordssidekick.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 10 Nov 2022 11:26:57 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=fr.wordssidekick.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=fr.wordssidekick.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=fr.wordssidekick.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 10 Nov 2022 11:26:57 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 24f7571e306d068f1f196a316eb95c9b
b0afe7bf2d22d3e30eb97ef7ee160e1fe1e0c114
82e26881a116c8484b307b9b45aac1c09078231c57941bbaa506b1708e1389b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f9746abd865e363c8ec59d1ce415d671
269ab2a272319239e3140c87b015d3fe553285ca
c28c2ea2fd722c4f05b13b83e74b578be4b0aeed251a37dd7553d8d2927da31e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu8no5_jk7KSaLFG-IY_VFNOXJ389URkOtOeKUS-Lg=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.4 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu8no5_jk7KSaLFG-IY_VFNOXJ389URkOtOeKUS-Lg=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 1597d029c32c2299ef7aa79e900de625
9c26d6eb8fad3eab93f3434e3baec1bbee42c6a7
e36f11b9f416776d74dfee6d74fa914c10805133dc28a90e6f9847ff222fd543
GET /ytc/AMLnZu8no5_jk7KSaLFG-IY_VFNOXJ389URkOtOeKUS-Lg=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2380
x-xss-protection: 0
date: Thu, 10 Nov 2022 08:36:25 GMT
expires: Mon, 31 Oct 2022 13:49:38 GMT
cache-control: public, max-age=86400, no-transform
age: 10232
etag: "v2c0"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f9746abd865e363c8ec59d1ce415d671
269ab2a272319239e3140c87b015d3fe553285ca
c28c2ea2fd722c4f05b13b83e74b578be4b0aeed251a37dd7553d8d2927da31e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 119e5814bf97cc28488dd0c89752f798
c0c9d06895d9821e225697bad269390031a05ac4
d0bc12eee3b4591bfbd69b03c8e59a5c0d0cefeeee0cc7fc7020f5e04f09d381
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/qs_click_protection_fy2021.js
142.250.74.33200 OK 7.4 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/qs_click_protection_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1593)
Hash 6aa9c6ab7a569b06350058244a7936f1
cf38254bc3a1ef0873f2a71b2750a9ad091a920f
8b1e0228f5acda1b26b9612b771757883544ca4485dac21ef2aa9ddda4fc277e
GET /pagead/js/r20221108/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7380
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:15:35 GMT
expires: Wed, 23 Nov 2022 18:15:35 GMT
cache-control: public, max-age=1209600
age: 61882
etag: 12918171938167859976
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash e9d9e6892b32e0ad592124374c7a10e3
334e09dd47433cc297c3eb47b44fe23e81bddb66
553381684da7443afc096e0c15f6807aa749a7c273e0e5bc515d43e050a21d43
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5597
Cache-Control: max-age=134385
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:57 GMT
Etag: "636c3415-138"
Expires: Sat, 12 Nov 2022 00:46:42 GMT
Last-Modified: Wed, 09 Nov 2022 23:13:25 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 0a1704d6065b9dc9dd206bf0c5dfb3a5
1fb2c3805ac30911e25b1d3f97ccc2f5b8ebaf52
a92dc93414a6f9e821f55bba13693ae39ec1dc827350ce8d1b257771a0d59c2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2060
Cache-Control: max-age=159633
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:57 GMT
Etag: "636ca486-13a"
Expires: Sat, 12 Nov 2022 07:47:30 GMT
Last-Modified: Thu, 10 Nov 2022 07:13:10 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 314
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=ksCRE7OzWdgFWp2DYgICAAAA-IAb199nwLU7AQUkEADgbGOZ5leJrV-ZKJ8ByQASAAA&wp=Y2zgAQAEf6wKGJBPAA-55UC5S-eS2yQryHfRJQ
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=ksCRE7OzWdgFWp2DYgICAAAA-IAb199nwLU7AQUkEADgbGOZ5leJrV-ZKJ8ByQASAAA&wp=Y2zgAQAEf6wKGJBPAA-55UC5S-eS2yQryHfRJQ
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=ksCRE7OzWdgFWp2DYgICAAAA-IAb199nwLU7AQUkEADgbGOZ5leJrV-ZKJ8ByQASAAA&wp=Y2zgAQAEf6wKGJBPAA-55UC5S-eS2yQryHfRJQ HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 300148
date: Thu, 10 Nov 2022 11:26:56 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kvjTDrOzWcQEkAOdg2ICAgAAAFRBOMTN93CEOwEFJBAA4GxjrvdfsMgx9rcKnHsAEgAA&wp=Y2zgAQAGSAMKexS4AA0DbwDpi3ald7owMrgwVw
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kvjTDrOzWcQEkAOdg2ICAgAAAFRBOMTN93CEOwEFJBAA4GxjrvdfsMgx9rcKnHsAEgAA&wp=Y2zgAQAGSAMKexS4AA0DbwDpi3ald7owMrgwVw
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kvjTDrOzWcQEkAOdg2ICAgAAAFRBOMTN93CEOwEFJBAA4GxjrvdfsMgx9rcKnHsAEgAA&wp=Y2zgAQAGSAMKexS4AA0DbwDpi3ald7owMrgwVw HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server-processing-duration-in-ticks: 235218
date: Thu, 10 Nov 2022 11:26:56 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 97ec694c4c7fe980145f94c4bc4b3159
7ec97ed57b28b5f93a933acdbed42fe5567d98f1
634b4e298a699cf04b60cb63ada60a244ec8b19280218a0eb93a56884782d90a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6504
Cache-Control: max-age=129861
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:57 GMT
Etag: "636c1ede-139"
Expires: Fri, 11 Nov 2022 23:31:18 GMT
Last-Modified: Wed, 09 Nov 2022 21:42:54 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 97ec694c4c7fe980145f94c4bc4b3159
7ec97ed57b28b5f93a933acdbed42fe5567d98f1
634b4e298a699cf04b60cb63ada60a244ec8b19280218a0eb93a56884782d90a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6507
Cache-Control: max-age=129864
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:57 GMT
Etag: "636c1ede-139"
Expires: Fri, 11 Nov 2022 23:31:21 GMT
Last-Modified: Wed, 09 Nov 2022 21:42:54 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 97ec694c4c7fe980145f94c4bc4b3159
7ec97ed57b28b5f93a933acdbed42fe5567d98f1
634b4e298a699cf04b60cb63ada60a244ec8b19280218a0eb93a56884782d90a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6505
Cache-Control: max-age=129861
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:58 GMT
Etag: "636c1ede-139"
Expires: Fri, 11 Nov 2022 23:31:19 GMT
Last-Modified: Wed, 09 Nov 2022 21:42:54 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 313
static.criteo.net/flash/icon/back_button2.svg
178.250.2.130200 OK 293 B URL HTTP/2 static.criteo.net/flash/icon/back_button2.svg
IP 178.250.2.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash d9f776bdc698e1bc9c6a1977218019cd
5763cfb5ac79adf0fa7f03a82bad04eea2dca243
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
GET /flash/icon/back_button2.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 11:26:57 GMT
content-type: image/svg+xml
content-length: 293
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
etag: "626a59dc-125"
expires: Sun, 05 Nov 2023 11:26:57 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 97ec694c4c7fe980145f94c4bc4b3159
7ec97ed57b28b5f93a933acdbed42fe5567d98f1
634b4e298a699cf04b60cb63ada60a244ec8b19280218a0eb93a56884782d90a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6508
Cache-Control: max-age=129864
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:58 GMT
Etag: "636c1ede-139"
Expires: Fri, 11 Nov 2022 23:31:22 GMT
Last-Modified: Wed, 09 Nov 2022 21:42:54 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash a5197d8e6f5c82ece65279002385c62e
a69021ffa028e7938e63ea0416215cdd2b3aa948
8faa4f7cc65041297752f37d1317584f88b0a4fd09d31d0aa1b0d3ed4c993ea1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3621
Cache-Control: max-age=97817
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:58 GMT
Etag: "636bacf6-13a"
Expires: Fri, 11 Nov 2022 14:37:15 GMT
Last-Modified: Wed, 09 Nov 2022 13:36:54 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 314
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6239
Expires: Thu, 10 Nov 2022 13:10:57 GMT
Date: Thu, 10 Nov 2022 11:26:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6239
Expires: Thu, 10 Nov 2022 13:10:57 GMT
Date: Thu, 10 Nov 2022 11:26:58 GMT
Connection: keep-alive
static.criteo.net/flash/icon/close_button.svg
178.250.2.130200 OK 308 B URL HTTP/2 static.criteo.net/flash/icon/close_button.svg
IP 178.250.2.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 1bfe2e290ec4440da74a2e2c249eae2b
0b888a3f9e27d1554f2e21d51e7a1c223d00dbd4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
GET /flash/icon/close_button.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 11:26:58 GMT
content-type: image/svg+xml
content-length: 308
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
etag: "5e46a5e4-134"
expires: Sun, 05 Nov 2023 11:26:58 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74db090f-5da5-464b-91b1-7fac90d3e5eb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74db090f-5da5-464b-91b1-7fac90d3e5eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d68ac59950c3276cd8f92b777a004df1
94c0ee5c14e8e8cdf95883582ba8084cc5867f93
b02d6d61c1fae8260d1fc30c0a78ebbc3482a3aa0acafb58d8269942ff8e732b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74db090f-5da5-464b-91b1-7fac90d3e5eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7987
x-amzn-requestid: 6a465dcd-6a4e-49fb-9fa9-169678d39b5d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlo7HBFIAMFSQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c9f-4ffe8f2534aeaef73329a8cd;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:19 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: WrcaH4gahZqvIVMBFxF5zwB7IXujbT64xDOL8WmuQajijIyEK7Or3g==
via: 1.1 637ef0a7bc474e9a314fa064b65e8082.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:47:28 GMT
age: 49170
etag: "94c0ee5c14e8e8cdf95883582ba8084cc5867f93"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 7c9addeb8e1938f84d7f36de4e87a330
83d5c0c85c89628601be4c28e592f08b7376eedf
005b566ce6380b637236cca19d5027b33c660798726685d85b2e7e6d7718f0b8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3483
Cache-Control: max-age=90488
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:58 GMT
Etag: "636b90df-13a"
Expires: Fri, 11 Nov 2022 12:35:06 GMT
Last-Modified: Wed, 09 Nov 2022 11:37:03 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 314
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F407f630c-7642-40eb-8db3-288b03315712.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F407f630c-7642-40eb-8db3-288b03315712.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 178b1b5efcd0c5997d0e5b820193abe2
460630852800c0304295c78df268bfec64416f98
9822d2ef4199dcc01f81a8e6d3a91d9545466c17abfca4eb30e0a49ca8301da6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F407f630c-7642-40eb-8db3-288b03315712.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3445
x-amzn-requestid: 92b5ba7a-e45a-495c-89ae-9738fd5644bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWloyHMpoAMF-Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c9e-5508b96c349a34537809ef0e;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3-XU3AO60wbMDZcPshBPHvxEFAQHVs7-dlg52BfbxkSlDAEx9kaeeg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:58:41 GMT
age: 48497
etag: "460630852800c0304295c78df268bfec64416f98"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6239
Expires: Thu, 10 Nov 2022 13:10:57 GMT
Date: Thu, 10 Nov 2022 11:26:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c75dde9-2bef-4822-a6fb-e0589a3fab63.jpeg
34.120.237.76200 OK 3.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c75dde9-2bef-4822-a6fb-e0589a3fab63.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2dcde51bc367052b5d4566f2e99cef9a
0481ae2ec1c61273232fb22fc2a78d6e0d2048d6
303700c24ab524cd55bf4924e1c8032708df4498032232082b5321ac075461b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c75dde9-2bef-4822-a6fb-e0589a3fab63.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3181
x-amzn-requestid: 497229d6-6e60-4a06-840e-760b26d0400f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bOA7hEDYoAMFXmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6368aeaf-79a19c2f615ee65534b23b77;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 07:07:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: x6ry-81sAws-TsvlqOQMD5laeUR1hfK9d_N507AgFU5AepaF_rq5Mg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 09:27:14 GMT
age: 7184
etag: "0481ae2ec1c61273232fb22fc2a78d6e0d2048d6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe468f92f-2486-4c80-ab37-4225f9f983cc.webp
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe468f92f-2486-4c80-ab37-4225f9f983cc.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5fc04eddc597d6b10db5d59c53f20aec
dddc0da13526d24aaea990cc1d68d9212612da43
a7e2d1fd141c4383de3411be95b8875c9d969d5f001020793a2b4d939aaa780b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe468f92f-2486-4c80-ab37-4225f9f983cc.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12268
x-amzn-requestid: cd9ea4f7-9a75-47b4-a0ad-817c821a592e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlpZHbBIAMFfUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1ca2-69a98f453929cc817bead2c7;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Xq1vIovXXR0pPaaHjKWeLcZszoEkISrYvqKvshtQ9dFTf6CUwxmIWA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:45:34 GMT
age: 49284
etag: "dddc0da13526d24aaea990cc1d68d9212612da43"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6239
Expires: Thu, 10 Nov 2022 13:10:57 GMT
Date: Thu, 10 Nov 2022 11:26:58 GMT
Connection: keep-alive
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=ksCRE7OzWdoFmAKdg2ICAgAAAAbByfTru5wQOwEFJBAB4GxjVYLU1R-YX6mKVUcAEgAA&wp=Y2zgAQAITpYKGBKHAAtEqmbuCpdvhDThSUDqEg
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=ksCRE7OzWdoFmAKdg2ICAgAAAAbByfTru5wQOwEFJBAB4GxjVYLU1R-YX6mKVUcAEgAA&wp=Y2zgAQAITpYKGBKHAAtEqmbuCpdvhDThSUDqEg
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=ksCRE7OzWdoFmAKdg2ICAgAAAAbByfTru5wQOwEFJBAB4GxjVYLU1R-YX6mKVUcAEgAA&wp=Y2zgAQAITpYKGBKHAAtEqmbuCpdvhDThSUDqEg HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server-processing-duration-in-ticks: 224396
date: Thu, 10 Nov 2022 11:26:57 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 7c9addeb8e1938f84d7f36de4e87a330
83d5c0c85c89628601be4c28e592f08b7376eedf
005b566ce6380b637236cca19d5027b33c660798726685d85b2e7e6d7718f0b8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3404
Cache-Control: max-age=90409
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:58 GMT
Etag: "636b90df-13a"
Expires: Fri, 11 Nov 2022 12:33:47 GMT
Last-Modified: Wed, 09 Nov 2022 11:37:03 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 314
ads.eu.criteo.com/delivery/r/afr.php?z=Y2zgAQAEf6wKGJBPAA-55UC5S-eS2yQryHfRJQ&u=%7CUs6hsT8xKnDjFwKVYrGj%2B18eUebxb9%2B%2ByIvNA%2Bv5Hlc%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wJMN_qZ8RVJdHuGIK-CGks2elGsDwbIm_FKCK4Y27hKVfO9xTNMsx3ha6Xm1cVjOhY4CCxE6fs-SD1syN5A29doIRWR4vevIKAR9x8d3YqO0kTx8kG52-Mb6hzUb-Lm2BpUM-UsfD4trRoWojmF_2baACFborcgdku8eavPQdRVig_xL3KlRqNcClThDMPoOBs6llZqBOzwC8hLPLrrAjJeB-HbB8tJK51cQy0c7DaVgBSFbf9GaEYURAE4XffCpLj0U8nXc5knIymJteefsXlkLnPtvI4SMfbYuu_1m6loJcelQBjhBq7BanTWkvg52GIslAfcpv9rALm3Im5XlqeTjv-Z6jiM0LeNetDLswKMWd8bFCCXLSYbj8E8-B9pQtjdaFNG__KuHf-80BeReHxvgK39o6GST5Y8YYyXTdafhciN8pbuZkinoG9qIbE2bwlJ11UVsw5tNGhaGhk05uLl2VIL3E5jM-m_qI9h5fYrTPSR0oPii8toxJsF7KQe74A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVGhaAeBsY6z_Ec-gYuXzvvgByZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi00NzgyMTI0MDI0ODE0ODUwyAEJqQLO0adYmNKwPqgDAaoE1AFP0OsTr2YWZv89NHKgS7bkFe_IurXtFyOTuPfTEeSDuiRdABIz-Js7MB6Mq04H_jcRa_RH_wRbO9a_yELV6mKT1qN1WGctxLI7jZ_THxY79Ladw3MyevrlMvP8ghcOPQOUy3ev8iwNPT0aMfMbt9DfP35Y0SAFhZFA6sASchfl2n0uXQOip3y9kzGX-up_tWvO-5ddwbIeLR38zpG8rxut7Ii3eG1UIi9iAApUUW7EDmkbhFALmoASyjUfzEtqsMMBiU1rFb3z8pqF9TMWYgQzIhwua4AGvZb4rPnvyankAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1c-qtYoA432fe5phraVLb_cAeu5g%26client%3Dca-pub-4782124024814850%26adurl%3D
178.250.2.65200 OK 62 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y2zgAQAEf6wKGJBPAA-55UC5S-eS2yQryHfRJQ&u=%7CUs6hsT8xKnDjFwKVYrGj%2B18eUebxb9%2B%2ByIvNA%2Bv5Hlc%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wJMN_qZ8RVJdHuGIK-CGks2elGsDwbIm_FKCK4Y27hKVfO9xTNMsx3ha6Xm1cVjOhY4CCxE6fs-SD1syN5A29doIRWR4vevIKAR9x8d3YqO0kTx8kG52-Mb6hzUb-Lm2BpUM-UsfD4trRoWojmF_2baACFborcgdku8eavPQdRVig_xL3KlRqNcClThDMPoOBs6llZqBOzwC8hLPLrrAjJeB-HbB8tJK51cQy0c7DaVgBSFbf9GaEYURAE4XffCpLj0U8nXc5knIymJteefsXlkLnPtvI4SMfbYuu_1m6loJcelQBjhBq7BanTWkvg52GIslAfcpv9rALm3Im5XlqeTjv-Z6jiM0LeNetDLswKMWd8bFCCXLSYbj8E8-B9pQtjdaFNG__KuHf-80BeReHxvgK39o6GST5Y8YYyXTdafhciN8pbuZkinoG9qIbE2bwlJ11UVsw5tNGhaGhk05uLl2VIL3E5jM-m_qI9h5fYrTPSR0oPii8toxJsF7KQe74A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVGhaAeBsY6z_Ec-gYuXzvvgByZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi00NzgyMTI0MDI0ODE0ODUwyAEJqQLO0adYmNKwPqgDAaoE1AFP0OsTr2YWZv89NHKgS7bkFe_IurXtFyOTuPfTEeSDuiRdABIz-Js7MB6Mq04H_jcRa_RH_wRbO9a_yELV6mKT1qN1WGctxLI7jZ_THxY79Ladw3MyevrlMvP8ghcOPQOUy3ev8iwNPT0aMfMbt9DfP35Y0SAFhZFA6sASchfl2n0uXQOip3y9kzGX-up_tWvO-5ddwbIeLR38zpG8rxut7Ii3eG1UIi9iAApUUW7EDmkbhFALmoASyjUfzEtqsMMBiU1rFb3z8pqF9TMWYgQzIhwua4AGvZb4rPnvyankAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1c-qtYoA432fe5phraVLb_cAeu5g%26client%3Dca-pub-4782124024814850%26adurl%3D
IP 178.250.2.65:0
Hash d146d7825695efb51460a414c1125d92
81ca3c9d941180988ac7b3ea1d8c83ae2effcb54
8870e6cc4576ad0bc145d9fcb238425173ec6dc912830014d6ec0c85fbf02226
GET /delivery/r/afr.php?z=Y2zgAQAEf6wKGJBPAA-55UC5S-eS2yQryHfRJQ&u=%7CUs6hsT8xKnDjFwKVYrGj%2B18eUebxb9%2B%2ByIvNA%2Bv5Hlc%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wJMN_qZ8RVJdHuGIK-CGks2elGsDwbIm_FKCK4Y27hKVfO9xTNMsx3ha6Xm1cVjOhY4CCxE6fs-SD1syN5A29doIRWR4vevIKAR9x8d3YqO0kTx8kG52-Mb6hzUb-Lm2BpUM-UsfD4trRoWojmF_2baACFborcgdku8eavPQdRVig_xL3KlRqNcClThDMPoOBs6llZqBOzwC8hLPLrrAjJeB-HbB8tJK51cQy0c7DaVgBSFbf9GaEYURAE4XffCpLj0U8nXc5knIymJteefsXlkLnPtvI4SMfbYuu_1m6loJcelQBjhBq7BanTWkvg52GIslAfcpv9rALm3Im5XlqeTjv-Z6jiM0LeNetDLswKMWd8bFCCXLSYbj8E8-B9pQtjdaFNG__KuHf-80BeReHxvgK39o6GST5Y8YYyXTdafhciN8pbuZkinoG9qIbE2bwlJ11UVsw5tNGhaGhk05uLl2VIL3E5jM-m_qI9h5fYrTPSR0oPii8toxJsF7KQe74A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVGhaAeBsY6z_Ec-gYuXzvvgByZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi00NzgyMTI0MDI0ODE0ODUwyAEJqQLO0adYmNKwPqgDAaoE1AFP0OsTr2YWZv89NHKgS7bkFe_IurXtFyOTuPfTEeSDuiRdABIz-Js7MB6Mq04H_jcRa_RH_wRbO9a_yELV6mKT1qN1WGctxLI7jZ_THxY79Ladw3MyevrlMvP8ghcOPQOUy3ev8iwNPT0aMfMbt9DfP35Y0SAFhZFA6sASchfl2n0uXQOip3y9kzGX-up_tWvO-5ddwbIeLR38zpG8rxut7Ii3eG1UIi9iAApUUW7EDmkbhFALmoASyjUfzEtqsMMBiU1rFb3z8pqF9TMWYgQzIhwua4AGvZb4rPnvyankAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1c-qtYoA432fe5phraVLb_cAeu5g%26client%3Dca-pub-4782124024814850%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 11:26:57 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=jV74ViyYSBah6BrTOeOC_WmZMmvtxncGhcdi-nrvMYnNXoMSc35Tx5x6PR2GtKL3-JskngKsMxIcTejQNl8cShRci4LnSnRs32JBm4y7bDpjUkaf44mJwZ_YHWwQaWDiYf_pIK1cmv9Ni4_1GLYi19cJerlkHu8RHBRSaIpqQS56J2WYikqsbZ64WHMDgC5UthOsHXTyJT4Se6wuA0xd6_4r8FeeM5haqsvB4PnAcD-i_s4u2GNF9vXD3869K9dtVb9R7A"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 97597445
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 7c9addeb8e1938f84d7f36de4e87a330
83d5c0c85c89628601be4c28e592f08b7376eedf
005b566ce6380b637236cca19d5027b33c660798726685d85b2e7e6d7718f0b8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3483
Cache-Control: max-age=90488
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:58 GMT
Etag: "636b90df-13a"
Expires: Fri, 11 Nov 2022 12:35:06 GMT
Last-Modified: Wed, 09 Nov 2022 11:37:03 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 314
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c73f10e-9c01-44bd-95d2-c18ba845fe07.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c73f10e-9c01-44bd-95d2-c18ba845fe07.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2917b487c605eb7f53d20ff3b4fbfef0
5dd8989fb1129638361c16ad2a1fde93a4c4aafd
aaf620d791f23829e15a454b3faf5b47a0f00ff37ada91d6de5c62c322fe90ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c73f10e-9c01-44bd-95d2-c18ba845fe07.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8875
x-amzn-requestid: 1374243f-4fd8-4405-8f8a-946a8f92c457
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniEw2oAMFtfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-195c58a826eae13b58d21aa0;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MfDIK2PCS_o7UuNXVSNOb3YbR_P8vlF7xw75qf8WdbjRr8hzCVYu6A==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:46:28 GMT
age: 49230
etag: "5dd8989fb1129638361c16ad2a1fde93a4c4aafd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475584919_m_en_hd_1.jpg%3Ft%3D1649667666%3Fcb%3D2022111006&v=3&w=800&s=C17OX2o2p386nCB9uUvWG8vd&b=400
178.250.2.135200 OK 32 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475584919_m_en_hd_1.jpg%3Ft%3D1649667666%3Fcb%3D2022111006&v=3&w=800&s=C17OX2o2p386nCB9uUvWG8vd&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fb4285874f775154a91354246f02f0fd
606a199ef1816d46d6beeac5e357897642de5299
61d0ce58a33d0896e0fc6d5cfb96acffd45966027268293234066d8af68daeb2
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475584919_m_en_hd_1.jpg%3Ft%3D1649667666%3Fcb%3D2022111006&v=3&w=800&s=C17OX2o2p386nCB9uUvWG8vd&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31513852
expires: Fri, 10 Nov 2023 05:17:50 GMT
date: Thu, 10 Nov 2022 11:26:57 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 32266
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475725992_a_en_hd_1.jpg%3Ft%3D1649684168%3Fcb%3D2022111006&v=3&w=800&s=7uYdi7ySaXMf31jpGINv5mgT&b=400
178.250.2.135200 OK 20 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475725992_a_en_hd_1.jpg%3Ft%3D1649684168%3Fcb%3D2022111006&v=3&w=800&s=7uYdi7ySaXMf31jpGINv5mgT&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e04206fe23dc1bbc16db4fd883419950
025d9147cc9c1d22b89dcc1906afa31f1e8a5aeb
b8c701ccbcb3e3cc641544f682971b50dccf2e6e311985175e0f1a505a892aef
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475725992_a_en_hd_1.jpg%3Ft%3D1649684168%3Fcb%3D2022111006&v=3&w=800&s=7uYdi7ySaXMf31jpGINv5mgT&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31513848
expires: Fri, 10 Nov 2023 05:17:46 GMT
date: Thu, 10 Nov 2022 11:26:57 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 19802
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
104.17.24.14200 OK 4.4 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (2171)
Hash 44c72b9bddfecacc9114e84d685dd085
38f3ff57b9b64a38fc2153eb30564b7fc1c86349
c82afd4f2d89288b4b79244f0c24264810b11326670710ac8e28e7bfc87c7991
GET /ajax/libs/webfont/1.6.28/webfontloader.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 11:26:58 GMT
content-type: application/javascript; charset=utf-8
content-length: 4420
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04030-30d9"
last-modified: Mon, 04 May 2020 16:17:52 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1076141
expires: Tue, 31 Oct 2023 11:26:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kzN3vKAXyADHsQsvD1l%2BXMVvJLy%2Bke49B2G6tscbzQMYkd45BSrieOX8duq1sTjh8RJMW2dlK4WuVcijW3qLOxtwSsQkuOvN9W9q3sBM2XnIYm%2B0EB1pBiQ2b5JzkpY%2FSwf3Du6O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 767e6fad580cb50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475570707_a_en_hd_1.jpg%3Ft%3D1649395530%3Fcb%3D2022111006&v=3&w=800&s=qksEs4_EgHCccSzNcOvrjdpR&b=400
178.250.2.135200 OK 21 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475570707_a_en_hd_1.jpg%3Ft%3D1649395530%3Fcb%3D2022111006&v=3&w=800&s=qksEs4_EgHCccSzNcOvrjdpR&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x388, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 581473b3ffcb3f3b648ddbb71171d8a5
bb0500ac1126de7711cf40db3f6fcd0e9e2dfa3e
5be18c4a16835b0496bad0949166daebd1f763a9dfdb6d3543f97f269b9d28ac
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475570707_a_en_hd_1.jpg%3Ft%3D1649395530%3Fcb%3D2022111006&v=3&w=800&s=qksEs4_EgHCccSzNcOvrjdpR&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31513813
expires: Fri, 10 Nov 2023 05:17:11 GMT
date: Thu, 10 Nov 2022 11:26:57 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 20734
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8720286818602_m_en_hd_1.jpg%3Ft%3D1654137089%3Fcb%3D2022111006&v=3&w=800&s=2GxstncNVfoq-UBCd4F9_FAe&b=400
178.250.2.135200 OK 8.3 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8720286818602_m_en_hd_1.jpg%3Ft%3D1654137089%3Fcb%3D2022111006&v=3&w=800&s=2GxstncNVfoq-UBCd4F9_FAe&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2fd42de613268b41a12833cb6c61fbe6
269f77c99e6fa578da4c573ebb05709366174d1f
01f232a56325c1c19f7483ffb9c58fb4181f2cf10b05491fa65ba9a5abe530ba
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8720286818602_m_en_hd_1.jpg%3Ft%3D1654137089%3Fcb%3D2022111006&v=3&w=800&s=2GxstncNVfoq-UBCd4F9_FAe&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31513838
expires: Fri, 10 Nov 2023 05:17:36 GMT
date: Thu, 10 Nov 2022 11:26:57 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 8254
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=176&m=0&partner=28905&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F28905%2F211115%2F6881ae928430453884aebb1d62d823ca_vidaxl.png&v=3&w=256&s=OU77igUjoQ5dk8wQVE66mzmu
178.250.2.135200 OK 18 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=176&m=0&partner=28905&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F28905%2F211115%2F6881ae928430453884aebb1d62d823ca_vidaxl.png&v=3&w=256&s=OU77igUjoQ5dk8wQVE66mzmu
IP 178.250.2.135:0
File type PNG image data, 220 x 176, 8-bit/color RGBA, non-interlaced\012- data
Hash 0d4e020de454e73633438475a95de138
b905e371d2e4e7b78f85689457803e1fdfe69e98
d0a085a4d5e5fd920a8bd371a17d6c51415e5c5a28460864296efee1f39cb39a
GET /img/img?h=176&m=0&partner=28905&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F28905%2F211115%2F6881ae928430453884aebb1d62d823ca_vidaxl.png&v=3&w=256&s=OU77igUjoQ5dk8wQVE66mzmu HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=29444709
expires: Tue, 17 Oct 2023 06:32:07 GMT
date: Thu, 10 Nov 2022 11:26:57 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 17745
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/dt/c05716d7ca7548d789c4d0b3d5042816_gotham-black-italic.woff
178.250.2.130200 OK 17 kB URL HTTP/2 static.criteo.net/design/dt/c05716d7ca7548d789c4d0b3d5042816_gotham-black-italic.woff
IP 178.250.2.130:0
File type Web Open Font Format, CFF, length 17120, version 1.0\012- data
Hash f683179206a26fcb9ef35c6d14f6f7c7
c6da815fa6502dd63eb2606efd112fdd1eb9e79e
a26a23639f1408dca8879503cd479d3f823b085b727437c9d66c33ca3f75c08f
GET /design/dt/c05716d7ca7548d789c4d0b3d5042816_gotham-black-italic.woff HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 11:26:58 GMT
content-type: text/plain; charset=UTF-8
content-length: 17120
last-modified: Mon, 06 Jul 2020 12:19:39 GMT
etag: "5f0316db-42e0"
expires: Sun, 05 Nov 2023 11:26:58 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/dt/0c622d256dee425682575f30240ec196_gotham-black-regular.woff
178.250.2.130200 OK 26 kB URL HTTP/2 static.criteo.net/design/dt/0c622d256dee425682575f30240ec196_gotham-black-regular.woff
IP 178.250.2.130:0
File type Web Open Font Format, TrueType, length 26324, version 1.0\012- data
Hash 9acd111085f701eaf4fea7135f15ffa7
176a9dd986032b3647d1a40458db1db7d965f8bc
5a4a3459c15a5266e888bb12bbe9041b0f72aed89306411a5d5e69e7a1aa9f4d
GET /design/dt/0c622d256dee425682575f30240ec196_gotham-black-regular.woff HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 11:26:58 GMT
content-type: text/plain; charset=UTF-8
content-length: 26324
last-modified: Mon, 06 Jul 2020 12:19:39 GMT
etag: "5f0316db-66d4"
expires: Sun, 05 Nov 2023 11:26:58 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=116&m=0&partner=23519&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F23519%2F201116%2F1eac65ea492246a99e07ddc2b54601e1_logo_n_horizontal.png&v=3&w=1156&s=jqLCFRNBarLVzXlqJ4-juXLw
178.250.2.135200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=116&m=0&partner=23519&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F23519%2F201116%2F1eac65ea492246a99e07ddc2b54601e1_logo_n_horizontal.png&v=3&w=1156&s=jqLCFRNBarLVzXlqJ4-juXLw
IP 178.250.2.135:0
File type PNG image data, 417 x 116, 8-bit/color RGBA, non-interlaced\012- data
Hash 738a7e412712a80edc989ea9356802f9
93fb3ad7a925e660363c60e597ef3534c8478700
a1f51b55694d9b28b58a350fa28da1c2b20ab9c5c904297c18e936d279cd3811
GET /img/img?h=116&m=0&partner=23519&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F23519%2F201116%2F1eac65ea492246a99e07ddc2b54601e1_logo_n_horizontal.png&v=3&w=1156&s=jqLCFRNBarLVzXlqJ4-juXLw HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30393894
expires: Sat, 28 Oct 2023 06:11:52 GMT
date: Thu, 10 Nov 2022 11:26:58 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10651
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F3%2F4%2Fb%2F6%2F34b6e3c2929744f6a6e96a8fb3ca4884_2_PIA-293425_0_10.png%3Fcb%3D202245&v=3&w=800&s=y4dYU-Yn8zDjFs4ZHYExGkdX&b=400
178.250.2.135200 OK 16 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F3%2F4%2Fb%2F6%2F34b6e3c2929744f6a6e96a8fb3ca4884_2_PIA-293425_0_10.png%3Fcb%3D202245&v=3&w=800&s=y4dYU-Yn8zDjFs4ZHYExGkdX&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b9e8e01b4a9c2e11bfc94db6eec79d0e
fd9420d139455bdccc4f1c95067f2de6a85ec497
0d2dc5daeb9c23ec4d9a56f7f44b8c48b3a635c13b948a5afa6308108cd93415
GET /img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F3%2F4%2Fb%2F6%2F34b6e3c2929744f6a6e96a8fb3ca4884_2_PIA-293425_0_10.png%3Fcb%3D202245&v=3&w=800&s=y4dYU-Yn8zDjFs4ZHYExGkdX&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31262619
expires: Tue, 07 Nov 2023 07:30:38 GMT
date: Thu, 10 Nov 2022 11:26:57 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 15820
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2Ff%2Fc%2F7%2F9%2Ffc79b1a857fc18b9a7c48b0abdbf13a1a0c3ac79_2_PIA_73938_0_10.png%3Fcb%3D202245&v=3&w=800&s=wRO0IK22WgCaXY-lQY1Opnh6&b=400
178.250.2.135200 OK 17 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2Ff%2Fc%2F7%2F9%2Ffc79b1a857fc18b9a7c48b0abdbf13a1a0c3ac79_2_PIA_73938_0_10.png%3Fcb%3D202245&v=3&w=800&s=wRO0IK22WgCaXY-lQY1Opnh6&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 178c5e385a9ed02d5875442d32270f11
2c251aefd49e71e3b79eeb30d3635f2517f8cdba
b41a23920209dfe68b30262f235397abc4f7701965b9b8c76acf865c1d9435a4
GET /img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2Ff%2Fc%2F7%2F9%2Ffc79b1a857fc18b9a7c48b0abdbf13a1a0c3ac79_2_PIA_73938_0_10.png%3Fcb%3D202245&v=3&w=800&s=wRO0IK22WgCaXY-lQY1Opnh6&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31262687
expires: Tue, 07 Nov 2023 07:31:45 GMT
date: Thu, 10 Nov 2022 11:26:57 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 16812
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8720286115626_m_en_hd_1.jpg%3Ft%3D1649230470%3Fcb%3D2022111006&v=3&w=800&s=Ovmeh9ptIaRbipUqdjVr9FK-&b=400
178.250.2.135200 OK 26 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8720286115626_m_en_hd_1.jpg%3Ft%3D1649230470%3Fcb%3D2022111006&v=3&w=800&s=Ovmeh9ptIaRbipUqdjVr9FK-&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 84926365cae5186f1e80e631f1ed8625
76eef73c2cdb89b85b7f39f6b3f15cf77e0ed732
c81b4b5ef330420d2629595d1377ed40efa5ce5505e0efe24f7675becbce262b
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8720286115626_m_en_hd_1.jpg%3Ft%3D1649230470%3Fcb%3D2022111006&v=3&w=800&s=Ovmeh9ptIaRbipUqdjVr9FK-&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31513817
expires: Fri, 10 Nov 2023 05:17:15 GMT
date: Thu, 10 Nov 2022 11:26:57 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 26452
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=556&m=0&partner=28905&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F28905%2F211115%2Fb06c69b831ed410991b3a26cec796d5d_vidaxl.png&v=3&w=196&s=TelJhijAH_6p-qg4OoXWL0Ow
178.250.2.135200 OK 15 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=556&m=0&partner=28905&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F28905%2F211115%2Fb06c69b831ed410991b3a26cec796d5d_vidaxl.png&v=3&w=196&s=TelJhijAH_6p-qg4OoXWL0Ow
IP 178.250.2.135:0
File type PNG image data, 196 x 157, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ca57be72a70ecd49abc7d0eabe55ad3
11084dcfd67eb5b6682daeb50d9272d67ea17329
459c33ea9afd9143c3a03fabdd06c1a06bdda996a67f1a2626ff5bbdd65b7261
GET /img/img?h=556&m=0&partner=28905&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F28905%2F211115%2Fb06c69b831ed410991b3a26cec796d5d_vidaxl.png&v=3&w=196&s=TelJhijAH_6p-qg4OoXWL0Ow HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29442552
expires: Tue, 17 Oct 2023 05:56:11 GMT
date: Thu, 10 Nov 2022 11:26:58 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 15316
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=RSWExDBk8LEGuWAiOQPSK_37FvI0xvreu2fSEY3uYSvQn0FGl5iz1mJi22d9vNx3_XbKNokyW93y6_FbqiuMOgByJudKfzwbGxPwTmPjz_2fukESZurgGkiMUrm26cYQyMZHrSy3yyznOZQRAl92ODIuJnmvQCMtZNLVgrg8_KAIjeuNPKFk7_Tl7yfIJVEuvy4Ywle_QIuHiT8Pt7te1VQrgpJ6ngVCJMwoRQoR8cMIQnvFH93KEDAsoMnwQB8ELtDqkk469XKMp4SYB62Gf0JVg9PO_WkhGwsLpK0NMD30mUeLd7DW-EpcyIXveRmgdJEpUztWdPFZx6sO9bIudfO0x748AH1RbJvdGDS1wHKoUWANRL-DFVLsg2iA_Xhky8m-rPIt2R_D1usG_UEY1a_ZsYeKsw6jDq9Iu5bBGrP8HhD_
178.250.2.148200 OK 19 kB URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=RSWExDBk8LEGuWAiOQPSK_37FvI0xvreu2fSEY3uYSvQn0FGl5iz1mJi22d9vNx3_XbKNokyW93y6_FbqiuMOgByJudKfzwbGxPwTmPjz_2fukESZurgGkiMUrm26cYQyMZHrSy3yyznOZQRAl92ODIuJnmvQCMtZNLVgrg8_KAIjeuNPKFk7_Tl7yfIJVEuvy4Ywle_QIuHiT8Pt7te1VQrgpJ6ngVCJMwoRQoR8cMIQnvFH93KEDAsoMnwQB8ELtDqkk469XKMp4SYB62Gf0JVg9PO_WkhGwsLpK0NMD30mUeLd7DW-EpcyIXveRmgdJEpUztWdPFZx6sO9bIudfO0x748AH1RbJvdGDS1wHKoUWANRL-DFVLsg2iA_Xhky8m-rPIt2R_D1usG_UEY1a_ZsYeKsw6jDq9Iu5bBGrP8HhD_
IP 178.250.2.148:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6b88c84370611f973c96e7df8bf650b3
147f70b19ad6ba7afd3267c83f50b2b0c5f59fcf
31463a2466c983fbe5bdcabc7eb9ff9367f6a5df0ad8e641c549702484a22a76
GET /delivery/lg.php?cppv=3&cpp=RSWExDBk8LEGuWAiOQPSK_37FvI0xvreu2fSEY3uYSvQn0FGl5iz1mJi22d9vNx3_XbKNokyW93y6_FbqiuMOgByJudKfzwbGxPwTmPjz_2fukESZurgGkiMUrm26cYQyMZHrSy3yyznOZQRAl92ODIuJnmvQCMtZNLVgrg8_KAIjeuNPKFk7_Tl7yfIJVEuvy4Ywle_QIuHiT8Pt7te1VQrgpJ6ngVCJMwoRQoR8cMIQnvFH93KEDAsoMnwQB8ELtDqkk469XKMp4SYB62Gf0JVg9PO_WkhGwsLpK0NMD30mUeLd7DW-EpcyIXveRmgdJEpUztWdPFZx6sO9bIudfO0x748AH1RbJvdGDS1wHKoUWANRL-DFVLsg2iA_Xhky8m-rPIt2R_D1usG_UEY1a_ZsYeKsw6jDq9Iu5bBGrP8HhD_ HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 11:26:58 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2780542
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475911012_a_en_hd_1.jpg%3Ft%3D1650247457%3Fcb%3D2022111006&v=3&w=800&s=gE5d-lzvfq5w6CIqVbF59I82&b=400
178.250.2.135200 OK 5.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475911012_a_en_hd_1.jpg%3Ft%3D1650247457%3Fcb%3D2022111006&v=3&w=800&s=gE5d-lzvfq5w6CIqVbF59I82&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 328x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8f28053f667e887a3e6887c2b914ac59
2b76a7a86414568127eae5fe1cf6f805dea7ece9
0ce564f39484572bb4e930b633e768e0e4ea074d7a9ce03264b96a29fcf4c5a7
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475911012_a_en_hd_1.jpg%3Ft%3D1650247457%3Fcb%3D2022111006&v=3&w=800&s=gE5d-lzvfq5w6CIqVbF59I82&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31513847
expires: Fri, 10 Nov 2023 05:17:46 GMT
date: Thu, 10 Nov 2022 11:26:57 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5506
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8719883886510_a_en_hd_1.jpg%3Ft%3D1653035406%3Fcb%3D2022111006&v=3&w=800&s=-EugFZk6rFQm326NhNl9kfCk&b=400
178.250.2.135200 OK 9.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8719883886510_a_en_hd_1.jpg%3Ft%3D1653035406%3Fcb%3D2022111006&v=3&w=800&s=-EugFZk6rFQm326NhNl9kfCk&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x237, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5663c84eef3352bf48e650397e5bb7b3
1e06f0248a00b4224857cf6366510dd2a37d075f
dbc52d278d4afa5c7f7c483658f23657056a51d8089377dd0b23bc27bb9c1f94
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8719883886510_a_en_hd_1.jpg%3Ft%3D1653035406%3Fcb%3D2022111006&v=3&w=800&s=-EugFZk6rFQm326NhNl9kfCk&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31513872
expires: Fri, 10 Nov 2023 05:18:10 GMT
date: Thu, 10 Nov 2022 11:26:57 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9514
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8719883678702_a_en_hd_1.jpg%3Ft%3D1651030822%3Fcb%3D2022111006&v=3&w=800&s=Trr0Y_G31ZvoqQxQcokQDu2A&b=400
178.250.2.135200 OK 8.2 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8719883678702_a_en_hd_1.jpg%3Ft%3D1651030822%3Fcb%3D2022111006&v=3&w=800&s=Trr0Y_G31ZvoqQxQcokQDu2A&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x207, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 85f47c0e0ef4934f080cd195b528b087
0f316563c68e031b4b5d6d01592fb2146977260f
d7593a9b3a41f930edc55ef387ef8db971dd38d34d2c111f7e3454a9de2859d3
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8719883678702_a_en_hd_1.jpg%3Ft%3D1651030822%3Fcb%3D2022111006&v=3&w=800&s=Trr0Y_G31ZvoqQxQcokQDu2A&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31513865
expires: Fri, 10 Nov 2023 05:18:04 GMT
date: Thu, 10 Nov 2022 11:26:57 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 8176
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8720286011492_a_en_hd_1.jpg%3Ft%3D1649212147%3Fcb%3D2022111006&v=3&w=800&s=NjJFxLVvdCgQICKQk1C8EouW&b=400
178.250.2.135200 OK 33 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8720286011492_a_en_hd_1.jpg%3Ft%3D1649212147%3Fcb%3D2022111006&v=3&w=800&s=NjJFxLVvdCgQICKQk1C8EouW&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 01a70402f38ea31c29f90e82a2a0cdcc
a0f13619fe06a88e5e10d686d0fa6a1eacb2874f
be20c20553dce922784b01d71144fc137f30c05417dfcd13487830d24ad92598
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8720286011492_a_en_hd_1.jpg%3Ft%3D1649212147%3Fcb%3D2022111006&v=3&w=800&s=NjJFxLVvdCgQICKQk1C8EouW&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31513838
expires: Fri, 10 Nov 2023 05:17:36 GMT
date: Thu, 10 Nov 2022 11:26:57 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 32566
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=jV74ViyYSBah6BrTOeOC_WmZMmvtxncGhcdi-nrvMYnNXoMSc35Tx5x6PR2GtKL3-JskngKsMxIcTejQNl8cShRci4LnSnRs32JBm4y7bDpjUkaf44mJwZ_YHWwQaWDiYf_pIK1cmv9Ni4_1GLYi19cJerlkHu8RHBRSaIpqQS56J2WYikqsbZ64WHMDgC5UthOsHXTyJT4Se6wuA0xd6_4r8FeeM5haqsvB4PnAcD-i_s4u2GNF9vXD3869K9dtVb9R7A&sds=2&rev=83376.1&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=jV74ViyYSBah6BrTOeOC_WmZMmvtxncGhcdi-nrvMYnNXoMSc35Tx5x6PR2GtKL3-JskngKsMxIcTejQNl8cShRci4LnSnRs32JBm4y7bDpjUkaf44mJwZ_YHWwQaWDiYf_pIK1cmv9Ni4_1GLYi19cJerlkHu8RHBRSaIpqQS56J2WYikqsbZ64WHMDgC5UthOsHXTyJT4Se6wuA0xd6_4r8FeeM5haqsvB4PnAcD-i_s4u2GNF9vXD3869K9dtVb9R7A&sds=2&rev=83376.1&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=jV74ViyYSBah6BrTOeOC_WmZMmvtxncGhcdi-nrvMYnNXoMSc35Tx5x6PR2GtKL3-JskngKsMxIcTejQNl8cShRci4LnSnRs32JBm4y7bDpjUkaf44mJwZ_YHWwQaWDiYf_pIK1cmv9Ni4_1GLYi19cJerlkHu8RHBRSaIpqQS56J2WYikqsbZ64WHMDgC5UthOsHXTyJT4Se6wuA0xd6_4r8FeeM5haqsvB4PnAcD-i_s4u2GNF9vXD3869K9dtVb9R7A&sds=2&rev=83376.1&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 11:26:58 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=w_O9gq53B9rnuK1wYYK64mDFXJ59B-KUMC_uEuBGigB93utpYK8D2iyPh1u7jzlIP0NOWZEn9gl5swGwEfbpjbPnNq5Juz12eqbqHIBFc8yj0U7ZhukPkh78tNumk1O4eu7VZdhc3ci8FpTxrxqN5oC7lHCJVthTj8mb5DpwzdRAm7rHQo5N0Qy4xTJu0h-8L2o4FcQ2YK8YCr3Oi0g7Lp2shRKFrvHMOzkwbsgkFPgOQONnMR9py8tHRkZ24j6TT3BcTmFc6vq7NMiEx0eV36gE-ULEGab_OVHlGnK2G6_0y4krktJ96NfXgvRHK0jDQBASjVWkTtf1dBmNxXy6XRP7zaf-CtSxd0D8mJoumHZSnDWrty78s_P3E1aKlXr2v7w5cqPHKlz2Mct8exx-ITdRtekiMKXHtz4HC1xVo4v1jJho
178.250.2.148200 OK 143 B URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=w_O9gq53B9rnuK1wYYK64mDFXJ59B-KUMC_uEuBGigB93utpYK8D2iyPh1u7jzlIP0NOWZEn9gl5swGwEfbpjbPnNq5Juz12eqbqHIBFc8yj0U7ZhukPkh78tNumk1O4eu7VZdhc3ci8FpTxrxqN5oC7lHCJVthTj8mb5DpwzdRAm7rHQo5N0Qy4xTJu0h-8L2o4FcQ2YK8YCr3Oi0g7Lp2shRKFrvHMOzkwbsgkFPgOQONnMR9py8tHRkZ24j6TT3BcTmFc6vq7NMiEx0eV36gE-ULEGab_OVHlGnK2G6_0y4krktJ96NfXgvRHK0jDQBASjVWkTtf1dBmNxXy6XRP7zaf-CtSxd0D8mJoumHZSnDWrty78s_P3E1aKlXr2v7w5cqPHKlz2Mct8exx-ITdRtekiMKXHtz4HC1xVo4v1jJho
IP 178.250.2.148:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f8e3225f96e441d4d1fa4a545e0eba04
ce0b934f15798b62c663b0ea36164ba2399c705a
5aef094c919670ca98d44150cf113d9a21234388e7b21b3affb09d506d2eebe9
GET /delivery/lg.php?cppv=3&cpp=w_O9gq53B9rnuK1wYYK64mDFXJ59B-KUMC_uEuBGigB93utpYK8D2iyPh1u7jzlIP0NOWZEn9gl5swGwEfbpjbPnNq5Juz12eqbqHIBFc8yj0U7ZhukPkh78tNumk1O4eu7VZdhc3ci8FpTxrxqN5oC7lHCJVthTj8mb5DpwzdRAm7rHQo5N0Qy4xTJu0h-8L2o4FcQ2YK8YCr3Oi0g7Lp2shRKFrvHMOzkwbsgkFPgOQONnMR9py8tHRkZ24j6TT3BcTmFc6vq7NMiEx0eV36gE-ULEGab_OVHlGnK2G6_0y4krktJ96NfXgvRHK0jDQBASjVWkTtf1dBmNxXy6XRP7zaf-CtSxd0D8mJoumHZSnDWrty78s_P3E1aKlXr2v7w5cqPHKlz2Mct8exx-ITdRtekiMKXHtz4HC1xVo4v1jJho HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 11:26:57 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3033291
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=k2FVrCyYSBah6BrTi6yXUJ9z2D8q6OEPLic6VYEhKngW0YeuwklazAd_Z73D6QhbmjeDdFnDuwbr2w7Kuecy20QGvoQ2UjNyk86JaL6Nd6Vm5z5vocPDLEbHKj3uZg6lGxkmr6mEVo6dYkhQ2vJHYwpRt_amVtNunkwD7KBOKRP-TZiDi_ZDOHxIi7tiYVFUr9VO4_2RAkgrRS6OdWpcZGpnWmJoP8cwZuro9VPjjvwRyh1crsPDqsyWHRbCPJbMUOjA3A&sds=2&rev=83376.1&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=k2FVrCyYSBah6BrTi6yXUJ9z2D8q6OEPLic6VYEhKngW0YeuwklazAd_Z73D6QhbmjeDdFnDuwbr2w7Kuecy20QGvoQ2UjNyk86JaL6Nd6Vm5z5vocPDLEbHKj3uZg6lGxkmr6mEVo6dYkhQ2vJHYwpRt_amVtNunkwD7KBOKRP-TZiDi_ZDOHxIi7tiYVFUr9VO4_2RAkgrRS6OdWpcZGpnWmJoP8cwZuro9VPjjvwRyh1crsPDqsyWHRbCPJbMUOjA3A&sds=2&rev=83376.1&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=k2FVrCyYSBah6BrTi6yXUJ9z2D8q6OEPLic6VYEhKngW0YeuwklazAd_Z73D6QhbmjeDdFnDuwbr2w7Kuecy20QGvoQ2UjNyk86JaL6Nd6Vm5z5vocPDLEbHKj3uZg6lGxkmr6mEVo6dYkhQ2vJHYwpRt_amVtNunkwD7KBOKRP-TZiDi_ZDOHxIi7tiYVFUr9VO4_2RAkgrRS6OdWpcZGpnWmJoP8cwZuro9VPjjvwRyh1crsPDqsyWHRbCPJbMUOjA3A&sds=2&rev=83376.1&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 11:26:58 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 10 Nov 2022 11:26:58 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 22d58a383217d71638bee9004db91246
9ab12e80bcaff6e82c03643fd454490b80ce7188
7bb16843aecf32e7ef768fcb74872a5e499731e1dcbc1d85c2025b41813b7e93
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1243
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 10 Nov 2022 11:26:58 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
6e270ee20e20c22e7a3cc6a31f7cb020.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
142.250.74.65200 OK 3.0 kB URL HTTP/2 6e270ee20e20c22e7a3cc6a31f7cb020.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash 0193525c83a04aba8fa3caf53d9aac05
ec27db82404e05017dd9b66206d03c2f623ca8d6
1f57111c09ecc489613040fb1f8ec3e9458f6d58bdacfd3669a10ba338a4c9d0
GET /safeframe/1-0-39/html/container.html HTTP/1.1
Host: 6e270ee20e20c22e7a3cc6a31f7cb020.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2988
date: Thu, 10 Nov 2022 11:26:58 GMT
expires: Fri, 10 Nov 2023 11:26:58 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.criteo.net/design/dt/4ef456fb9fb14ec5a2da96fe450c24b3_homepagebaukasten-bold.woff
178.250.2.130200 OK 20 kB URL HTTP/2 static.criteo.net/design/dt/4ef456fb9fb14ec5a2da96fe450c24b3_homepagebaukasten-bold.woff
IP 178.250.2.130:0
File type Web Open Font Format, CFF, length 19492, version 1.0\012- data
Hash fe16408343054418c53b45c76a1892f2
b2f898a889e2164ba7bb7d6676b5a294eb97817b
3b42d14795d22866ea7e9bd3b4259fa75e510bcbbf7ab1861acb9ce2290128f2
GET /design/dt/4ef456fb9fb14ec5a2da96fe450c24b3_homepagebaukasten-bold.woff HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 11:26:58 GMT
content-type: text/plain; charset=UTF-8
content-length: 19492
last-modified: Mon, 06 Jul 2020 12:29:00 GMT
etag: "5f03190c-4c24"
expires: Sun, 05 Nov 2023 11:26:58 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=V4S5MmZLcy-4DJAvrjJAtwf6lBYkDTiKkwWvg4S7gfKvcjWXQPt2kAGPAvKg4dN08H8g6AZ9Xayfd08XucGSzLW7Qy3bMWtOX9rAyJP02EXW_B44B8Iv2a0a5YOP5ilC_LlLUbZCAZHjq-8qIgFU4qkTh9o4a_DoiD3mM-ajDL9CowfNyP_GCv8X3BSjcza_oHJRKG7INgD89-7mtjuuyxyjKqByfe67vkPTKnZ81O68po-l76089cwvbT4BV90CexYV5iHGUkeUWOEbk-Me3eeOHIl8WLLZoOvxXDgZKQVKruq2yPwMr86YJNyoHZ8tPlGUCZuOHEj568_fZaw3xlp6W6-QTtg94HUZarMtJRE5gJR3d3bFfbp6C3CmabjNSGhgTCkM5CSbCDIOUc1zJcri2n5vwg3QAEYl0FTQFL7ObLeQ
178.250.2.148200 OK 43 B URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=V4S5MmZLcy-4DJAvrjJAtwf6lBYkDTiKkwWvg4S7gfKvcjWXQPt2kAGPAvKg4dN08H8g6AZ9Xayfd08XucGSzLW7Qy3bMWtOX9rAyJP02EXW_B44B8Iv2a0a5YOP5ilC_LlLUbZCAZHjq-8qIgFU4qkTh9o4a_DoiD3mM-ajDL9CowfNyP_GCv8X3BSjcza_oHJRKG7INgD89-7mtjuuyxyjKqByfe67vkPTKnZ81O68po-l76089cwvbT4BV90CexYV5iHGUkeUWOEbk-Me3eeOHIl8WLLZoOvxXDgZKQVKruq2yPwMr86YJNyoHZ8tPlGUCZuOHEj568_fZaw3xlp6W6-QTtg94HUZarMtJRE5gJR3d3bFfbp6C3CmabjNSGhgTCkM5CSbCDIOUc1zJcri2n5vwg3QAEYl0FTQFL7ObLeQ
IP 178.250.2.148:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /delivery/lg.php?cppv=3&cpp=V4S5MmZLcy-4DJAvrjJAtwf6lBYkDTiKkwWvg4S7gfKvcjWXQPt2kAGPAvKg4dN08H8g6AZ9Xayfd08XucGSzLW7Qy3bMWtOX9rAyJP02EXW_B44B8Iv2a0a5YOP5ilC_LlLUbZCAZHjq-8qIgFU4qkTh9o4a_DoiD3mM-ajDL9CowfNyP_GCv8X3BSjcza_oHJRKG7INgD89-7mtjuuyxyjKqByfe67vkPTKnZ81O68po-l76089cwvbT4BV90CexYV5iHGUkeUWOEbk-Me3eeOHIl8WLLZoOvxXDgZKQVKruq2yPwMr86YJNyoHZ8tPlGUCZuOHEj568_fZaw3xlp6W6-QTtg94HUZarMtJRE5gJR3d3bFfbp6C3CmabjNSGhgTCkM5CSbCDIOUc1zJcri2n5vwg3QAEYl0FTQFL7ObLeQ HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 11:26:57 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2727728
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cb9cba612a96d2b4941001b66d7880f5
859a38ae37c0fa653d3d93407b635a96a901ceb6
2eedc8cc8a5ce8002b4b0ece6cc6842a230847f18a24d1cc85349278ed8975f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 1.3 kB IP 142.250.74.35:0
File type gzip compressed data, max compression\012- data
Hash b557113fa619b2bb95c4167cabdfc95b
df566ebf21559dffffb1ad50b88fe69c8b19dedd
ef2d2cbd6a01cd5004677d1c0993bb55717032d1db9af8a0460204274bd7f757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cb9cba612a96d2b4941001b66d7880f5
859a38ae37c0fa653d3d93407b635a96a901ceb6
2eedc8cc8a5ce8002b4b0ece6cc6842a230847f18a24d1cc85349278ed8975f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cb9cba612a96d2b4941001b66d7880f5
859a38ae37c0fa653d3d93407b635a96a901ceb6
2eedc8cc8a5ce8002b4b0ece6cc6842a230847f18a24d1cc85349278ed8975f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cb9cba612a96d2b4941001b66d7880f5
859a38ae37c0fa653d3d93407b635a96a901ceb6
2eedc8cc8a5ce8002b4b0ece6cc6842a230847f18a24d1cc85349278ed8975f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
216.58.211.1200 OK 62 kB URL HTTP/2 cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
IP 216.58.211.1:0
File type Unicode text, UTF-8 text, with very long lines (65008)
Hash d01f5a561493f905a9759ac4c1184aeb
32dcac96844d6281fb26c7a82b0895022715e627
1ccf343c33b08696d06b1cca968616c8b8b9ff4bc061b3a2002bd90219f3a27b
GET /rtv/012210191347000/amp4ads-v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 61564
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 21:48:03 GMT
expires: Fri, 03 Nov 2023 21:48:03 GMT
cache-control: public, max-age=31536000
etag: "84cdcac007f64412"
content-type: text/javascript; charset=UTF-8
age: 567536
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs
216.58.211.1200 OK 5.2 kB URL HTTP/2 cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs
IP 216.58.211.1:0
File type ASCII text, with very long lines (14697)
Hash 233278265fc033322558501e669c19f1
016edda223adfafd1cb756d6fe04e159ee89681f
41c3ce2e1ddc232842586f94b5d384714560885a50c9d8370f4e2bed1382f7e1
GET /rtv/012210191347000/v0/amp-ad-exit-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fr.wordssidekick.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 5198
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 22:01:45 GMT
expires: Fri, 03 Nov 2023 22:01:45 GMT
cache-control: public, max-age=31536000
etag: "aeb1502543fb438c"
content-type: text/javascript; charset=UTF-8
age: 566714
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012210191347000/v0/amp-analytics-0.1.mjs
216.58.211.1200 OK 29 kB URL HTTP/2 cdn.ampproject.org/rtv/012210191347000/v0/amp-analytics-0.1.mjs
IP 216.58.211.1:0
File type ASCII text, with very long lines (65534)
Hash b7e7237dda6bb30ca41984a7ec955c6e
9aaafaccc0450ef2e85cc793eef6f8658905960a
58696c719d75279e39fd7e60d79bcdadb2f17eb76fcb3732b7a6f4d7fbd24c7a
GET /rtv/012210191347000/v0/amp-analytics-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fr.wordssidekick.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 28845
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 21:48:22 GMT
expires: Fri, 03 Nov 2023 21:48:22 GMT
cache-control: public, max-age=31536000
etag: "fdb7364f8f067758"
content-type: text/javascript; charset=UTF-8
age: 567517
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012210191347000/v0/amp-form-0.1.mjs
216.58.211.1200 OK 13 kB URL HTTP/2 cdn.ampproject.org/rtv/012210191347000/v0/amp-form-0.1.mjs
IP 216.58.211.1:0
File type Unicode text, UTF-8 text, with very long lines (41068)
Hash 55dd55349450dbebf4e652fd7b7efc8f
e0595ceb4e1de54c959635de15e90cb7de894f9d
594c9c43a59fa419f7a9f6d669540064b9b44d07fcedd1c52607b826b7b04432
GET /rtv/012210191347000/v0/amp-form-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fr.wordssidekick.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 12946
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 21:27:06 GMT
expires: Fri, 03 Nov 2023 21:27:06 GMT
cache-control: public, max-age=31536000
etag: "2923b90bb7365105"
content-type: text/javascript; charset=UTF-8
age: 568793
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cb9cba612a96d2b4941001b66d7880f5
859a38ae37c0fa653d3d93407b635a96a901ceb6
2eedc8cc8a5ce8002b4b0ece6cc6842a230847f18a24d1cc85349278ed8975f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:26:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/measurement/l?ebcid=ALh7CaTLYM97oFvQ200zcK7vgznesdiYmnIERw9whfYElM5tLQGyeiQo_3cUqeI2JakiSGpqUfGcM2UkMGyhRCLv2qM8dNTQ7g
142.250.74.164204 No Content 0 B URL HTTP/1.1 www.google.com/ads/measurement/l?ebcid=ALh7CaTLYM97oFvQ200zcK7vgznesdiYmnIERw9whfYElM5tLQGyeiQo_3cUqeI2JakiSGpqUfGcM2UkMGyhRCLv2qM8dNTQ7g
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/measurement/l?ebcid=ALh7CaTLYM97oFvQ200zcK7vgznesdiYmnIERw9whfYElM5tLQGyeiQo_3cUqeI2JakiSGpqUfGcM2UkMGyhRCLv2qM8dNTQ7g HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://fr.wordssidekick.com/
Connection: keep-alive
HTTP/1.1 204 No Content
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Thu, 10 Nov 2022 11:26:59 GMT
Server: jumble_frontend_server
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=ksCRE7OzWawC2ASdg2ICAgAAAEfiA3bo7-vdOwEFJBAC4Gxj6FpcEwm9bEjBy0wAEgAA&wp=Y2zgAwAALY0KewUpAAVZ6r9QSnFwqHlH36PqFw
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=ksCRE7OzWawC2ASdg2ICAgAAAEfiA3bo7-vdOwEFJBAC4Gxj6FpcEwm9bEjBy0wAEgAA&wp=Y2zgAwAALY0KewUpAAVZ6r9QSnFwqHlH36PqFw
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=ksCRE7OzWawC2ASdg2ICAgAAAEfiA3bo7-vdOwEFJBAC4Gxj6FpcEwm9bEjBy0wAEgAA&wp=Y2zgAwAALY0KewUpAAVZ6r9QSnFwqHlH36PqFw HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server-processing-duration-in-ticks: 184978
date: Thu, 10 Nov 2022 11:26:58 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
216.58.207.195200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://fr.wordssidekick.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 15:21:36 GMT
expires: Thu, 09 Nov 2023 15:21:36 GMT
cache-control: public, max-age=31536000
age: 72323
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=jV74ViyYSBah6BrTOeOC_WmZMmvtxncGhcdi-nrvMYnNXoMSc35Tx5x6PR2GtKL3-JskngKsMxIcTejQNl8cShRci4LnSnRs32JBm4y7bDpjUkaf44mJwZ_YHWwQaWDiYf_pIK1cmv9Ni4_1GLYi19cJerlkHu8RHBRSaIpqQS56J2WYikqsbZ64WHMDgC5UthOsHXTyJT4Se6wuA0xd6_4r8FeeM5haqsvB4PnAcD-i_s4u2GNF9vXD3869K9dtVb9R7A&sds=2&rev=83376.1&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=jV74ViyYSBah6BrTOeOC_WmZMmvtxncGhcdi-nrvMYnNXoMSc35Tx5x6PR2GtKL3-JskngKsMxIcTejQNl8cShRci4LnSnRs32JBm4y7bDpjUkaf44mJwZ_YHWwQaWDiYf_pIK1cmv9Ni4_1GLYi19cJerlkHu8RHBRSaIpqQS56J2WYikqsbZ64WHMDgC5UthOsHXTyJT4Se6wuA0xd6_4r8FeeM5haqsvB4PnAcD-i_s4u2GNF9vXD3869K9dtVb9R7A&sds=2&rev=83376.1&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=jV74ViyYSBah6BrTOeOC_WmZMmvtxncGhcdi-nrvMYnNXoMSc35Tx5x6PR2GtKL3-JskngKsMxIcTejQNl8cShRci4LnSnRs32JBm4y7bDpjUkaf44mJwZ_YHWwQaWDiYf_pIK1cmv9Ni4_1GLYi19cJerlkHu8RHBRSaIpqQS56J2WYikqsbZ64WHMDgC5UthOsHXTyJT4Se6wuA0xd6_4r8FeeM5haqsvB4PnAcD-i_s4u2GNF9vXD3869K9dtVb9R7A&sds=2&rev=83376.1&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 11:26:59 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=R2NhOTBk8LEGuWAiOQPSK_37FvKxdZ2FtKZAYshXKYgZCpVUwS-ysU9C40Tb7r5w5giYvabrVN7mtmEyiIbbKbjZ1bhVJgfPf3ug6R0rdPNFK2VLnEzejI9A8r6CUCoY7XEauxVbiSSZazUu6LqOx9duzfhkglBN37_WljeSuVHL8RMSDVWa4A5dzf5M-zF3anHfirc-FWG-UWIOkFtO7moZ4yXWQpiwmQ5WKjO5NHhkY3ecz30tVraKa6eO3Ya6ljPZTMU-DUfIXfNbQtTG6dCBVRy4bFvGfh-gVMwex8NF77RVI_tLj-l4ZoFB0w9pxdd8hDmKMAwwYZ6pOTSL8Vrq1aPV_tHqhmeLZG2wJVxGvPWnnk2yYZ4U6Di8WlM61GC38fq3UX2T4YwB--xV0Zvr0EX7GllizhzQ47ZHh6EaECTW
178.250.2.148200 OK 17 kB URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=R2NhOTBk8LEGuWAiOQPSK_37FvKxdZ2FtKZAYshXKYgZCpVUwS-ysU9C40Tb7r5w5giYvabrVN7mtmEyiIbbKbjZ1bhVJgfPf3ug6R0rdPNFK2VLnEzejI9A8r6CUCoY7XEauxVbiSSZazUu6LqOx9duzfhkglBN37_WljeSuVHL8RMSDVWa4A5dzf5M-zF3anHfirc-FWG-UWIOkFtO7moZ4yXWQpiwmQ5WKjO5NHhkY3ecz30tVraKa6eO3Ya6ljPZTMU-DUfIXfNbQtTG6dCBVRy4bFvGfh-gVMwex8NF77RVI_tLj-l4ZoFB0w9pxdd8hDmKMAwwYZ6pOTSL8Vrq1aPV_tHqhmeLZG2wJVxGvPWnnk2yYZ4U6Di8WlM61GC38fq3UX2T4YwB--xV0Zvr0EX7GllizhzQ47ZHh6EaECTW
IP 178.250.2.148:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 695c90fa11f096839cf0a397c5f97b78
2f392afadf2f2731c45f4880e14f59853d26df11
7f3a3137ee6c81788e59cddf3ddbd9f992f225c14a7b39eb4762c778bc41bf9a
GET /delivery/lg.php?cppv=3&cpp=R2NhOTBk8LEGuWAiOQPSK_37FvKxdZ2FtKZAYshXKYgZCpVUwS-ysU9C40Tb7r5w5giYvabrVN7mtmEyiIbbKbjZ1bhVJgfPf3ug6R0rdPNFK2VLnEzejI9A8r6CUCoY7XEauxVbiSSZazUu6LqOx9duzfhkglBN37_WljeSuVHL8RMSDVWa4A5dzf5M-zF3anHfirc-FWG-UWIOkFtO7moZ4yXWQpiwmQ5WKjO5NHhkY3ecz30tVraKa6eO3Ya6ljPZTMU-DUfIXfNbQtTG6dCBVRy4bFvGfh-gVMwex8NF77RVI_tLj-l4ZoFB0w9pxdd8hDmKMAwwYZ6pOTSL8Vrq1aPV_tHqhmeLZG2wJVxGvPWnnk2yYZ4U6Di8WlM61GC38fq3UX2T4YwB--xV0Zvr0EX7GllizhzQ47ZHh6EaECTW HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 11:26:59 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3247802
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=f8M0pyyYSBah6BrTK37cOnmWBmbiOxk0yUmOAWKvRflOLNff-emLbBm89sauSA6KqVGA1Ehan8V988K3dpyKh3ssjrAnU0Ka0ZXOKmdeZwuqM5WP7pEEYGhrDHToDg-2S6iWQ0-Mzpc1O9p5_2qLrkNBjfTd7YVnlbh4cPqYxs1RYzsXTdPNGkR-E9VQ5AzK4N8rAw8KALKVAM_1VE6aYfJVJ3UXSEV2p7Zz7UgxraZ--ZPD_jkG3P3c2BhTqda-WVuqwQ&sds=2&rev=83376.1&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=f8M0pyyYSBah6BrTK37cOnmWBmbiOxk0yUmOAWKvRflOLNff-emLbBm89sauSA6KqVGA1Ehan8V988K3dpyKh3ssjrAnU0Ka0ZXOKmdeZwuqM5WP7pEEYGhrDHToDg-2S6iWQ0-Mzpc1O9p5_2qLrkNBjfTd7YVnlbh4cPqYxs1RYzsXTdPNGkR-E9VQ5AzK4N8rAw8KALKVAM_1VE6aYfJVJ3UXSEV2p7Zz7UgxraZ--ZPD_jkG3P3c2BhTqda-WVuqwQ&sds=2&rev=83376.1&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=f8M0pyyYSBah6BrTK37cOnmWBmbiOxk0yUmOAWKvRflOLNff-emLbBm89sauSA6KqVGA1Ehan8V988K3dpyKh3ssjrAnU0Ka0ZXOKmdeZwuqM5WP7pEEYGhrDHToDg-2S6iWQ0-Mzpc1O9p5_2qLrkNBjfTd7YVnlbh4cPqYxs1RYzsXTdPNGkR-E9VQ5AzK4N8rAw8KALKVAM_1VE6aYfJVJ3UXSEV2p7Zz7UgxraZ--ZPD_jkG3P3c2BhTqda-WVuqwQ&sds=2&rev=83376.1&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 11:26:59 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
www.google.com/pagead/drt/ui
142.250.74.164302 Found 0 B URL HTTP/1.1 www.google.com/pagead/drt/ui
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/drt/ui HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 302 Found
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Cache-Control: private
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Thu, 10 Nov 2022 11:27:00 GMT
Server: cafe
Content-Length: 0
X-XSS-Protection: 0
ads.eu.criteo.com/delivery/r/afr.php?z=Y2zgAQAFWDsKGKgSAAP-hk9oM9z9rh09DznJUQ&u=%7CUs6hsT8xKnDek6ABjzrAAHR8xlkmOe%2BFD%2FyBPTJoUCU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wFPBkonwj4SKXWCzvBXmLsUChojppCWelT-0c6f0f6JHYOd88sc9mx4IGZaS8bTC4tNpeZQBFZe1EX7VFcKdT-sXY-8P326s1JRnazHxrhe6LensEDX8gNv19p_4oQhMvapfXPtZ-L7oz9r3D4VxJxANFA4DF901QdRDcblEEwlxNxEnW-G7V89a-hW1u8BLwzQDntOhCXl0jaMqQO5uHCqY8BvjPmrry3iQ8xlE5Cm_VZuWQv4hRuPIbDSxg4D4YS_4eAe5l4dWEZ2IZ0HaBJ3N1A95DJ6H56QgS2Y_nhB6wkCfeG3NiFYwXP-PmAlOAS0OAs5AEaoiNZLV8xaC_zzY7LgerwjCH2XFSve6Cfbhmj9uBlso0eqa6dDod3fQ8X_ON-ciLtW_3FYkUddLU2zDo6qJOqdzS2kygDUYwzlidgu93TYUqwD0268UY9k0pTQV9lJSEod2DVtB0EPrpvJ--eI4lVE1P4K5brWHMfb6oCGVydMR3-Wmrn3bAjNc2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMcLrAeBsY7uwFZLQYob9j_gHyZ7SsVzNhuPWkwHAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNDc4MjEyNDAyNDgxNDg1MMgBCakCztGnWJjSsD6oAwGqBNYBT9AOOSxzOtzdJ5rVI3Ik49XMI49WToVYMO8e781XNcTlH7H3wCxAt4Pajw5DwY5iIv__uk-3wqo9UHJL7uuJdkRilOBpvvR-tSRaiRhs_LgbMjCTe_uZNZqazXARfoQON748E9MIh2_Vss-1vKnshzAIXz02lpE36p_I8pmK7XcNGZo-KchKe3CVQJ1nZvJ2DzB0w1qToQnmPyAnmFQQOwC47cfo6h9JVtxTFuwx1ANuDkKBtwp8PUxrmz24MGQeFUNCgLOjkLh0PBPy9JQ2yJRCrpepyoAGvZb4rPnvyankAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2SDlXez1dHiowShGuYfdad5JMRzg%26client%3Dca-pub-4782124024814850%26adurl%3D
178.250.2.65200 OK 52 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y2zgAQAFWDsKGKgSAAP-hk9oM9z9rh09DznJUQ&u=%7CUs6hsT8xKnDek6ABjzrAAHR8xlkmOe%2BFD%2FyBPTJoUCU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wFPBkonwj4SKXWCzvBXmLsUChojppCWelT-0c6f0f6JHYOd88sc9mx4IGZaS8bTC4tNpeZQBFZe1EX7VFcKdT-sXY-8P326s1JRnazHxrhe6LensEDX8gNv19p_4oQhMvapfXPtZ-L7oz9r3D4VxJxANFA4DF901QdRDcblEEwlxNxEnW-G7V89a-hW1u8BLwzQDntOhCXl0jaMqQO5uHCqY8BvjPmrry3iQ8xlE5Cm_VZuWQv4hRuPIbDSxg4D4YS_4eAe5l4dWEZ2IZ0HaBJ3N1A95DJ6H56QgS2Y_nhB6wkCfeG3NiFYwXP-PmAlOAS0OAs5AEaoiNZLV8xaC_zzY7LgerwjCH2XFSve6Cfbhmj9uBlso0eqa6dDod3fQ8X_ON-ciLtW_3FYkUddLU2zDo6qJOqdzS2kygDUYwzlidgu93TYUqwD0268UY9k0pTQV9lJSEod2DVtB0EPrpvJ--eI4lVE1P4K5brWHMfb6oCGVydMR3-Wmrn3bAjNc2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMcLrAeBsY7uwFZLQYob9j_gHyZ7SsVzNhuPWkwHAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNDc4MjEyNDAyNDgxNDg1MMgBCakCztGnWJjSsD6oAwGqBNYBT9AOOSxzOtzdJ5rVI3Ik49XMI49WToVYMO8e781XNcTlH7H3wCxAt4Pajw5DwY5iIv__uk-3wqo9UHJL7uuJdkRilOBpvvR-tSRaiRhs_LgbMjCTe_uZNZqazXARfoQON748E9MIh2_Vss-1vKnshzAIXz02lpE36p_I8pmK7XcNGZo-KchKe3CVQJ1nZvJ2DzB0w1qToQnmPyAnmFQQOwC47cfo6h9JVtxTFuwx1ANuDkKBtwp8PUxrmz24MGQeFUNCgLOjkLh0PBPy9JQ2yJRCrpepyoAGvZb4rPnvyankAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2SDlXez1dHiowShGuYfdad5JMRzg%26client%3Dca-pub-4782124024814850%26adurl%3D
IP 178.250.2.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (25709), with CRLF, LF line terminators
Hash 9c6562018df44bb222defcfec501ec07
f93b30f484c5e63b89a5e48736b1f07c6f19372f
d67f9a41838bd9358389312fa0a86b359fd5fe7eefa56eefb133e56fe0825032
GET /delivery/r/afr.php?z=Y2zgAQAFWDsKGKgSAAP-hk9oM9z9rh09DznJUQ&u=%7CUs6hsT8xKnDek6ABjzrAAHR8xlkmOe%2BFD%2FyBPTJoUCU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wFPBkonwj4SKXWCzvBXmLsUChojppCWelT-0c6f0f6JHYOd88sc9mx4IGZaS8bTC4tNpeZQBFZe1EX7VFcKdT-sXY-8P326s1JRnazHxrhe6LensEDX8gNv19p_4oQhMvapfXPtZ-L7oz9r3D4VxJxANFA4DF901QdRDcblEEwlxNxEnW-G7V89a-hW1u8BLwzQDntOhCXl0jaMqQO5uHCqY8BvjPmrry3iQ8xlE5Cm_VZuWQv4hRuPIbDSxg4D4YS_4eAe5l4dWEZ2IZ0HaBJ3N1A95DJ6H56QgS2Y_nhB6wkCfeG3NiFYwXP-PmAlOAS0OAs5AEaoiNZLV8xaC_zzY7LgerwjCH2XFSve6Cfbhmj9uBlso0eqa6dDod3fQ8X_ON-ciLtW_3FYkUddLU2zDo6qJOqdzS2kygDUYwzlidgu93TYUqwD0268UY9k0pTQV9lJSEod2DVtB0EPrpvJ--eI4lVE1P4K5brWHMfb6oCGVydMR3-Wmrn3bAjNc2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMcLrAeBsY7uwFZLQYob9j_gHyZ7SsVzNhuPWkwHAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNDc4MjEyNDAyNDgxNDg1MMgBCakCztGnWJjSsD6oAwGqBNYBT9AOOSxzOtzdJ5rVI3Ik49XMI49WToVYMO8e781XNcTlH7H3wCxAt4Pajw5DwY5iIv__uk-3wqo9UHJL7uuJdkRilOBpvvR-tSRaiRhs_LgbMjCTe_uZNZqazXARfoQON748E9MIh2_Vss-1vKnshzAIXz02lpE36p_I8pmK7XcNGZo-KchKe3CVQJ1nZvJ2DzB0w1qToQnmPyAnmFQQOwC47cfo6h9JVtxTFuwx1ANuDkKBtwp8PUxrmz24MGQeFUNCgLOjkLh0PBPy9JQ2yJRCrpepyoAGvZb4rPnvyankAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2SDlXez1dHiowShGuYfdad5JMRzg%26client%3Dca-pub-4782124024814850%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 11:26:58 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=f8M0pyyYSBah6BrTK37cOnmWBmbiOxk0yUmOAWKvRflOLNff-emLbBm89sauSA6KqVGA1Ehan8V988K3dpyKh3ssjrAnU0Ka0ZXOKmdeZwuqM5WP7pEEYGhrDHToDg-2S6iWQ0-Mzpc1O9p5_2qLrkNBjfTd7YVnlbh4cPqYxs1RYzsXTdPNGkR-E9VQ5AzK4N8rAw8KALKVAM_1VE6aYfJVJ3UXSEV2p7Zz7UgxraZ--ZPD_jkG3P3c2BhTqda-WVuqwQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 87491753
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
onetag-sys.com/usync/?cb=1668079613600&gdpr=0
51.89.9.254204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?cb=1668079613600&gdpr=0
IP 51.89.9.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?cb=1668079613600&gdpr=0 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
ssp.wp.pl/bidder/usersync?tcf=2&pvid=41698209730319430000&sn=undefined
212.77.99.29200 OK 281 B URL HTTP/2 ssp.wp.pl/bidder/usersync?tcf=2&pvid=41698209730319430000&sn=undefined
IP 212.77.99.29:0
ASN #12827 Wirtualna Polska Media S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (477), with no line terminators
Hash 3cc5bd08b7a270b10e3937d69295cce8
342d412c14becbf1fecd3091e0be6355791762fa
ed13833f42b1b6b979d0e7ac1e570dddf6ed8c1ec002c4f13e421e67d3af42ef
GET /bidder/usersync?tcf=2&pvid=41698209730319430000&sn=undefined HTTP/1.1
Host: ssp.wp.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 11:27:00 GMT
content-type: text/html; charset=utf-8
content-length: 281
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 07:39:06 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y2zgAwAALY0KewUpAAVZ6r9QSnFwqHlH36PqFw&u=%7C0Om8rEuLrD7hcvX3bH%2FEc0u5IY3rkiYGAv7eUvzdrMY%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY7bpRBgfvQocSqGJ9maAI8MDWo0lXR3BWfCO2ivvHkDEbvV_k6z2H_PwwSmKck0IQO4Tql5S5WWPqnxTn5EZ_nJWVTG--97Ftu2Y1rryS-n57ChVeHs5rQfyUH12e1hNt4CInKS1l79Cq-DGzulZgXCuD12_QRpNgBbFjQMK2t0k79hFgoPyv4w5YwJTP5LyjufWYjnmEFxndozyLoAj5FgLb-itIEou5mobnWC8uHJCN4r7wrewRO3pem2eumOJ48lH968rOxZCk5La-pIOl0nAyJtroL_WOixUpUnAlCJ3uegryRlDgaqcvOlVU-Ixi1kEReEqHcBJG3YwnKJMee1cG6YvflsYq8Wc8ckIzFR5OWT4eeO2uv_qmiLuat6u-CsRqhBfrxP0DC6laaz8anO8bdo8YcWRsMgT_WmVewfJRJmIP-nQ1RFCJoxo7p6TNRRB8nVZFY39KXNJta8KC1c_yvk3MIU52UIah97t3i3TO1YmKMpG364nAorE7TxjuN9I-oClxODP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCB7IBA-BsY41bqYrsA-qzlZADyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi00NzgyMTI0MDI0ODE0ODUwyAEJqQLO0adYmNKwPqgDAaoE2wFP0BUi1OK2r0Pw19OJ4U96icwlNOyR24CoRpZ3lOVO-tK8nqvua6kDRA4AXfN0NdBaZL9W3CFmUkWrUY1AvJ0FZSVHBcI4cFxHBdcmjipQbyVd0sdBDFwq71sFJ8dravXgw_u4WmR4oFb0wivBkqwmND6to2ttKeG9OZ29OX2IkxInWGY_KYCkbl5M7wiUmNRco_eUW20kIBDdwyHmGmdn_hllZSleCLaimI-fo4LRJKxpRmknT1CKv-gcUkMPUhJ35xMNmtnTj7DsY2bV84VyISC_u2YnzdnQBQGABr2W-Kz578mp5AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eS-QlOTE201Q2BVgCYL3fqujXXQ%26client%3Dca-pub-4782124024814850%26adurl%3D
178.250.2.65200 OK 70 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y2zgAwAALY0KewUpAAVZ6r9QSnFwqHlH36PqFw&u=%7C0Om8rEuLrD7hcvX3bH%2FEc0u5IY3rkiYGAv7eUvzdrMY%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY7bpRBgfvQocSqGJ9maAI8MDWo0lXR3BWfCO2ivvHkDEbvV_k6z2H_PwwSmKck0IQO4Tql5S5WWPqnxTn5EZ_nJWVTG--97Ftu2Y1rryS-n57ChVeHs5rQfyUH12e1hNt4CInKS1l79Cq-DGzulZgXCuD12_QRpNgBbFjQMK2t0k79hFgoPyv4w5YwJTP5LyjufWYjnmEFxndozyLoAj5FgLb-itIEou5mobnWC8uHJCN4r7wrewRO3pem2eumOJ48lH968rOxZCk5La-pIOl0nAyJtroL_WOixUpUnAlCJ3uegryRlDgaqcvOlVU-Ixi1kEReEqHcBJG3YwnKJMee1cG6YvflsYq8Wc8ckIzFR5OWT4eeO2uv_qmiLuat6u-CsRqhBfrxP0DC6laaz8anO8bdo8YcWRsMgT_WmVewfJRJmIP-nQ1RFCJoxo7p6TNRRB8nVZFY39KXNJta8KC1c_yvk3MIU52UIah97t3i3TO1YmKMpG364nAorE7TxjuN9I-oClxODP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCB7IBA-BsY41bqYrsA-qzlZADyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi00NzgyMTI0MDI0ODE0ODUwyAEJqQLO0adYmNKwPqgDAaoE2wFP0BUi1OK2r0Pw19OJ4U96icwlNOyR24CoRpZ3lOVO-tK8nqvua6kDRA4AXfN0NdBaZL9W3CFmUkWrUY1AvJ0FZSVHBcI4cFxHBdcmjipQbyVd0sdBDFwq71sFJ8dravXgw_u4WmR4oFb0wivBkqwmND6to2ttKeG9OZ29OX2IkxInWGY_KYCkbl5M7wiUmNRco_eUW20kIBDdwyHmGmdn_hllZSleCLaimI-fo4LRJKxpRmknT1CKv-gcUkMPUhJ35xMNmtnTj7DsY2bV84VyISC_u2YnzdnQBQGABr2W-Kz578mp5AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eS-QlOTE201Q2BVgCYL3fqujXXQ%26client%3Dca-pub-4782124024814850%26adurl%3D
IP 178.250.2.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (21869), with CRLF, LF line terminators
Hash b85314b47bea680fb93adbae979ab245
7d68248ec838a786b582cca9d030bdf65cd7d3b9
db3e535afe85d1cdb11594c636da3ae668f0c30cc6c198ec852596c7b273fa55
GET /delivery/r/afr.php?z=Y2zgAwAALY0KewUpAAVZ6r9QSnFwqHlH36PqFw&u=%7C0Om8rEuLrD7hcvX3bH%2FEc0u5IY3rkiYGAv7eUvzdrMY%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY7bpRBgfvQocSqGJ9maAI8MDWo0lXR3BWfCO2ivvHkDEbvV_k6z2H_PwwSmKck0IQO4Tql5S5WWPqnxTn5EZ_nJWVTG--97Ftu2Y1rryS-n57ChVeHs5rQfyUH12e1hNt4CInKS1l79Cq-DGzulZgXCuD12_QRpNgBbFjQMK2t0k79hFgoPyv4w5YwJTP5LyjufWYjnmEFxndozyLoAj5FgLb-itIEou5mobnWC8uHJCN4r7wrewRO3pem2eumOJ48lH968rOxZCk5La-pIOl0nAyJtroL_WOixUpUnAlCJ3uegryRlDgaqcvOlVU-Ixi1kEReEqHcBJG3YwnKJMee1cG6YvflsYq8Wc8ckIzFR5OWT4eeO2uv_qmiLuat6u-CsRqhBfrxP0DC6laaz8anO8bdo8YcWRsMgT_WmVewfJRJmIP-nQ1RFCJoxo7p6TNRRB8nVZFY39KXNJta8KC1c_yvk3MIU52UIah97t3i3TO1YmKMpG364nAorE7TxjuN9I-oClxODP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCB7IBA-BsY41bqYrsA-qzlZADyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi00NzgyMTI0MDI0ODE0ODUwyAEJqQLO0adYmNKwPqgDAaoE2wFP0BUi1OK2r0Pw19OJ4U96icwlNOyR24CoRpZ3lOVO-tK8nqvua6kDRA4AXfN0NdBaZL9W3CFmUkWrUY1AvJ0FZSVHBcI4cFxHBdcmjipQbyVd0sdBDFwq71sFJ8dravXgw_u4WmR4oFb0wivBkqwmND6to2ttKeG9OZ29OX2IkxInWGY_KYCkbl5M7wiUmNRco_eUW20kIBDdwyHmGmdn_hllZSleCLaimI-fo4LRJKxpRmknT1CKv-gcUkMPUhJ35xMNmtnTj7DsY2bV84VyISC_u2YnzdnQBQGABr2W-Kz578mp5AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eS-QlOTE201Q2BVgCYL3fqujXXQ%26client%3Dca-pub-4782124024814850%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 11:26:58 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=WSChwiyYSBah6BrTer0ewQcCNq-9VVxOs8ZDdyhnQhvo2HJAUCgvXvCaA8s7KC8XBAM2ekYHYMgySQ2hGu52wqbxKjpT9taAs6lxf_AMj1ddhlYZhk1aehKoaIAglfbCfs-_EKlzCn8MSdqgiZ64URh7W92yIY8Lu6sqxvATLNKdPGX3_iroiaaPxo1Y9NQn4yuDEoA-oVYyt3t2DV78izrM1opFjpKwpRhjk7B5On95JN7yMtoS7SFuwhnt5EiBaTsLRA"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 77902823
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 2f722a901e04407f5be0a9d2bbeee115
827357170dba6eb3602af40fe88275088865d2c2
b970d7955b4aeaf018c670022ec6b6a599ba114abf117994570b7f89281b72e0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4590
Cache-Control: max-age=89775
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:27:00 GMT
Etag: "636b89c5-139"
Expires: Fri, 11 Nov 2022 12:23:15 GMT
Last-Modified: Wed, 09 Nov 2022 11:06:45 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 2f722a901e04407f5be0a9d2bbeee115
827357170dba6eb3602af40fe88275088865d2c2
b970d7955b4aeaf018c670022ec6b6a599ba114abf117994570b7f89281b72e0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4597
Cache-Control: max-age=89782
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:27:00 GMT
Etag: "636b89c5-139"
Expires: Fri, 11 Nov 2022 12:23:22 GMT
Last-Modified: Wed, 09 Nov 2022 11:06:45 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
3.33.220.150301 Moved Permanently 134 B URL HTTP/1.1 match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
IP 3.33.220.150:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /track/rid?ttd_pid=prebid&fmt=json HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain
Origin: http://fr.wordssidekick.com
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Thu, 10 Nov 2022 11:27:00 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://match.adsrvr.org:443/track/rid?ttd_pid=prebid&fmt=json
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.171.53307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.171.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 10 Nov 2022 11:27:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: fad50827-27b1-402e-89d1-bbdb24210c9c
Set-Cookie: uuid2=3812113318208162772; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 08-Feb-2023 11:27:00 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 6593e65d597d67f18516ea05b02deb3e
44d98f7304969b3d44f9c76494a45baaac3c8ee5
e197f38b07b3b078d7801fc33d35f08e525d0c45ed90ab2e10178bb2a7a1a420
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4784
Cache-Control: max-age=113781
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:27:00 GMT
Etag: "636be6c9-139"
Expires: Fri, 11 Nov 2022 19:03:21 GMT
Last-Modified: Wed, 09 Nov 2022 17:43:37 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 313
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: http://fr.wordssidekick.com
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 11:27:00 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=KifMNF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVHdk40ZEsxd3ZIdjhnWDhEa1lBc3BGTHFDdG81YkZuMVZ4cFN4WnZnSnk; expires=Tue, 05 Dec 2023 11:27:00 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: http://fr.wordssidekick.com
server-processing-duration-in-ticks: 344288
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/animejs/animejs.js
178.250.2.130200 OK 5.7 kB URL HTTP/2 static.criteo.net/animejs/animejs.js
IP 178.250.2.130:0
File type ASCII text, with very long lines (12673), with no line terminators
Hash b38406f1648d18ff34629edc267cef2e
e87131a99cc284e99f97002528db941802f1055f
3eb7cf54084cf59bf4ee14db7271b2600b28e5bf18ec3d80fa58592c83685c37
GET /animejs/animejs.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 11:26:57 GMT
content-type: text/javascript
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
etag: W/"5c9a64eb-3181"
expires: Sun, 05 Nov 2023 11:26:57 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
23.38.200.201200 OK 5.5 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=138004
expires: Sat, 12 Nov 2022 01:47:04 GMT
date: Thu, 10 Nov 2022 11:27:00 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3dd911339667f003baed4ef3da918904
7d2d01beb060d5e3e9a64cbdfa19689c818e2f25
175d84f1bbe9512252b36313b807f8db1f3071e3c093ec6f8ba022d57b66dc75
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3641
Cache-Control: max-age=149299
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:27:00 GMT
Etag: "636c75fe-117"
Expires: Sat, 12 Nov 2022 04:55:19 GMT
Last-Modified: Thu, 10 Nov 2022 03:54:38 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
2.21.206.244301 Moved Permanently 0 B URL HTTP/2 secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
IP 2.21.206.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
date: Thu, 10 Nov 2022 11:27:00 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.171.53200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.171.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 10 Nov 2022 11:27:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: a8528f9b-cca1-4e3c-935c-a94f2b2e5bbc
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
54.230.111.14302 Found 0 B URL HTTP/2 s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
IP 54.230.111.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP/1.1
Host: s.ad.smaato.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: CloudFront
date: Thu, 10 Nov 2022 11:27:00 GMT
content-length: 0
cache-control: no-cache, must-revalidate
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.quantumdex.io/setuid?bidder=smaato&uid=3cdda3b9
set-cookie: SCM=3cdda3b9; Expires=Thu, 01 Dec 2022 11:27:00 GMT; Domain=.smaato.net; SameSite=None; Path=/; Secure
SCMp=3cdda3b9; Expires=Sun, 20 Nov 2022 23:27:00 GMT; Domain=.smaato.net; Path=/; SameSite=None; Secure
x-cache: FunctionGeneratedResponse from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: E5Wqi-mDKhGn9L5s4NTuhbP-9erOWShEZUP5pUZL5tuK9QaEV0tlvA==
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffr.wordssidekick.com%2F&domain=fr.wordssidekick.com&cw=1&lsw=1
178.250.2.146200 OK 22 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffr.wordssidekick.com%2F&domain=fr.wordssidekick.com&cw=1&lsw=1
IP 178.250.2.146:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 91d4898f938e4920ac88f87453b33933
1bd4a04303c2501101656075ad8304e1a84eb91e
93ecc6762eafd376cbe2fd18250fa9f12c90f9a86b481430ef29ec40716d8f35
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Ffr.wordssidekick.com%2F&domain=fr.wordssidekick.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://fr.wordssidekick.com/
Origin: http://fr.wordssidekick.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 11:26:59 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: http://fr.wordssidekick.com
server-processing-duration-in-ticks: 526657
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
2.23.134.137200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
IP 2.23.134.137:0
ASN #1299 Telia Company AB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?p=pbs-valueimpression&endpoint=us-east HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 10 Nov 2022 11:27:00 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3dd911339667f003baed4ef3da918904
7d2d01beb060d5e3e9a64cbdfa19689c818e2f25
175d84f1bbe9512252b36313b807f8db1f3071e3c093ec6f8ba022d57b66dc75
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3090
Cache-Control: max-age=148748
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:27:00 GMT
Etag: "636c75fe-117"
Expires: Sat, 12 Nov 2022 04:46:08 GMT
Last-Modified: Thu, 10 Nov 2022 03:54:38 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
eus.rubiconproject.com/usync.js
2.23.134.137200 OK 9.9 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP 2.23.134.137:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (18075)
Hash 0bb712232482d73f515bc98bc33aa064
976d329949986eeea2d438ff44115003e166527c
94336eabaa3644691ef26dd52b17fc1425179fa3d030b04f075d6f10c5b53297
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 10 Nov 2022 03:39:09 GMT
Content-Encoding: gzip
Content-Length: 9883
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=58371
Expires: Fri, 11 Nov 2022 03:39:51 GMT
Date: Thu, 10 Nov 2022 11:27:00 GMT
Connection: keep-alive
Vary: Accept-Encoding
www.youtube.com/s/player/c4225c42/www-player.css
216.58.211.14200 OK 43 B URL HTTP/2 www.youtube.com/s/player/c4225c42/www-player.css
IP 216.58.211.14:0
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /s/player/c4225c42/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/he9rh-bOOXk?rel=0&modestbranding=1&wmode=opaque
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49779
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 17:52:16 GMT
expires: Tue, 07 Nov 2023 17:52:16 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
content-type: text/css
age: 236080
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
37.252.171.53307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
IP 37.252.171.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 10 Nov 2022 11:27:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
AN-X-Request-Uuid: 51bfed11-3458-480f-9b23-e7304e8479f7
Set-Cookie: uuid2=4116181450870423479; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 08-Feb-2023 11:27:00 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E
23.38.200.22302 Found 154 B URL HTTP/2 hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E
IP 23.38.200.22:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 52558d05355ee6e9d14ff3cf8a5a3ef0
52cfd7dd3859dc0578849a7b1c91bb8f91ad84c2
bac5546ea0f819f461c9023592ec2398a45a6c3aab78e55fed8b7c908dce6060
GET /cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP/1.1
Host: hbx.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Apache
content-length: 154
content-type: text/html
location: https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
set-cookie: data-pbs=setstatuscode~~1;Expires=Fri, 10 Nov 2023 11:27:00 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=86400 ; includeSubDomains
x-mnet-hl2: E
expires: Thu, 10 Nov 2022 11:27:00 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 10 Nov 2022 11:27:00 GMT
X-Firefox-Spdy: h2
sync.quantumdex.io/setuid?bidder=ix&uid=0
104.22.37.96200 OK 43 B URL HTTP/2 sync.quantumdex.io/setuid?bidder=ix&uid=0
IP 104.22.37.96:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /setuid?bidder=ix&uid=0 HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ssum-sec.casalemedia.com/
Cookie: uid=5d3ea196-4d62-408b-9361-aa49fd89b0ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 11:27:00 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 767e6fbe7ec009b5-ARN
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
37.252.171.53302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
IP 37.252.171.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Thu, 10 Nov 2022 11:27:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=0
AN-X-Request-Uuid: 3514dc1a-2b56-4520-aef2-e7b91f2ab702
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 26416c316ff6cabe875546aeac2d162c
6c745809de8af65acca1d5d14979db7aec9c22f1
3ceb57c8a0e367dca65cddc6a3588198d34ce43f3e754a922ea46392fe15b525
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3CEB57C8A0E367DCA65CDDC6A3588198D34CE43F3E754A922EA46392FE15B525"
Last-Modified: Wed, 09 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19397
Expires: Thu, 10 Nov 2022 16:50:17 GMT
Date: Thu, 10 Nov 2022 11:27:00 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2cbfec6a87b270b91242f8d302859be0
daac67292af88836a276be7ffaab4333fdd5f40b
2b83625a1c178708d64a169b1491f3ba72a13919e0b0f3c4ff80a0da1a1309a5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5364
Cache-Control: max-age=105289
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:27:00 GMT
Etag: "636bc359-1d7"
Expires: Fri, 11 Nov 2022 16:41:49 GMT
Last-Modified: Wed, 09 Nov 2022 15:12:25 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
162.19.138.118200 43 B URL HTTP/1.1 id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
IP 162.19.138.118:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Thu, 10-Nov-2022 11:32:01 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Thu, 10-Nov-2022 11:32:01 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Thu, 10-Nov-2022 11:32:01 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Thu, 10-Nov-2022 11:32:01 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Thu, 10-Nov-2022 11:32:01 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Thu, 10-Nov-2022 11:32:01 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Thu, 10 Nov 2022 11:27:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 9b3f0eecfe11680108dbd9f878f40f02
4a1a5a962ee2632c1214a3c1fc3aae00d5656ef8
df8a3399af898c9122e4a25c449ae2e8906f47658445bf2b3bd741512fbc5439
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:27:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 07 Nov 2022 11:23:24 GMT
Expires: Mon, 14 Nov 2022 11:23:23 GMT
Etag: "4a1a5a962ee2632c1214a3c1fc3aae00d5656ef8"
Cache-Control: max-age=344782,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 767e6fbe1910fac0-OSL
ups.analytics.yahoo.com/ups/58424/occ
18.156.0.31302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58424/occ
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58424/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 10 Nov 2022 11:27:01 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBAXgbGMCEExMineWnkp66jvEil_yGmMFEgEBAQExbmN2YwAAAAAA_eMAAA&S=AQAAAkPGN7qwBDYIQSgC2QDs1uA; Expires=Fri, 10 Nov 2023 17:27:01 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffr.wordssidekick.com%2F&domain=fr.wordssidekick.com&cw=1&lsw=1
178.250.2.146200 OK 403 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffr.wordssidekick.com%2F&domain=fr.wordssidekick.com&cw=1&lsw=1
IP 178.250.2.146:0
File type JSON data\012- , ASCII text, with very long lines (484), with no line terminators
Hash eb9e4970c179c7350f062cc5897c24b7
0a56cec24e74c5960611a911fc6f3ccce585b851
70060c605e6bde64ba17f5582a6c057e0d39a376828fce030dbcf59c477ad16e
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Ffr.wordssidekick.com%2F&domain=fr.wordssidekick.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://fr.wordssidekick.com
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 11:27:00 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: http://fr.wordssidekick.com
server-processing-duration-in-ticks: 610234
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 734fc2bca27c284da1d416459e24932f
bc0aacce4bfc69d49e07b378539de22173040490
69718d8b1165ba1dceb094a86f720f486c1e181e5c3f3029934ee866c8670e21
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=151759
Date: Thu, 10 Nov 2022 11:27:01 GMT
Etag: "636c857b-1d7"
Expires: Sat, 12 Nov 2022 05:36:20 GMT
Last-Modified: Thu, 10 Nov 2022 05:00:43 GMT
Server: ECS (nyb/1D22)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kL6Z4MBdbixLm6-La4gxETiBAjkh8csd5-8srK-fh7MZj4ujb__rdw==
Age: 2137
sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
104.22.37.96200 OK 43 B URL HTTP/2 sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
IP 104.22.37.96:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /setuid?bidder=medianet&uid=0000EEA HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Cookie: uid=5d3ea196-4d62-408b-9361-aa49fd89b0ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 11:27:01 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 767e6fbf1f6b09b5-ARN
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58424/occ?verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58424/occ?verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58424/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 10 Nov 2022 11:27:01 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBAXgbGMCEGUTKgQdQeRYK4hlNXe4C-AFEgEBAQExbmN2YwAAAAAA_eMAAA&S=AQAAAq64YHkS-D01vAMhbsRrowU; Expires=Fri, 10 Nov 2023 17:27:01 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 3259a164cb5ed38a51ce9e30b6df3a5d
7e75f4c10d49c2e3af144a7867168117ac0a31a6
8a80ddd7af89a0685eeaecc02150c97302612b612dd523912f93216b52d0e58d
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 10 Nov 2022 11:27:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 09 Nov 2022 20:45:41 GMT
Expires: Thu, 10 Nov 2022 20:45:41 GMT
ETag: "7e75f4c10d49c2e3af144a7867168117ac0a31a6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
sync.quantumdex.io/setuid?bidder=appnexus&uid=0
104.22.37.96200 OK 43 B URL HTTP/2 sync.quantumdex.io/setuid?bidder=appnexus&uid=0
IP 104.22.37.96:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /setuid?bidder=appnexus&uid=0 HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Cookie: uid=5d3ea196-4d62-408b-9361-aa49fd89b0ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 11:27:01 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 767e6fbf4fa009b5-ARN
X-Firefox-Spdy: h2
match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
52.28.133.172204 No Content 0 B URL HTTP/2 match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
IP 52.28.133.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 10 Nov 2022 11:27:01 GMT
X-Firefox-Spdy: h2
ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
216.52.2.30204 No Content 0 B URL HTTP/1.1 ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
IP 216.52.2.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
date: Thu, 10 Nov 2022 11:27:01 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
pod: X-Sovrn-Pod: ad_ap6ams1
ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
104.18.18.126200 OK 579 B URL HTTP/2 ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
IP 104.18.18.126:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 467484f289436cf5463f7cec057003a1
ee068f54dc846caa590f33607e876556ca6cdf58
bf23bddd89bb4d3238e103e7b3d6712e9dcdf0be6509f1dfbcaa15a16c217c42
GET /usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 11:27:00 GMT
content-type: text/html
cf-ray: 767e6fbe18930b69-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJnvnHYLxTtONzlHlh%2BuLDcpxz7vDOiHVvgcMrtaiRRhHMMvuoKhWFdqRVLVpcs4NVX4Km7GXr4CGJTCZyp3hoa6BgIaWvd6xC%2BD9eLGGT%2FWfSMrrkvsSP3zbt3atCyjdjlcrRb8WcioBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3a7a7f915a4c7b58fc154bb5890b7fab
5a1d9bfd30392b41c99150e9f8d1f7efb5241cbf
46802d6c8b7299bc190be5fdad7514e883a466ba5e782fb4d884e0b275d7300a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5830
Cache-Control: max-age=141429
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:27:01 GMT
Etag: "636c4eb4-1d7"
Expires: Sat, 12 Nov 2022 02:44:10 GMT
Last-Modified: Thu, 10 Nov 2022 01:07:00 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3a7a7f915a4c7b58fc154bb5890b7fab
5a1d9bfd30392b41c99150e9f8d1f7efb5241cbf
46802d6c8b7299bc190be5fdad7514e883a466ba5e782fb4d884e0b275d7300a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5830
Cache-Control: max-age=141429
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:27:01 GMT
Etag: "636c4eb4-1d7"
Expires: Sat, 12 Nov 2022 02:44:10 GMT
Last-Modified: Thu, 10 Nov 2022 01:07:00 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 5dabe569e72eaa42f92ac7952ae38733
38d84933e9253cf5704c035eed204dd5b72c9e56
5c45daf8e169a71b7d4802f71f2bf8815e185513832023018d839b0bf36378d6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 11:27:01 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 08 Nov 2022 04:09:16 GMT
Expires: Tue, 15 Nov 2022 04:09:15 GMT
Etag: "38d84933e9253cf5704c035eed204dd5b72c9e56"
Cache-Control: max-age=405133,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 767e6fbf48fcb527-OSL
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 2b9961316c5a6746de188850d5186dcb
42ca7b4a7fcfc361c8f613629ddc9789ca9db1bf
24c08534dfdf2569c6256c686efb5b8b8a5ce2123871f1a4242cdf9e603d1be1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=126797
Date: Thu, 10 Nov 2022 11:27:01 GMT
Etag: "636c1ecf-1d7"
Expires: Fri, 11 Nov 2022 22:40:18 GMT
Last-Modified: Wed, 09 Nov 2022 21:42:39 GMT
Server: ECS (nyb/1D17)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 42OcL8Zw7JRvbUKgot_CEoH98mzasNneWozbTKJMYlLGJvvTOSy0jg==
Age: 3459
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5f1a5b4bfbb03aad52185001c421729c
d5eb4ec044c9babaf3b677fe15d0dfd4d6200823
ca380805caaebd6b9fb02f5ae5073c36f5a2e117284a5ef7cb09f7ff2f926c64
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4565
Cache-Control: max-age=161779
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:27:01 GMT
Etag: "636ca323-1d7"
Expires: Sat, 12 Nov 2022 08:23:20 GMT
Last-Modified: Thu, 10 Nov 2022 07:07:15 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
token.rubiconproject.com/token?pid=2249&pt=n
213.19.162.80302 Found 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=2249&pt=n
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=2249&pt=n HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 302 Found
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 0163a7456b0a5605e8b1fb1d4fba3e4d
Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
content-length: 0
c1.adform.net/serving/cookie/match?party=1164
37.157.4.28302 Found 0 B URL HTTP/2 c1.adform.net/serving/cookie/match?party=1164
IP 37.157.4.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /serving/cookie/match?party=1164 HTTP/1.1
Host: c1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 10 Nov 2022 11:27:01 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=1164
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: C=1; expires=Sat, 10 Dec 2022 11:27:01 GMT; domain=adform.net; path=/
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 089450c3642314972208d3c23d5d0601
16e76b06002dd15daffb1bd964306ecdbec117aa
6ab1eae026e38179d627664c4c4d834feaafe054fc55165b41727e464f6dd1ef
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4231
Cache-Control: max-age=106686
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 11:27:01 GMT
Etag: "636bcd3c-13a"
Expires: Fri, 11 Nov 2022 17:05:07 GMT
Last-Modified: Wed, 09 Nov 2022 15:54:36 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 314
token.rubiconproject.com/token?pid=27&a=1
213.19.162.80204 No Content 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=27&a=1
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=27&a=1 HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 2eb7d209ab67664d6226c75331547ba1
ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
188.42.191.196302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
IP 188.42.191.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 10 Nov 2023 11:27:01 GMT; Path=/; Domain=.betweendigital.com
tuuid=9dd2b8a2-42b8-523a-a741-f16fc42d116a; Max-Age=31536000; Expires=Fri, 10 Nov 2023 11:27:01 GMT; Path=/; Domain=.betweendigital.com
ut=Y2zgBQAEDxAOnLDi3_fSRlLO9C9X-u-ddiYMtQ==; Max-Age=31536000; Expires=Fri, 10 Nov 2023 11:27:01 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ad.turn.com/r/cs?pid=6
46.228.164.11302 Found 0 B IP 46.228.164.11:0
ASN #56396 Amobee EMEA Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/cs?pid=6 HTTP/1.1
Host: ad.turn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=4253423267940413299; Domain=.turn.com; Expires=Tue, 09-May-2023 11:27:01 GMT; Path=/; Secure; SameSite=None
location: https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=4253423267940413299&expires=60&gdpr=&gdpr_consent=
content-length: 0
date: Thu, 10 Nov 2022 11:27:00 GMT
X-Firefox-Spdy: h2
sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D32128%26nid%3D2915%26put%3D[sas_uid]
185.86.137.110302 Found 0 B URL HTTP/1.1 sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D32128%26nid%3D2915%26put%3D[sas_uid]
IP 185.86.137.110:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?gdpr=0&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D32128%26nid%3D2915%26put%3D[sas_uid] HTTP/1.1
Host: sync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
content-length: 0
date: Thu, 10 Nov 2022 11:27:01 GMT
cache-control: no-cache,no-store
location: https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=[sas_uid]&cklb=1
pragma: no-cache
set-cookie: TestIfCookie=ok; expires=Mon, 01 Jan 0001 00:00:00 GMT; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Fri, 10 Nov 2023 11:27:01 GMT; domain=.smartadserver.com; path=/
pbw=%24b%3d12100%3b%24o%3d11100; expires=Fri, 10 Nov 2023 11:27:01 GMT; domain=.smartadserver.com; path=/
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
54.239.33.158302 Found 0 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
IP 54.239.33.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Thu, 10 Nov 2022 11:27:01 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: 1E6PV2MH39G513R04WXZ
Set-Cookie: ad-id=A2INqSFSLkmPractWHT5wk4|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jul-2023 11:27:01 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
188.42.191.196200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
IP 188.42.191.196:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 10 Nov 2023 11:27:01 GMT; Path=/; Domain=.betweendigital.com
tuuid=c0c9e245-0c3d-523a-91fe-2145f292c140; Max-Age=31536000; Expires=Fri, 10 Nov 2023 11:27:01 GMT; Path=/; Domain=.betweendigital.com
ut=Y2zgBQAEVWBH9zYAIbU3qXt0Eq44KMkWra5Urw==; Max-Age=31536000; Expires=Fri, 10 Nov 2023 11:27:01 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
sync.smartadserver.com/getuid?gdpr=0&url=https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=[sas_uid]&cklb=1
185.86.137.110200 OK 0 B URL HTTP/1.1 sync.smartadserver.com/getuid?gdpr=0&url=https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=[sas_uid]&cklb=1
IP 185.86.137.110:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?gdpr=0&url=https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=[sas_uid]&cklb=1 HTTP/1.1
Host: sync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
date: Thu, 10 Nov 2022 11:27:00 GMT
aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
54.239.33.158200 OK 43 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
IP 54.239.33.158:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6851dbf491ae442da3314f19e8aff085
ecfec27263608c4ae7cd4f8e0cebb1b061df2ac3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
GET /s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Thu, 10 Nov 2022 11:27:01 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
x-amz-rid: PGS1B8P5117EE1KCJM2P
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
c1.adform.net/serving/cookie/match?CC=1&party=1164
37.157.4.28200 OK 35 B URL HTTP/2 c1.adform.net/serving/cookie/match?CC=1&party=1164
IP 37.157.4.28:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /serving/cookie/match?CC=1&party=1164 HTTP/1.1
Host: c1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 11:27:01 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
pixel-us-east.rubiconproject.com/exchange/sync.php?p=pbs-valueimpression
69.173.151.100204 No Content 0 B URL HTTP/1.1 pixel-us-east.rubiconproject.com/exchange/sync.php?p=pbs-valueimpression
IP 69.173.151.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=pbs-valueimpression HTTP/1.1
Host: pixel-us-east.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 29af2665c43893332e84c235bac366c1
Content-Type: image/gif
s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
209.54.182.161302 Found 0 B URL HTTP/1.1 s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
IP 209.54.182.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Thu, 10 Nov 2022 11:27:01 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: EFXVKHN53CZQ5FJS1YSF
Set-Cookie: ad-id=A-OAvV9j80CHtkCUMcxo6VI|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jul-2023 11:27:01 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
dr7.biz/?pu=g4ydqmrzga5ha3ddf4yteojy
185.177.92.179200 OK 10 B URL HTTP/2 dr7.biz/?pu=g4ydqmrzga5ha3ddf4yteojy
IP 185.177.92.179:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash f495e69f2e9edc75eeae7dd3ea78a747
a89e38bbe70fa2de5db9d578975abd4e9dcda52e
8bf4c7cf443426b4cd8b5a56d22109b4e70314c1d2b8d0eb68887696722c132c
Analyzer Verdict Alert quad9 Sinkholed
GET /?pu=g4ydqmrzga5ha3ddf4yteojy HTTP/1.1
Host: dr7.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 11:26:55 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=b5c76161-8e9f-4c1e-b8b3-3dbdfcd2052b; expires=Sat, 10-Dec-2022 11:26:55 GMT; Max-Age=2592000; path=/; SameSite=None; domain=dr7.biz; secure
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
209.54.182.161200 OK 43 B URL HTTP/1.1 s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
IP 209.54.182.161:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6851dbf491ae442da3314f19e8aff085
ecfec27263608c4ae7cd4f8e0cebb1b061df2ac3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
GET /dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Thu, 10 Nov 2022 11:27:01 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
x-amz-rid: 7QTRXPBVGBATDH6KA15F
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.171.53307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.171.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 10 Nov 2022 11:27:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 7ff105d7-abbe-487c-b5c4-7b4d9baa3791
Set-Cookie: uuid2=7502553775643990950; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 08-Feb-2023 11:27:01 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.171.53200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.171.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 10 Nov 2022 11:27:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 7dc33d24-340a-43e2-ac11-b4427892654c
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ce.lijit.com/merge?pid=279534&3pid=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDBI4AQ==
216.52.2.48302 Found 0 B URL HTTP/1.1 ce.lijit.com/merge?pid=279534&3pid=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDBI4AQ==
IP 216.52.2.48:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge?pid=279534&3pid=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDBI4AQ== HTTP/1.1
Host: ce.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 10 Nov 2022 11:27:01 GMT
Set-Cookie: ljt_reader=FoKvtRZHZDLfDDVHThiP1EBB; Path=/; Domain=.lijit.com; Expires=Fri, 10-Nov-2023 11:27:01 GMT; Max-Age=31536000;Secure;SameSite=None
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=279534&3pid=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDBI4AQ%3D%3D&dnr=1
Content-Length: 0
X-Sovrn-Pod: ad_ap5ams1
ce.lijit.com/merge?pid=279534&3pid=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDBI4AQ%3D%3D&dnr=1
216.52.2.48204 No Content 0 B URL HTTP/1.1 ce.lijit.com/merge?pid=279534&3pid=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDBI4AQ%3D%3D&dnr=1
IP 216.52.2.48:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge?pid=279534&3pid=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDBI4AQ%3D%3D&dnr=1 HTTP/1.1
Host: ce.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Thu, 10 Nov 2022 11:27:01 GMT
Set-Cookie: ljt_reader=FoKvtRZHbMz611wZTviK8LVm; Path=/; Domain=.lijit.com; Expires=Fri, 10-Nov-2023 11:27:01 GMT; Max-Age=31536000;Secure;SameSite=None
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Sovrn-Pod: ad_ap5ams1
static.addtoany.com/menu/modules/core.c4ad588e.js
172.67.39.148200 OK 0 B URL HTTP/2 static.addtoany.com/menu/modules/core.c4ad588e.js
IP 172.67.39.148:0
GET /menu/modules/core.c4ad588e.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fr.wordssidekick.com
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 11:26:56 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 02 Nov 2022 00:25:56 GMT
etag: W/"117b8-5ec71e25ea438"
cache-control: max-age=315360000, immutable
x-content-type-options: nosniff
access-control-allow-origin: *
vary: Accept-Encoding
via: e2s
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 767e6f9fa9dfb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy_small.svg
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy_small.svg
IP 178.250.2.130:0
GET /flash/icon/privacy_small.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 11:26:57 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
etag: W/"5e42ba84-6aa"
expires: Sun, 05 Nov 2023 11:26:57 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.addtoany.com/menu/page.js
172.67.39.148200 OK 0 B URL HTTP/2 static.addtoany.com/menu/page.js
IP 172.67.39.148:0
GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 11:26:55 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=172800
cf-bgj: minify
access-control-allow-origin: *
age: 39379
etag: W/"bb9-5ec71e264ddf8"
last-modified: Wed, 02 Nov 2022 00:25:57 GMT
vary: Accept-Encoding
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 767e6f9e481eb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/embed/he9rh-bOOXk?rel=0&modestbranding=1&wmode=opaque
216.58.211.14200 OK 0 B URL HTTP/2 www.youtube.com/embed/he9rh-bOOXk?rel=0&modestbranding=1&wmode=opaque
IP 216.58.211.14:0
GET /embed/he9rh-bOOXk?rel=0&modestbranding=1&wmode=opaque HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 10 Nov 2022 11:26:56 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=tUiaKD_sIdY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=UMVGBnb4LQY; Domain=.youtube.com; Expires=Tue, 09-May-2023 11:26:56 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+021; expires=Sat, 09-Nov-2024 11:26:56 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
std.wpcdn.pl/wpjslib6/wpjslib-sync.js
212.77.98.32200 OK 0 B URL HTTP/2 std.wpcdn.pl/wpjslib6/wpjslib-sync.js
IP 212.77.98.32:0
ASN #12827 Wirtualna Polska Media S.A.
GET /wpjslib6/wpjslib-sync.js HTTP/1.1
Host: std.wpcdn.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ssp.wp.pl
Connection: keep-alive
Referer: https://ssp.wp.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 11:27:00 GMT
content-type: application/javascript
last-modified: Wed, 09 Nov 2022 11:10:08 GMT
x-rgw-object-type: Normal
etag: W/"902359a3c00d2e3bdf6d0e205dc34fd1"
cache-control: max-age=900, stale-while-revalidate=86400
content-encoding: br
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 300
timing-allow-origin: *
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y2zgAQAGSAMKexS4AA0DbwDpi3ald7owMrgwVw&u=%7CUs6hsT8xKnCL5JLRkQ%2BCemr%2Fy1sgCqcJY%2BrSQ9iq%2FcY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANYz_Hd22Cu-Mtuq1SFP9FFAIexZP_iScaxBFToZO7U4gKaGQgeqdGu8CbVU10hBRfZwz3BOYsF8mTVBXVghz0yr2Uute-BAL0oeSOXOFGs_5G8ojswILPkSaapNm1STPMb0NkjfE0p4e9pwonpNwkqBlQz0jUJFd4NmGdD4Tkhu-N24Jjjkymm_atKM0X1V3hm0Fpsx08NjzGYR6x_2w3VfAS2BvgQSfYcjqGVp3VPJAwSwpbZpm54qSQQ04aEPKBJi6WljpHwSXis9PK422BD2gbqRmAV-bje_skADWnJp6SX1cNOVKePsi_TxcwMrX72I8qCzWQClH9xsCmWLJvfuJavcXwmvSsQQl5giDd77eFDNeFOpjSgKV3UQBBfDfvrctTmqKu2mMYz8wxvYOB_X-dDzgZzTJkNBm5_CRzPDwPkFgXmIzCSmaPex-FdUUw6tNeacLiEAC74mMfpiwOTOBdnArboR3rKYyTkSZpdrqn6YUAJPP2KjEarGVEM-NMA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCTo3AeBsY4OQGbip7APvhrSwAcme0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNDc4MjEyNDAyNDgxNDg1MMgBCakCztGnWJjSsD6oAwGqBNsBT9CU4dqCSrfT9Tz6ZbzFF8qYW234kzHtBH_BiuPEFFIlbHu02XVtDdAvc9MuZGEkKcCsr7NYNzLLtVNIezo6EDz8rs1udTvBUFjc4UflKIJEih3Np-OiVrOKxr-NP8BiMWlSyPS3X0O0QFz-7DlbeZCroxY1VvIparddEWCZW9qWz_DG8PLxLDFx5c66wjK9Kwg4div04to_hXvzkRztkarjBASwDVnzrTsps8eDxyJbn-aDsxrhtit1BFAvDxm7m127fLKUjdHBoWrP5G_QBudOGCWPYPDClsurgAb8jsjIv63frCCgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1QiV5-K9omrYhtBm-UtbG1j94IqA%26client%3Dca-pub-4782124024814850%26adurl%3D
178.250.2.65200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y2zgAQAGSAMKexS4AA0DbwDpi3ald7owMrgwVw&u=%7CUs6hsT8xKnCL5JLRkQ%2BCemr%2Fy1sgCqcJY%2BrSQ9iq%2FcY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANYz_Hd22Cu-Mtuq1SFP9FFAIexZP_iScaxBFToZO7U4gKaGQgeqdGu8CbVU10hBRfZwz3BOYsF8mTVBXVghz0yr2Uute-BAL0oeSOXOFGs_5G8ojswILPkSaapNm1STPMb0NkjfE0p4e9pwonpNwkqBlQz0jUJFd4NmGdD4Tkhu-N24Jjjkymm_atKM0X1V3hm0Fpsx08NjzGYR6x_2w3VfAS2BvgQSfYcjqGVp3VPJAwSwpbZpm54qSQQ04aEPKBJi6WljpHwSXis9PK422BD2gbqRmAV-bje_skADWnJp6SX1cNOVKePsi_TxcwMrX72I8qCzWQClH9xsCmWLJvfuJavcXwmvSsQQl5giDd77eFDNeFOpjSgKV3UQBBfDfvrctTmqKu2mMYz8wxvYOB_X-dDzgZzTJkNBm5_CRzPDwPkFgXmIzCSmaPex-FdUUw6tNeacLiEAC74mMfpiwOTOBdnArboR3rKYyTkSZpdrqn6YUAJPP2KjEarGVEM-NMA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCTo3AeBsY4OQGbip7APvhrSwAcme0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNDc4MjEyNDAyNDgxNDg1MMgBCakCztGnWJjSsD6oAwGqBNsBT9CU4dqCSrfT9Tz6ZbzFF8qYW234kzHtBH_BiuPEFFIlbHu02XVtDdAvc9MuZGEkKcCsr7NYNzLLtVNIezo6EDz8rs1udTvBUFjc4UflKIJEih3Np-OiVrOKxr-NP8BiMWlSyPS3X0O0QFz-7DlbeZCroxY1VvIparddEWCZW9qWz_DG8PLxLDFx5c66wjK9Kwg4div04to_hXvzkRztkarjBASwDVnzrTsps8eDxyJbn-aDsxrhtit1BFAvDxm7m127fLKUjdHBoWrP5G_QBudOGCWPYPDClsurgAb8jsjIv63frCCgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1QiV5-K9omrYhtBm-UtbG1j94IqA%26client%3Dca-pub-4782124024814850%26adurl%3D
IP 178.250.2.65:0
GET /delivery/r/afr.php?z=Y2zgAQAGSAMKexS4AA0DbwDpi3ald7owMrgwVw&u=%7CUs6hsT8xKnCL5JLRkQ%2BCemr%2Fy1sgCqcJY%2BrSQ9iq%2FcY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANYz_Hd22Cu-Mtuq1SFP9FFAIexZP_iScaxBFToZO7U4gKaGQgeqdGu8CbVU10hBRfZwz3BOYsF8mTVBXVghz0yr2Uute-BAL0oeSOXOFGs_5G8ojswILPkSaapNm1STPMb0NkjfE0p4e9pwonpNwkqBlQz0jUJFd4NmGdD4Tkhu-N24Jjjkymm_atKM0X1V3hm0Fpsx08NjzGYR6x_2w3VfAS2BvgQSfYcjqGVp3VPJAwSwpbZpm54qSQQ04aEPKBJi6WljpHwSXis9PK422BD2gbqRmAV-bje_skADWnJp6SX1cNOVKePsi_TxcwMrX72I8qCzWQClH9xsCmWLJvfuJavcXwmvSsQQl5giDd77eFDNeFOpjSgKV3UQBBfDfvrctTmqKu2mMYz8wxvYOB_X-dDzgZzTJkNBm5_CRzPDwPkFgXmIzCSmaPex-FdUUw6tNeacLiEAC74mMfpiwOTOBdnArboR3rKYyTkSZpdrqn6YUAJPP2KjEarGVEM-NMA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCTo3AeBsY4OQGbip7APvhrSwAcme0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNDc4MjEyNDAyNDgxNDg1MMgBCakCztGnWJjSsD6oAwGqBNsBT9CU4dqCSrfT9Tz6ZbzFF8qYW234kzHtBH_BiuPEFFIlbHu02XVtDdAvc9MuZGEkKcCsr7NYNzLLtVNIezo6EDz8rs1udTvBUFjc4UflKIJEih3Np-OiVrOKxr-NP8BiMWlSyPS3X0O0QFz-7DlbeZCroxY1VvIparddEWCZW9qWz_DG8PLxLDFx5c66wjK9Kwg4div04to_hXvzkRztkarjBASwDVnzrTsps8eDxyJbn-aDsxrhtit1BFAvDxm7m127fLKUjdHBoWrP5G_QBudOGCWPYPDClsurgAb8jsjIv63frCCgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1QiV5-K9omrYhtBm-UtbG1j94IqA%26client%3Dca-pub-4782124024814850%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 11:26:57 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=k2FVrCyYSBah6BrTi6yXUJ9z2D8q6OEPLic6VYEhKngW0YeuwklazAd_Z73D6QhbmjeDdFnDuwbr2w7Kuecy20QGvoQ2UjNyk86JaL6Nd6Vm5z5vocPDLEbHKj3uZg6lGxkmr6mEVo6dYkhQ2vJHYwpRt_amVtNunkwD7KBOKRP-TZiDi_ZDOHxIi7tiYVFUr9VO4_2RAkgrRS6OdWpcZGpnWmJoP8cwZuro9VPjjvwRyh1crsPDqsyWHRbCPJbMUOjA3A"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 116144407
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y2zgAQAITpYKGBKHAAtEqmbuCpdvhDThSUDqEg&u=%7CUs6hsT8xKnD8IUWlszkx68poMrYTlOAbQljw08z7CqY%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wLAoQPSxN4U7n2eIFLJo3-1senJhyaeBm6VmHE9F6eHjKqpWIc_-9-YSqFF9ncPFsEupdE6-PkX95aJ6SEnN_IxZY7jYq2KCssLx81wq0qkfbiTNvs6QwJSg9I0kJfwL011a7vCD_YNOxE-t1TYMWhQ3RxCv1QcVkOoYdiR3xC9ldg0LGlHvzo7SApjTaUJ6mchr4BigI12K1AZc6FmhKuuKdd-uEhGAk1ZwoBWymULzwEaiLx7pAXDY2KY11kmKx93jR5fd0XwMPacyX_Obq_RppdMMg0XsHkQaLwVMsI6t9kk2g8xwSouywRF_eX80jzyjDdMaWm7Vi47kz9gLZae3kTxRHAd5TcIm-KyPURdsOIjmgfuc0iOFXbkwyw4AkxUwXPPZ7_lk7RXofpA1R_BZ-XnE7TI89vUs0Dg-bCHvaGqkAg717kIePhgBzZTDSZcQkpGrI1OZTorkRRHfu1Hw3Kt-qN19iQhXYstVqS5k0C-_xVOUj-FxaF4lXpO5wg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLFJaAeBsY5adIYelYKqJrZAFyZ7SsVzFspj3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi00NzgyMTI0MDI0ODE0ODUwyAEJqQLO0adYmNKwPqgDAaoE2wFP0A0-_GsXP-PT4Fs_afdnycFw_0KmgLvm62B2mdX9yNyY-n-DciQWtr0xhW9b_FlTyotyu8Hl64T2er2mUDmJZFCciBDVMVWmMN2CA42l8mGoDkUwvb1WuThm3AEj_pWNpHtHI_Ffr-jmtvpTLKNxV-M15IK0eXMVFjMDMA7WflB0vEVJ5q4TDzs6td29VgPnixIz3nPuKlnsBClndMGyKuGnNEDWxuvCP9uftMkrjF013fJ2qgHNkwvT3COJ9JAqy8ieyDh8v4F2d27Lw9YOSUSFIMRAL0Twou-ABr2W-Kz578mp5AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2kE0pHlksjsLNyMl9oiea_dOK20Q%26client%3Dca-pub-4782124024814850%26adurl%3D
178.250.2.65200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y2zgAQAITpYKGBKHAAtEqmbuCpdvhDThSUDqEg&u=%7CUs6hsT8xKnD8IUWlszkx68poMrYTlOAbQljw08z7CqY%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wLAoQPSxN4U7n2eIFLJo3-1senJhyaeBm6VmHE9F6eHjKqpWIc_-9-YSqFF9ncPFsEupdE6-PkX95aJ6SEnN_IxZY7jYq2KCssLx81wq0qkfbiTNvs6QwJSg9I0kJfwL011a7vCD_YNOxE-t1TYMWhQ3RxCv1QcVkOoYdiR3xC9ldg0LGlHvzo7SApjTaUJ6mchr4BigI12K1AZc6FmhKuuKdd-uEhGAk1ZwoBWymULzwEaiLx7pAXDY2KY11kmKx93jR5fd0XwMPacyX_Obq_RppdMMg0XsHkQaLwVMsI6t9kk2g8xwSouywRF_eX80jzyjDdMaWm7Vi47kz9gLZae3kTxRHAd5TcIm-KyPURdsOIjmgfuc0iOFXbkwyw4AkxUwXPPZ7_lk7RXofpA1R_BZ-XnE7TI89vUs0Dg-bCHvaGqkAg717kIePhgBzZTDSZcQkpGrI1OZTorkRRHfu1Hw3Kt-qN19iQhXYstVqS5k0C-_xVOUj-FxaF4lXpO5wg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLFJaAeBsY5adIYelYKqJrZAFyZ7SsVzFspj3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi00NzgyMTI0MDI0ODE0ODUwyAEJqQLO0adYmNKwPqgDAaoE2wFP0A0-_GsXP-PT4Fs_afdnycFw_0KmgLvm62B2mdX9yNyY-n-DciQWtr0xhW9b_FlTyotyu8Hl64T2er2mUDmJZFCciBDVMVWmMN2CA42l8mGoDkUwvb1WuThm3AEj_pWNpHtHI_Ffr-jmtvpTLKNxV-M15IK0eXMVFjMDMA7WflB0vEVJ5q4TDzs6td29VgPnixIz3nPuKlnsBClndMGyKuGnNEDWxuvCP9uftMkrjF013fJ2qgHNkwvT3COJ9JAqy8ieyDh8v4F2d27Lw9YOSUSFIMRAL0Twou-ABr2W-Kz578mp5AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2kE0pHlksjsLNyMl9oiea_dOK20Q%26client%3Dca-pub-4782124024814850%26adurl%3D
IP 178.250.2.65:0
GET /delivery/r/afr.php?z=Y2zgAQAITpYKGBKHAAtEqmbuCpdvhDThSUDqEg&u=%7CUs6hsT8xKnD8IUWlszkx68poMrYTlOAbQljw08z7CqY%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wLAoQPSxN4U7n2eIFLJo3-1senJhyaeBm6VmHE9F6eHjKqpWIc_-9-YSqFF9ncPFsEupdE6-PkX95aJ6SEnN_IxZY7jYq2KCssLx81wq0qkfbiTNvs6QwJSg9I0kJfwL011a7vCD_YNOxE-t1TYMWhQ3RxCv1QcVkOoYdiR3xC9ldg0LGlHvzo7SApjTaUJ6mchr4BigI12K1AZc6FmhKuuKdd-uEhGAk1ZwoBWymULzwEaiLx7pAXDY2KY11kmKx93jR5fd0XwMPacyX_Obq_RppdMMg0XsHkQaLwVMsI6t9kk2g8xwSouywRF_eX80jzyjDdMaWm7Vi47kz9gLZae3kTxRHAd5TcIm-KyPURdsOIjmgfuc0iOFXbkwyw4AkxUwXPPZ7_lk7RXofpA1R_BZ-XnE7TI89vUs0Dg-bCHvaGqkAg717kIePhgBzZTDSZcQkpGrI1OZTorkRRHfu1Hw3Kt-qN19iQhXYstVqS5k0C-_xVOUj-FxaF4lXpO5wg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLFJaAeBsY5adIYelYKqJrZAFyZ7SsVzFspj3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi00NzgyMTI0MDI0ODE0ODUwyAEJqQLO0adYmNKwPqgDAaoE2wFP0A0-_GsXP-PT4Fs_afdnycFw_0KmgLvm62B2mdX9yNyY-n-DciQWtr0xhW9b_FlTyotyu8Hl64T2er2mUDmJZFCciBDVMVWmMN2CA42l8mGoDkUwvb1WuThm3AEj_pWNpHtHI_Ffr-jmtvpTLKNxV-M15IK0eXMVFjMDMA7WflB0vEVJ5q4TDzs6td29VgPnixIz3nPuKlnsBClndMGyKuGnNEDWxuvCP9uftMkrjF013fJ2qgHNkwvT3COJ9JAqy8ieyDh8v4F2d27Lw9YOSUSFIMRAL0Twou-ABr2W-Kz578mp5AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2kE0pHlksjsLNyMl9oiea_dOK20Q%26client%3Dca-pub-4782124024814850%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 11:26:57 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=rtaOliyYSBah6BrTQSP8tQIzKeHMO9qe4D3OSWLfk4vHNil6iizsM6iI51TEY9S0hgOkZSfJeO6tv_iNf6A--IMozfJaRN4EiWaj8MG96D1t-7CDWMCC2ByEoEt9bJbSSd0O7qS8UXuFPICzUnpICI8cYfdaSVWexjxPVWrVmIvNDN9MeT1fdlenFrZUXM9I-p53siUcSgty55wWUnuwJbUBqnMOOV0NALz5HHylpDMVNv9z1izWvLIYAjJhoiCg5uBLwg"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 126233549
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
static.addtoany.com/menu/sm.23.html
172.67.39.148200 OK 0 B URL HTTP/2 static.addtoany.com/menu/sm.23.html
IP 172.67.39.148:0
GET /menu/sm.23.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 11:26:55 GMT
content-type: text/html; charset=utf-8
last-modified: Wed, 22 Sep 2021 23:42:51 GMT
etag: W/"2e5-5cc9e128a4c38"
cache-control: max-age=315360000, immutable
age: 44370
vary: Accept-Encoding
via: e4s
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 767e6f9fa9dab4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy.svg
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy.svg
IP 178.250.2.130:0
GET /flash/icon/privacy.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 11:26:57 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
etag: W/"5e4d1491-646"
expires: Sun, 05 Nov 2023 11:26:57 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/adchoices_en.svg
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/adchoices_en.svg
IP 178.250.2.130:0
GET /flash/icon/adchoices_en.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 11:26:58 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
etag: W/"5e42b9ee-759"
expires: Sun, 05 Nov 2023 11:26:58 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
sync.quantumdex.io/usersync/pbjs
104.22.37.96200 OK 0 B URL HTTP/2 sync.quantumdex.io/usersync/pbjs
IP 104.22.37.96:0
GET /usersync/pbjs HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Cookie: uid=5d3ea196-4d62-408b-9361-aa49fd89b0ff
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 11:27:00 GMT
content-type: text/html
set-cookie: uid=5d3ea196-4d62-408b-9361-aa49fd89b0ff; expires=Sun, 20 Nov 2022 11:27:00 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 767e6fbc0c6c09b5-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
get.optad360.io/sf/prebid7.17.0.js
54.230.111.124200 OK 0 B URL HTTP/2 get.optad360.io/sf/prebid7.17.0.js
IP 54.230.111.124:0
GET /sf/prebid7.17.0.js HTTP/1.1
Host: get.optad360.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fr.wordssidekick.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 09 Nov 2022 03:02:28 GMT
last-modified: Mon, 03 Oct 2022 06:53:57 GMT
etag: W/"840fa482840c0b1f014b3c14f6e0ab2e"
cache-control: public, max-age=360000000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: n0sHsW9cHDXiOWcXLqFcIWmvITH8QtFSI4VzxoflQRTo3l3cYJMWOA==
age: 116669
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/criteo_logo_2021.svg
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/criteo_logo_2021.svg
IP 178.250.2.130:0
GET /flash/icon/criteo_logo_2021.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 11:26:57 GMT
content-type: image/svg+xml
last-modified: Thu, 27 May 2021 13:21:59 GMT
etag: W/"60af9cf7-891"
expires: Sun, 05 Nov 2023 11:26:57 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=zNe9NWZLcy-4DJAvrjJAtwf6lBbpGkrJ_2-K-bKLSWgchn1rXEZ0KfV81tym7w6eRqwmCvcFHMuEoGp-SXKCQ3GH444HpupXOUh80yqu3mAexeoQHuY-12ttQ5xVMqaptT8qERZ-ixPv0B7CsVhPzhKmwX_3SDV-Hl0DFZ4cv4IwVrhP6azawkSwQujgNEEHWWg0VuNv-jNUYTZZqDmjL_tErw7zPxYhMEnGj_tcouIm4wrShipRHIH3KDcrN1Yk6kwxHgzRBpAn01p7s9Rwe-HBiNJggvInX6nQwbicqU94z-BcbK-sf_sy3Gkm8kF1feOfob3w3SxzF5QGzab90cyLXTYgwk_x7kafoj5HoHiE6Ha87nCAiZfpDoKsPy3vsnK1RyHqOgaykVwlzrPG95qEvmYBobEUVxlX259vesurJqNu
178.250.2.148200 OK 0 B URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=zNe9NWZLcy-4DJAvrjJAtwf6lBbpGkrJ_2-K-bKLSWgchn1rXEZ0KfV81tym7w6eRqwmCvcFHMuEoGp-SXKCQ3GH444HpupXOUh80yqu3mAexeoQHuY-12ttQ5xVMqaptT8qERZ-ixPv0B7CsVhPzhKmwX_3SDV-Hl0DFZ4cv4IwVrhP6azawkSwQujgNEEHWWg0VuNv-jNUYTZZqDmjL_tErw7zPxYhMEnGj_tcouIm4wrShipRHIH3KDcrN1Yk6kwxHgzRBpAn01p7s9Rwe-HBiNJggvInX6nQwbicqU94z-BcbK-sf_sy3Gkm8kF1feOfob3w3SxzF5QGzab90cyLXTYgwk_x7kafoj5HoHiE6Ha87nCAiZfpDoKsPy3vsnK1RyHqOgaykVwlzrPG95qEvmYBobEUVxlX259vesurJqNu
IP 178.250.2.148:0
GET /delivery/lg.php?cppv=3&cpp=zNe9NWZLcy-4DJAvrjJAtwf6lBbpGkrJ_2-K-bKLSWgchn1rXEZ0KfV81tym7w6eRqwmCvcFHMuEoGp-SXKCQ3GH444HpupXOUh80yqu3mAexeoQHuY-12ttQ5xVMqaptT8qERZ-ixPv0B7CsVhPzhKmwX_3SDV-Hl0DFZ4cv4IwVrhP6azawkSwQujgNEEHWWg0VuNv-jNUYTZZqDmjL_tErw7zPxYhMEnGj_tcouIm4wrShipRHIH3KDcrN1Yk6kwxHgzRBpAn01p7s9Rwe-HBiNJggvInX6nQwbicqU94z-BcbK-sf_sy3Gkm8kF1feOfob3w3SxzF5QGzab90cyLXTYgwk_x7kafoj5HoHiE6Ha87nCAiZfpDoKsPy3vsnK1RyHqOgaykVwlzrPG95qEvmYBobEUVxlX259vesurJqNu HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 11:26:59 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2852616
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2