bodybuilding-vids.blogspot.com/2012_05_01_archive.html
172.217.21.161301 Moved Permanently 204 B URL HTTP/1.1 bodybuilding-vids.blogspot.com/2012_05_01_archive.html
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 8b3e05979082e9d639069741906a532c
218de303ff45cac72d7356184d65dbba75ddd79e
2c4d95b5878c50d608286ef14c1ab0a8d7960a8d10dd4acd9e94e84e338a3836
Analyzer Verdict Alert fortinet Phishing
GET /2012_05_01_archive.html HTTP/1.1
Host: bodybuilding-vids.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://bodybuilding-vids.blogspot.com/2012_05_01_archive.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Wed, 14 Dec 2022 22:34:09 GMT
Expires: Wed, 14 Dec 2022 22:34:09 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 204
Server: GSE
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 358212db02ecc7c1fa088906bd2dba14
091a0688da9de609d97349215ba9e452dfc346a4
7486e512e4de8172ac07f07f47da3a96dd3ac7cb054b335f3e4929261440e672
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7486E512E4DE8172AC07F07F47DA3A96DD3AC7CB054B335F3E4929261440E672"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7520
Expires: Thu, 15 Dec 2022 00:39:29 GMT
Date: Wed, 14 Dec 2022 22:34:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 555d8608594803d49eeb9581c6b70702
d01e0201e0ba0cf751ef97226620338a853bc635
2885cdac311a30161a8ac9ef8e54c788afafd4f86ed197a651fc6d8bda077908
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2885CDAC311A30161A8AC9EF8E54C788AFAFD4F86ED197A651FC6D8BDA077908"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2496
Expires: Wed, 14 Dec 2022 23:15:45 GMT
Date: Wed, 14 Dec 2022 22:34:09 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 14 Dec 2022 22:33:50 GMT
content-type: application/json
age: 19
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d29881eeb0456eff8cf415ad2ce64ba0
e3cfdd5f56ff88066257ec8f4726f53e3a733bd3
2cd90072f113163f976ddb8bc7017884efd3f764e7e8961b04e3ba5ec0a17d85
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CD90072F113163F976DDB8BC7017884EFD3F764E7E8961B04E3BA5EC0A17D85"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8704
Expires: Thu, 15 Dec 2022 00:59:13 GMT
Date: Wed, 14 Dec 2022 22:34:09 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: iWHukJg/KEPsQPqH3Hepv6Zcrb1FdKdQobLNy3T8od/OM5gVMO+0PRfcJyVoVxZhKlak4fglrG4=
x-amz-request-id: 14CX10BD8TYHDVQK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 14 Dec 2022 21:50:40 GMT
age: 2610
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 4ce7828c132a5e90498f25e488061602
647e93dbd7d04f92fcf7199de29249df1a5532ce
b853bd980b6d0ce175eafb2916aa6cb3657fcf0e6d5859cc69ea579931784036
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:34:10 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 14 Dec 2022 22:33:20 GMT
age: 50
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 4ce7828c132a5e90498f25e488061602
647e93dbd7d04f92fcf7199de29249df1a5532ce
b853bd980b6d0ce175eafb2916aa6cb3657fcf0e6d5859cc69ea579931784036
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 210b7a2584ae55362c4b582e325f37f7
5f1982f961f1c5db96bbb66af075bab3cb535963
cb3767debad90cb8a34ce287de194cdb2a4f7146e7b51560fd2e0eb11fbfbc2f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1293
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:10 GMT
Last-Modified: Wed, 14 Dec 2022 22:12:38 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
bodybuilding-vids.blogspot.com/2012_05_01_archive.html
172.217.21.161200 OK 27 kB URL HTTP/2 bodybuilding-vids.blogspot.com/2012_05_01_archive.html
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3197)
Hash 6547a8d042d726af134a41cde2aff78b
52de57d24e2a5b6d5ee879b00f2bcf03279c70e5
9ee462a6c8ed26830b7a1d06cf7dff20899f4465866ebf84b0b43d67bb2d83be
Analyzer Verdict Alert fortinet Phishing
GET /2012_05_01_archive.html HTTP/1.1
Host: bodybuilding-vids.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Wed, 14 Dec 2022 22:34:10 GMT
date: Wed, 14 Dec 2022 22:34:10 GMT
cache-control: private, max-age=0
last-modified: Mon, 12 Dec 2022 08:37:05 GMT
etag: W/"4cbd5fce0c5b7be3d9441a6118907d913ec16012e8a3c38d1ef4660973e6f7a3"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 27281
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c76548b39e0166cbb47c6cb5c094f41
5edbfbfc0548e4690fa555a915f1fa4ae5510f81
0e77afa4732ee0a65e0b3b5ca3953ce7bb329502e9068cbb9697f22f1222ed96
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bfb5d3c071cebab21e6ab8647e84b6ba
ebc1553e88dbe512449a31b3cb4c10c659484d7d
cf794ab56bfa29d8e47637d68f5c82e4c60b855a8f6b772f344a72c712da3c4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
216.58.207.233200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 14:01:44 GMT
expires: Wed, 13 Dec 2023 14:01:44 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Dec 2022 06:58:47 GMT
content-type: text/css
age: 117146
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bfb5d3c071cebab21e6ab8647e84b6ba
ebc1553e88dbe512449a31b3cb4c10c659484d7d
cf794ab56bfa29d8e47637d68f5c82e4c60b855a8f6b772f344a72c712da3c4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0433fbd1fce23a4ef7cc57d125978157
ea3a6ab371fde7b300a6c8f7717ce928dd270a4a
78512d3a66d775eebb884c20bb79fda3f374295ef224d13c63bc29eea64bd996
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js?ver=1.7.1
142.250.74.106200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js?ver=1.7.1
IP 142.250.74.106:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 18351732b1849ba758e98884e186b3c8
d735af8661eda41ff4ffbf76e6a284a0e2deb81c
bfac625d304d52e04f2caeb19266354749929c888ca09d3d1e3edcbb8770d0f0
GET /ajax/libs/jquery/1.7.1/jquery.min.js?ver=1.7.1 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33333
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Dec 2022 04:53:29 GMT
expires: Sun, 10 Dec 2023 04:53:29 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 409241
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/img/icon18_edit_allbkg.gif
216.58.207.233200 OK 162 B URL HTTP/2 www.blogger.com/img/icon18_edit_allbkg.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:38:31 GMT
expires: Fri, 16 Dec 2022 13:38:31 GMT
cache-control: public, max-age=604800
last-modified: Fri, 09 Dec 2022 12:51:35 GMT
content-type: image/gif
age: 464139
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2092647672-widgets.js
216.58.207.233200 OK 56 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2092647672-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash 689971018982703ab88ce528368b9190
be9697d57e5c19d36c52aacd8b04a6a159a2f3bd
cf8b513cfd596cffc3a7e456eccc198b8e409f5aaf624d5dbeecdd748dce0cef
GET /static/v1/widgets/2092647672-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56341
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 02:10:45 GMT
expires: Fri, 08 Dec 2023 02:10:45 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Dec 2022 00:55:10 GMT
content-type: text/javascript
age: 591805
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 00f0cd16a4285109b0d728642f1d1df3
833e9fa9eb60302f3f4c0370e52b533befd2e2e2
748e2cfb115a307c593b875812af31efbc2310a2b4309bf35091f9af98dfb980
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
142.250.74.106200 OK 20 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (39660)
Hash 6ad9e9100f68042a634e403e56e3744a
3d148af6eb9f86b03d5a815f4fb3a49c7b2df356
72bbdea3217793991ab87a6c7cb165d267551810d3d88b5fd2fd489748d04b7a
GET /ajax/libs/jquery/1.3.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 19926
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 14:33:48 GMT
expires: Wed, 13 Dec 2023 14:33:48 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 115222
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jwpsrv.com/library/1aB5aqbUEeK5pSIACpYGxA.js
143.204.50.28200 OK 46 kB URL HTTP/1.1 jwpsrv.com/library/1aB5aqbUEeK5pSIACpYGxA.js
IP 143.204.50.28:0
File type Unicode text, UTF-8 text, with very long lines (65143)
Hash 597ef9cf625ef3702d81a26fd4a8f153
65974667de12ee7793fd79210fbfaceabdafeec4
c4351ff76b5a12515454d5b83912761a27dbcef8abddd66e620c50e574b01926
GET /library/1aB5aqbUEeK5pSIACpYGxA.js HTTP/1.1
Host: jwpsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Content-Length: 45725
Connection: keep-alive
access-control-allow-origin: *
Cache-Control: max-age=180
Content-Encoding: gzip
Date: Wed, 14 Dec 2022 22:31:43 GMT
Server: openresty
x-robots-tag: noindex, indexifembedded
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ORMju-z1EboygqNV5kuh_X2Jwv1BhrLeTrjDuOuQpk7Qpt02lkFHOw==
Age: 147
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b6e467e0cff2bd4faa86396567236736
e0ea11f9fa497eb7bef619283c31ea2eda18a284
fee86e0774b73a38572997c3777409be9fdd731419b9a234580ad714f763dc7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js
142.250.74.106200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js
IP 142.250.74.106:0
File type Unicode text, UTF-8 text, with very long lines (65168)
Hash f921c0047bf389cc3c5d823afddce4d6
78adc31e0706b72df9d3a38af7fb90d6093fa330
d3b3a3b6918847317a77b2991b2f610b8260a21bd1b6769eedbff63c960080eb
GET /ajax/libs/jquery/1.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29839
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Dec 2022 07:34:15 GMT
expires: Sun, 10 Dec 2023 07:34:15 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 399595
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4557f99d9d9535e0134db96dfe8063b2
c9b446d4f382a8ee3d73b1b2e77c96c3e4787059
74305a78c814edc962f442dbbc14023e0b96c5822d5aa9f4ef4c8e4bc791fc00
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.34200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.34:0
File type ASCII text, with very long lines (4885)
Hash 98119304b6292956929a1cad30ccb7d4
1edab5a02399e48cdd2c3836b93fc3d3af2f9bc0
eac5daafa217aae1ccb5dc98e106ab114930a3e9a7e296dc048258bc3eb7ab08
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 14 Dec 2022 22:34:10 GMT
expires: Wed, 14 Dec 2022 22:34:10 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 13914998751520791994
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49793
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 088037aa3cd3f678776d4443ee3feec3
4e8c2c84585e93acaeaba3c4a5704a98a315b33d
5f6edbe6d09f7efebc225ecb6d07c98f1ec12fa127febec52a4194130affdc88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s7.addthis.com/js/250/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/250/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116325 bytes)
Hash ff4671f71c958029bbf6d9694284da70
7535744f2dbaf99902a54fc529e760b08a73f265
123f781673b2e45e18df36b64984674f489a5f3541c69e295f01f554b8d3c738
GET /js/250/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116325
date: Wed, 14 Dec 2022 22:34:10 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 00f0cd16a4285109b0d728642f1d1df3
833e9fa9eb60302f3f4c0370e52b533befd2e2e2
748e2cfb115a307c593b875812af31efbc2310a2b4309bf35091f9af98dfb980
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6f3cda295f8ade724ed13735e5994627
4899789d3075e2e8a432279bd5b6769e917177d9
82ae5185c8a7ecb595a02f6ca1f1d8d86d24fd53e19f11f7c3ef06c25ce1424a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f833cfd77e55de148e0bec43c0d190e9
1beff09149aba5449fce4ccb58d2d1ce635cbd49
21bb27e197293f902a7d80edeb7fdf91b7a8c1725718eb76bcbe7c8a0ee7c373
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-4UsbSH_2hLk/TglxMdimzqI/AAAAAAAAA2c/1BZDr6GLf1g/s000/social-connect-twitter.png
142.250.74.161200 OK 963 B URL HTTP/2 1.bp.blogspot.com/-4UsbSH_2hLk/TglxMdimzqI/AAAAAAAAA2c/1BZDr6GLf1g/s000/social-connect-twitter.png
IP 142.250.74.161:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash a5672a72538626bac5c6c3cd7c0e9294
9e6917aee95beb6405716cd61197e6d36f832e81
d57575f80fbb3d5a929ba7d43e78a7a1b7b66e7a907c99bcab754a96afbc4f14
GET /-4UsbSH_2hLk/TglxMdimzqI/AAAAAAAAA2c/1BZDr6GLf1g/s000/social-connect-twitter.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="social-connect-twitter.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 963
x-xss-protection: 0
date: Wed, 14 Dec 2022 22:34:10 GMT
expires: Tue, 13 Dec 2022 15:54:09 GMT
cache-control: public, max-age=86400, no-transform
etag: "v367"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-iOKske_SXks/TglxMjOju_I/AAAAAAAAA2g/-pYLtlAkU2o/s000/social-connect-facebook.png
142.250.74.161200 OK 962 B URL HTTP/2 2.bp.blogspot.com/-iOKske_SXks/TglxMjOju_I/AAAAAAAAA2g/-pYLtlAkU2o/s000/social-connect-facebook.png
IP 142.250.74.161:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 309c914e1eb6c78cb9f0f1a657ac6f6c
1420eda2b39793997f150dc59da379a318dae97c
9b769c4e88643bdb97e4944d6e19e16664040308f121dc76e369e9b0cf037cea
GET /-iOKske_SXks/TglxMjOju_I/AAAAAAAAA2g/-pYLtlAkU2o/s000/social-connect-facebook.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v368"
expires: Thu, 15 Dec 2022 22:34:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="social-connect-facebook.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 22:34:10 GMT
server: fife
content-length: 962
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bfb5d3c071cebab21e6ab8647e84b6ba
ebc1553e88dbe512449a31b3cb4c10c659484d7d
cf794ab56bfa29d8e47637d68f5c82e4c60b855a8f6b772f344a72c712da3c4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
encrypted-tbn2.gstatic.com/images?q=tbn:ANd9GcS0hCmN64_kxntzADJ7MFbkXP92-wyN5n7ovlgxVtvTsdTGogY_bg
216.58.211.14200 OK 11 kB URL HTTP/2 encrypted-tbn2.gstatic.com/images?q=tbn:ANd9GcS0hCmN64_kxntzADJ7MFbkXP92-wyN5n7ovlgxVtvTsdTGogY_bg
IP 216.58.211.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 272x185, components 3\012- data
Hash 3860b5ba0d6ec3399781ee28004ec428
066c934da68eaf338a748c04492d906c5d74128c
adbcc5b53adb157a572425638c88dd2fa2e2ba3f3b08fc752863ba53c7b30f47
GET /images?q=tbn:ANd9GcS0hCmN64_kxntzADJ7MFbkXP92-wyN5n7ovlgxVtvTsdTGogY_bg HTTP/1.1
Host: encrypted-tbn2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 10645
date: Wed, 14 Dec 2022 22:34:10 GMT
expires: Thu, 14 Dec 2023 22:34:10 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 01 Feb 2016 03:00:55 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9df5a2d7dc4f2ded8585dd6bf607f855
e567f1911212b5fc1fd6feb7cead9445995f3c0c
896bdd2e8d74af6dcb32b8fbb28a1b068dcd97ae9c2fec590c692f24317eb58e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blogspotjeusef.googlecode.com/files/related-by-www-al3ajaib-blogspot-com.js
64.233.161.82404 Not Found 1.6 kB URL HTTP/2 blogspotjeusef.googlecode.com/files/related-by-www-al3ajaib-blogspot-com.js
IP 64.233.161.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 1b76c1120a89e48c32671170230127c5
66d28392b4d93100f893c2da7394fa232da480aa
78092142fcfa20f19f9d14053692a0d40f479194120c36d96235495f49535796
GET /files/related-by-www-al3ajaib-blogspot-com.js HTTP/1.1
Host: blogspotjeusef.googlecode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
referrer-policy: no-referrer
content-length: 1606
date: Wed, 14 Dec 2022 22:34:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
216.58.207.238200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 216.58.207.238:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Wed, 14 Dec 2022 22:34:10 GMT
expires: Wed, 14 Dec 2022 22:34:10 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b6e467e0cff2bd4faa86396567236736
e0ea11f9fa497eb7bef619283c31ea2eda18a284
fee86e0774b73a38572997c3777409be9fdd731419b9a234580ad714f763dc7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
encrypted-tbn3.gstatic.com/images?q=tbn:ANd9GcTzRNPBIT6VVxY1zqdwm8s3Sn_eBHkalQfRlfb9RHRf_EYTGskm
216.58.207.206200 OK 9.5 kB URL HTTP/2 encrypted-tbn3.gstatic.com/images?q=tbn:ANd9GcTzRNPBIT6VVxY1zqdwm8s3Sn_eBHkalQfRlfb9RHRf_EYTGskm
IP 216.58.207.206:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 209x241, components 3\012- data
Hash 8bf3ec47801d2314fbd9274dc3000205
7af1344927992f52fd7bbf14cf38ba09c45c90d9
5567c1d14d66ee87eeb690431f7c6361ef97584735659b619decfb69155b9bcb
GET /images?q=tbn:ANd9GcTzRNPBIT6VVxY1zqdwm8s3Sn_eBHkalQfRlfb9RHRf_EYTGskm HTTP/1.1
Host: encrypted-tbn3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 9472
date: Wed, 14 Dec 2022 22:34:10 GMT
expires: Thu, 14 Dec 2023 22:34:10 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 16 Jul 2017 10:07:26 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b6e467e0cff2bd4faa86396567236736
e0ea11f9fa497eb7bef619283c31ea2eda18a284
fee86e0774b73a38572997c3777409be9fdd731419b9a234580ad714f763dc7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2e709a04ea80113c435ca4f9d37e93e7
053f34d74eded192d698bb20956897ec3e3ad23b
2535554bd9d9004c7888cde496278d847002218fb1d35a3d4bacdd98c8a92ff9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-NXf-QA8FHK0/TglxG0-JbLI/AAAAAAAAA10/9BHthtMQUQY/s000/search-bg.png
142.250.74.161200 OK 229 B URL HTTP/2 1.bp.blogspot.com/-NXf-QA8FHK0/TglxG0-JbLI/AAAAAAAAA10/9BHthtMQUQY/s000/search-bg.png
IP 142.250.74.161:0
File type PNG image data, 1 x 28, 8-bit/color RGB, non-interlaced\012- data
Hash 5946e2d9c0ac0a1a610f847b7940548d
082d58d549d2aed405404ffddd541d95180a7cb5
f4ad08a8c66aef78821400364d08d6a77655a33244c3714171f00db4f00421da
GET /-NXf-QA8FHK0/TglxG0-JbLI/AAAAAAAAA10/9BHthtMQUQY/s000/search-bg.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v35d"
expires: Thu, 15 Dec 2022 22:34:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="search-bg.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 22:34:10 GMT
server: fife
content-length: 229
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-X5hgeqIP_qY/UAd54FP7QXI/AAAAAAAABWg/_IWeRSlGr-g/w72-h72-p-k-no-nu/actionlogo.jpg
142.250.74.161200 OK 2.0 kB URL HTTP/2 2.bp.blogspot.com/-X5hgeqIP_qY/UAd54FP7QXI/AAAAAAAABWg/_IWeRSlGr-g/w72-h72-p-k-no-nu/actionlogo.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 8fa39cefd16d434cbe21d22d8794dd0c
e3a9a9a8cbc6d8c7d71c5e0961ad30fe65831610
efb89220ee66445a003bdbc27ac6fd75734273c5b9bfb6ea3b18ca8e2af44fe5
GET /-X5hgeqIP_qY/UAd54FP7QXI/AAAAAAAABWg/_IWeRSlGr-g/w72-h72-p-k-no-nu/actionlogo.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v568"
expires: Thu, 15 Dec 2022 22:34:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="actionlogo.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 22:34:10 GMT
server: fife
content-length: 1970
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-4BgLw7ILMTg/TglxBTu6frI/AAAAAAAAA04/Yx7YdxIsRvA/s000/menu-primary-bg.png
142.250.74.161200 OK 259 B URL HTTP/2 2.bp.blogspot.com/-4BgLw7ILMTg/TglxBTu6frI/AAAAAAAAA04/Yx7YdxIsRvA/s000/menu-primary-bg.png
IP 142.250.74.161:0
File type PNG image data, 2 x 184, 8-bit/color RGBA, non-interlaced\012- data
Hash 017870b4bacf9dfe4da8f84bcb37fa70
63b62da1a2c494c86eb7cc79f9f9691355ceba05
b610017ad07262c88a640558aafa3d6992374fd0a5e1d9f13ad57c3720c7655d
GET /-4BgLw7ILMTg/TglxBTu6frI/AAAAAAAAA04/Yx7YdxIsRvA/s000/menu-primary-bg.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="menu-primary-bg.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 259
x-xss-protection: 0
date: Wed, 14 Dec 2022 22:34:10 GMT
expires: Tue, 13 Dec 2022 15:54:08 GMT
cache-control: public, max-age=86400, no-transform
etag: "v34e"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.35.167.249101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.167.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pRUKBjggg+2bpz+NDrvpbg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /aLONJEnv4DJalzOL2LhaolF8wE=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c4bdd6ef3e0ef2c33868d96eacf07dec
e37067aed86afe6d61372f325d5485dfcd35a350
56b8dc4555085a686f9cad922e1dc169140ae8d6475e24524096ca6f05576073
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0ee0c469970516bf6d255dafb0bd1225
884a347c2db0f220ce35dae3a64b1525ddbc3fa4
ff8285413954679ea64613c021380586779d139c7e0ccb6595f9efe3f1ae7e1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2.bp.blogspot.com/-fysUUa8PvtE/Vp4RrBLtFVI/AAAAAAAAAcM/soDfQKpu6No/w72-h72-p-k-no-nu/rr%25284%2529.jpg
142.250.74.161200 OK 4.8 kB URL HTTP/2 2.bp.blogspot.com/-fysUUa8PvtE/Vp4RrBLtFVI/AAAAAAAAAcM/soDfQKpu6No/w72-h72-p-k-no-nu/rr%25284%2529.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash c5f54b18214e95d84887026e3ad02b98
88018f0a85b41622a7d1ea3e01b1026d987360dd
9077268a6de58b7c215d333b4415c4709505e49d3bd79ea916020cafa47002d1
GET /-fysUUa8PvtE/Vp4RrBLtFVI/AAAAAAAAAcM/soDfQKpu6No/w72-h72-p-k-no-nu/rr%25284%2529.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1c4"
expires: Thu, 15 Dec 2022 22:34:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="rr(4).jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 22:34:11 GMT
server: fife
content-length: 4763
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-VoWDMueNODc/TglxIc_QW9I/AAAAAAAAA2A/Efkcb3IKPe0/s000/search.png
142.250.74.161200 OK 759 B URL HTTP/1.1 1.bp.blogspot.com/-VoWDMueNODc/TglxIc_QW9I/AAAAAAAAA2A/Efkcb3IKPe0/s000/search.png
IP 142.250.74.161:0
File type PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Hash 8bfe771b41a10c0872ddc27530b4efc0
e5c4e689c6125c5fc58935d69c3850ffc1b71a54
bda31e06e88238d9bf584a5b6c9758a04053c4914d6d5d80fa6a934aaf7c276b
GET /-VoWDMueNODc/TglxIc_QW9I/AAAAAAAAA2A/Efkcb3IKPe0/s000/search.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v360"
Expires: Thu, 15 Dec 2022 22:34:11 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="search.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 14 Dec 2022 22:34:11 GMT
Server: fife
Content-Length: 759
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c4bdd6ef3e0ef2c33868d96eacf07dec
e37067aed86afe6d61372f325d5485dfcd35a350
56b8dc4555085a686f9cad922e1dc169140ae8d6475e24524096ca6f05576073
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2.bp.blogspot.com/-Pp2oS6G8mWU/TglxNV7TSVI/AAAAAAAAA2o/v-tviHIgn2Q/s000/delicious.png
142.250.74.161200 OK 1.2 kB URL HTTP/2 2.bp.blogspot.com/-Pp2oS6G8mWU/TglxNV7TSVI/AAAAAAAAA2o/v-tviHIgn2Q/s000/delicious.png
IP 142.250.74.161:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e1dbc3a02ed6ab8db6250fbe069c931
3970d127651aa13567d37c54a9d9426d1362db7a
c32dc89d8672c6256b2d2a256d36ad43d1936ec976b8f8fa1dc0a5f738a5b472
GET /-Pp2oS6G8mWU/TglxNV7TSVI/AAAAAAAAA2o/v-tviHIgn2Q/s000/delicious.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v36a"
expires: Thu, 15 Dec 2022 22:34:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="delicious.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 22:34:11 GMT
server: fife
content-length: 1170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-tlvBcChyrDc/TglxOWZLG2I/AAAAAAAAA20/lk3TaNSM-ZA/s000/stumbleupon.png
142.250.74.161200 OK 2.1 kB URL HTTP/2 1.bp.blogspot.com/-tlvBcChyrDc/TglxOWZLG2I/AAAAAAAAA20/lk3TaNSM-ZA/s000/stumbleupon.png
IP 142.250.74.161:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 4ad06fa1d461378e17d7ab9aed884718
b15cf1cd73248555d51bf29d7bfb2628bd31280b
daa2336fec5494fb587fcac6f4e37e97e89042fbff04d33547a9381e0a0696fc
GET /-tlvBcChyrDc/TglxOWZLG2I/AAAAAAAAA20/lk3TaNSM-ZA/s000/stumbleupon.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v36d"
expires: Thu, 15 Dec 2022 22:34:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="stumbleupon.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 22:34:11 GMT
server: fife
content-length: 2069
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
216.58.207.238200 OK 58 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP 216.58.207.238:0
File type ASCII text, with very long lines (580)
Hash 813b15c3004464f6bd39fd0773b04757
bd2218fe1e647f61132aad70d29cd91fd0416f26
446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:14 GMT
expires: Sat, 09 Dec 2023 13:33:14 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
age: 464457
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c4bdd6ef3e0ef2c33868d96eacf07dec
e37067aed86afe6d61372f325d5485dfcd35a350
56b8dc4555085a686f9cad922e1dc169140ae8d6475e24524096ca6f05576073
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
216.58.207.226200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221207/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Wed, 14 Dec 2022 03:07:11 GMT
expires: Wed, 28 Dec 2022 03:07:11 GMT
cache-control: public, max-age=1209600
age: 70020
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ssl.google-analytics.com/ga.js
216.58.211.8200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 216.58.211.8:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Wed, 14 Dec 2022 21:33:17 GMT
expires: Wed, 14 Dec 2022 23:33:17 GMT
cache-control: public, max-age=7200
age: 3654
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 088037aa3cd3f678776d4443ee3feec3
4e8c2c84585e93acaeaba3c4a5704a98a315b33d
5f6edbe6d09f7efebc225ecb6d07c98f1ec12fa127febec52a4194130affdc88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/--OfTkl13Azs/WhhBcrpaGsI/AAAAAAAAEN0/YK1vmEQ9zoMQ5rSxqT962E4bb-28iIUxACK4BGAYYCw/w72-h72-p-k-no-nu/Ronnie_Web.jpg
142.250.74.161200 OK 4.6 kB URL HTTP/2 3.bp.blogspot.com/--OfTkl13Azs/WhhBcrpaGsI/AAAAAAAAEN0/YK1vmEQ9zoMQ5rSxqT962E4bb-28iIUxACK4BGAYYCw/w72-h72-p-k-no-nu/Ronnie_Web.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 4f262abcf5ef459cdc80afd7c8766758
37e9e78ad8c83f0703091a081bffdaf824256206
44aad538ba2486f06590db05e7f6764af5ea20930215f032b91dfad4aa00c4a4
GET /--OfTkl13Azs/WhhBcrpaGsI/AAAAAAAAEN0/YK1vmEQ9zoMQ5rSxqT962E4bb-28iIUxACK4BGAYYCw/w72-h72-p-k-no-nu/Ronnie_Web.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v10e1"
expires: Thu, 15 Dec 2022 22:34:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Ronnie_Web.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 22:34:11 GMT
server: fife
content-length: 4568
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f340e8485c80338c159be2ac5f8050c5
704f9da662775b15315248a59353c9af39a1ef0e
2197d905b6847b6ae4eb8b90be3edb8ed0e6c809208590d3a59559e8fce99f8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6f3cda295f8ade724ed13735e5994627
4899789d3075e2e8a432279bd5b6769e917177d9
82ae5185c8a7ecb595a02f6ca1f1d8d86d24fd53e19f11f7c3ef06c25ce1424a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3toyJ34fyca2xiBSS-xtKhn9Fu5kn3d59zg3pB0G86Q-XAAog84vIVSxU3qTyCLfLSopjlDZwwKK-B2sz-nYd55WvgP61GTPXzhQ5bZljIqUE=s0-d
142.250.74.97200 OK 796 B URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3toyJ34fyca2xiBSS-xtKhn9Fu5kn3d59zg3pB0G86Q-XAAog84vIVSxU3qTyCLfLSopjlDZwwKK-B2sz-nYd55WvgP61GTPXzhQ5bZljIqUE=s0-d
IP 142.250.74.97:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 9c6ee0570912ae2847ac70f0d4a86cd9
6ea0c875c171e6535715e77e51871e7ee3b0ad88
66e6e065db35ae0f5d80535495cc0c68cb83b37441788eab390f8a04463ddca7
GET /blogger_img_proxy/ANbyha3toyJ34fyca2xiBSS-xtKhn9Fu5kn3d59zg3pB0G86Q-XAAog84vIVSxU3qTyCLfLSopjlDZwwKK-B2sz-nYd55WvgP61GTPXzhQ5bZljIqUE=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Thu, 15 Dec 2022 22:34:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 22:34:11 GMT
server: fife
content-length: 796
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
3.bp.blogspot.com/-FXlhlcZvgaU/TglxNqS63UI/AAAAAAAAA2s/ttZ06Y68R_k/s000/facebook.png
142.250.74.161200 OK 1.6 kB URL HTTP/2 3.bp.blogspot.com/-FXlhlcZvgaU/TglxNqS63UI/AAAAAAAAA2s/ttZ06Y68R_k/s000/facebook.png
IP 142.250.74.161:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 945fc2a48c62c8634e6651a3ea595cd4
ac4708a5f6af5818649916081a45c46291a42541
a7690e5a4cb5914b28c3b4260f4d01002e4649880d3b9c65bff8b6452f79c6a3
GET /-FXlhlcZvgaU/TglxNqS63UI/AAAAAAAAA2s/ttZ06Y68R_k/s000/facebook.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v36b"
expires: Thu, 15 Dec 2022 22:34:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="facebook.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 22:34:11 GMT
server: fife
content-length: 1572
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-gPTuXBT0fk0/V_3kbqOUa6I/AAAAAAAAAAk/KmzmpKpzQ2w5fZG_DbRVB_sgw6esD00YQCK4B/w72-h72-p-k-no-nu/2d9429e4f3646d369ad9be683352acb1.jpg
142.250.74.161200 OK 2.9 kB URL HTTP/2 2.bp.blogspot.com/-gPTuXBT0fk0/V_3kbqOUa6I/AAAAAAAAAAk/KmzmpKpzQ2w5fZG_DbRVB_sgw6esD00YQCK4B/w72-h72-p-k-no-nu/2d9429e4f3646d369ad9be683352acb1.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 3db6ed2e38f29c8ec9e333726de04655
b2dd5f85554e2e0901f1a29b7337fbf9c3352e47
6f2bf65e24c1f4760f3b82066f1bf1283ba943ca53565f0f1198782d6b9e0cbb
GET /-gPTuXBT0fk0/V_3kbqOUa6I/AAAAAAAAAAk/KmzmpKpzQ2w5fZG_DbRVB_sgw6esD00YQCK4B/w72-h72-p-k-no-nu/2d9429e4f3646d369ad9be683352acb1.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v12"
expires: Thu, 15 Dec 2022 22:34:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="2d9429e4f3646d369ad9be683352acb1.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 22:34:11 GMT
server: fife
content-length: 2917
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 14 Dec 2022 20:41:08 GMT
expires: Wed, 14 Dec 2022 22:41:08 GMT
cache-control: public, max-age=7200
age: 6783
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0_rpfqKKP9J2P-jhUBuEtQGRDphMhIFo8CfHSRpr9DDE1l7K1C-hObiAL-QQYb_WUAzGp0aDUEGppzo0c0CxQoHkqGtWZeQA2KJfjSwQbAvwgDoUIMERnm175ADM5sY0jx2TLuJ7wBVkBo-1OyJh9qETEM5qPOWkqOtA=w72-h72-p-k-no-nu
142.250.74.97404 Not Found 1.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0_rpfqKKP9J2P-jhUBuEtQGRDphMhIFo8CfHSRpr9DDE1l7K1C-hObiAL-QQYb_WUAzGp0aDUEGppzo0c0CxQoHkqGtWZeQA2KJfjSwQbAvwgDoUIMERnm175ADM5sY0jx2TLuJ7wBVkBo-1OyJh9qETEM5qPOWkqOtA=w72-h72-p-k-no-nu
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 7894a04854f79b3080dbb1f4af5e4d63
507b30635da2ad71a9a76c2db223014bcdc6e5b0
94bc9f98bfcb87fc92f0190841e332817db6824b01a73f142b947683aac2af9d
GET /blogger_img_proxy/ANbyha0_rpfqKKP9J2P-jhUBuEtQGRDphMhIFo8CfHSRpr9DDE1l7K1C-hObiAL-QQYb_WUAzGp0aDUEGppzo0c0CxQoHkqGtWZeQA2KJfjSwQbAvwgDoUIMERnm175ADM5sY0jx2TLuJ7wBVkBo-1OyJh9qETEM5qPOWkqOtA=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 22:34:11 GMT
server: fife
content-length: 1767
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Wed, 14 Dec 2022 22:34:11 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e30904bd9b57028f7ba1cc8e04ff08fd
9acb88374abef6387243ce8c5cf1149d73879ac1
be1ece2af7858ffc84e916d4554a805760c13a2eab346ac5a09a232b79116225
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-YL2cFH-SsUg/Vp4NRH5WeII/AAAAAAAAAb0/amIQa5jjifE/w72-h72-p-k-no-nu/92.jpg
142.250.74.161200 OK 3.5 kB URL HTTP/2 3.bp.blogspot.com/-YL2cFH-SsUg/Vp4NRH5WeII/AAAAAAAAAb0/amIQa5jjifE/w72-h72-p-k-no-nu/92.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 7477332f8c3665000ebe12f37f6a584e
9cf4ab57a2e85a887c2e65dd537dd27908c2dc5a
c34e7f24059ea29ff807295d8ebeb34caa41579130f39fd316d8159df89d546d
GET /-YL2cFH-SsUg/Vp4NRH5WeII/AAAAAAAAAb0/amIQa5jjifE/w72-h72-p-k-no-nu/92.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1be"
expires: Thu, 15 Dec 2022 22:34:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="92.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 22:34:11 GMT
server: fife
content-length: 3512
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c4bdd6ef3e0ef2c33868d96eacf07dec
e37067aed86afe6d61372f325d5485dfcd35a350
56b8dc4555085a686f9cad922e1dc169140ae8d6475e24524096ca6f05576073
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-WQCLpQ05H_M/TglxOzDFgYI/AAAAAAAAA28/DexIz_r0TZo/s000/more.png
142.250.74.161200 OK 1.9 kB URL HTTP/2 1.bp.blogspot.com/-WQCLpQ05H_M/TglxOzDFgYI/AAAAAAAAA28/DexIz_r0TZo/s000/more.png
IP 142.250.74.161:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash e185fe1104b5bc0bda1874bcd209e6ac
85c907f57b42a5371accd291c617fa83104995b1
4e156a17d7c3475f8e44a391cd3ceaeb78caa6d096bff81278e019b8c5f48e49
GET /-WQCLpQ05H_M/TglxOzDFgYI/AAAAAAAAA28/DexIz_r0TZo/s000/more.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v36f"
expires: Thu, 15 Dec 2022 22:34:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="more.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 22:34:11 GMT
server: fife
content-length: 1934
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0ee0c469970516bf6d255dafb0bd1225
884a347c2db0f220ce35dae3a64b1525ddbc3fa4
ff8285413954679ea64613c021380586779d139c7e0ccb6595f9efe3f1ae7e1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2.bp.blogspot.com/-UWMw9e0TTSk/TglxCj_QVxI/AAAAAAAAA1I/hPM3y1-yUT8/s000/time.png
142.250.74.161200 OK 855 B URL HTTP/2 2.bp.blogspot.com/-UWMw9e0TTSk/TglxCj_QVxI/AAAAAAAAA1I/hPM3y1-yUT8/s000/time.png
IP 142.250.74.161:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 33d48ce826dab365bb349ed5734b1024
4472d6d596ce55292af5d452da6af59f94908cc4
3360960d44830f12e1323fc1f48dd30bed6311afb0731549abdd88c3ca53c4fa
GET /-UWMw9e0TTSk/TglxCj_QVxI/AAAAAAAAA1I/hPM3y1-yUT8/s000/time.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v352"
expires: Thu, 15 Dec 2022 22:34:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="time.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 22:34:11 GMT
server: fife
content-length: 855
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
3.bp.blogspot.com/-wLzQgqnppj4/TglxAbku5mI/AAAAAAAAA0w/2JfLG2Z_6xk/s000/wrapper-bg.png
142.250.74.161200 OK 248 B URL HTTP/2 3.bp.blogspot.com/-wLzQgqnppj4/TglxAbku5mI/AAAAAAAAA0w/2JfLG2Z_6xk/s000/wrapper-bg.png
IP 142.250.74.161:0
File type PNG image data, 4 x 49, 8-bit/color RGB, non-interlaced\012- data
Hash 517c3948a813308e5db84a2435415036
e925b3b739cbc05fe2518dbf3f4741156f684920
c2cf9bffbb3ca7d8b6d07044d697c7748a6485fb22decc04fac2dc8d7a322091
GET /-wLzQgqnppj4/TglxAbku5mI/AAAAAAAAA0w/2JfLG2Z_6xk/s000/wrapper-bg.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v34c"
expires: Thu, 15 Dec 2022 22:34:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="wrapper-bg.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 22:34:11 GMT
server: fife
content-length: 248
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
4.bp.blogspot.com/-a62PR9_4E0Q/TglxNKK4wXI/AAAAAAAAA2k/ubYPKLdlO0I/s000/twitter.png
142.250.74.161200 OK 1.4 kB URL HTTP/2 4.bp.blogspot.com/-a62PR9_4E0Q/TglxNKK4wXI/AAAAAAAAA2k/ubYPKLdlO0I/s000/twitter.png
IP 142.250.74.161:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 21fa3c9d50849831313fd2238dc99f9f
cd758fdd5d6ced43e11dcaa7effdd5e2a60a0a43
4be74245281bef9cba7a340c6bc05212ae57aaba32b9677d91a4c075ae2b10f8
GET /-a62PR9_4E0Q/TglxNKK4wXI/AAAAAAAAA2k/ubYPKLdlO0I/s000/twitter.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="twitter.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1356
x-xss-protection: 0
date: Wed, 14 Dec 2022 22:34:11 GMT
expires: Thu, 08 Dec 2022 08:42:05 GMT
cache-control: public, max-age=86400, no-transform
etag: "v369"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
4.bp.blogspot.com/-zhGwF9kCjqQ/TglxOo4KNwI/AAAAAAAAA24/8iaBWf6xOqE/s000/favorites.png
142.250.74.161200 OK 1.3 kB URL HTTP/2 4.bp.blogspot.com/-zhGwF9kCjqQ/TglxOo4KNwI/AAAAAAAAA24/8iaBWf6xOqE/s000/favorites.png
IP 142.250.74.161:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash fde8e0350428f29b1ba160a0681d8c63
b2a38ac59e300ac1a0ba24475dffd28d272e31f8
366d95146f42558c0c08694bff23d5efac9e3195415e2617a5eb798ade2d4ea1
GET /-zhGwF9kCjqQ/TglxOo4KNwI/AAAAAAAAA24/8iaBWf6xOqE/s000/favorites.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v36e"
expires: Thu, 15 Dec 2022 22:34:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="favorites.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 22:34:11 GMT
server: fife
content-length: 1324
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha24645k9vCa_vfMPBJprZy0HignEG9LN8yd8r_qFvHNUI-66Uo8oOYe5H7N6nEnKSPGm9zSSGvyubXmv_Yu3wESQqpQyvlohcKst7tswbgQqMqtJg=s0-d
142.250.74.97200 OK 611 B URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha24645k9vCa_vfMPBJprZy0HignEG9LN8yd8r_qFvHNUI-66Uo8oOYe5H7N6nEnKSPGm9zSSGvyubXmv_Yu3wESQqpQyvlohcKst7tswbgQqMqtJg=s0-d
IP 142.250.74.97:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 4f6f35dc3485e1e923b7e15ecb81d58e
269a2d2b7a2d2ae26e5908bad58a65444470f8ea
e18829b7ebc488543202944bdf510a1193ef7fcfebf7f841a035f23f76ee0747
GET /blogger_img_proxy/ANbyha24645k9vCa_vfMPBJprZy0HignEG9LN8yd8r_qFvHNUI-66Uo8oOYe5H7N6nEnKSPGm9zSSGvyubXmv_Yu3wESQqpQyvlohcKst7tswbgQqMqtJg=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Thu, 15 Dec 2022 22:34:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 22:34:11 GMT
server: fife
content-length: 611
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bcc65d6ecbe203fe5317edb80cf75446
de2608795465b2586373b6ac532eb406cffaa47b
6c2e330e67eb0b47ba01beeff54f264ab618ed7797bc181152d2f36d9f9f2d58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bcc65d6ecbe203fe5317edb80cf75446
de2608795465b2586373b6ac532eb406cffaa47b
6c2e330e67eb0b47ba01beeff54f264ab618ed7797bc181152d2f36d9f9f2d58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-zUswcXiEnu4/TglxAEhr0zI/AAAAAAAAA0s/DK7XJfSfipY/s000/background.jpg
142.250.74.161200 OK 140 kB URL HTTP/2 4.bp.blogspot.com/-zUswcXiEnu4/TglxAEhr0zI/AAAAAAAAA0s/DK7XJfSfipY/s000/background.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1600x462, components 3\012- data
Size 140 kB (140328 bytes)
Hash fcb921cbf8b4da2d7a898b2fbc85268b
dc09af80a9979c5c27213ad465154f0da18439d8
3764e8fbaf0c824b7354cee3536ed68e6b4e40305418b9f2caf7272dc81851f0
GET /-zUswcXiEnu4/TglxAEhr0zI/AAAAAAAAA0s/DK7XJfSfipY/s000/background.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="background.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 140328
x-xss-protection: 0
date: Wed, 14 Dec 2022 22:34:11 GMT
expires: Thu, 08 Dec 2022 08:42:05 GMT
cache-control: public, max-age=86400, no-transform
etag: "v34b"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4639c657cf22b8bb603cdbbe9bb37c46
d57cbcfa27681e015ba68dadebda7a1dea7f52ba
cecea4b1fcaf2bb5d76732ebd45558f6d7be60e80d0e13f8481061a173685bff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 500d7838b7582b456b8025ffe03ac9a8
ba64ec0d9ae36361848bc1be73a99e7c38575271
0da1844c4988d6497821f944b47dd19158be73f10deac19945ebdd9c18927485
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=bodybuilding-vids.blogspot.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=bodybuilding-vids.blogspot.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=bodybuilding-vids.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 14 Dec 2022 22:34:11 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=bodybuilding-vids.blogspot.com
172.217.21.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=bodybuilding-vids.blogspot.com
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=bodybuilding-vids.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 14 Dec 2022 22:34:11 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4639c657cf22b8bb603cdbbe9bb37c46
d57cbcfa27681e015ba68dadebda7a1dea7f52ba
cecea4b1fcaf2bb5d76732ebd45558f6d7be60e80d0e13f8481061a173685bff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 500d7838b7582b456b8025ffe03ac9a8
ba64ec0d9ae36361848bc1be73a99e7c38575271
0da1844c4988d6497821f944b47dd19158be73f10deac19945ebdd9c18927485
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-geiq99kn6dU/TglxA4nPQxI/AAAAAAAAA00/Txw88Y8dLTg/s000/main-bg.png
142.250.74.161200 OK 216 B URL HTTP/2 3.bp.blogspot.com/-geiq99kn6dU/TglxA4nPQxI/AAAAAAAAA00/Txw88Y8dLTg/s000/main-bg.png
IP 142.250.74.161:0
File type PNG image data, 310 x 2, 8-bit/color RGB, non-interlaced\012- data
Hash 0159817e2be794de5675776b4eee80af
730c684297ef39092adc00af99e9c065181ee67b
b44f8d444b1237b6315e3d497234c278627f8e5178e8a084853a83cd4bc126a5
GET /-geiq99kn6dU/TglxA4nPQxI/AAAAAAAAA00/Txw88Y8dLTg/s000/main-bg.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="main-bg.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 216
x-xss-protection: 0
date: Wed, 14 Dec 2022 22:34:11 GMT
expires: Tue, 13 Dec 2022 15:54:08 GMT
cache-control: public, max-age=86400, no-transform
etag: "v34d"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha39XDjyc5GXrCJeulTkrM9UEHYGI4z7_JmS_3OLzVOHbPR6ayYBc81dItiydxjO6VkJdiDfnNnRnSs7tqkB9lYYro_Y-snLAelFQYGWeE9qUN2WGZy5W2ALPI8CKbrZKmI=w72-h72-p-k-no-nu
142.250.74.97200 OK 4.4 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha39XDjyc5GXrCJeulTkrM9UEHYGI4z7_JmS_3OLzVOHbPR6ayYBc81dItiydxjO6VkJdiDfnNnRnSs7tqkB9lYYro_Y-snLAelFQYGWeE9qUN2WGZy5W2ALPI8CKbrZKmI=w72-h72-p-k-no-nu
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash ef9fd9274cdde39e29f6b4bb2b43bb46
08739edc6f6cbfafb97c80aa6b26910169f34b9e
71df6198d0dbdb9d79bc7eb6aaae84942337355d75e45475c1c153261f4813a2
GET /blogger_img_proxy/ANbyha39XDjyc5GXrCJeulTkrM9UEHYGI4z7_JmS_3OLzVOHbPR6ayYBc81dItiydxjO6VkJdiDfnNnRnSs7tqkB9lYYro_Y-snLAelFQYGWeE9qUN2WGZy5W2ALPI8CKbrZKmI=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Thu, 15 Dec 2022 22:34:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 22:34:11 GMT
server: fife
content-length: 4417
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6806c550ece2aced10ed285921cb645b
12421f8bfc1eb257a871a65bde5ffa7065774388
7341159875d11d2c39acbb472309d0dd3276353e08816a15a0c618d34617e279
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6806c550ece2aced10ed285921cb645b
12421f8bfc1eb257a871a65bde5ffa7065774388
7341159875d11d2c39acbb472309d0dd3276353e08816a15a0c618d34617e279
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 59d4744b8c38f1a993c7948e83df2f66
973cb780e4496e843d53ef60afc79043e6eb568c
58929f8c9b924e272d783ac3c7b09217a4f764b210076efef1559e62f2f49efc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
172.217.21.161200 OK 1.2 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
IP 172.217.21.161:0
File type ASCII text, with very long lines (1054)
Hash 169edf919beed1ee17c8a752ef12132e
b7fbae15ed7789984ee59618845b914aae37bf3e
2bcf9aebfd80a2558d54f39de59542c3df52610616fb2e4380d9f3d976cc13fc
GET /pagead/js/r20221207/r20110914/client/window_focus_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1236
x-xss-protection: 0
date: Wed, 14 Dec 2022 22:02:26 GMT
expires: Wed, 28 Dec 2022 22:02:26 GMT
cache-control: public, max-age=1209600
age: 1905
etag: 15004572836499977866
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
172.217.21.161200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
IP 172.217.21.161:0
File type ASCII text, with very long lines (1542)
Hash 6f59900fa87e133bae329372aebefe36
260937d2934233c07b112f3564ec9eca7b529fd7
156c12ec7d6973b5742504716567b70740dd66bee9cc0e1a1608df56e77011fd
GET /pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7480
x-xss-protection: 0
date: Wed, 14 Dec 2022 22:04:55 GMT
expires: Wed, 28 Dec 2022 22:04:55 GMT
cache-control: public, max-age=1209600
age: 1756
etag: 15631949847000551034
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 9f0f9fba95597f8a731745204c6064da
5504c2b0ced59cd7460c6c279a9f11bdaafd693a
806d5e62bc97c7a7861cbabbbfa339b2fc4f4039e802048284f592d192303110
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4883
Cache-Control: max-age=93635
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:11 GMT
Etag: "63990713-13a"
Expires: Fri, 16 Dec 2022 00:34:46 GMT
Last-Modified: Tue, 13 Dec 2022 23:13:23 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 314
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
172.217.21.162200 OK 48 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 172.217.21.162:0
File type ASCII text, with very long lines (3501)
Hash 0aea457deb170b60b680d7d723b4a6e2
3acbe700c709c2c5c07d6fb145ea7b448cc07a90
86c662679bc2508be7e8064c91055a3c5be7db2c24d58e5f27676f35702ba339
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 47725
date: Wed, 14 Dec 2022 22:34:11 GMT
expires: Wed, 14 Dec 2022 22:34:11 GMT
cache-control: private, max-age=3000
etag: "1670417373259609"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 59d4744b8c38f1a993c7948e83df2f66
973cb780e4496e843d53ef60afc79043e6eb568c
58929f8c9b924e272d783ac3c7b09217a4f764b210076efef1559e62f2f49efc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3oFy_sVr3lpiSvJ1V4kjPqkzf-tC3yLDbuRTdlUFWIMMZrulmEfudM_3HoZNxYctF7lQaLIanWUe3QDkI4lpkaSKqYZ1XLbwobnZO5IDDDmta_RjotYKXG90kw_y3nCA9ft71JwNWihhXNnlq24DFVcstpnOg=w72-h72-p-k-no-nu
142.250.74.97200 OK 4.5 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3oFy_sVr3lpiSvJ1V4kjPqkzf-tC3yLDbuRTdlUFWIMMZrulmEfudM_3HoZNxYctF7lQaLIanWUe3QDkI4lpkaSKqYZ1XLbwobnZO5IDDDmta_RjotYKXG90kw_y3nCA9ft71JwNWihhXNnlq24DFVcstpnOg=w72-h72-p-k-no-nu
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash bdf9596a8002bba6932393e23c8f62c5
4a24389baef143b9fd178346b2792c1626d01e9d
688c10a4a51817828478e37d91a07593974f095d9c70794d4bdba2bcb85f72f3
GET /blogger_img_proxy/ANbyha3oFy_sVr3lpiSvJ1V4kjPqkzf-tC3yLDbuRTdlUFWIMMZrulmEfudM_3HoZNxYctF7lQaLIanWUe3QDkI4lpkaSKqYZ1XLbwobnZO5IDDDmta_RjotYKXG90kw_y3nCA9ft71JwNWihhXNnlq24DFVcstpnOg=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Thu, 15 Dec 2022 22:34:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 22:34:11 GMT
server: fife
content-length: 4494
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 59d4744b8c38f1a993c7948e83df2f66
973cb780e4496e843d53ef60afc79043e6eb568c
58929f8c9b924e272d783ac3c7b09217a4f764b210076efef1559e62f2f49efc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
z.moatads.com/addthismoatframe568911941483/moatframe.js
23.38.201.146200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 23.38.201.146:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=12315
date: Wed, 14 Dec 2022 22:34:11 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8509de85abd0e5f2c1fef6ea9b2ccb2f
b02f767a6a106ddd96f09e0a5fa07023c4184aa8
040d5ccba0a3499dcce2f41b8aca3cc199f8d2cc25d0ae34a6060631ed6b854c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1147
Cache-Control: max-age=128777
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:11 GMT
Etag: "63999ef1-1d7"
Expires: Fri, 16 Dec 2022 10:20:28 GMT
Last-Modified: Wed, 14 Dec 2022 10:01:21 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/all.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/all.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash 7a6ddd4032c73c8f0504941d7cd88b42
67527fde43467f4eb9945c73ae92953f89eeca53
2863e1b198125a93d1476218772d768190e2595ed561a6f3eda12b888b21c603
GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 021ae27a449db8f17c1d833b3cc36db5
etag: "aa90a6dbc182bd9b6c246257b5eca1a5"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 14 Dec 2022 22:53:25 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: em3dQDLHPI8FBJQdfNiLQg==
x-fb-debug: iGrjnytzV6AW6vdqws2KWdjZY1RDBNO+MAfP3/ieAARVO/kFhY0vh6xRgjxuxY0POq22hJICV/lzu4NI+3kn7A==
priority: u=3,i
content-length: 1686
x-fb-trip-id: 1904183273
date: Wed, 14 Dec 2022 22:34:11 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
104.17.25.14200 OK 4.4 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (2171)
Hash 44c72b9bddfecacc9114e84d685dd085
38f3ff57b9b64a38fc2153eb30564b7fc1c86349
c82afd4f2d89288b4b79244f0c24264810b11326670710ac8e28e7bfc87c7991
GET /ajax/libs/webfont/1.6.28/webfontloader.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:34:11 GMT
content-type: application/javascript; charset=utf-8
content-length: 4420
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04030-30d9"
last-modified: Mon, 04 May 2020 16:17:52 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 623057
expires: Mon, 04 Dec 2023 22:34:11 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7bc%2Bsv6tc2qSfKn8tLrUhrhkkYcSwz%2BGcJd3%2BJXI9AYZExZtiYgBbzwP1bD%2BKklsXzRBz6s41D6%2F76sa1TusR2CnczBOEBPgHRracKn4yGrEcJNiVGKBBBFuivpkEd1L53ejA5l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 779a67d0d8241c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8509de85abd0e5f2c1fef6ea9b2ccb2f
b02f767a6a106ddd96f09e0a5fa07023c4184aa8
040d5ccba0a3499dcce2f41b8aca3cc199f8d2cc25d0ae34a6060631ed6b854c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1147
Cache-Control: max-age=128777
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:11 GMT
Etag: "63999ef1-1d7"
Expires: Fri, 16 Dec 2022 10:20:28 GMT
Last-Modified: Wed, 14 Dec 2022 10:01:21 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
m.addthis.com/live/red_lojson/300lo.json?si=639a4f6013128801&bkl=0&bl=1&pdt=929&sid=639a4f6013128801&pub=&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=bodybuilding-vids.blogspot.com&fp=2012%2F05%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1671057248622&jsl=33&uvs=639a4f603e014949000&skipb=1&callback=addthis.cbs.jsonp__6071172333169110
23.38.200.123200 OK 88 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=639a4f6013128801&bkl=0&bl=1&pdt=929&sid=639a4f6013128801&pub=&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=bodybuilding-vids.blogspot.com&fp=2012%2F05%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1671057248622&jsl=33&uvs=639a4f603e014949000&skipb=1&callback=addthis.cbs.jsonp__6071172333169110
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash bc4b3de2a16bb018f34683f825246dea
81c5084789c8d4d7bc01f3c187e4926d6d3ffb84
24ddaca51d905fcc228817efc18fcb96b95bca28c861eaacf27f8b7f93ea1ff6
GET /live/red_lojson/300lo.json?si=639a4f6013128801&bkl=0&bl=1&pdt=929&sid=639a4f6013128801&pub=&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=bodybuilding-vids.blogspot.com&fp=2012%2F05%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1671057248622&jsl=33&uvs=639a4f603e014949000&skipb=1&callback=addthis.cbs.jsonp__6071172333169110 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 88
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Wed, 14 Dec 2022 22:34:12 GMT
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y5pPYwAG_hIFkUz_AA2WXvaZBdydOyf1RqSK5A&u=%7C8Ze4BNCtGfnKb96Oy7HxMkDR6G34a4%2B5Hz2hgie6PMM%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfe31nB5ANoObvBW2TdqT6b2RX3u5iuyiJMxewJ6IWdy0q-hruChOm31TdIJAgQqQA1u4XiWQ7rW0INebDyoLGrYan_LC0sosHrhQSs_DVEcfE6MPg5momQzD_gG7Z5XZaOfOMYVbL2wkXx3vt5HPK_NDpqRtJWBtjNVtV-Ww1QrUaG4nHXCrXKLFs7X-23ib8FSvj9tdkUA0oSlMUkV29PZ-Rb2FU6lBdXlo4r3eL-5SF-fh0aih3xKP5ysZoQXn4fBTLbWAv7q4l3YiBcJj7jwDRhN3Pmi-37k8RVOPHNmWYjCBBT5gMTmS32uaJYFJC6lT46EarqWfdUpZ0ZksRUA0qQPZxV_ShNaka76uj98l2AFsXOGUpgQYp761Aa5FNRgih9vZlduUBKxz5IAT0iHMU-FdUz4iHdaaNzzKp7NEavNPRlMkkT9Zix8mJxFQ8mrDkBQiJjvYtVELMLGYahbamAuOU8g4dy3AJHso3sFj89Ei5wx0ItkPEJWKZOD_J6CfFKOoZxQQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZbsfY0-aY5L8G_-ZxdwP3qy22ALJntKxXL3xlPdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTYyMDM4MDU0NzYyNTMwMzHIAQmpAhuxRvu13rE-qAMBqgSgAk_QAZHi5tT799j2zvmKZAxRkEfmKklOB6lY3uaDE1RL2SpvgTv1nTXVIsZQkF5D-GbPV60EzXZ11aNtVGh1rtfnBgDxhlgLiDdX0ut1QrFLsbojLnZTZXi8GUIaRYbCctQxFP4UwL9oh8ABz4XeG3bBKxxpc0DWwTm7SnRvQ-hc_zATYS896cu2xMi7Mss2vkdrvhRnYJcoI1AG4t0xMSYg5OlrY18DO6FFUlESrVX1CVtGoeSYPdjZ-LZvJ5_Pmm3H5a8jkn_-s6YAycvJV4tyLSHq0Ido42GCopRux6WtRPJ26_6NMb-yJht9ac43_6dKzNPohWopj74k-bzANBcpJjebKMP-xZuQGyoYHkx3d6j00IzFVOLtbM2__6GpNIAGhs3hiuHPyo7QAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3HqiM0vxXOYPphexO29E1poqYxBA%26client%3Dca-pub-6203805476253031%26adurl%3D
178.250.2.65200 OK 43 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y5pPYwAG_hIFkUz_AA2WXvaZBdydOyf1RqSK5A&u=%7C8Ze4BNCtGfnKb96Oy7HxMkDR6G34a4%2B5Hz2hgie6PMM%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfe31nB5ANoObvBW2TdqT6b2RX3u5iuyiJMxewJ6IWdy0q-hruChOm31TdIJAgQqQA1u4XiWQ7rW0INebDyoLGrYan_LC0sosHrhQSs_DVEcfE6MPg5momQzD_gG7Z5XZaOfOMYVbL2wkXx3vt5HPK_NDpqRtJWBtjNVtV-Ww1QrUaG4nHXCrXKLFs7X-23ib8FSvj9tdkUA0oSlMUkV29PZ-Rb2FU6lBdXlo4r3eL-5SF-fh0aih3xKP5ysZoQXn4fBTLbWAv7q4l3YiBcJj7jwDRhN3Pmi-37k8RVOPHNmWYjCBBT5gMTmS32uaJYFJC6lT46EarqWfdUpZ0ZksRUA0qQPZxV_ShNaka76uj98l2AFsXOGUpgQYp761Aa5FNRgih9vZlduUBKxz5IAT0iHMU-FdUz4iHdaaNzzKp7NEavNPRlMkkT9Zix8mJxFQ8mrDkBQiJjvYtVELMLGYahbamAuOU8g4dy3AJHso3sFj89Ei5wx0ItkPEJWKZOD_J6CfFKOoZxQQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZbsfY0-aY5L8G_-ZxdwP3qy22ALJntKxXL3xlPdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTYyMDM4MDU0NzYyNTMwMzHIAQmpAhuxRvu13rE-qAMBqgSgAk_QAZHi5tT799j2zvmKZAxRkEfmKklOB6lY3uaDE1RL2SpvgTv1nTXVIsZQkF5D-GbPV60EzXZ11aNtVGh1rtfnBgDxhlgLiDdX0ut1QrFLsbojLnZTZXi8GUIaRYbCctQxFP4UwL9oh8ABz4XeG3bBKxxpc0DWwTm7SnRvQ-hc_zATYS896cu2xMi7Mss2vkdrvhRnYJcoI1AG4t0xMSYg5OlrY18DO6FFUlESrVX1CVtGoeSYPdjZ-LZvJ5_Pmm3H5a8jkn_-s6YAycvJV4tyLSHq0Ido42GCopRux6WtRPJ26_6NMb-yJht9ac43_6dKzNPohWopj74k-bzANBcpJjebKMP-xZuQGyoYHkx3d6j00IzFVOLtbM2__6GpNIAGhs3hiuHPyo7QAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3HqiM0vxXOYPphexO29E1poqYxBA%26client%3Dca-pub-6203805476253031%26adurl%3D
IP 178.250.2.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28320), with CRLF, LF line terminators
Hash 2a08802d696c278eb7b9c3aa46f4462e
83a7bc265f9466d72284827ff1f5bc45715357a2
68dae24f2d0f809c3e04f8d00928fe4b0d56ceaf93107e412879d358348151d6
GET /delivery/r/afr.php?z=Y5pPYwAG_hIFkUz_AA2WXvaZBdydOyf1RqSK5A&u=%7C8Ze4BNCtGfnKb96Oy7HxMkDR6G34a4%2B5Hz2hgie6PMM%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfe31nB5ANoObvBW2TdqT6b2RX3u5iuyiJMxewJ6IWdy0q-hruChOm31TdIJAgQqQA1u4XiWQ7rW0INebDyoLGrYan_LC0sosHrhQSs_DVEcfE6MPg5momQzD_gG7Z5XZaOfOMYVbL2wkXx3vt5HPK_NDpqRtJWBtjNVtV-Ww1QrUaG4nHXCrXKLFs7X-23ib8FSvj9tdkUA0oSlMUkV29PZ-Rb2FU6lBdXlo4r3eL-5SF-fh0aih3xKP5ysZoQXn4fBTLbWAv7q4l3YiBcJj7jwDRhN3Pmi-37k8RVOPHNmWYjCBBT5gMTmS32uaJYFJC6lT46EarqWfdUpZ0ZksRUA0qQPZxV_ShNaka76uj98l2AFsXOGUpgQYp761Aa5FNRgih9vZlduUBKxz5IAT0iHMU-FdUz4iHdaaNzzKp7NEavNPRlMkkT9Zix8mJxFQ8mrDkBQiJjvYtVELMLGYahbamAuOU8g4dy3AJHso3sFj89Ei5wx0ItkPEJWKZOD_J6CfFKOoZxQQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZbsfY0-aY5L8G_-ZxdwP3qy22ALJntKxXL3xlPdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTYyMDM4MDU0NzYyNTMwMzHIAQmpAhuxRvu13rE-qAMBqgSgAk_QAZHi5tT799j2zvmKZAxRkEfmKklOB6lY3uaDE1RL2SpvgTv1nTXVIsZQkF5D-GbPV60EzXZ11aNtVGh1rtfnBgDxhlgLiDdX0ut1QrFLsbojLnZTZXi8GUIaRYbCctQxFP4UwL9oh8ABz4XeG3bBKxxpc0DWwTm7SnRvQ-hc_zATYS896cu2xMi7Mss2vkdrvhRnYJcoI1AG4t0xMSYg5OlrY18DO6FFUlESrVX1CVtGoeSYPdjZ-LZvJ5_Pmm3H5a8jkn_-s6YAycvJV4tyLSHq0Ido42GCopRux6WtRPJ26_6NMb-yJht9ac43_6dKzNPohWopj74k-bzANBcpJjebKMP-xZuQGyoYHkx3d6j00IzFVOLtbM2__6GpNIAGhs3hiuHPyo7QAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3HqiM0vxXOYPphexO29E1poqYxBA%26client%3Dca-pub-6203805476253031%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:34:10 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=K9o3EfVqy9xVgcbys5JyUct0AeNFDxzTHY_uoNZX0hkwbgFMAoa3U5BXrALEP9ELp4eqL-9IFHFPxBDiur218xKvU4FeMfhkhGIOjN0JaXsBtjEoO-xzeTek5NxtoVKo4UXRneQSM-Ugc_kYo9wzkVHjWcQ9ZerqhJJaPHPOGGQ6XcFJJuj88fJiU4NkuDYsSP78DIes3I-SfQwNJFGVWuvxoopB5FmNsxqTYX4KJ1ajrDTKHFyj9SVjMJGi4ZIrFZQKTg"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 48467274
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10618
Expires: Thu, 15 Dec 2022 01:31:10 GMT
Date: Wed, 14 Dec 2022 22:34:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10618
Expires: Thu, 15 Dec 2022 01:31:10 GMT
Date: Wed, 14 Dec 2022 22:34:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10618
Expires: Thu, 15 Dec 2022 01:31:10 GMT
Date: Wed, 14 Dec 2022 22:34:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10618
Expires: Thu, 15 Dec 2022 01:31:10 GMT
Date: Wed, 14 Dec 2022 22:34:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10618
Expires: Thu, 15 Dec 2022 01:31:10 GMT
Date: Wed, 14 Dec 2022 22:34:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cff467d-ce7f-4454-8f95-b9c6348a2347.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cff467d-ce7f-4454-8f95-b9c6348a2347.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 651b0f2569cf044585ce4f571cfd89fb
4c5e9db56536dd4145d63200d0fd74e2aa243fbf
c561267909b1e19768a2c11d78bab18faaa0de11d822e56324d7642daf798bf5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cff467d-ce7f-4454-8f95-b9c6348a2347.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5820
x-amzn-requestid: 096e8aca-b98f-4994-a084-888e9a03aa89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c0NT8HJFIAMFeBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63918f4c-59e8f13b176bb8ae43d2da3d;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 07:16:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6YirhW7Q_EZKRpVWq7bm_xMrRNRByggUk-J0MJW_jbxzQEojJOAsJQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 03:16:45 GMT
age: 69447
etag: "4c5e9db56536dd4145d63200d0fd74e2aa243fbf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4368d88-830e-4776-bbdb-c2457233983a.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4368d88-830e-4776-bbdb-c2457233983a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b031e56b256ee8ed21093f8c5398815
ef4ac091b1804b68c1d8e073d73f7a57e08739a6
f332c68ba6b31d67c02d16412c85e760cbc2e7a67073876c8799365e80b6dbab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4368d88-830e-4776-bbdb-c2457233983a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9851
x-amzn-requestid: 38f12682-d3c4-4e4f-9b24-afe81ca85dde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c-FX9FsVoAMF5AQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63958299-3d25cec26bcb2ccf73e3526f;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 07:11:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dBS9TPBeVScdBuJSzheNE2lvUb3RqZTfZjJkWcbyuwkyhu0HrFmkIQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 12:50:30 GMT
age: 35022
etag: "ef4ac091b1804b68c1d8e073d73f7a57e08739a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52de3838-24b1-4942-a475-cf9b84ca052b.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52de3838-24b1-4942-a475-cf9b84ca052b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c19b980e110e92c245c767fb5176310d
d1525f33bb439a2a4049fa65ac5e8510f2df7acb
1695f36a7fce1c722559343ae94a2640a9b5ea3bee145b5fd0bb79dcbb049d34
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52de3838-24b1-4942-a475-cf9b84ca052b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4831
x-amzn-requestid: 7dd92cbc-4b78-4b8d-a522-3b9b31f00c0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c-ER5G3moAMF8Uw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639580d8-12a2cf5714e231431bdda1af;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 07:03:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: spQimr1-EdHR77kzGh-6LVnuGe26fy0L3vdgcdmyvMSCJw7QAbdPxA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 12:50:30 GMT
age: 35022
etag: "d1525f33bb439a2a4049fa65ac5e8510f2df7acb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F789b3579-e18f-4137-9016-fe77da33e730.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F789b3579-e18f-4137-9016-fe77da33e730.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43eaf6688d03f8c725155d489878edf9
d1e5800030de5916d12ae7f0ccf59f0d4a105fa5
069386dfdfc06e668c0aa4bd6bdf2c948a8b9ed051e3e32eede5d362f9d48466
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F789b3579-e18f-4137-9016-fe77da33e730.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13489
x-amzn-requestid: 0ba623aa-2112-4328-94d8-9c0ddf204e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c-ERYE53oAMF7yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639580d5-6d50b25f49cae43752e25a86;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 07:03:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UMxAU_3TGyas4vg-bUmfTlkZ2NpCX2rQ7loyqpJofgw3LsLUHzXacw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 21:58:57 GMT
age: 2115
etag: "d1e5800030de5916d12ae7f0ccf59f0d4a105fa5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc8ebfc6-61e6-40a2-9330-dccc75c41225.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc8ebfc6-61e6-40a2-9330-dccc75c41225.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86aaca525eba678cdae6480594a8249a
87171c4499e8d82e8ec325e9133c180c0773c1dc
03fb5c8f20a85f301f9bf3096aefb36bbadfdd54d4bdd5227d45fced4ad004d7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc8ebfc6-61e6-40a2-9330-dccc75c41225.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9864
x-amzn-requestid: f4e0138f-d94b-477d-942b-03c475c92c55
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c3VwGFX3oAMFoXw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6392d000-5fa027616c6c5617367f2b3f;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 06:04:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qGQccPI0OykOc__llgZFDZhT7CYWNMSn1SYTcex-1qmT4ZamwUtTHA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 00:26:15 GMT
age: 79677
etag: "87171c4499e8d82e8ec325e9133c180c0773c1dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fdd629d-f240-4f70-976e-0a71b7c9ed76.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fdd629d-f240-4f70-976e-0a71b7c9ed76.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 950417131e4e9f1238fc585984f327b5
da28ff9df8e2e423cce7ae247a3e8c8469507c4b
0504b92466cf49c1072ba9d9776d921c76fbe3a1542bc202e9751d9c40566597
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fdd629d-f240-4f70-976e-0a71b7c9ed76.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5834
x-amzn-requestid: 63e69ca6-85d6-43e2-9d42-ddff1617fd7c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dJ9R8EAZoAMFtUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a4272-40e8a981097612402ae21532;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 21:38:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: BUQNBTltYqTVBkbt9QQtXS3vQjvM26E6SuvPdIFqVuq1eusUVL5K3g==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 22:32:22 GMT
age: 110
etag: "da28ff9df8e2e423cce7ae247a3e8c8469507c4b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 29b20b2039da4fff67b217acc3bb43b2
c94a60c0abeafcf70dbc94460d8e07090c3f93f5
c414055ce8d8332757b89ecfc6cc5846ce01d23b71aecf647041a033bc95eab5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3886
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:12 GMT
Last-Modified: Wed, 14 Dec 2022 21:29:26 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash e866c08861e2c29b974e8563b152409e
d551c18f7e627515b2d3e768ee6fd73013ec8f4f
2fe81be9f12d6586950ee40ffe766edb171f0b4a10768aa08ec453502c131756
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6275
Cache-Control: max-age=89626
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:12 GMT
Etag: "6398f1fb-139"
Expires: Thu, 15 Dec 2022 23:27:58 GMT
Last-Modified: Tue, 13 Dec 2022 21:43:23 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash e866c08861e2c29b974e8563b152409e
d551c18f7e627515b2d3e768ee6fd73013ec8f4f
2fe81be9f12d6586950ee40ffe766edb171f0b4a10768aa08ec453502c131756
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6275
Cache-Control: max-age=89626
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:12 GMT
Etag: "6398f1fb-139"
Expires: Thu, 15 Dec 2022 23:27:58 GMT
Last-Modified: Tue, 13 Dec 2022 21:43:23 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash e866c08861e2c29b974e8563b152409e
d551c18f7e627515b2d3e768ee6fd73013ec8f4f
2fe81be9f12d6586950ee40ffe766edb171f0b4a10768aa08ec453502c131756
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6327
Cache-Control: max-age=89678
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:12 GMT
Etag: "6398f1fb-139"
Expires: Thu, 15 Dec 2022 23:28:50 GMT
Last-Modified: Tue, 13 Dec 2022 21:43:23 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 313
connect.facebook.net/en_US/all.js?hash=c236e5a78554ccb05195bf4a77ae537d
31.13.72.12200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/all.js?hash=c236e5a78554ccb05195bf4a77ae537d
IP 31.13.72.12:0
File type ASCII text, with very long lines (18605)
Hash 9a785b257dd6489dbb37bb110d7325f2
b4093ada122982200bbb6b9e962ff601087a3708
f261473840e70951b42162436fd1e2847c99ee479463f678eea778b0a19471a4
GET /en_US/all.js?hash=c236e5a78554ccb05195bf4a77ae537d HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bodybuilding-vids.blogspot.com
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 9bfa379a976c600bfbc83887ef563162
etag: "b65c53d1b063c170586a1969a42ae336"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 14 Dec 2023 21:41:48 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: mnhbJX3WSJ27N7sRDXMl8g==
x-fb-debug: YJNnQwTDIMoFTwqItnF32jhS/p2T1A4ecJha3639lTsGOF8HWG9YjvkgiAbDiywbYBA+e7kgtbr6tsH98l0dVw==
content-length: 88307
x-fb-trip-id: 1904183273
date: Wed, 14 Dec 2022 22:34:12 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash e866c08861e2c29b974e8563b152409e
d551c18f7e627515b2d3e768ee6fd73013ec8f4f
2fe81be9f12d6586950ee40ffe766edb171f0b4a10768aa08ec453502c131756
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6275
Cache-Control: max-age=89626
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:12 GMT
Etag: "6398f1fb-139"
Expires: Thu, 15 Dec 2022 23:27:58 GMT
Last-Modified: Tue, 13 Dec 2022 21:43:23 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash e866c08861e2c29b974e8563b152409e
d551c18f7e627515b2d3e768ee6fd73013ec8f4f
2fe81be9f12d6586950ee40ffe766edb171f0b4a10768aa08ec453502c131756
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6327
Cache-Control: max-age=89678
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:12 GMT
Etag: "6398f1fb-139"
Expires: Thu, 15 Dec 2022 23:28:50 GMT
Last-Modified: Tue, 13 Dec 2022 21:43:23 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 313
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kPenErOzWbYHmAKdg2ICAgAAAH1IVpA1ZS_EEGNPmmNoMCv0z8-yUGrQzwASAAA&wp=Y5pPYwAG_hIFkUz_AA2WXvaZBdydOyf1RqSK5A
178.250.2.129200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kPenErOzWbYHmAKdg2ICAgAAAH1IVpA1ZS_EEGNPmmNoMCv0z8-yUGrQzwASAAA&wp=Y5pPYwAG_hIFkUz_AA2WXvaZBdydOyf1RqSK5A
IP 178.250.2.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kPenErOzWbYHmAKdg2ICAgAAAH1IVpA1ZS_EEGNPmmNoMCv0z8-yUGrQzwASAAA&wp=Y5pPYwAG_hIFkUz_AA2WXvaZBdydOyf1RqSK5A HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server-processing-duration-in-ticks: 263258
date: Wed, 14 Dec 2022 22:34:11 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/back_button2.svg
178.250.0.130200 OK 293 B URL HTTP/2 static.criteo.net/flash/icon/back_button2.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash d9f776bdc698e1bc9c6a1977218019cd
5763cfb5ac79adf0fa7f03a82bad04eea2dca243
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
GET /flash/icon/back_button2.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:34:12 GMT
content-type: image/svg+xml
content-length: 293
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
etag: "626a59dc-125"
expires: Sat, 09 Dec 2023 22:34:12 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c65409b809f31ddcf19bd408e1e8cbf6
6d70e5d1680043fe3960764051a666e9e3b1f19d
b1b4260741e46bc5da35518bdfc2f30b99971d2433c7214f267e8c71733a3413
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6187
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:12 GMT
Etag: "6398d710-1d7"
Last-Modified: Wed, 14 Dec 2022 20:51:05 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 7d00863a3d90b2f325555624abbbb5e7
98a339da609cca0739b36f54454719cfe746f9ca
04358cf461e8fd30b3c98edf32a36e80243293f7ba5928de90ae1405f9d4908e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6469
Cache-Control: max-age=139848
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:12 GMT
Etag: "6399b567-13a"
Expires: Fri, 16 Dec 2022 13:25:00 GMT
Last-Modified: Wed, 14 Dec 2022 11:37:11 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 7d00863a3d90b2f325555624abbbb5e7
98a339da609cca0739b36f54454719cfe746f9ca
04358cf461e8fd30b3c98edf32a36e80243293f7ba5928de90ae1405f9d4908e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6414
Cache-Control: max-age=139793
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:12 GMT
Etag: "6399b567-13a"
Expires: Fri, 16 Dec 2022 13:24:05 GMT
Last-Modified: Wed, 14 Dec 2022 11:37:11 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 0c85c661841cf5b4d34ef77e9364d2ba
509b0bfb37b8e15405b8e0bc4ea1d213335ef9ac
c98821752c9370d5ffe7fbfbae92f7b87a9cfd085bb5b4b986eace9dc92f270e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1778
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:12 GMT
Etag: "6399d87c-138"
Last-Modified: Wed, 14 Dec 2022 22:04:34 GMT
Server: ECS (amb/6B9C)
X-Cache: HIT
Content-Length: 312
static.criteo.net/flash/icon/close_button.svg
178.250.0.130200 OK 308 B URL HTTP/2 static.criteo.net/flash/icon/close_button.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 1bfe2e290ec4440da74a2e2c249eae2b
0b888a3f9e27d1554f2e21d51e7a1c223d00dbd4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
GET /flash/icon/close_button.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:34:12 GMT
content-type: image/svg+xml
content-length: 308
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
etag: "5e46a5e4-134"
expires: Sat, 09 Dec 2023 22:34:12 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=556&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=196&s=sl36d4NYH1BH1xNU3EXYUG5g
178.250.2.135200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=556&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=196&s=sl36d4NYH1BH1xNU3EXYUG5g
IP 178.250.2.135:0
File type PNG image data, 196 x 111, 8-bit/color RGBA, non-interlaced\012- data
Hash bc381116221b106493d972a9262c65e3
980f03704c3d56409200806ffc1b8269240383a4
391ed2f12f92968f164c061b48e5421254b9aae4dfce080b727d60dd6c1cb72e
GET /img/img?h=556&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=196&s=sl36d4NYH1BH1xNU3EXYUG5g HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=29389207
expires: Mon, 20 Nov 2023 02:14:20 GMT
date: Wed, 14 Dec 2022 22:34:11 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10921
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kM71FLOzWawC2ASdg2ICAgAAAK01-xH79iAKEGNPmmMGXNIrRZYt4PiMPgASAAA&wp=Y5pPYwAHr4QFkUuLAAM_hKVri8ITdj8eSOxQRw
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kM71FLOzWawC2ASdg2ICAgAAAK01-xH79iAKEGNPmmMGXNIrRZYt4PiMPgASAAA&wp=Y5pPYwAHr4QFkUuLAAM_hKVri8ITdj8eSOxQRw
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kM71FLOzWawC2ASdg2ICAgAAAK01-xH79iAKEGNPmmMGXNIrRZYt4PiMPgASAAA&wp=Y5pPYwAHr4QFkUuLAAM_hKVri8ITdj8eSOxQRw HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server-processing-duration-in-ticks: 237439
date: Wed, 14 Dec 2022 22:34:11 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Aea66d473-716f-4607-a90a-1192f31d5bf1%2FMelia_Costa_del_Sol_1SQUARE_800X800.jpg&v=3&w=800&s=TDM0RH8qPfjpSYl5vtDEe4vO&b=800
178.250.2.135200 OK 106 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Aea66d473-716f-4607-a90a-1192f31d5bf1%2FMelia_Costa_del_Sol_1SQUARE_800X800.jpg&v=3&w=800&s=TDM0RH8qPfjpSYl5vtDEe4vO&b=800
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 106 kB (106290 bytes)
Hash cd79a1bf65a39522f37a8b6b1802e6cd
9089d36f8f2816ec51c58494c5375c89907f5293
a951348928d3c92b100035384b63d659c30843c1d4fcb821946c84207fcaf99c
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Aea66d473-716f-4607-a90a-1192f31d5bf1%2FMelia_Costa_del_Sol_1SQUARE_800X800.jpg&v=3&w=800&s=TDM0RH8qPfjpSYl5vtDEe4vO&b=800 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=39871
expires: Thu, 15 Dec 2022 09:38:44 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 106290
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash abadd7d5a404a7814a3d13e7698d0821
6f3dbf5dfcc020dabad7ecfe832fe31d32a046c7
9d56ae6698401d555d5d99c088261a58a3287b8f3ef691e899f10f9e87c5a520
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:34:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/measurement/l?ebcid=ALh7CaR22224l_4Uy0M-oQcWPir3JEJ_cclD_GELbP2yd2Yux1RISAO89j_LxXL1AUZSUxhJfGXo
216.58.211.4204 No Content 0 B URL HTTP/2 www.google.com/ads/measurement/l?ebcid=ALh7CaR22224l_4Uy0M-oQcWPir3JEJ_cclD_GELbP2yd2Yux1RISAO89j_LxXL1AUZSUxhJfGXo
IP 216.58.211.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/measurement/l?ebcid=ALh7CaR22224l_4Uy0M-oQcWPir3JEJ_cclD_GELbP2yd2Yux1RISAO89j_LxXL1AUZSUxhJfGXo HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 22:34:12 GMT
server: jumble_frontend_server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kPenErOzWe0HfJ2DYgICAAAAOvOUGwXnypYQYk-aY9gjzXCV6-1HDC5iABIAAA&wp=Y5pPYwAF114KsoaWAAnmnFdyDikchgd7xYVy5g
178.250.2.129200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kPenErOzWe0HfJ2DYgICAAAAOvOUGwXnypYQYk-aY9gjzXCV6-1HDC5iABIAAA&wp=Y5pPYwAF114KsoaWAAnmnFdyDikchgd7xYVy5g
IP 178.250.2.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kPenErOzWe0HfJ2DYgICAAAAOvOUGwXnypYQYk-aY9gjzXCV6-1HDC5iABIAAA&wp=Y5pPYwAF114KsoaWAAnmnFdyDikchgd7xYVy5g HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server-processing-duration-in-ticks: 291632
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/googlefont/montserrat/montserrat-700.css
178.250.0.130200 OK 31 kB URL HTTP/2 static.criteo.net/design/googlefont/montserrat/montserrat-700.css
IP 178.250.0.130:0
Hash a131bc240252edab75a39c5e97257595
11913f45759f7620ba6c29948298672ef9b1c53e
05610ce37ae4fa0b94bffd0e61d55d78809c6cb18dae20bbb4bf598f95dfa438
GET /design/googlefont/montserrat/montserrat-700.css HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:34:12 GMT
content-type: text/css
last-modified: Thu, 08 Dec 2022 14:06:55 GMT
etag: W/"6391ef7f-675"
expires: Sat, 09 Dec 2023 22:34:12 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.35200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:12 GMT
expires: Sat, 09 Dec 2023 13:33:12 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
age: 464460
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=11051&adfrmid=0
109.232.197.33302 Found 0 B URL HTTP/1.1 mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=11051&adfrmid=0
IP 109.232.197.33:0
ASN #50234 Eulerian Technologies S.a.s.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=11051&adfrmid=0 HTTP/1.1
Host: mm.melia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.eu.criteo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Wed, 14 Dec 2022 22:34:12 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 0
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Location: https://mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=11051&adfrmid=0
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=38o6it93wCs3txwqPiSRw8TATw5g93FMG_PcvtIDxG34sTmG8P35JNgf35Ga5-JD8bDrosuFQCqSOiKNpTjlxLnUBzyV9A3ARapHFNOsdWblJjyrQXYsDGxFxiEvzDD_G3lb60YzXdRg0AT4IfOe-_OAyzZvDBDHSz3-f6lBtYEiK1hP1fCJGXMZLieS0k0SwLCSLVvlPlSi5P8xYBX0xiirGSeLZFiCzujuS7xFBBeyX6yvPoC9yO8TIkVXEe7whRNOwN4cXDOCxE3mdoLlq4cPVf9rFw7XnmF68CuZC0_dSjbxn1OhP1xNkZDGW7NsnQ0kKvmUov57hasZDAc-62i8VpakbiZ6NvxWNSC5ux42s0Q329EtGNoVQvu7NnPDSz8bYZEsKuk8yDYzW12Htiway9QfiA20i43tkWD6CP8PoAD6YQEBOv0P6pgpy8rdoYXAOg
178.250.2.148200 OK 43 B URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=38o6it93wCs3txwqPiSRw8TATw5g93FMG_PcvtIDxG34sTmG8P35JNgf35Ga5-JD8bDrosuFQCqSOiKNpTjlxLnUBzyV9A3ARapHFNOsdWblJjyrQXYsDGxFxiEvzDD_G3lb60YzXdRg0AT4IfOe-_OAyzZvDBDHSz3-f6lBtYEiK1hP1fCJGXMZLieS0k0SwLCSLVvlPlSi5P8xYBX0xiirGSeLZFiCzujuS7xFBBeyX6yvPoC9yO8TIkVXEe7whRNOwN4cXDOCxE3mdoLlq4cPVf9rFw7XnmF68CuZC0_dSjbxn1OhP1xNkZDGW7NsnQ0kKvmUov57hasZDAc-62i8VpakbiZ6NvxWNSC5ux42s0Q329EtGNoVQvu7NnPDSz8bYZEsKuk8yDYzW12Htiway9QfiA20i43tkWD6CP8PoAD6YQEBOv0P6pgpy8rdoYXAOg
IP 178.250.2.148:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /delivery/lg.php?cppv=3&cpp=38o6it93wCs3txwqPiSRw8TATw5g93FMG_PcvtIDxG34sTmG8P35JNgf35Ga5-JD8bDrosuFQCqSOiKNpTjlxLnUBzyV9A3ARapHFNOsdWblJjyrQXYsDGxFxiEvzDD_G3lb60YzXdRg0AT4IfOe-_OAyzZvDBDHSz3-f6lBtYEiK1hP1fCJGXMZLieS0k0SwLCSLVvlPlSi5P8xYBX0xiirGSeLZFiCzujuS7xFBBeyX6yvPoC9yO8TIkVXEe7whRNOwN4cXDOCxE3mdoLlq4cPVf9rFw7XnmF68CuZC0_dSjbxn1OhP1xNkZDGW7NsnQ0kKvmUov57hasZDAc-62i8VpakbiZ6NvxWNSC5ux42s0Q329EtGNoVQvu7NnPDSz8bYZEsKuk8yDYzW12Htiway9QfiA20i43tkWD6CP8PoAD6YQEBOv0P6pgpy8rdoYXAOg HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:34:11 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2512794
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/adchoices_en.svg
178.250.0.130200 OK 12 kB URL HTTP/2 static.criteo.net/flash/icon/adchoices_en.svg
IP 178.250.0.130:0
Hash 4efcf71128276aca90b0ce9d95a6bcc5
c2a01fbbf9f1c33b67be8ddba4b896ee9565d987
7a346d9b608e8f78b404bedf1ee0f6e0cf1b770eb2c9ebc2c20cd66fe63d4eda
GET /flash/icon/adchoices_en.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:34:12 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
etag: W/"5e42b9ee-759"
expires: Sat, 09 Dec 2023 22:34:12 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=104&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=596&s=IAMOSgYHSaVYx45XwbQL9FpN
178.250.2.135200 OK 3.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=104&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=596&s=IAMOSgYHSaVYx45XwbQL9FpN
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 277x104, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d7a5c76aec6cbaff3effe7fba832f7b4
ab3046d70078b235d53e535f3be76e2e404ebc8b
1204eb619e2c0b5c191c701da71af8261cb4de1c90efca0f92280ab46a66cc66
GET /img/img?h=104&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=596&s=IAMOSgYHSaVYx45XwbQL9FpN HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29932232
expires: Sun, 26 Nov 2023 09:04:45 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 2972
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmodstrom%2F1300x1700%2Fmod55507_cpowdersand_v05015.jpg&v=3&w=400&s=pzF3OEx3JvYTNwIsWEKNSces&b=400
178.250.2.135200 OK 6.4 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmodstrom%2F1300x1700%2Fmod55507_cpowdersand_v05015.jpg&v=3&w=400&s=pzF3OEx3JvYTNwIsWEKNSces&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 325x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bca8d73f8de7cb401689740f53d4ac4c
060ccd2d5aa7bca5fc7f7f45902bbd150e635769
cc1825d15cacdf8ef52ecfd13c68de781ca5584b0ad8650a157ff4d47b46ea3e
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmodstrom%2F1300x1700%2Fmod55507_cpowdersand_v05015.jpg&v=3&w=400&s=pzF3OEx3JvYTNwIsWEKNSces&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30238202
expires: Wed, 29 Nov 2023 22:04:15 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6390
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=639a4f63f67fea2463e52ceafc7fc342
37.157.3.20302 Found 497 B URL HTTP/2 a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=639a4f63f67fea2463e52ceafc7fc342
IP 37.157.3.20:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (425), with CRLF line terminators
Hash f7a8cd21335c0775b4912e95865cabbc
c8bc5ce80708f172b7a0d64afaccfc0ea1b2312b
f5b44c37d8d4379c8895c8335c9a8a4cfb4fb0c0f317232ca63529acbe381749
GET /adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=639a4f63f67fea2463e52ceafc7fc342 HTTP/1.1
Host: a1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 14 Dec 2022 22:34:12 GMT
content-type: text/html; charset=utf-8
location: https://mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=11051&adfrmid=0
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F38fa9246a8044b9d84346a654df0b3f8_1200x1200_no.png&v=3&w=1200&s=f-EQUyMNXFwRjU_gTRVQu7SU
178.250.2.135200 OK 128 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F38fa9246a8044b9d84346a654df0b3f8_1200x1200_no.png&v=3&w=1200&s=f-EQUyMNXFwRjU_gTRVQu7SU
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 128 kB (128318 bytes)
Hash 9ff2ed9e224d6b96a54afe736c4b0b07
ef6420bcdc5c7b89e892768d26b6156f20896019
3f643c2f2356cf933397bab72e5df5cdec174c7af924d8352390677e56cfbf68
GET /img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F38fa9246a8044b9d84346a654df0b3f8_1200x1200_no.png&v=3&w=1200&s=f-EQUyMNXFwRjU_gTRVQu7SU HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29932238
expires: Sun, 26 Nov 2023 09:04:51 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 128318
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fkari-traa%2F1300x1700%2Fkta622963_ctaupe.jpg&v=3&w=400&s=Z8quMpOVnI5rDWyVVmBYUB8a&b=400
178.250.2.135200 OK 12 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fkari-traa%2F1300x1700%2Fkta622963_ctaupe.jpg&v=3&w=400&s=Z8quMpOVnI5rDWyVVmBYUB8a&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 284x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 00c67e847645d8d8d090923eb2b6c4a7
9e85330b9a0b5853cc5aeefe22eef61200c6d8e2
2cb4c5826336e2adfd5daa7edb40fb52fbecd006d1ac12ea59f4d2a6067807cd
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fkari-traa%2F1300x1700%2Fkta622963_ctaupe.jpg&v=3&w=400&s=Z8quMpOVnI5rDWyVVmBYUB8a&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30559253
expires: Sun, 03 Dec 2023 15:15:06 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 12482
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fkari-traa%2F1300x1700%2Fkta622061_cblack.jpg&v=3&w=400&s=iec3v8LAg5V_zNTDsJQYw4Y5&b=400
178.250.2.135200 OK 12 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fkari-traa%2F1300x1700%2Fkta622061_cblack.jpg&v=3&w=400&s=iec3v8LAg5V_zNTDsJQYw4Y5&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 292x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fd10b3e27cc8e44f3a2f74ab2a492772
da3207ba0a47ae10fb42fa7d6429e9724e2a3ad7
27b0f6d8c51c0a9107d4a259944c49381c74645309f404bff6254ae8557bb351
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fkari-traa%2F1300x1700%2Fkta622061_cblack.jpg&v=3&w=400&s=iec3v8LAg5V_zNTDsJQYw4Y5&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29643744
expires: Thu, 23 Nov 2023 00:56:37 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 11498
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fnapapijri%2F1300x1700%2Fnapnp0a4gmc_cbeigestone.jpg&v=3&w=400&s=GFczoq5YPqX_1j28GKVTawsK&b=400
178.250.2.135200 OK 7.3 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fnapapijri%2F1300x1700%2Fnapnp0a4gmc_cbeigestone.jpg&v=3&w=400&s=GFczoq5YPqX_1j28GKVTawsK&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 321x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9532b777247d4b19adf30ab5e470bb65
6a97b91ade1cb096faa5b73f8ffa4629f239cb7f
469dc5b3bae075ffcc11922e579c70e59407d92a6fc9021f5dff453bdf954430
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fnapapijri%2F1300x1700%2Fnapnp0a4gmc_cbeigestone.jpg&v=3&w=400&s=GFczoq5YPqX_1j28GKVTawsK&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30743346
expires: Tue, 05 Dec 2023 18:23:19 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7254
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fdickies%2F1300x1700%2Fdicdk0a4xk7_cblack.jpg&v=3&w=400&s=P30l5Flpspj0UnPn_Wn0-fTE&b=400
178.250.2.135200 OK 3.6 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fdickies%2F1300x1700%2Fdicdk0a4xk7_cblack.jpg&v=3&w=400&s=P30l5Flpspj0UnPn_Wn0-fTE&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 355x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 13a0aa194730e5833bc747eaf12dc15c
3e8f0b90f60e054452ca35b605d61e7f86dac760
7c4919499e1e5ebf8197f097cee07964f4cc263450b30827a451f219ec88b7ad
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fdickies%2F1300x1700%2Fdicdk0a4xk7_cblack.jpg&v=3&w=400&s=P30l5Flpspj0UnPn_Wn0-fTE&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29442651
expires: Mon, 20 Nov 2023 17:05:04 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 3618
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl901734003_cmulticolor_v105.jpg&v=3&w=400&s=dDfH9gr8sPDzFxjOVR08BitD&b=400
178.250.2.135200 OK 9.4 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl901734003_cmulticolor_v105.jpg&v=3&w=400&s=dDfH9gr8sPDzFxjOVR08BitD&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 366x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e30f38a4a7cebd36dad78cf240825b22
a37d4aeeb850a6c9cad4ca598f6155d0b7ad68a2
438fe1e5dc75effcc9822f7179c8a8a181a32ffef2d7b6dd9cae7bf95447de70
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl901734003_cmulticolor_v105.jpg&v=3&w=400&s=dDfH9gr8sPDzFxjOVR08BitD&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30397696
expires: Fri, 01 Dec 2023 18:22:29 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9392
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgap%2F1300x1700%2Fgap000619044_coatmealheather_v103.jpg&v=3&w=400&s=mGMSxXJnWzEO46pMomQqHJPe&b=400
178.250.2.135200 OK 6.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgap%2F1300x1700%2Fgap000619044_coatmealheather_v103.jpg&v=3&w=400&s=mGMSxXJnWzEO46pMomQqHJPe&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 296x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 585113a2f228e4099a99b9e4759c9880
9150ccd71bd0e36e90f085f7e95a4280209af659
2a67aa47c8dbb8efa4a4563cd33fc879620d2bf579b20c70427e941c862dc005
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgap%2F1300x1700%2Fgap000619044_coatmealheather_v103.jpg&v=3&w=400&s=mGMSxXJnWzEO46pMomQqHJPe&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31434834
expires: Wed, 13 Dec 2023 18:28:07 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6454
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg%2F1300x1700%2Fbbo10000823_cmultipack2.jpg&v=3&w=400&s=rBTJ2lWkMHRlUmG5lOji-Pja&b=400
178.250.2.135200 OK 17 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg%2F1300x1700%2Fbbo10000823_cmultipack2.jpg&v=3&w=400&s=rBTJ2lWkMHRlUmG5lOji-Pja&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 321x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f0d01203e6b07eee2ecfcb72194a14cd
adb9428f5999c2d8fe875656629032527bf0d09c
a592a712939266a1fd24a0241e0d5515bfc735c85c286ecc68e766c282ede3d8
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg%2F1300x1700%2Fbbo10000823_cmultipack2.jpg&v=3&w=400&s=rBTJ2lWkMHRlUmG5lOji-Pja&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29421056
expires: Mon, 20 Nov 2023 11:05:09 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 16804
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmango%2F1300x1700%2Fman37085130_cmidgreyvigore_v94.jpg&v=3&w=400&s=muepaRlz4FYirPrrSOcari_G&b=400
178.250.2.135200 OK 5.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmango%2F1300x1700%2Fman37085130_cmidgreyvigore_v94.jpg&v=3&w=400&s=muepaRlz4FYirPrrSOcari_G&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 158x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e9929e350510b4ef73a01e7dd0f76cef
2a25ac1527135c214824b916f560ddf0c78a9062
59e970895e45a304838ded4652217ac0e8c6ca2668d835d94d67d688fc77743b
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmango%2F1300x1700%2Fman37085130_cmidgreyvigore_v94.jpg&v=3&w=400&s=muepaRlz4FYirPrrSOcari_G&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31093439
expires: Sat, 09 Dec 2023 19:38:12 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5722
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flegends%2F1300x1700%2Fleg180201_ctaupe_v35.jpg&v=3&w=400&s=a4Op7ySjnDvTeChQw0uaCgop&b=400
178.250.2.135200 OK 7.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flegends%2F1300x1700%2Fleg180201_ctaupe_v35.jpg&v=3&w=400&s=a4Op7ySjnDvTeChQw0uaCgop&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 350x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fc9b197339d293b8e135428a5ac97e38
c00a46759cced501fcffe6b442ac6593567eb3d3
5756836d4045ea08826e3d2ae8bf7ed9fe2f0779d390afe04fc3286e136c8851
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flegends%2F1300x1700%2Fleg180201_ctaupe_v35.jpg&v=3&w=400&s=a4Op7ySjnDvTeChQw0uaCgop&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30183005
expires: Wed, 29 Nov 2023 06:44:18 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7684
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fcream%2F1300x1700%2Fcre10607234_csilverlakebluecheck_v102141.jpg&v=3&w=400&s=qK-x0adxSjjDLHa_Ov6UhUGG&b=400
178.250.2.135200 OK 17 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fcream%2F1300x1700%2Fcre10607234_csilverlakebluecheck_v102141.jpg&v=3&w=400&s=qK-x0adxSjjDLHa_Ov6UhUGG&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 236x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cecd203e670a5818884c086e1fc9fdd8
ed69a80f9cae5605ab3ac382ffe71a3c6553893d
26c658be4a31bdd4eca4726f09adb04fcaabe5bd8c928aa0067b37332f59e8d4
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fcream%2F1300x1700%2Fcre10607234_csilverlakebluecheck_v102141.jpg&v=3&w=400&s=qK-x0adxSjjDLHa_Ov6UhUGG&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29847320
expires: Sat, 25 Nov 2023 09:29:33 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 16690
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flindbergh%2F1300x1700%2Flin30320036a_carmy.jpg&v=3&w=400&s=1aRci4Cx9MqP9STuAKfEp36N&b=400
178.250.2.135200 OK 15 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flindbergh%2F1300x1700%2Flin30320036a_carmy.jpg&v=3&w=400&s=1aRci4Cx9MqP9STuAKfEp36N&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 312x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2ca5c780038077a91a5d78365bd87e24
57dc3907d7f0958bd0ef7451d934e700ef1c2f0b
db4a20b2d5f3497094c87dc2404885d050c3d4f9d3ef65c9bd82b1e8184502d2
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flindbergh%2F1300x1700%2Flin30320036a_carmy.jpg&v=3&w=400&s=1aRci4Cx9MqP9STuAKfEp36N&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31352570
expires: Tue, 12 Dec 2023 19:37:03 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 15304
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fdale-of-norway%2F1300x1700%2Fdon93141_c3212911456_vf.jpg&v=3&w=400&s=Wq5LBGzhEYfnTAQPz9IMqc4k&b=400
178.250.2.135200 OK 16 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fdale-of-norway%2F1300x1700%2Fdon93141_c3212911456_vf.jpg&v=3&w=400&s=Wq5LBGzhEYfnTAQPz9IMqc4k&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 293x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0d5b4e25b59133763e6e8318b9dd5af6
b7262f201ce5bdb721abea174c40f492310a4995
1f7281a98528d00266df7015519d780371e2b1ca600aba176123767c3d17613a
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fdale-of-norway%2F1300x1700%2Fdon93141_c3212911456_vf.jpg&v=3&w=400&s=Wq5LBGzhEYfnTAQPz9IMqc4k&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29104878
expires: Thu, 16 Nov 2023 19:15:31 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 15970
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgestuz%2F1300x1700%2Fges10906455_cgreenamethyst_v103308.jpg&v=3&w=400&s=5clzBUXRFako1gFgDrRW8rqF&b=400
178.250.2.135200 OK 24 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgestuz%2F1300x1700%2Fges10906455_cgreenamethyst_v103308.jpg&v=3&w=400&s=5clzBUXRFako1gFgDrRW8rqF&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 293x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash be301689047df9aeb7ae5266cfde1b47
1d958de2adf06370a3f1e3241aa72c9c8f267939
ec8078f4549318409461af04dba0ef52fd8e7f499a529a363c2fc5298c50b192
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgestuz%2F1300x1700%2Fges10906455_cgreenamethyst_v103308.jpg&v=3&w=400&s=5clzBUXRFako1gFgDrRW8rqF&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29930967
expires: Sun, 26 Nov 2023 08:43:40 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 23582
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf1741394803_cblack.jpg&v=3&w=400&s=b5OAUjF40XdzcSX2tResorh-&b=400
178.250.2.135200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf1741394803_cblack.jpg&v=3&w=400&s=b5OAUjF40XdzcSX2tResorh-&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x351, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 77ad2ab29464a85a38895f7ecf0a58f6
9aab0bcfb9bbe84772a6c654532a450d0edc067a
8ea266295c05e575875733f6a71b7f59e1fbfba330cbbe98a18805a4a129099f
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf1741394803_cblack.jpg&v=3&w=400&s=b5OAUjF40XdzcSX2tResorh-&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30869593
expires: Thu, 07 Dec 2023 05:27:27 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10886
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fhackett%2F1300x1700%2Fhachm580985_cnavy.jpg&v=3&w=400&s=NJy-dVIYbtkYUu0ABTm_YQYV&b=400
178.250.2.135200 OK 4.8 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fhackett%2F1300x1700%2Fhachm580985_cnavy.jpg&v=3&w=400&s=NJy-dVIYbtkYUu0ABTm_YQYV&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c54f659c1d479366764a9fad597dbf17
f30d4f3645ba1d882062390bff350291d6415c98
306fdef2bc38f04c91cbca4d661f3e9a601d192db485bc50aa14c7ed7b45ac72
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fhackett%2F1300x1700%2Fhachm580985_cnavy.jpg&v=3&w=400&s=NJy-dVIYbtkYUu0ABTm_YQYV&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29089879
expires: Thu, 16 Nov 2023 15:05:32 GMT
date: Wed, 14 Dec 2022 22:34:13 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4828
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flittle-pieces%2F1300x1700%2Fps17129647_cblack_v179276leo.jpg&v=3&w=400&s=hkoyj22YFqBc6cFLL2l2065F&b=400
178.250.2.135200 OK 24 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flittle-pieces%2F1300x1700%2Fps17129647_cblack_v179276leo.jpg&v=3&w=400&s=hkoyj22YFqBc6cFLL2l2065F&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 282x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6b02dab46147c5abab07f585978fd08b
ec3b7cc7bc8611add52f12b961f390540b8bc0e9
b5c83b0e1e6c4799579bc132d01ae175fa010c0cf088c28cb0fefeca798f8dc2
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flittle-pieces%2F1300x1700%2Fps17129647_cblack_v179276leo.jpg&v=3&w=400&s=hkoyj22YFqBc6cFLL2l2065F&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31369244
expires: Wed, 13 Dec 2023 00:14:57 GMT
date: Wed, 14 Dec 2022 22:34:13 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 24256
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y5pPYwAF110KsoaWAAnmnAWhwcXfs5PYTWMDeQ&u=%7C8Ze4BNCtGfk0VX8vo%2FiZU0fI7IyHALomcG4XIBU8v0Y%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKUS-Kc5eB_mprX61o-0tWW9qnacfx0cs4QSmRyHaAc6iuvrBkJyot_8kjQwHQ8nLwmC53fecIe0UZM-orIOnTrM8R429IeATd6Sqig9puEfFNdK0HDU68VZqqTN_qmK_wGNjhTdywDIJaH1mNF2v_VpDPJqmKiE9Mq6XTuvYvFVdn9y8V7Z1pBY3WKjKi69kNvnIwgUYl-nI2Kzn8_l8vrMnuljs9iJXLTHTHeeOHUP18Esa3BT_hPx7OCA83-E10ddW2ANDd0llSzZTO9AZ0FioQTtNb9dHRkeLbUfQXzqcHcDTqC55I9UmFZh5v57ptjEr4rC7pw9IKT4YG_kszSNVdqkErizXnfB2O4yK3YZmKRdFHWH7FdyOt_P71bU-KAlv9ncplUtYs3MAkSAx2aW_QGKUJoyVBGNEDx3lGXv7eT0ZjjVlfRIUJsfB3JuAjDGjMdjiWsIk8n4lmrr0tYAJPrxpiHNOA22LOt56qGFzfpOmogRLLTeQW-gErbJz5gAR1jSGSpmgUq6Loh81Ijj&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCH8siY0-aY92uF5aNygWczaeIDsme0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNjIwMzgwNTQ3NjI1MzAzMcgBCakCG7FG-7XesT6oAwGqBKACT9Bbq52W-5_fzyUDO6EWhLp0OfPT7bJkqyxvz0QcBZXmlUxq9I5K5BDUMPDNvrghdDPnKkQV6kzNcP5W_Kv1-P30VodnczkqXeV-WptSB9Z7M7yKZ4xhEoaWuaWvtkXmvyPlOVXf9tim_ktJfvP3KyK9OowI0AUz28atwQCunQHVAJztCtHLqRAlUyRxQMRAjFrW1NbqaMV2WwRMZIiG-jFDnv8bmEuYttZ675a7QNV1htZ7Qcetgifg7UV68mfKROYJjeAy4mbrBt9qv_MLZEFq33HNk_wCTQ1P3V1RnG0QdVyrv7UMkmp1XjasC-dqdz-wGXu0F71GLVPpRfA1jH_-yx2ekxu3YtbLOClSOgvzS-6_OH5S0agWsJT_b-f5gAbdreKcxpuNq4sBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3cnC5HFYtw79PYR08aLiV6JI7DDQ%26client%3Dca-pub-6203805476253031%26adurl%3D
178.250.2.65200 OK 62 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y5pPYwAF110KsoaWAAnmnAWhwcXfs5PYTWMDeQ&u=%7C8Ze4BNCtGfk0VX8vo%2FiZU0fI7IyHALomcG4XIBU8v0Y%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKUS-Kc5eB_mprX61o-0tWW9qnacfx0cs4QSmRyHaAc6iuvrBkJyot_8kjQwHQ8nLwmC53fecIe0UZM-orIOnTrM8R429IeATd6Sqig9puEfFNdK0HDU68VZqqTN_qmK_wGNjhTdywDIJaH1mNF2v_VpDPJqmKiE9Mq6XTuvYvFVdn9y8V7Z1pBY3WKjKi69kNvnIwgUYl-nI2Kzn8_l8vrMnuljs9iJXLTHTHeeOHUP18Esa3BT_hPx7OCA83-E10ddW2ANDd0llSzZTO9AZ0FioQTtNb9dHRkeLbUfQXzqcHcDTqC55I9UmFZh5v57ptjEr4rC7pw9IKT4YG_kszSNVdqkErizXnfB2O4yK3YZmKRdFHWH7FdyOt_P71bU-KAlv9ncplUtYs3MAkSAx2aW_QGKUJoyVBGNEDx3lGXv7eT0ZjjVlfRIUJsfB3JuAjDGjMdjiWsIk8n4lmrr0tYAJPrxpiHNOA22LOt56qGFzfpOmogRLLTeQW-gErbJz5gAR1jSGSpmgUq6Loh81Ijj&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCH8siY0-aY92uF5aNygWczaeIDsme0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNjIwMzgwNTQ3NjI1MzAzMcgBCakCG7FG-7XesT6oAwGqBKACT9Bbq52W-5_fzyUDO6EWhLp0OfPT7bJkqyxvz0QcBZXmlUxq9I5K5BDUMPDNvrghdDPnKkQV6kzNcP5W_Kv1-P30VodnczkqXeV-WptSB9Z7M7yKZ4xhEoaWuaWvtkXmvyPlOVXf9tim_ktJfvP3KyK9OowI0AUz28atwQCunQHVAJztCtHLqRAlUyRxQMRAjFrW1NbqaMV2WwRMZIiG-jFDnv8bmEuYttZ675a7QNV1htZ7Qcetgifg7UV68mfKROYJjeAy4mbrBt9qv_MLZEFq33HNk_wCTQ1P3V1RnG0QdVyrv7UMkmp1XjasC-dqdz-wGXu0F71GLVPpRfA1jH_-yx2ekxu3YtbLOClSOgvzS-6_OH5S0agWsJT_b-f5gAbdreKcxpuNq4sBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3cnC5HFYtw79PYR08aLiV6JI7DDQ%26client%3Dca-pub-6203805476253031%26adurl%3D
IP 178.250.2.65:0
Hash dc05810acbfe51b7fee8a3c7bd2dfa11
8a5a51adf714de78fd7b41a4f93d4ff533c78c29
b9358f8d1d0ed4075a963673caf88af8d263c4874f21ad85df27fb782113da5a
GET /delivery/r/afr.php?z=Y5pPYwAF110KsoaWAAnmnAWhwcXfs5PYTWMDeQ&u=%7C8Ze4BNCtGfk0VX8vo%2FiZU0fI7IyHALomcG4XIBU8v0Y%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKUS-Kc5eB_mprX61o-0tWW9qnacfx0cs4QSmRyHaAc6iuvrBkJyot_8kjQwHQ8nLwmC53fecIe0UZM-orIOnTrM8R429IeATd6Sqig9puEfFNdK0HDU68VZqqTN_qmK_wGNjhTdywDIJaH1mNF2v_VpDPJqmKiE9Mq6XTuvYvFVdn9y8V7Z1pBY3WKjKi69kNvnIwgUYl-nI2Kzn8_l8vrMnuljs9iJXLTHTHeeOHUP18Esa3BT_hPx7OCA83-E10ddW2ANDd0llSzZTO9AZ0FioQTtNb9dHRkeLbUfQXzqcHcDTqC55I9UmFZh5v57ptjEr4rC7pw9IKT4YG_kszSNVdqkErizXnfB2O4yK3YZmKRdFHWH7FdyOt_P71bU-KAlv9ncplUtYs3MAkSAx2aW_QGKUJoyVBGNEDx3lGXv7eT0ZjjVlfRIUJsfB3JuAjDGjMdjiWsIk8n4lmrr0tYAJPrxpiHNOA22LOt56qGFzfpOmogRLLTeQW-gErbJz5gAR1jSGSpmgUq6Loh81Ijj&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCH8siY0-aY92uF5aNygWczaeIDsme0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNjIwMzgwNTQ3NjI1MzAzMcgBCakCG7FG-7XesT6oAwGqBKACT9Bbq52W-5_fzyUDO6EWhLp0OfPT7bJkqyxvz0QcBZXmlUxq9I5K5BDUMPDNvrghdDPnKkQV6kzNcP5W_Kv1-P30VodnczkqXeV-WptSB9Z7M7yKZ4xhEoaWuaWvtkXmvyPlOVXf9tim_ktJfvP3KyK9OowI0AUz28atwQCunQHVAJztCtHLqRAlUyRxQMRAjFrW1NbqaMV2WwRMZIiG-jFDnv8bmEuYttZ675a7QNV1htZ7Qcetgifg7UV68mfKROYJjeAy4mbrBt9qv_MLZEFq33HNk_wCTQ1P3V1RnG0QdVyrv7UMkmp1XjasC-dqdz-wGXu0F71GLVPpRfA1jH_-yx2ekxu3YtbLOClSOgvzS-6_OH5S0agWsJT_b-f5gAbdreKcxpuNq4sBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3cnC5HFYtw79PYR08aLiV6JI7DDQ%26client%3Dca-pub-6203805476253031%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:34:11 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=FS9lWPVqy9xVgcbyFr6EDoSVJ2Epz_SNPC9Kb3Dl2uD1NpZmQc0wCj9pwNEosb6tC-P1YntO3OGMgyKdWPUScprW2eDHNZVF5CAnqyBp41oTzDvEEbNjrpWzuPmg9eAD9KRybErm4K2QQ_IMOZi6Wkx_iz2arpxqcszLU1eEM_TSfGMAGXCeDzwUY_0xTjP8_5vJ0JPyB-Tei4gpBmKz-sMcqN_GxgYEimjZ35awrAo0Hfmh45zR1SnEj3Kol3qjEKRE0g"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 127127310
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flevi-women%2F1300x1700%2Flsw1784700100_cdarkindigowornin.jpg&v=3&w=400&s=0_KTlGvodwCfLqBPPeqR5w15&b=400
178.250.2.135200 OK 7.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flevi-women%2F1300x1700%2Flsw1784700100_cdarkindigowornin.jpg&v=3&w=400&s=0_KTlGvodwCfLqBPPeqR5w15&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 177x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 10fc16ceaf3ca54236a364523451dca6
a518827763000354d403e704c5824e30f7aeac71
1b742f7d2b071e3ad84171a542302ca75e5a092cd9fb328521deea74615e4429
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flevi-women%2F1300x1700%2Flsw1784700100_cdarkindigowornin.jpg&v=3&w=400&s=0_KTlGvodwCfLqBPPeqR5w15&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31201656
expires: Mon, 11 Dec 2023 01:41:49 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7718
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fskechers%2F1300x1700%2Fske16677_cnvgynavygrey.jpg&v=3&w=400&s=WSvMgRqr3ayC8mHRTLZo9-B9&b=400
178.250.2.135200 OK 14 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fskechers%2F1300x1700%2Fske16677_cnvgynavygrey.jpg&v=3&w=400&s=WSvMgRqr3ayC8mHRTLZo9-B9&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x363, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 549cb2cb1c26d1fa0d96b968d7e942fd
670fde4f13936d0725c1a8f9913fdc5ed2fec220
60a832ef7c0f17ecfca96ccfb059c565f8b62b722f6137d9160af5e64963c82f
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fskechers%2F1300x1700%2Fske16677_cnvgynavygrey.jpg&v=3&w=400&s=WSvMgRqr3ayC8mHRTLZo9-B9&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30011589
expires: Mon, 27 Nov 2023 07:07:22 GMT
date: Wed, 14 Dec 2022 22:34:13 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 14430
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y5pPYwAF114KsoaWAAnmnFdyDikchgd7xYVy5g&u=%7C8Ze4BNCtGfm7MiqsU78wzUvhZhZs8YjuU3hwonio74E%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfe31nB5ANoObvBW2TdqT6bEbaq4ORNOVFQKtRbHhdJpV_xtJ0lpTPiM1yq9O5xz9sZuNJafvqNABPNRW9KXeEHaLeKfIDB2i5D7EbOfiRpzYqr883LHb-0egtjNrkvxt2T_cKKKTT7OYgMXB25XZBL3RjSvGYOBXd_GFSadyHscVZcNzMhmja_oBZad5Ge-Ceoyo_22-CZ72Oxe8rPbbRtHX-fhN451WIc9SfO0zNxbyjqq45ML_X_j8XXIATnO5B9feKUTIlD-GgCfyXoBZhsxfAO6cjAbahP4hGiFLpLQLrTa6ibImhNe06j0xGYHvGmZjtrBdDdW4j7KzJrHzYsJDQc6ocFkCNYx2_lwhwByxoC-GE1_EjJ-a4wMK4X3qh9jHlH0vXiHcKh7WM-zVH0hYXgaf1AT1aSIwkMCxCbf9YRzFGM8CnWSD7qQ2Ulha47lur_h94HXsE-vFC9G8GxMXzo5NklEVMUFn2N7MDcQE_oZF6qBjFYWP3avyGZWIsLSZXaFvETHj0BMVdYNu4n&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChfv7Y0-aY96uF5aNygWczaeIDsme0rFcjfDi1pMBwI23ARABIABgw4SAgJgYggEXY2EtcHViLTYyMDM4MDU0NzYyNTMwMzHIAQmpAhuxRvu13rE-qAMBqgShAk_QgT2tcKIAN9Hi8x7Gby9XYcjIXDh8tCqJ1gSgjywTQc2CY-crwRkUjiGElSXwNqM7X67K0iTwcAJd0rgtOGdkxXnwrosKJyz7sSFPMrbhGL_J3ZZHiLdzdZadto6pdDv00UANQOZ-aAdlCHgD1HdD2T-ew65wojnc7MlVu-a3np9Cos-bZv0pP7BXXNIroQslbir3b8LlExfahkfby-AO8Ejr9gJ9RxxmeKoqaR0gvkLXcZ5EBS6aOOULsXURBF94-PFKuExc7cpGm7pii6mtiAjJCPi8k3VD0wsccMKniykPrLMYWiVknQIppFQ0Kj8tfbzBv1rkm7UBZmtyITTx0Ex50ezGkcZYqqsDTfpCL0yDwTt628aFyGAu6h2tPxOABobN4Yrhz8qO0AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2gcmvOpkFGEyPZjnIGZClxDFWgkQ%26client%3Dca-pub-6203805476253031%26adurl%3D
178.250.2.65200 OK 58 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y5pPYwAF114KsoaWAAnmnFdyDikchgd7xYVy5g&u=%7C8Ze4BNCtGfm7MiqsU78wzUvhZhZs8YjuU3hwonio74E%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfe31nB5ANoObvBW2TdqT6bEbaq4ORNOVFQKtRbHhdJpV_xtJ0lpTPiM1yq9O5xz9sZuNJafvqNABPNRW9KXeEHaLeKfIDB2i5D7EbOfiRpzYqr883LHb-0egtjNrkvxt2T_cKKKTT7OYgMXB25XZBL3RjSvGYOBXd_GFSadyHscVZcNzMhmja_oBZad5Ge-Ceoyo_22-CZ72Oxe8rPbbRtHX-fhN451WIc9SfO0zNxbyjqq45ML_X_j8XXIATnO5B9feKUTIlD-GgCfyXoBZhsxfAO6cjAbahP4hGiFLpLQLrTa6ibImhNe06j0xGYHvGmZjtrBdDdW4j7KzJrHzYsJDQc6ocFkCNYx2_lwhwByxoC-GE1_EjJ-a4wMK4X3qh9jHlH0vXiHcKh7WM-zVH0hYXgaf1AT1aSIwkMCxCbf9YRzFGM8CnWSD7qQ2Ulha47lur_h94HXsE-vFC9G8GxMXzo5NklEVMUFn2N7MDcQE_oZF6qBjFYWP3avyGZWIsLSZXaFvETHj0BMVdYNu4n&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChfv7Y0-aY96uF5aNygWczaeIDsme0rFcjfDi1pMBwI23ARABIABgw4SAgJgYggEXY2EtcHViLTYyMDM4MDU0NzYyNTMwMzHIAQmpAhuxRvu13rE-qAMBqgShAk_QgT2tcKIAN9Hi8x7Gby9XYcjIXDh8tCqJ1gSgjywTQc2CY-crwRkUjiGElSXwNqM7X67K0iTwcAJd0rgtOGdkxXnwrosKJyz7sSFPMrbhGL_J3ZZHiLdzdZadto6pdDv00UANQOZ-aAdlCHgD1HdD2T-ew65wojnc7MlVu-a3np9Cos-bZv0pP7BXXNIroQslbir3b8LlExfahkfby-AO8Ejr9gJ9RxxmeKoqaR0gvkLXcZ5EBS6aOOULsXURBF94-PFKuExc7cpGm7pii6mtiAjJCPi8k3VD0wsccMKniykPrLMYWiVknQIppFQ0Kj8tfbzBv1rkm7UBZmtyITTx0Ex50ezGkcZYqqsDTfpCL0yDwTt628aFyGAu6h2tPxOABobN4Yrhz8qO0AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2gcmvOpkFGEyPZjnIGZClxDFWgkQ%26client%3Dca-pub-6203805476253031%26adurl%3D
IP 178.250.2.65:0
Hash 8a5a5133c03c6879fc297847e259b56a
5e839ae8d28aaf98bc88600501faa8bd5bec34ed
55304e6fbd466c8a27d254c29958acebf90522e52dd9f62968ea8eb158330505
GET /delivery/r/afr.php?z=Y5pPYwAF114KsoaWAAnmnFdyDikchgd7xYVy5g&u=%7C8Ze4BNCtGfm7MiqsU78wzUvhZhZs8YjuU3hwonio74E%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfe31nB5ANoObvBW2TdqT6bEbaq4ORNOVFQKtRbHhdJpV_xtJ0lpTPiM1yq9O5xz9sZuNJafvqNABPNRW9KXeEHaLeKfIDB2i5D7EbOfiRpzYqr883LHb-0egtjNrkvxt2T_cKKKTT7OYgMXB25XZBL3RjSvGYOBXd_GFSadyHscVZcNzMhmja_oBZad5Ge-Ceoyo_22-CZ72Oxe8rPbbRtHX-fhN451WIc9SfO0zNxbyjqq45ML_X_j8XXIATnO5B9feKUTIlD-GgCfyXoBZhsxfAO6cjAbahP4hGiFLpLQLrTa6ibImhNe06j0xGYHvGmZjtrBdDdW4j7KzJrHzYsJDQc6ocFkCNYx2_lwhwByxoC-GE1_EjJ-a4wMK4X3qh9jHlH0vXiHcKh7WM-zVH0hYXgaf1AT1aSIwkMCxCbf9YRzFGM8CnWSD7qQ2Ulha47lur_h94HXsE-vFC9G8GxMXzo5NklEVMUFn2N7MDcQE_oZF6qBjFYWP3avyGZWIsLSZXaFvETHj0BMVdYNu4n&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChfv7Y0-aY96uF5aNygWczaeIDsme0rFcjfDi1pMBwI23ARABIABgw4SAgJgYggEXY2EtcHViLTYyMDM4MDU0NzYyNTMwMzHIAQmpAhuxRvu13rE-qAMBqgShAk_QgT2tcKIAN9Hi8x7Gby9XYcjIXDh8tCqJ1gSgjywTQc2CY-crwRkUjiGElSXwNqM7X67K0iTwcAJd0rgtOGdkxXnwrosKJyz7sSFPMrbhGL_J3ZZHiLdzdZadto6pdDv00UANQOZ-aAdlCHgD1HdD2T-ew65wojnc7MlVu-a3np9Cos-bZv0pP7BXXNIroQslbir3b8LlExfahkfby-AO8Ejr9gJ9RxxmeKoqaR0gvkLXcZ5EBS6aOOULsXURBF94-PFKuExc7cpGm7pii6mtiAjJCPi8k3VD0wsccMKniykPrLMYWiVknQIppFQ0Kj8tfbzBv1rkm7UBZmtyITTx0Ex50ezGkcZYqqsDTfpCL0yDwTt628aFyGAu6h2tPxOABobN4Yrhz8qO0AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2gcmvOpkFGEyPZjnIGZClxDFWgkQ%26client%3Dca-pub-6203805476253031%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:34:11 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=QOa5K_Vqy9xVgcbybuPItdiHQMaynuIRqIGFuEkX8GszbGWzH_1gbRM6ggrj0UE-pBcNmBexdtzhJZFvZfrImctszjgX65JxULdb5hfz5c2SGrD3wH1R2EDtzHF3xsPaR2ho-71r7ZphZULiE3WdHEcpkAOOA5wCnnX4vKIVTq04ZtPphSz5HnAQNeiTRCD4Ag5Oxp-I5wNsECjhFXY0RR1xM-0VpbQT15UrYXra1EKYj-YMwBGFDTYKDdFQNivMKUSySA"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 44807861
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftamaris%2F1300x1700%2Ftam112549829_cblackleather_v003.jpg&v=3&w=400&s=x7hlQdhthhW1-CdnpPdQr6h1&b=400
178.250.2.135200 OK 4.4 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftamaris%2F1300x1700%2Ftam112549829_cblackleather_v003.jpg&v=3&w=400&s=x7hlQdhthhW1-CdnpPdQr6h1&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 303x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 820fda3e38b8270420913f999a77971d
73d60b59dedd3d53e48b87b84f4d2971ea0746d0
d48d215d1879feb05b5162781f5630195f9ceccc317dd9086a9c3dc23947e641
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftamaris%2F1300x1700%2Ftam112549829_cblackleather_v003.jpg&v=3&w=400&s=x7hlQdhthhW1-CdnpPdQr6h1&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29229141
expires: Sat, 18 Nov 2023 05:46:34 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4374
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fguess-jeans%2F1300x1700%2Fgjsw2bl38w6nw2_cjetblacka996_vjblk.jpg&v=3&w=400&s=_N4Jbv-xhGoX1I1nu-Fwf5aY&b=400
178.250.2.135200 OK 6.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fguess-jeans%2F1300x1700%2Fgjsw2bl38w6nw2_cjetblacka996_vjblk.jpg&v=3&w=400&s=_N4Jbv-xhGoX1I1nu-Fwf5aY&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 244x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 73bd13ccb8a47922ec437620c5651eee
02be62511aa218c6c126bca28e5bdfeff939a46c
d7226c14d08281282008efe2fd2f3cd7e3e23f72cb22fcd2225e6fb0f6ceb5d7
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fguess-jeans%2F1300x1700%2Fgjsw2bl38w6nw2_cjetblacka996_vjblk.jpg&v=3&w=400&s=_N4Jbv-xhGoX1I1nu-Fwf5aY&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30620568
expires: Mon, 04 Dec 2023 08:17:01 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6660
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fwrangler%2F1300x1700%2Fwraw5a2ccb51_cblueribbon_v51.jpg&v=3&w=400&s=6RBVYm9W1cE_IXc098wjHQLc&b=400
178.250.2.135200 OK 24 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fwrangler%2F1300x1700%2Fwraw5a2ccb51_cblueribbon_v51.jpg&v=3&w=400&s=6RBVYm9W1cE_IXc098wjHQLc&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 323x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7527ed77b6066634d35f714eb8e4864d
d662543f37f4801cfaf0d7aa05e5872d95a209f9
f81a47598c5b43d18b3f1e0de6dd5701e26ec1b84868efadf0bacabbea5e9088
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fwrangler%2F1300x1700%2Fwraw5a2ccb51_cblueribbon_v51.jpg&v=3&w=400&s=6RBVYm9W1cE_IXc098wjHQLc&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29847568
expires: Sat, 25 Nov 2023 09:33:41 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 24126
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y5pPYwAHr4QFkUuLAAM_hKVri8ITdj8eSOxQRw&u=%7C8Ze4BNCtGfnJ%2FpEeTeeY3L9yxvZVxAVoFebFjT2qbKg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKUS-Kc5eB_mprX61o-0tWW9WVkMayMpK4isM9aau-sNfjOv07_9yBFmLDrU7XuuyihIR2ACURCwRHzkdKkbMYjvOi2Na2BrPwBimcwHv7hUJlBY4f64q_XSyMhGVbSmmngrtqrFVPiE-r4Pg5D-4XyWHRXukwMTivPAsV9dT-PJasPuXYB3zOi0Uwrwy50WGShwLLuSGDhYjOkpNx9usCv417KpfxaNUaSkYcyXvBdNAw0FT1RbgCmi9MHmDoHDtkTQ-G8tXuNx49lD4Hkr9J3xJU6NR1zgynrbmKCry3_LCqEc3d3uwFD0wgTEZtPlK7rJHOHkmwLeGd00ZoeOA_EQ7tgCS1EZ2u_DKaZ7mKPQW1HhvvCl6ciHvQVfL5YHA7_HiHelvAfIlphmss80mPj-5bXbW6tPFtkl4pcH4S-Y4Q0kqocfggD9Pjic9GhF5SJxLSKShj_L7yraXMMqu0gePdincamVWJCwq2GkyFRGlDpGhjZJ_hqKomsHZMHk1b1_lJK3fooU2HNjFPh-zm6x&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzkj7Y0-aY4TfHouXxdwPhP-M0ArJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTYyMDM4MDU0NzYyNTMwMzHIAQmpAmhrdY0B3bE-qAMBqgSmAk_QR8gfhAC2TnSmgIw5qkeGku8jcVmfryDL3ovZBfdftz8p3qP_P6eHNejCmpoJT2EUI_TIV2IEfXO6S7I7vQm23hAPC9JuatKGtafI02flF7VOSiz5ZhzznjDY1L1t5seQBOkqasu-I6_IhrlWGUPbpes6gwdRAENNOJ4_OdRyuIYKzBHlQz3DOnIoWV4faMLyDSvTb0Svg_nexG4pfPJrMEm1SbNVddyyulHnNw6l1AaNAbV7xZ3UGs0gOyuA4w0m7a1KyXNVx5ZZ9Y6k6FxN_507RVOtZyvBcnKRdNj6SCWHHl2uXqmGorZrQUUBB7bRBQt21JNjSSsC8fE0ZeKUQY-XbQHgOelw_JDuMST_ttkLIRHb-EjTm0kgrJkwycazmIECAIAG3a3inMabjauLAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_13-TdlFY0ZGpZIp5jgN1JTdGiCag%26client%3Dca-pub-6203805476253031%26adurl%3D
178.250.2.65200 OK 99 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y5pPYwAHr4QFkUuLAAM_hKVri8ITdj8eSOxQRw&u=%7C8Ze4BNCtGfnJ%2FpEeTeeY3L9yxvZVxAVoFebFjT2qbKg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKUS-Kc5eB_mprX61o-0tWW9WVkMayMpK4isM9aau-sNfjOv07_9yBFmLDrU7XuuyihIR2ACURCwRHzkdKkbMYjvOi2Na2BrPwBimcwHv7hUJlBY4f64q_XSyMhGVbSmmngrtqrFVPiE-r4Pg5D-4XyWHRXukwMTivPAsV9dT-PJasPuXYB3zOi0Uwrwy50WGShwLLuSGDhYjOkpNx9usCv417KpfxaNUaSkYcyXvBdNAw0FT1RbgCmi9MHmDoHDtkTQ-G8tXuNx49lD4Hkr9J3xJU6NR1zgynrbmKCry3_LCqEc3d3uwFD0wgTEZtPlK7rJHOHkmwLeGd00ZoeOA_EQ7tgCS1EZ2u_DKaZ7mKPQW1HhvvCl6ciHvQVfL5YHA7_HiHelvAfIlphmss80mPj-5bXbW6tPFtkl4pcH4S-Y4Q0kqocfggD9Pjic9GhF5SJxLSKShj_L7yraXMMqu0gePdincamVWJCwq2GkyFRGlDpGhjZJ_hqKomsHZMHk1b1_lJK3fooU2HNjFPh-zm6x&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzkj7Y0-aY4TfHouXxdwPhP-M0ArJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTYyMDM4MDU0NzYyNTMwMzHIAQmpAmhrdY0B3bE-qAMBqgSmAk_QR8gfhAC2TnSmgIw5qkeGku8jcVmfryDL3ovZBfdftz8p3qP_P6eHNejCmpoJT2EUI_TIV2IEfXO6S7I7vQm23hAPC9JuatKGtafI02flF7VOSiz5ZhzznjDY1L1t5seQBOkqasu-I6_IhrlWGUPbpes6gwdRAENNOJ4_OdRyuIYKzBHlQz3DOnIoWV4faMLyDSvTb0Svg_nexG4pfPJrMEm1SbNVddyyulHnNw6l1AaNAbV7xZ3UGs0gOyuA4w0m7a1KyXNVx5ZZ9Y6k6FxN_507RVOtZyvBcnKRdNj6SCWHHl2uXqmGorZrQUUBB7bRBQt21JNjSSsC8fE0ZeKUQY-XbQHgOelw_JDuMST_ttkLIRHb-EjTm0kgrJkwycazmIECAIAG3a3inMabjauLAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_13-TdlFY0ZGpZIp5jgN1JTdGiCag%26client%3Dca-pub-6203805476253031%26adurl%3D
IP 178.250.2.65:0
Hash 44dcfbd283546b7fe1d776684619185d
42fcfe2b2b3f2ebb14d6762a95eeb62c0f8baa42
c91e616a738ffbc1623f8567772ab0a7f5e0a424972faf062e5568212833d4bf
GET /delivery/r/afr.php?z=Y5pPYwAHr4QFkUuLAAM_hKVri8ITdj8eSOxQRw&u=%7C8Ze4BNCtGfnJ%2FpEeTeeY3L9yxvZVxAVoFebFjT2qbKg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKUS-Kc5eB_mprX61o-0tWW9WVkMayMpK4isM9aau-sNfjOv07_9yBFmLDrU7XuuyihIR2ACURCwRHzkdKkbMYjvOi2Na2BrPwBimcwHv7hUJlBY4f64q_XSyMhGVbSmmngrtqrFVPiE-r4Pg5D-4XyWHRXukwMTivPAsV9dT-PJasPuXYB3zOi0Uwrwy50WGShwLLuSGDhYjOkpNx9usCv417KpfxaNUaSkYcyXvBdNAw0FT1RbgCmi9MHmDoHDtkTQ-G8tXuNx49lD4Hkr9J3xJU6NR1zgynrbmKCry3_LCqEc3d3uwFD0wgTEZtPlK7rJHOHkmwLeGd00ZoeOA_EQ7tgCS1EZ2u_DKaZ7mKPQW1HhvvCl6ciHvQVfL5YHA7_HiHelvAfIlphmss80mPj-5bXbW6tPFtkl4pcH4S-Y4Q0kqocfggD9Pjic9GhF5SJxLSKShj_L7yraXMMqu0gePdincamVWJCwq2GkyFRGlDpGhjZJ_hqKomsHZMHk1b1_lJK3fooU2HNjFPh-zm6x&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzkj7Y0-aY4TfHouXxdwPhP-M0ArJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTYyMDM4MDU0NzYyNTMwMzHIAQmpAmhrdY0B3bE-qAMBqgSmAk_QR8gfhAC2TnSmgIw5qkeGku8jcVmfryDL3ovZBfdftz8p3qP_P6eHNejCmpoJT2EUI_TIV2IEfXO6S7I7vQm23hAPC9JuatKGtafI02flF7VOSiz5ZhzznjDY1L1t5seQBOkqasu-I6_IhrlWGUPbpes6gwdRAENNOJ4_OdRyuIYKzBHlQz3DOnIoWV4faMLyDSvTb0Svg_nexG4pfPJrMEm1SbNVddyyulHnNw6l1AaNAbV7xZ3UGs0gOyuA4w0m7a1KyXNVx5ZZ9Y6k6FxN_507RVOtZyvBcnKRdNj6SCWHHl2uXqmGorZrQUUBB7bRBQt21JNjSSsC8fE0ZeKUQY-XbQHgOelw_JDuMST_ttkLIRHb-EjTm0kgrJkwycazmIECAIAG3a3inMabjauLAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_13-TdlFY0ZGpZIp5jgN1JTdGiCag%26client%3Dca-pub-6203805476253031%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:34:11 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=2lTas_Vqy9xVgcbyjN9TUHLy69Ye6s12bp2-Sk9FPOMEs1A1su6a4dXDBdFBidnxjegg9XDAnaiMXc1cbmQvfPFxXgkUdYrZWpr5kC6OptzNGMBvazUR4wGEmeLEvejOVbPliie3BWvPdUg-wC-4JvE3_I5HRpkOsYLYu0ryyNzMzPCqpZzyob-CvBEOpE6R4TRh_4AY_gagNQuwUi35h9OhAF8XIc5YX-A_r50t75LHgVAjsDuQK4jKF64PyLbrVAenqg"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 208516440
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fvila%2F1300x1700%2Fvl14051921_ctotaleclipse_v177811.jpg&v=3&w=400&s=21cJTf50fsjILuGgGGuuiOa3&b=400
178.250.2.135200 OK 2.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fvila%2F1300x1700%2Fvl14051921_ctotaleclipse_v177811.jpg&v=3&w=400&s=21cJTf50fsjILuGgGGuuiOa3&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 250x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d5e7ec71dffade15ff60e67be3d9ab89
bcf5a48c79024d29f3910f386d988dc46231348c
fca8eab57ed5433b6466d57a22c6001892801a17ba6cbe1d59d81278a24cbc8c
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fvila%2F1300x1700%2Fvl14051921_ctotaleclipse_v177811.jpg&v=3&w=400&s=21cJTf50fsjILuGgGGuuiOa3&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31002747
expires: Fri, 08 Dec 2023 18:26:41 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 2674
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=fJmG7LHvV44WWWAi_61BXHNm7okO7Xketqu0eoJpsXSLOq98RWAmGxbhPJBdc5u4izr9HoZoWfpz6uW9cOha9co7cYqHj59NhycG6IRxpAdfxPoSfviKRRd1nj7OPDyhSuSXeMYer3Cv_FQ4J_XhXTHzOkKgK5Ux3kjKim3eVHQy5DfEMudVBBn8No8IUpOmKT6Yg79PMPk-0pclEWF_Au2jMLKuieW0j2o5ft_x3OP_XMHFvzz3w-XNwHnGRU5-zoENejgZZ0KkVIeJI3ZEaSUXIb4V9EWj5JKAIvMCHS4OHTzgqck1flRgiXLXJqLSOId5xuXT5HpgBB9EdQHStPCtidVLDOmnz3aw4T_VRUYwKUG8sJUOQWVbFLs-gdUGR8lByUJZa_K2u_FbJCoUmokovZxG1qGjatLG1bTGChv4T_xlN-Z1ZzkOxtsBx-U4EZB8kA
178.250.2.148200 OK 13 kB URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=fJmG7LHvV44WWWAi_61BXHNm7okO7Xketqu0eoJpsXSLOq98RWAmGxbhPJBdc5u4izr9HoZoWfpz6uW9cOha9co7cYqHj59NhycG6IRxpAdfxPoSfviKRRd1nj7OPDyhSuSXeMYer3Cv_FQ4J_XhXTHzOkKgK5Ux3kjKim3eVHQy5DfEMudVBBn8No8IUpOmKT6Yg79PMPk-0pclEWF_Au2jMLKuieW0j2o5ft_x3OP_XMHFvzz3w-XNwHnGRU5-zoENejgZZ0KkVIeJI3ZEaSUXIb4V9EWj5JKAIvMCHS4OHTzgqck1flRgiXLXJqLSOId5xuXT5HpgBB9EdQHStPCtidVLDOmnz3aw4T_VRUYwKUG8sJUOQWVbFLs-gdUGR8lByUJZa_K2u_FbJCoUmokovZxG1qGjatLG1bTGChv4T_xlN-Z1ZzkOxtsBx-U4EZB8kA
IP 178.250.2.148:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d343e2a3e5a8695039a4e56ec7342305
c1beabd12493af42d1d34586eb66411ffc66c5c6
558e19f36b91a6fa2bdacfef550f77d13c9a6282ab1539e864aa7fd23ade0979
GET /delivery/lg.php?cppv=3&cpp=fJmG7LHvV44WWWAi_61BXHNm7okO7Xketqu0eoJpsXSLOq98RWAmGxbhPJBdc5u4izr9HoZoWfpz6uW9cOha9co7cYqHj59NhycG6IRxpAdfxPoSfviKRRd1nj7OPDyhSuSXeMYer3Cv_FQ4J_XhXTHzOkKgK5Ux3kjKim3eVHQy5DfEMudVBBn8No8IUpOmKT6Yg79PMPk-0pclEWF_Au2jMLKuieW0j2o5ft_x3OP_XMHFvzz3w-XNwHnGRU5-zoENejgZZ0KkVIeJI3ZEaSUXIb4V9EWj5JKAIvMCHS4OHTzgqck1flRgiXLXJqLSOId5xuXT5HpgBB9EdQHStPCtidVLDOmnz3aw4T_VRUYwKUG8sJUOQWVbFLs-gdUGR8lByUJZa_K2u_FbJCoUmokovZxG1qGjatLG1bTGChv4T_xlN-Z1ZzkOxtsBx-U4EZB8kA HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:34:13 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2788121
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/googlefont/lato/lato-400-latin.woff2
178.250.0.130200 OK 24 kB URL HTTP/2 static.criteo.net/design/googlefont/lato/lato-400-latin.woff2
IP 178.250.0.130:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /design/googlefont/lato/lato-400-latin.woff2 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://static.criteo.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:34:13 GMT
content-type: text/plain; charset=UTF-8
content-length: 23580
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
etag: "6391eef5-5c1c"
expires: Sat, 09 Dec 2023 22:34:13 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/googlefont/montserrat/montserrat-700-latin.woff2
178.250.0.130200 OK 13 kB URL HTTP/2 static.criteo.net/design/googlefont/montserrat/montserrat-700-latin.woff2
IP 178.250.0.130:0
File type Web Open Font Format (Version 2), TrueType, length 12848, version 1.0\012- data
Hash f0b3206d02a2f684530117ce1d7e8ce0
f3708b707b65e241b0f1c819d5f7bf7da8412653
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
GET /design/googlefont/montserrat/montserrat-700-latin.woff2 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://static.criteo.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:34:13 GMT
content-type: text/plain; charset=UTF-8
content-length: 12848
last-modified: Thu, 08 Dec 2022 14:06:55 GMT
etag: "6391ef7f-3230"
expires: Sat, 09 Dec 2023 22:34:13 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=244&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=196&s=k8lNCIDinW_q6Jjo57FiPArA
178.250.2.135200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=244&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=196&s=k8lNCIDinW_q6Jjo57FiPArA
IP 178.250.2.135:0
File type PNG image data, 196 x 111, 8-bit/color RGBA, non-interlaced\012- data
Hash bc381116221b106493d972a9262c65e3
980f03704c3d56409200806ffc1b8269240383a4
391ed2f12f92968f164c061b48e5421254b9aae4dfce080b727d60dd6c1cb72e
GET /img/img?h=244&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=196&s=k8lNCIDinW_q6Jjo57FiPArA HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29389206
expires: Mon, 20 Nov 2023 02:14:20 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10921
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Aea66d473-716f-4607-a90a-1192f31d5bf1%2FMelia_Costa_del_Sol_1SQUARE_800X800.jpg&v=3&w=800&s=TDM0RH8qPfjpSYl5vtDEe4vO&b=400
178.250.2.135200 OK 40 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Aea66d473-716f-4607-a90a-1192f31d5bf1%2FMelia_Costa_del_Sol_1SQUARE_800X800.jpg&v=3&w=800&s=TDM0RH8qPfjpSYl5vtDEe4vO&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 312c5ca26ef30e59182419f0fd898310
3632ed8f0698c45e02b6477b19c51ef73b186358
36a7beb87e467de1641765d868e1ed12baa91aa0cc51a991bd57afdea1c552f3
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Aea66d473-716f-4607-a90a-1192f31d5bf1%2FMelia_Costa_del_Sol_1SQUARE_800X800.jpg&v=3&w=800&s=TDM0RH8qPfjpSYl5vtDEe4vO&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=39870
expires: Thu, 15 Dec 2022 09:38:44 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 39912
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Abd13271e-ae26-449f-8e1c-10cec2ab78e1%2FSOL_Arona_Tenerife_1SQUARE_800X800.jpg&v=3&w=800&s=ItS5aLbXhn1V8aXgQ3RtRBzS&b=400
178.250.2.135200 OK 43 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Abd13271e-ae26-449f-8e1c-10cec2ab78e1%2FSOL_Arona_Tenerife_1SQUARE_800X800.jpg&v=3&w=800&s=ItS5aLbXhn1V8aXgQ3RtRBzS&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ccfee84049e617e3b6ca9660568800a5
4ebce0bac7a28ea7dda484b91024b762fcec570c
2bf34f48c5f959f54e292b9fbca320061733f1b50b5fcb6b83c849605f47a4fb
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Abd13271e-ae26-449f-8e1c-10cec2ab78e1%2FSOL_Arona_Tenerife_1SQUARE_800X800.jpg&v=3&w=800&s=ItS5aLbXhn1V8aXgQ3RtRBzS&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=17996
expires: Thu, 15 Dec 2022 03:34:09 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 43190
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Af0e0281b-ea46-4ce8-8a6a-55c98d2acb49%2FSOL_Barbacan_1_800x800.jpg&v=3&w=800&s=s-ZDmCStI7aWGW4QyfrHpPEd&b=400
178.250.2.135200 OK 38 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Af0e0281b-ea46-4ce8-8a6a-55c98d2acb49%2FSOL_Barbacan_1_800x800.jpg&v=3&w=800&s=s-ZDmCStI7aWGW4QyfrHpPEd&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1b7f1bc9193ebaa23f40da03f02d65b8
75638214d507aea84dcb9a58ba2803171d9fc88f
c60a5e6c08ffe432e46166907ec5d0c292637769c16bcd969ade82fdacfd6693
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Af0e0281b-ea46-4ce8-8a6a-55c98d2acb49%2FSOL_Barbacan_1_800x800.jpg&v=3&w=800&s=s-ZDmCStI7aWGW4QyfrHpPEd&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=5975
expires: Thu, 15 Dec 2022 00:13:48 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 37680
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y5pPYwANF1wFkUTDAA_Xh6RsfzFhEy6GPbvB9Q&u=%7C8Ze4BNCtGfltror9H%2BC55Pb0SK0iABBaJNkhc3Mv4yo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfe31nB5ANoObvBW2TdqT6bHK0kIbn3LFLkF-zVTgo4l7WPCKeUWxYfsJnrsDTEf4LInK_Ici9G3P0NjWXf55qY4Nm6OIk2XCMxoXPXx-PSnSkK-RVyZq7g5ZgFU-z4_1V48MwBIzsGwxMkfKQ_btqY3uTXC6ZoSGHnQ9i01yePdV3Px0vrXPWFZrWfBRBw-sP897OEvPTtaxZLuGQps62qie2Fpj-TxOy-Tdq_n6unjh850mF8_sLdWyubwsqWw8jFQrRIz6PjzEJCoFvPcJ98IWwaJGmvFfxqUW4ju2Z5C0nWvHBUDUvixFPdSGkips6yGlrxkMpsqF3oWAdVzQiRReOFZ4BGQhMvrEAUYORDNE0o2hFV73BtG-inlWyPCzs0urmGd0HUON9o2y3Pe97yZtATmk6VnwrV9Gr1qrJlG41p9B_8u1IXQwkf2sy173AHYkEUTTySHTYmjyTPXG5UpcV2JeGCq7bjp5GiW7kXZbjOgJgxuH7RfCfVlUadXmVlQq3btxn0aOxCneYnNe2_f0Sf6hxxQUo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWeSYY0-aY9yuNMOJxdwPh6-_6AvJntKxXPXqoYaIAcCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi02MjAzODA1NDc2MjUzMDMxyAEJqQIbsUb7td6xPqgDAaoEpgJP0PSTyhi-LctfvUU-Qv4VkV6x0K44QKT69vKx3tXsNoxffv7TsF3AFQowe_8r99YyWkrwkDbZhwZCA2HVI_66REjJytApaWDnvmTw5WcSioQkqFJkVDP0cx-48vtYMgo6Ix_q_03_xsVNyoNmU5fXL88h0t2KbrX3gBsSWWGdAuYPGC4Dly3h2WrDnUOXqwy_29mt9dpZOdumTAkOsRMek9tueyn92JQxhDbrfsgzX3SddyV0nLk4DO-XBgxUcwujN1gRvR6CVqMn6xzOZlfuP6I_2Dx16O7qtHFRjw1TxrTdKTTuEbX-FtD5G_rjvF5xCP8WYNiGtlcXE1nfmOLgNneiUvMQcHMm2F8X_ZyiT8i8B_Jaxg-bJF0Xk0YDkMOR6JCFMHiABvrv4u2Tr7XwUaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_12G67vmT4A0FYOmyv9MjWLB48pWQ%26client%3Dca-pub-6203805476253031%26adurl%3D
178.250.2.65200 OK 45 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y5pPYwANF1wFkUTDAA_Xh6RsfzFhEy6GPbvB9Q&u=%7C8Ze4BNCtGfltror9H%2BC55Pb0SK0iABBaJNkhc3Mv4yo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfe31nB5ANoObvBW2TdqT6bHK0kIbn3LFLkF-zVTgo4l7WPCKeUWxYfsJnrsDTEf4LInK_Ici9G3P0NjWXf55qY4Nm6OIk2XCMxoXPXx-PSnSkK-RVyZq7g5ZgFU-z4_1V48MwBIzsGwxMkfKQ_btqY3uTXC6ZoSGHnQ9i01yePdV3Px0vrXPWFZrWfBRBw-sP897OEvPTtaxZLuGQps62qie2Fpj-TxOy-Tdq_n6unjh850mF8_sLdWyubwsqWw8jFQrRIz6PjzEJCoFvPcJ98IWwaJGmvFfxqUW4ju2Z5C0nWvHBUDUvixFPdSGkips6yGlrxkMpsqF3oWAdVzQiRReOFZ4BGQhMvrEAUYORDNE0o2hFV73BtG-inlWyPCzs0urmGd0HUON9o2y3Pe97yZtATmk6VnwrV9Gr1qrJlG41p9B_8u1IXQwkf2sy173AHYkEUTTySHTYmjyTPXG5UpcV2JeGCq7bjp5GiW7kXZbjOgJgxuH7RfCfVlUadXmVlQq3btxn0aOxCneYnNe2_f0Sf6hxxQUo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWeSYY0-aY9yuNMOJxdwPh6-_6AvJntKxXPXqoYaIAcCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi02MjAzODA1NDc2MjUzMDMxyAEJqQIbsUb7td6xPqgDAaoEpgJP0PSTyhi-LctfvUU-Qv4VkV6x0K44QKT69vKx3tXsNoxffv7TsF3AFQowe_8r99YyWkrwkDbZhwZCA2HVI_66REjJytApaWDnvmTw5WcSioQkqFJkVDP0cx-48vtYMgo6Ix_q_03_xsVNyoNmU5fXL88h0t2KbrX3gBsSWWGdAuYPGC4Dly3h2WrDnUOXqwy_29mt9dpZOdumTAkOsRMek9tueyn92JQxhDbrfsgzX3SddyV0nLk4DO-XBgxUcwujN1gRvR6CVqMn6xzOZlfuP6I_2Dx16O7qtHFRjw1TxrTdKTTuEbX-FtD5G_rjvF5xCP8WYNiGtlcXE1nfmOLgNneiUvMQcHMm2F8X_ZyiT8i8B_Jaxg-bJF0Xk0YDkMOR6JCFMHiABvrv4u2Tr7XwUaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_12G67vmT4A0FYOmyv9MjWLB48pWQ%26client%3Dca-pub-6203805476253031%26adurl%3D
IP 178.250.2.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (17688), with CRLF, LF line terminators
Hash d968cacb608afa06cade39654ca35eeb
db537f6cbb1d07c4a335ad73b8e1b23e83840037
e662a172efd1a913979325347a4a588f392cfd3e703c5de6183cabc823483374
GET /delivery/r/afr.php?z=Y5pPYwANF1wFkUTDAA_Xh6RsfzFhEy6GPbvB9Q&u=%7C8Ze4BNCtGfltror9H%2BC55Pb0SK0iABBaJNkhc3Mv4yo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfe31nB5ANoObvBW2TdqT6bHK0kIbn3LFLkF-zVTgo4l7WPCKeUWxYfsJnrsDTEf4LInK_Ici9G3P0NjWXf55qY4Nm6OIk2XCMxoXPXx-PSnSkK-RVyZq7g5ZgFU-z4_1V48MwBIzsGwxMkfKQ_btqY3uTXC6ZoSGHnQ9i01yePdV3Px0vrXPWFZrWfBRBw-sP897OEvPTtaxZLuGQps62qie2Fpj-TxOy-Tdq_n6unjh850mF8_sLdWyubwsqWw8jFQrRIz6PjzEJCoFvPcJ98IWwaJGmvFfxqUW4ju2Z5C0nWvHBUDUvixFPdSGkips6yGlrxkMpsqF3oWAdVzQiRReOFZ4BGQhMvrEAUYORDNE0o2hFV73BtG-inlWyPCzs0urmGd0HUON9o2y3Pe97yZtATmk6VnwrV9Gr1qrJlG41p9B_8u1IXQwkf2sy173AHYkEUTTySHTYmjyTPXG5UpcV2JeGCq7bjp5GiW7kXZbjOgJgxuH7RfCfVlUadXmVlQq3btxn0aOxCneYnNe2_f0Sf6hxxQUo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWeSYY0-aY9yuNMOJxdwPh6-_6AvJntKxXPXqoYaIAcCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi02MjAzODA1NDc2MjUzMDMxyAEJqQIbsUb7td6xPqgDAaoEpgJP0PSTyhi-LctfvUU-Qv4VkV6x0K44QKT69vKx3tXsNoxffv7TsF3AFQowe_8r99YyWkrwkDbZhwZCA2HVI_66REjJytApaWDnvmTw5WcSioQkqFJkVDP0cx-48vtYMgo6Ix_q_03_xsVNyoNmU5fXL88h0t2KbrX3gBsSWWGdAuYPGC4Dly3h2WrDnUOXqwy_29mt9dpZOdumTAkOsRMek9tueyn92JQxhDbrfsgzX3SddyV0nLk4DO-XBgxUcwujN1gRvR6CVqMn6xzOZlfuP6I_2Dx16O7qtHFRjw1TxrTdKTTuEbX-FtD5G_rjvF5xCP8WYNiGtlcXE1nfmOLgNneiUvMQcHMm2F8X_ZyiT8i8B_Jaxg-bJF0Xk0YDkMOR6JCFMHiABvrv4u2Tr7XwUaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_12G67vmT4A0FYOmyv9MjWLB48pWQ%26client%3Dca-pub-6203805476253031%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:34:11 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=QLOAu_Vqy9xVgcby69CBWcdnLpPUN0S_7ZhFDv4zVDhIiwiTi-2GaxtkTpNXRu4UK1ZBn0BDANCZLrAxQ7xas6SBtuo5fBz5M4uT9dEwWVDlWkE4RgI4vnHpUB1Ak3Hq_G-xfR3rDProEwvuEWdV4vUxeMuNywcvZDksNvwMRLAxz3VeGmcj2g1uvu59bv-etnyLUkWtFSeiBTOoCF3Px4MD7-N798m8zxclywVx0oLBV65Dot57bgjdGj34qHaJ4yE0HQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 69630583
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=639a4f63703225f3e487e4d7a2338b05
37.157.3.20302 Found 497 B URL HTTP/2 a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=639a4f63703225f3e487e4d7a2338b05
IP 37.157.3.20:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (425), with CRLF line terminators
Hash 3fca81e219d6cffd73150006653102b8
4082367428c170de4183c4af21ac4f203753b4b7
2c9cf46bcf162e4734ba11f5dd3183988c5b5edb04e0a23aeaa59497b8c926cc
GET /adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=639a4f63703225f3e487e4d7a2338b05 HTTP/1.1
Host: a1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 14 Dec 2022 22:34:12 GMT
content-type: text/html; charset=utf-8
location: https://mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=56879&adfrmid=0
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=LJh75iPcXEEotVk8xXoJnxpbKa8XjhpDI85Ai8GUxCJ5UDAYwOBavM4kmNf2eBK1XqbmecRQWY8FgE72339zgwYlg_oCE5PVxi79uhqODmAzLuPjPyL78S2LxMVi3s_wYMxEDAxj0z9C_3DpzwcFgy4M4t-OFF_rAPj-F19ToNRuICo4dkHJAOq8C6erfpF9D8xs7RTeL9h3mDQSsYUwAcBOv7JuSn71wBf4_Hl-IQAl0z55i-2sRxSKNOqhBSEoYwyZCFZV5jj7_qePYA6woYvJkD0Q5xuYAlOYYPhmyqZZj_dZzaVOpquiZzPi-kAUV-huxJrn4RsQUJtPvEJyNJV-aJjdgNKiVdg5uolfDxpf-iKZEvulpg4NxWZwglyh51aPBcZHDn2B8SEqEVAUyOIic7Rg9zpZwwbJO3QzL-C4Ma6S
178.250.2.148200 OK 43 B URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=LJh75iPcXEEotVk8xXoJnxpbKa8XjhpDI85Ai8GUxCJ5UDAYwOBavM4kmNf2eBK1XqbmecRQWY8FgE72339zgwYlg_oCE5PVxi79uhqODmAzLuPjPyL78S2LxMVi3s_wYMxEDAxj0z9C_3DpzwcFgy4M4t-OFF_rAPj-F19ToNRuICo4dkHJAOq8C6erfpF9D8xs7RTeL9h3mDQSsYUwAcBOv7JuSn71wBf4_Hl-IQAl0z55i-2sRxSKNOqhBSEoYwyZCFZV5jj7_qePYA6woYvJkD0Q5xuYAlOYYPhmyqZZj_dZzaVOpquiZzPi-kAUV-huxJrn4RsQUJtPvEJyNJV-aJjdgNKiVdg5uolfDxpf-iKZEvulpg4NxWZwglyh51aPBcZHDn2B8SEqEVAUyOIic7Rg9zpZwwbJO3QzL-C4Ma6S
IP 178.250.2.148:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /delivery/lg.php?cppv=3&cpp=LJh75iPcXEEotVk8xXoJnxpbKa8XjhpDI85Ai8GUxCJ5UDAYwOBavM4kmNf2eBK1XqbmecRQWY8FgE72339zgwYlg_oCE5PVxi79uhqODmAzLuPjPyL78S2LxMVi3s_wYMxEDAxj0z9C_3DpzwcFgy4M4t-OFF_rAPj-F19ToNRuICo4dkHJAOq8C6erfpF9D8xs7RTeL9h3mDQSsYUwAcBOv7JuSn71wBf4_Hl-IQAl0z55i-2sRxSKNOqhBSEoYwyZCFZV5jj7_qePYA6woYvJkD0Q5xuYAlOYYPhmyqZZj_dZzaVOpquiZzPi-kAUV-huxJrn4RsQUJtPvEJyNJV-aJjdgNKiVdg5uolfDxpf-iKZEvulpg4NxWZwglyh51aPBcZHDn2B8SEqEVAUyOIic7Rg9zpZwwbJO3QzL-C4Ma6S HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:34:13 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1751899
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=11051&adfrmid=0
109.232.197.110200 OK 43 B URL HTTP/1.1 mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=11051&adfrmid=0
IP 109.232.197.110:0
ASN #50234 Eulerian Technologies S.a.s.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 718e8bd317b47c1018a861f423615c1c
874d28c9586324d5d16558065197cea533f10b67
11e3a37194c2691ff2eb5c2237cb14a9269c30e844dc48047f9324391477f11f
GET /dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=11051&adfrmid=0 HTTP/1.1
Host: mml1.melia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.eu.criteo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 22:34:13 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 43
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Content-Type: image/gif
Set-Cookie: etuix=t0kF.6lbGJHUoCUQMVc.12.1VBxusywcXQlMDDj2GzYgSvxc8x.SjA--; expires=Thu, 11 Jan 2024 22:34:13 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
et0=aVtCTERVYCCaBwlkCrNAupEtUcYWxX2S4I5DiGXDRNZshD1ptSEBhT_X7hlTRY3.Bn5bOb3QJmkXxQVCy1A7CLsD1eeSF_NuxtQ92cEECFwXuGIcbKg1_7CbBXj0Mv1NMiM-; expires=Thu, 11 Jan 2024 22:34:13 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
et=1; expires=Thu, 11 Jan 2024 22:34:13 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kM71FLOzWXjYBJ2DYgICAAAAOvOUGwXnypYQY0-aY6mrPMTK-2jk15ZZABIAAA&wp=Y5pPYwAF110KsoaWAAnmnAWhwcXfs5PYTWMDeQ
178.250.2.129200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kM71FLOzWXjYBJ2DYgICAAAAOvOUGwXnypYQY0-aY6mrPMTK-2jk15ZZABIAAA&wp=Y5pPYwAF110KsoaWAAnmnAWhwcXfs5PYTWMDeQ
IP 178.250.2.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kM71FLOzWXjYBJ2DYgICAAAAOvOUGwXnypYQY0-aY6mrPMTK-2jk15ZZABIAAA&wp=Y5pPYwAF110KsoaWAAnmnAWhwcXfs5PYTWMDeQ HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server-processing-duration-in-ticks: 250996
date: Wed, 14 Dec 2022 22:34:13 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=2lTas_Vqy9xVgcbyjN9TUHLy69Ye6s12bp2-Sk9FPOMEs1A1su6a4dXDBdFBidnxjegg9XDAnaiMXc1cbmQvfPFxXgkUdYrZWpr5kC6OptzNGMBvazUR4wGEmeLEvejOVbPliie3BWvPdUg-wC-4JvE3_I5HRpkOsYLYu0ryyNzMzPCqpZzyob-CvBEOpE6R4TRh_4AY_gagNQuwUi35h9OhAF8XIc5YX-A_r50t75LHgVAjsDuQK4jKF64PyLbrVAenqg&sds=2&rev=83933&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=2lTas_Vqy9xVgcbyjN9TUHLy69Ye6s12bp2-Sk9FPOMEs1A1su6a4dXDBdFBidnxjegg9XDAnaiMXc1cbmQvfPFxXgkUdYrZWpr5kC6OptzNGMBvazUR4wGEmeLEvejOVbPliie3BWvPdUg-wC-4JvE3_I5HRpkOsYLYu0ryyNzMzPCqpZzyob-CvBEOpE6R4TRh_4AY_gagNQuwUi35h9OhAF8XIc5YX-A_r50t75LHgVAjsDuQK4jKF64PyLbrVAenqg&sds=2&rev=83933&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=2lTas_Vqy9xVgcbyjN9TUHLy69Ye6s12bp2-Sk9FPOMEs1A1su6a4dXDBdFBidnxjegg9XDAnaiMXc1cbmQvfPFxXgkUdYrZWpr5kC6OptzNGMBvazUR4wGEmeLEvejOVbPliie3BWvPdUg-wC-4JvE3_I5HRpkOsYLYu0ryyNzMzPCqpZzyob-CvBEOpE6R4TRh_4AY_gagNQuwUi35h9OhAF8XIc5YX-A_r50t75LHgVAjsDuQK4jKF64PyLbrVAenqg&sds=2&rev=83933&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 36
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:34:13 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=110&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=236&s=Vhm3gn3g3EBYIxL2i515_GDp
178.250.2.135200 OK 2.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=110&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=236&s=Vhm3gn3g3EBYIxL2i515_GDp
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 236x89, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d87cdb4eda717111802d9aa1b5e195d4
cb341d80253d5ba7c698bdd35aa8f6f2df770656
3e0963a9ddd575e4f6e28877bc5c142de022322d00a11057ccd423ddbb0b06a4
GET /img/img?h=110&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=236&s=Vhm3gn3g3EBYIxL2i515_GDp HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29932231
expires: Sun, 26 Nov 2023 09:04:45 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 2708
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F6b2cbc591def47e4ac7422e5a028f464_800x1200_no.png&v=3&w=1200&s=4kwCGWtG0VgF6qhrkPkkj59l
178.250.2.135200 OK 84 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F6b2cbc591def47e4ac7422e5a028f464_800x1200_no.png&v=3&w=1200&s=4kwCGWtG0VgF6qhrkPkkj59l
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash babac81dc2e4da2b8343e7d76bbbb357
c89b8eaf661b9220a82f950997eaaa899dd69ea2
5ba6a375ea3c3582d4aa716da8602fb2551bc8b2dcbfc1b8f5913f49f9466e70
GET /img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F6b2cbc591def47e4ac7422e5a028f464_800x1200_no.png&v=3&w=1200&s=4kwCGWtG0VgF6qhrkPkkj59l HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29932232
expires: Sun, 26 Nov 2023 09:04:46 GMT
date: Wed, 14 Dec 2022 22:34:13 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 84090
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=FS9lWPVqy9xVgcbyFr6EDoSVJ2Epz_SNPC9Kb3Dl2uD1NpZmQc0wCj9pwNEosb6tC-P1YntO3OGMgyKdWPUScprW2eDHNZVF5CAnqyBp41oTzDvEEbNjrpWzuPmg9eAD9KRybErm4K2QQ_IMOZi6Wkx_iz2arpxqcszLU1eEM_TSfGMAGXCeDzwUY_0xTjP8_5vJ0JPyB-Tei4gpBmKz-sMcqN_GxgYEimjZ35awrAo0Hfmh45zR1SnEj3Kol3qjEKRE0g&sds=2&rev=83933&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=FS9lWPVqy9xVgcbyFr6EDoSVJ2Epz_SNPC9Kb3Dl2uD1NpZmQc0wCj9pwNEosb6tC-P1YntO3OGMgyKdWPUScprW2eDHNZVF5CAnqyBp41oTzDvEEbNjrpWzuPmg9eAD9KRybErm4K2QQ_IMOZi6Wkx_iz2arpxqcszLU1eEM_TSfGMAGXCeDzwUY_0xTjP8_5vJ0JPyB-Tei4gpBmKz-sMcqN_GxgYEimjZ35awrAo0Hfmh45zR1SnEj3Kol3qjEKRE0g&sds=2&rev=83933&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=FS9lWPVqy9xVgcbyFr6EDoSVJ2Epz_SNPC9Kb3Dl2uD1NpZmQc0wCj9pwNEosb6tC-P1YntO3OGMgyKdWPUScprW2eDHNZVF5CAnqyBp41oTzDvEEbNjrpWzuPmg9eAD9KRybErm4K2QQ_IMOZi6Wkx_iz2arpxqcszLU1eEM_TSfGMAGXCeDzwUY_0xTjP8_5vJ0JPyB-Tei4gpBmKz-sMcqN_GxgYEimjZ35awrAo0Hfmh45zR1SnEj3Kol3qjEKRE0g&sds=2&rev=83933&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 36
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:34:13 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=639a4f64cc4c7e784623baa4ffde8489
37.157.3.20302 Found 8.9 kB URL HTTP/2 a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=639a4f64cc4c7e784623baa4ffde8489
IP 37.157.3.20:0
Hash b93fd74e8a9989ab31ea674c8c82763b
c497b09304e3fc9361906de16d39f6da36ed60c8
2d243e4cc50f40f566c0807d1ef8f5dca53a26fb7503b10eedca8e5f2ad6bc7d
GET /adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=639a4f64cc4c7e784623baa4ffde8489 HTTP/1.1
Host: a1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 14 Dec 2022 22:34:13 GMT
content-type: text/html; charset=utf-8
location: https://mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=7472&adfrmid=0
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
static.criteo.net/design/googlefont/opensans/opensans-700.css
178.250.0.130200 OK 2.9 kB URL HTTP/2 static.criteo.net/design/googlefont/opensans/opensans-700.css
IP 178.250.0.130:0
Hash eeabcce194af4e480aaa159c069edcbe
9edcc9e9ae484d7a6741bf5ceb31c9d5b9275886
d74b84ffc3430b0ddd6751cc796fd8895f8fd3c5c07b2f4976c9dde424740631
GET /design/googlefont/opensans/opensans-700.css HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:34:13 GMT
content-type: text/css
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
etag: W/"6391f079-9fe"
expires: Sat, 09 Dec 2023 22:34:13 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139200-2.jpg%3Fcb%3Df4bbfffcc691f0d09fed11ab574d2c15&v=3&w=400&s=4WZxUSFQRS2v6inBoec-sxdj&b=400
178.250.2.135200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139200-2.jpg%3Fcb%3Df4bbfffcc691f0d09fed11ab574d2c15&v=3&w=400&s=4WZxUSFQRS2v6inBoec-sxdj&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x358, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b4a8b65dd45b5caaf05d7af1a012c211
2d76450cb9247fc5eb904e3d6db3c051c26226ae
bdeedcf8ba166914065e069ca9514b3020cfe22d1239cb8ec86495c301108540
GET /img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139200-2.jpg%3Fcb%3Df4bbfffcc691f0d09fed11ab574d2c15&v=3&w=400&s=4WZxUSFQRS2v6inBoec-sxdj&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29492646
expires: Tue, 21 Nov 2023 06:58:20 GMT
date: Wed, 14 Dec 2022 22:34:13 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10926
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F3%2F234387-0.jpg%3Fcb%3D6bf667bf7917fa61c271d8092666b86e&v=3&w=400&s=ddmDZRpkYCLSFvUc-mbKfdeH&b=400
178.250.2.135200 OK 3.2 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F3%2F234387-0.jpg%3Fcb%3D6bf667bf7917fa61c271d8092666b86e&v=3&w=400&s=ddmDZRpkYCLSFvUc-mbKfdeH&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 131x243, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5151d37b5e6f4e57ca8d2fb146863cfa
6c5ddf232e0293190d766d134caf77f76a7daaa6
fe8969942e0ce5e380db5d81dcbeb9b3a29963910be8a31b02bff496cc46e1c4
GET /img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F3%2F234387-0.jpg%3Fcb%3D6bf667bf7917fa61c271d8092666b86e&v=3&w=400&s=ddmDZRpkYCLSFvUc-mbKfdeH&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31394540
expires: Wed, 13 Dec 2023 07:16:34 GMT
date: Wed, 14 Dec 2022 22:34:13 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 3236
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F7%2F178GR0032Z-0.jpg%3Fcb%3Dfc9fb5bf427d201ca99fff8b4c6f02a3&v=3&w=400&s=QNLkXZfsSvTMFHhU53rXW1-g&b=400
178.250.2.135200 OK 6.6 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F7%2F178GR0032Z-0.jpg%3Fcb%3Dfc9fb5bf427d201ca99fff8b4c6f02a3&v=3&w=400&s=QNLkXZfsSvTMFHhU53rXW1-g&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 173x238, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 318b500e2b854e1f27709570b83b517d
cc53864c3a5784fc5f24c9f50188fc258f0a1e09
04b12bdf47ca28c4b4088444584f2d40ed7209502a3217b9dce22f6e1c8ba62b
GET /img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F7%2F178GR0032Z-0.jpg%3Fcb%3Dfc9fb5bf427d201ca99fff8b4c6f02a3&v=3&w=400&s=QNLkXZfsSvTMFHhU53rXW1-g&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=28964540
expires: Wed, 15 Nov 2023 04:16:34 GMT
date: Wed, 14 Dec 2022 22:34:13 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6598
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F6%2F262637-0.jpg%3Fcb%3D28123408313b39d8b01b2f1781e382c3&v=3&w=400&s=7tOv-LVeQ3oUTPfMmWmJkPN-&b=400
178.250.2.135200 OK 3.8 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F6%2F262637-0.jpg%3Fcb%3D28123408313b39d8b01b2f1781e382c3&v=3&w=400&s=7tOv-LVeQ3oUTPfMmWmJkPN-&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 165x226, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a5e8705cf73122dd357724c91da88ad1
a3004534abac7989e38f75bb527d786243c7b0bd
752185d2d94ca2bdd3340ced64fb3ced1eb35449eeb28c7b99028cf1e8e4cd0c
GET /img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F6%2F262637-0.jpg%3Fcb%3D28123408313b39d8b01b2f1781e382c3&v=3&w=400&s=7tOv-LVeQ3oUTPfMmWmJkPN-&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31315378
expires: Tue, 12 Dec 2023 09:17:12 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 3794
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=7472&adfrmid=0
109.232.197.33302 Found 0 B URL HTTP/1.1 mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=7472&adfrmid=0
IP 109.232.197.33:0
ASN #50234 Eulerian Technologies S.a.s.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=7472&adfrmid=0 HTTP/1.1
Host: mm.melia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.eu.criteo.com/
Connection: keep-alive
Cookie: etuix=t0kF.6lbGJHUoCUQMVc.12.1VBxusywcXQlMDDj2GzYgSvxc8x.SjA--; et0=aVtCTERVYCCaBwlkCrNAupEtUcYWxX2S4I5DiGXDRNZshD1ptSEBhT_X7hlTRY3.Bn5bOb3QJmkXxQVCy1A7CLsD1eeSF_NuxtQ92cEECFwXuGIcbKg1_7CbBXj0Mv1NMiM-; et=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Wed, 14 Dec 2022 22:34:13 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 0
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Location: https://mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=7472&adfrmid=0
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F5%2F6526-0_-_kopi_1.jpg%3Fcb%3D58aae347a85cd23c4c48abbeae1ab1e4&v=3&w=400&s=icVfeAp8Ri3Yb6fRKWkIzWs6&b=400
178.250.2.135200 OK 6.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F5%2F6526-0_-_kopi_1.jpg%3Fcb%3D58aae347a85cd23c4c48abbeae1ab1e4&v=3&w=400&s=icVfeAp8Ri3Yb6fRKWkIzWs6&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 250x241, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2ae03c478621bd687efbfec1ff9ea19f
bb156640c2fe3f1cac6a67972ebb210a12755a69
5e9ae2ab38a84cb5f901d1671fa4b5ea463cd0322e045908a5909027f3946b74
GET /img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F5%2F6526-0_-_kopi_1.jpg%3Fcb%3D58aae347a85cd23c4c48abbeae1ab1e4&v=3&w=400&s=icVfeAp8Ri3Yb6fRKWkIzWs6&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30090272
expires: Tue, 28 Nov 2023 04:58:46 GMT
date: Wed, 14 Dec 2022 22:34:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6536
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2
178.250.0.130200 OK 17 kB URL HTTP/2 static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2
IP 178.250.0.130:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /design/googlefont/opensans/opensans-400-latin.woff2 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://static.criteo.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:34:13 GMT
content-type: text/plain; charset=UTF-8
content-length: 16740
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
etag: "6391f077-4164"
expires: Sat, 09 Dec 2023 22:34:13 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/googlefont/opensans/opensans-700-latin.woff2
178.250.0.130200 OK 16 kB URL HTTP/2 static.criteo.net/design/googlefont/opensans/opensans-700-latin.woff2
IP 178.250.0.130:0
File type Web Open Font Format (Version 2), TrueType, length 16372, version 1.0\012- data
Hash e45478d4d6f15dafda1f25d9e0fb5fa1
52cb490cd0ee4442ede034085cda9652b206f91c
d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72
GET /design/googlefont/opensans/opensans-700-latin.woff2 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://static.criteo.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:34:13 GMT
content-type: text/plain; charset=UTF-8
content-length: 16372
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
etag: "6391f079-3ff4"
expires: Sat, 09 Dec 2023 22:34:13 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=QOa5K_Vqy9xVgcbybuPItdiHQMaynuIRqIGFuEkX8GszbGWzH_1gbRM6ggrj0UE-pBcNmBexdtzhJZFvZfrImctszjgX65JxULdb5hfz5c2SGrD3wH1R2EDtzHF3xsPaR2ho-71r7ZphZULiE3WdHEcpkAOOA5wCnnX4vKIVTq04ZtPphSz5HnAQNeiTRCD4Ag5Oxp-I5wNsECjhFXY0RR1xM-0VpbQT15UrYXra1EKYj-YMwBGFDTYKDdFQNivMKUSySA&sds=2&rev=83933&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=QOa5K_Vqy9xVgcbybuPItdiHQMaynuIRqIGFuEkX8GszbGWzH_1gbRM6ggrj0UE-pBcNmBexdtzhJZFvZfrImctszjgX65JxULdb5hfz5c2SGrD3wH1R2EDtzHF3xsPaR2ho-71r7ZphZULiE3WdHEcpkAOOA5wCnnX4vKIVTq04ZtPphSz5HnAQNeiTRCD4Ag5Oxp-I5wNsECjhFXY0RR1xM-0VpbQT15UrYXra1EKYj-YMwBGFDTYKDdFQNivMKUSySA&sds=2&rev=83933&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=QOa5K_Vqy9xVgcbybuPItdiHQMaynuIRqIGFuEkX8GszbGWzH_1gbRM6ggrj0UE-pBcNmBexdtzhJZFvZfrImctszjgX65JxULdb5hfz5c2SGrD3wH1R2EDtzHF3xsPaR2ho-71r7ZphZULiE3WdHEcpkAOOA5wCnnX4vKIVTq04ZtPphSz5HnAQNeiTRCD4Ag5Oxp-I5wNsECjhFXY0RR1xM-0VpbQT15UrYXra1EKYj-YMwBGFDTYKDdFQNivMKUSySA&sds=2&rev=83933&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 36
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:34:13 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=56879&adfrmid=0
109.232.197.110200 OK 43 B URL HTTP/1.1 mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=56879&adfrmid=0
IP 109.232.197.110:0
ASN #50234 Eulerian Technologies S.a.s.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 718e8bd317b47c1018a861f423615c1c
874d28c9586324d5d16558065197cea533f10b67
11e3a37194c2691ff2eb5c2237cb14a9269c30e844dc48047f9324391477f11f
GET /dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=56879&adfrmid=0 HTTP/1.1
Host: mml1.melia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.eu.criteo.com/
Connection: keep-alive
Cookie: etuix=t0kF.6lbGJHUoCUQMVc.12.1VBxusywcXQlMDDj2GzYgSvxc8x.SjA--; et0=aVtCTERVYCCaBwlkCrNAupEtUcYWxX2S4I5DiGXDRNZshD1ptSEBhT_X7hlTRY3.Bn5bOb3QJmkXxQVCy1A7CLsD1eeSF_NuxtQ92cEECFwXuGIcbKg1_7CbBXj0Mv1NMiM-; et=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 22:34:13 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 43
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Content-Type: image/gif
Set-Cookie: et0=XZMTMJLg1HHx4RoFsLWBgQnEQ3BQDqNCM8lmRNdW7P23cvMz5ia1pz8C_r9cLaITDpZpBKSeAgEWIVmxt_1sbeWAL8vrLltBjipx12uGl6UfAItLv8_0Fa_u_kJWKrZaTBM-; expires=Thu, 11 Jan 2024 22:34:13 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
et=1; expires=Thu, 11 Jan 2024 22:34:13 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1dCvubXiwkA-cOkzQHRyFEwZHeu1Qjm1TaX_afEqD4D768HSHW3fV2FzHisNZSpiRieuzRLc7fHB4Xhl9JrVPoA_ozV95P6q9wWpSbWrX29Jvx8jbJ6h66a20FKoZwPA=w72-h72-p-k-no-nu
142.250.74.97404 Not Found 1.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1dCvubXiwkA-cOkzQHRyFEwZHeu1Qjm1TaX_afEqD4D768HSHW3fV2FzHisNZSpiRieuzRLc7fHB4Xhl9JrVPoA_ozV95P6q9wWpSbWrX29Jvx8jbJ6h66a20FKoZwPA=w72-h72-p-k-no-nu
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 230c26e622bbfdea9dc455eccaabc0e7
a0f8d5bde921db90cd8edbddf743551b0baf73fd
08b6b8108acdf1ad5c4b4c938bce2633b6743dc5d83b429a99ae092a75861962
GET /blogger_img_proxy/ANbyha1dCvubXiwkA-cOkzQHRyFEwZHeu1Qjm1TaX_afEqD4D768HSHW3fV2FzHisNZSpiRieuzRLc7fHB4Xhl9JrVPoA_ozV95P6q9wWpSbWrX29Jvx8jbJ6h66a20FKoZwPA=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodybuilding-vids.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 22:34:13 GMT
server: fife
content-length: 1731
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=7472&adfrmid=0
109.232.197.110200 OK 43 B URL HTTP/1.1 mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=7472&adfrmid=0
IP 109.232.197.110:0
ASN #50234 Eulerian Technologies S.a.s.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 718e8bd317b47c1018a861f423615c1c
874d28c9586324d5d16558065197cea533f10b67
11e3a37194c2691ff2eb5c2237cb14a9269c30e844dc48047f9324391477f11f
GET /dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=7472&adfrmid=0 HTTP/1.1
Host: mml1.melia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.eu.criteo.com/
Connection: keep-alive
Cookie: etuix=t0kF.6lbGJHUoCUQMVc.12.1VBxusywcXQlMDDj2GzYgSvxc8x.SjA--; et0=aVtCTERVYCCaBwlkCrNAupEtUcYWxX2S4I5DiGXDRNZshD1ptSEBhT_X7hlTRY3.Bn5bOb3QJmkXxQVCy1A7CLsD1eeSF_NuxtQ92cEECFwXuGIcbKg1_7CbBXj0Mv1NMiM-; et=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 22:34:13 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 43
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Content-Type: image/gif
Set-Cookie: et0=VFAXoLssDf4QkW_q1WCqAMsgIfn_m.L6G9QxQE2mltlJ7EbThj2jxeF_4ul6uXMN8ClFG9wj021xupYig_E5A4sCsdMgqI0sOOQkEt4hpzYnDQy4mQPLUhSp_.DCYHslqdQ-; expires=Thu, 11 Jan 2024 22:34:13 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
et=1; expires=Thu, 11 Jan 2024 22:34:13 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPenErOzWXjYBJ2DYgICAAAAOvOUGwXnypYQYk-aYzzhuboJQEaV4z8mABIAAA&wp=Y5pPYwAF11wKsoaWAAnmnNDP3a5f-GgQjfgmBg
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPenErOzWXjYBJ2DYgICAAAAOvOUGwXnypYQYk-aYzzhuboJQEaV4z8mABIAAA&wp=Y5pPYwAF11wKsoaWAAnmnNDP3a5f-GgQjfgmBg
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kPenErOzWXjYBJ2DYgICAAAAOvOUGwXnypYQYk-aYzzhuboJQEaV4z8mABIAAA&wp=Y5pPYwAF11wKsoaWAAnmnNDP3a5f-GgQjfgmBg HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server-processing-duration-in-ticks: 240731
date: Wed, 14 Dec 2022 22:34:13 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=110&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=236&s=G_g3HFn8xcbYj0Y3U3dXSoMm
178.250.2.135200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=110&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=236&s=G_g3HFn8xcbYj0Y3U3dXSoMm
IP 178.250.2.135:0
File type PNG image data, 194 x 110, 8-bit/color RGBA, non-interlaced\012- data
Hash 9a3530145be795b1a1f3d7bcbde5b86f
1736676d197e81da9b1d80d2692caf04def8d328
225607fd059342c9fb4fbef3282ff57d6ce4dc048bcc65d1ee9e4bf6000f64c8
GET /img/img?h=110&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=236&s=G_g3HFn8xcbYj0Y3U3dXSoMm HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29389205
expires: Mon, 20 Nov 2023 02:14:20 GMT
date: Wed, 14 Dec 2022 22:34:13 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10580
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A9089811e-efd9-4586-b167-a0f0cfbf33ec%2FSOL_Timor_1SQUARE_800X800.jpg&v=3&w=800&s=b4vK_zqW3LDRyIL5bsFD6Kge&b=400
178.250.2.135200 OK 35 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A9089811e-efd9-4586-b167-a0f0cfbf33ec%2FSOL_Timor_1SQUARE_800X800.jpg&v=3&w=800&s=b4vK_zqW3LDRyIL5bsFD6Kge&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 86b7c619c6bf697b02082b3303bb6489
d2aa00f28020d79da35949f68527277f40463274
17c55967d29c967b9fbb9873eccb0662da5f1991e8e134fc48bb9098caa1c443
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A9089811e-efd9-4586-b167-a0f0cfbf33ec%2FSOL_Timor_1SQUARE_800X800.jpg&v=3&w=800&s=b4vK_zqW3LDRyIL5bsFD6Kge&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2422
expires: Wed, 14 Dec 2022 23:14:36 GMT
date: Wed, 14 Dec 2022 22:34:13 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 34994
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/dt/93075/221201/20b68189c7e74c968a05593ea7e17d03_cpn_120x600_1.jpeg
178.250.0.130200 OK 97 kB URL HTTP/2 static.criteo.net/design/dt/93075/221201/20b68189c7e74c968a05593ea7e17d03_cpn_120x600_1.jpeg
IP 178.250.0.130:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x600, components 3\012- data
Hash 5fb46ff41d2d343b2b8797d59bfed6a1
52f6ea70a84e3fdfd69008b47bf66bfc12c63a58
e7219a4cedaa28516627068e413df1353bfa7591184cce72982e7ca4b7dd8406
GET /design/dt/93075/221201/20b68189c7e74c968a05593ea7e17d03_cpn_120x600_1.jpeg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:34:14 GMT
content-type: image/jpeg
content-length: 97447
last-modified: Thu, 01 Dec 2022 23:01:49 GMT
etag: "6389325d-17ca7"
expires: Sat, 09 Dec 2023 22:34:14 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=QLOAu_Vqy9xVgcby69CBWcdnLpPUN0S_7ZhFDv4zVDhIiwiTi-2GaxtkTpNXRu4UK1ZBn0BDANCZLrAxQ7xas6SBtuo5fBz5M4uT9dEwWVDlWkE4RgI4vnHpUB1Ak3Hq_G-xfR3rDProEwvuEWdV4vUxeMuNywcvZDksNvwMRLAxz3VeGmcj2g1uvu59bv-etnyLUkWtFSeiBTOoCF3Px4MD7-N798m8zxclywVx0oLBV65Dot57bgjdGj34qHaJ4yE0HQ&sds=2&rev=83933&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=QLOAu_Vqy9xVgcby69CBWcdnLpPUN0S_7ZhFDv4zVDhIiwiTi-2GaxtkTpNXRu4UK1ZBn0BDANCZLrAxQ7xas6SBtuo5fBz5M4uT9dEwWVDlWkE4RgI4vnHpUB1Ak3Hq_G-xfR3rDProEwvuEWdV4vUxeMuNywcvZDksNvwMRLAxz3VeGmcj2g1uvu59bv-etnyLUkWtFSeiBTOoCF3Px4MD7-N798m8zxclywVx0oLBV65Dot57bgjdGj34qHaJ4yE0HQ&sds=2&rev=83933&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=QLOAu_Vqy9xVgcby69CBWcdnLpPUN0S_7ZhFDv4zVDhIiwiTi-2GaxtkTpNXRu4UK1ZBn0BDANCZLrAxQ7xas6SBtuo5fBz5M4uT9dEwWVDlWkE4RgI4vnHpUB1Ak3Hq_G-xfR3rDProEwvuEWdV4vUxeMuNywcvZDksNvwMRLAxz3VeGmcj2g1uvu59bv-etnyLUkWtFSeiBTOoCF3Px4MD7-N798m8zxclywVx0oLBV65Dot57bgjdGj34qHaJ4yE0HQ&sds=2&rev=83933&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 36
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:34:14 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=K9o3EfVqy9xVgcbys5JyUct0AeNFDxzTHY_uoNZX0hkwbgFMAoa3U5BXrALEP9ELp4eqL-9IFHFPxBDiur218xKvU4FeMfhkhGIOjN0JaXsBtjEoO-xzeTek5NxtoVKo4UXRneQSM-Ugc_kYo9wzkVHjWcQ9ZerqhJJaPHPOGGQ6XcFJJuj88fJiU4NkuDYsSP78DIes3I-SfQwNJFGVWuvxoopB5FmNsxqTYX4KJ1ajrDTKHFyj9SVjMJGi4ZIrFZQKTg&sds=2&rev=83933&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=K9o3EfVqy9xVgcbys5JyUct0AeNFDxzTHY_uoNZX0hkwbgFMAoa3U5BXrALEP9ELp4eqL-9IFHFPxBDiur218xKvU4FeMfhkhGIOjN0JaXsBtjEoO-xzeTek5NxtoVKo4UXRneQSM-Ugc_kYo9wzkVHjWcQ9ZerqhJJaPHPOGGQ6XcFJJuj88fJiU4NkuDYsSP78DIes3I-SfQwNJFGVWuvxoopB5FmNsxqTYX4KJ1ajrDTKHFyj9SVjMJGi4ZIrFZQKTg&sds=2&rev=83933&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=K9o3EfVqy9xVgcbys5JyUct0AeNFDxzTHY_uoNZX0hkwbgFMAoa3U5BXrALEP9ELp4eqL-9IFHFPxBDiur218xKvU4FeMfhkhGIOjN0JaXsBtjEoO-xzeTek5NxtoVKo4UXRneQSM-Ugc_kYo9wzkVHjWcQ9ZerqhJJaPHPOGGQ6XcFJJuj88fJiU4NkuDYsSP78DIes3I-SfQwNJFGVWuvxoopB5FmNsxqTYX4KJ1ajrDTKHFyj9SVjMJGi4ZIrFZQKTg&sds=2&rev=83933&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:34:13 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=QOa5K_Vqy9xVgcbybuPItdiHQMaynuIRqIGFuEkX8GszbGWzH_1gbRM6ggrj0UE-pBcNmBexdtzhJZFvZfrImctszjgX65JxULdb5hfz5c2SGrD3wH1R2EDtzHF3xsPaR2ho-71r7ZphZULiE3WdHEcpkAOOA5wCnnX4vKIVTq04ZtPphSz5HnAQNeiTRCD4Ag5Oxp-I5wNsECjhFXY0RR1xM-0VpbQT15UrYXra1EKYj-YMwBGFDTYKDdFQNivMKUSySA&sds=2&rev=83933&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=QOa5K_Vqy9xVgcbybuPItdiHQMaynuIRqIGFuEkX8GszbGWzH_1gbRM6ggrj0UE-pBcNmBexdtzhJZFvZfrImctszjgX65JxULdb5hfz5c2SGrD3wH1R2EDtzHF3xsPaR2ho-71r7ZphZULiE3WdHEcpkAOOA5wCnnX4vKIVTq04ZtPphSz5HnAQNeiTRCD4Ag5Oxp-I5wNsECjhFXY0RR1xM-0VpbQT15UrYXra1EKYj-YMwBGFDTYKDdFQNivMKUSySA&sds=2&rev=83933&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=QOa5K_Vqy9xVgcbybuPItdiHQMaynuIRqIGFuEkX8GszbGWzH_1gbRM6ggrj0UE-pBcNmBexdtzhJZFvZfrImctszjgX65JxULdb5hfz5c2SGrD3wH1R2EDtzHF3xsPaR2ho-71r7ZphZULiE3WdHEcpkAOOA5wCnnX4vKIVTq04ZtPphSz5HnAQNeiTRCD4Ag5Oxp-I5wNsECjhFXY0RR1xM-0VpbQT15UrYXra1EKYj-YMwBGFDTYKDdFQNivMKUSySA&sds=2&rev=83933&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:34:14 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=FS9lWPVqy9xVgcbyFr6EDoSVJ2Epz_SNPC9Kb3Dl2uD1NpZmQc0wCj9pwNEosb6tC-P1YntO3OGMgyKdWPUScprW2eDHNZVF5CAnqyBp41oTzDvEEbNjrpWzuPmg9eAD9KRybErm4K2QQ_IMOZi6Wkx_iz2arpxqcszLU1eEM_TSfGMAGXCeDzwUY_0xTjP8_5vJ0JPyB-Tei4gpBmKz-sMcqN_GxgYEimjZ35awrAo0Hfmh45zR1SnEj3Kol3qjEKRE0g&sds=2&rev=83933&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=FS9lWPVqy9xVgcbyFr6EDoSVJ2Epz_SNPC9Kb3Dl2uD1NpZmQc0wCj9pwNEosb6tC-P1YntO3OGMgyKdWPUScprW2eDHNZVF5CAnqyBp41oTzDvEEbNjrpWzuPmg9eAD9KRybErm4K2QQ_IMOZi6Wkx_iz2arpxqcszLU1eEM_TSfGMAGXCeDzwUY_0xTjP8_5vJ0JPyB-Tei4gpBmKz-sMcqN_GxgYEimjZ35awrAo0Hfmh45zR1SnEj3Kol3qjEKRE0g&sds=2&rev=83933&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=FS9lWPVqy9xVgcbyFr6EDoSVJ2Epz_SNPC9Kb3Dl2uD1NpZmQc0wCj9pwNEosb6tC-P1YntO3OGMgyKdWPUScprW2eDHNZVF5CAnqyBp41oTzDvEEbNjrpWzuPmg9eAD9KRybErm4K2QQ_IMOZi6Wkx_iz2arpxqcszLU1eEM_TSfGMAGXCeDzwUY_0xTjP8_5vJ0JPyB-Tei4gpBmKz-sMcqN_GxgYEimjZ35awrAo0Hfmh45zR1SnEj3Kol3qjEKRE0g&sds=2&rev=83933&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:34:14 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=StaY8_Vqy9xVgcby0-u_EJCzfRRz42fEv3DwQbKU-nd_9WGfDf89obTSJHNn4uNVJutv0aw9xbMBstwQtDw39q3WRQlVYnQQRfMjQV5KnAh0H4s76wkpJZid-w9MJcNb_y_GAdkYiwOW9Z0FXkRgzOQea0b5PdPE4GVSXJO2HzjOUihTrpBmCUw_vgDuZFx4ykaAHEHGqHcztN1v4efSYxNvfdgIY6Vn-3bYKBVl9-lk1haudPcfHOJLrXYvh0MOez9b5iASwfkWJBUT&sds=2&rev=83933&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=StaY8_Vqy9xVgcby0-u_EJCzfRRz42fEv3DwQbKU-nd_9WGfDf89obTSJHNn4uNVJutv0aw9xbMBstwQtDw39q3WRQlVYnQQRfMjQV5KnAh0H4s76wkpJZid-w9MJcNb_y_GAdkYiwOW9Z0FXkRgzOQea0b5PdPE4GVSXJO2HzjOUihTrpBmCUw_vgDuZFx4ykaAHEHGqHcztN1v4efSYxNvfdgIY6Vn-3bYKBVl9-lk1haudPcfHOJLrXYvh0MOez9b5iASwfkWJBUT&sds=2&rev=83933&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=StaY8_Vqy9xVgcby0-u_EJCzfRRz42fEv3DwQbKU-nd_9WGfDf89obTSJHNn4uNVJutv0aw9xbMBstwQtDw39q3WRQlVYnQQRfMjQV5KnAh0H4s76wkpJZid-w9MJcNb_y_GAdkYiwOW9Z0FXkRgzOQea0b5PdPE4GVSXJO2HzjOUihTrpBmCUw_vgDuZFx4ykaAHEHGqHcztN1v4efSYxNvfdgIY6Vn-3bYKBVl9-lk1haudPcfHOJLrXYvh0MOez9b5iASwfkWJBUT&sds=2&rev=83933&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:34:15 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y5pPYwAF11wKsoaWAAnmnNDP3a5f-GgQjfgmBg&u=%7C8Ze4BNCtGfkfoPqCnOSmK4ZwD3P78B8aVY0MA4BByTY%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKUS-Kc5eB_mprX61o-0tWW9d7sO4q0PqT45buMKctV9cT2tSOXTOL0Q9U2juM4zNnr7QpjNdXQwteMIWF0vywZ1xZeSiNRYB2qb7Fse91xamw_WdfLzXrJrMtg7wX6Rljrz1ZADaMyedtklZlWYDZRK_6jlYLmuqR2BUEwS8T8ElIlPLSmZerMOtW4s8ZgL7OUGHHASM7YXxICa7v17OXS_43iswdM8T6skDptDCHJCyBZxEPZSpYv3fcUHgGzttXMcgldi5aPcA48uxr-c5fOvOzdmbMlaN6oCOk4QDbDpCqg6tz_p6p0U6RIeTGsUmI9FLN0fjCVCfefo75HwGo5a-yQBRGc3qF9W9ubzGFflcd0K0Vnej1_5YIu_z_HT7vBKhEIoWbYxHN3yykiqgGukqi3Ppx8T8QYZt4dqeoayjL3K6KuPgXjuHgEYgG8y_BHJYhk_j7Q8W7Mvg3CXmEQ96NQsInTYPfSfdE0bnozHI-RJn0lxRrvYZR13qqbtThHU1zRpWe0mup3Ln6v4fDEz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9a2BY0-aY9yuF5aNygWczaeIDsme0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNjIwMzgwNTQ3NjI1MzAzMcgBCakCG7FG-7XesT6oAwGqBKACT9DU7XhDWqoQe6ch6WvEuXzRmgRNBEvwT6XqKvkO4AK5O2bxI_LHJGSJm0NmBF7eBJ83vIVWrOCxdoEM09UJnkxu-y4Tpt_2G67zr4CEYvXucUwSRxxnu26X7DlJuDCOs_amK3bFXmXiegEJmrcQX532xZSi8TkfgyGz7Z2et0vUCIVlsIJsEU3_qIQW93uQxaAgTRWwVQ1vbMd7HsssBGNQZaT8AYGVJIPwO3xCXepFADxielheYtiT9l39WbAOtKwOmMnt4E0KozC27y-BOn36XBcIJ7JezPX76JizncKL4QIemNDpGbrJdBYcgHlGJ2epk8FZNWboqv_W9gHJSDW6O41q46VWdqp7kNC19Wsk4AQ1IXjd7dpNGaHnwxNFgAaGzeGK4c_KjtABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2xQ7rpR_5uNw-EqaaJveQHt_Etdg%26client%3Dca-pub-6203805476253031%26adurl%3D
178.250.2.65200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y5pPYwAF11wKsoaWAAnmnNDP3a5f-GgQjfgmBg&u=%7C8Ze4BNCtGfkfoPqCnOSmK4ZwD3P78B8aVY0MA4BByTY%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKUS-Kc5eB_mprX61o-0tWW9d7sO4q0PqT45buMKctV9cT2tSOXTOL0Q9U2juM4zNnr7QpjNdXQwteMIWF0vywZ1xZeSiNRYB2qb7Fse91xamw_WdfLzXrJrMtg7wX6Rljrz1ZADaMyedtklZlWYDZRK_6jlYLmuqR2BUEwS8T8ElIlPLSmZerMOtW4s8ZgL7OUGHHASM7YXxICa7v17OXS_43iswdM8T6skDptDCHJCyBZxEPZSpYv3fcUHgGzttXMcgldi5aPcA48uxr-c5fOvOzdmbMlaN6oCOk4QDbDpCqg6tz_p6p0U6RIeTGsUmI9FLN0fjCVCfefo75HwGo5a-yQBRGc3qF9W9ubzGFflcd0K0Vnej1_5YIu_z_HT7vBKhEIoWbYxHN3yykiqgGukqi3Ppx8T8QYZt4dqeoayjL3K6KuPgXjuHgEYgG8y_BHJYhk_j7Q8W7Mvg3CXmEQ96NQsInTYPfSfdE0bnozHI-RJn0lxRrvYZR13qqbtThHU1zRpWe0mup3Ln6v4fDEz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9a2BY0-aY9yuF5aNygWczaeIDsme0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNjIwMzgwNTQ3NjI1MzAzMcgBCakCG7FG-7XesT6oAwGqBKACT9DU7XhDWqoQe6ch6WvEuXzRmgRNBEvwT6XqKvkO4AK5O2bxI_LHJGSJm0NmBF7eBJ83vIVWrOCxdoEM09UJnkxu-y4Tpt_2G67zr4CEYvXucUwSRxxnu26X7DlJuDCOs_amK3bFXmXiegEJmrcQX532xZSi8TkfgyGz7Z2et0vUCIVlsIJsEU3_qIQW93uQxaAgTRWwVQ1vbMd7HsssBGNQZaT8AYGVJIPwO3xCXepFADxielheYtiT9l39WbAOtKwOmMnt4E0KozC27y-BOn36XBcIJ7JezPX76JizncKL4QIemNDpGbrJdBYcgHlGJ2epk8FZNWboqv_W9gHJSDW6O41q46VWdqp7kNC19Wsk4AQ1IXjd7dpNGaHnwxNFgAaGzeGK4c_KjtABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2xQ7rpR_5uNw-EqaaJveQHt_Etdg%26client%3Dca-pub-6203805476253031%26adurl%3D
IP 178.250.2.65:0
GET /delivery/r/afr.php?z=Y5pPYwAF11wKsoaWAAnmnNDP3a5f-GgQjfgmBg&u=%7C8Ze4BNCtGfkfoPqCnOSmK4ZwD3P78B8aVY0MA4BByTY%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKUS-Kc5eB_mprX61o-0tWW9d7sO4q0PqT45buMKctV9cT2tSOXTOL0Q9U2juM4zNnr7QpjNdXQwteMIWF0vywZ1xZeSiNRYB2qb7Fse91xamw_WdfLzXrJrMtg7wX6Rljrz1ZADaMyedtklZlWYDZRK_6jlYLmuqR2BUEwS8T8ElIlPLSmZerMOtW4s8ZgL7OUGHHASM7YXxICa7v17OXS_43iswdM8T6skDptDCHJCyBZxEPZSpYv3fcUHgGzttXMcgldi5aPcA48uxr-c5fOvOzdmbMlaN6oCOk4QDbDpCqg6tz_p6p0U6RIeTGsUmI9FLN0fjCVCfefo75HwGo5a-yQBRGc3qF9W9ubzGFflcd0K0Vnej1_5YIu_z_HT7vBKhEIoWbYxHN3yykiqgGukqi3Ppx8T8QYZt4dqeoayjL3K6KuPgXjuHgEYgG8y_BHJYhk_j7Q8W7Mvg3CXmEQ96NQsInTYPfSfdE0bnozHI-RJn0lxRrvYZR13qqbtThHU1zRpWe0mup3Ln6v4fDEz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9a2BY0-aY9yuF5aNygWczaeIDsme0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNjIwMzgwNTQ3NjI1MzAzMcgBCakCG7FG-7XesT6oAwGqBKACT9DU7XhDWqoQe6ch6WvEuXzRmgRNBEvwT6XqKvkO4AK5O2bxI_LHJGSJm0NmBF7eBJ83vIVWrOCxdoEM09UJnkxu-y4Tpt_2G67zr4CEYvXucUwSRxxnu26X7DlJuDCOs_amK3bFXmXiegEJmrcQX532xZSi8TkfgyGz7Z2et0vUCIVlsIJsEU3_qIQW93uQxaAgTRWwVQ1vbMd7HsssBGNQZaT8AYGVJIPwO3xCXepFADxielheYtiT9l39WbAOtKwOmMnt4E0KozC27y-BOn36XBcIJ7JezPX76JizncKL4QIemNDpGbrJdBYcgHlGJ2epk8FZNWboqv_W9gHJSDW6O41q46VWdqp7kNC19Wsk4AQ1IXjd7dpNGaHnwxNFgAaGzeGK4c_KjtABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2xQ7rpR_5uNw-EqaaJveQHt_Etdg%26client%3Dca-pub-6203805476253031%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:34:11 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=StaY8_Vqy9xVgcby0-u_EJCzfRRz42fEv3DwQbKU-nd_9WGfDf89obTSJHNn4uNVJutv0aw9xbMBstwQtDw39q3WRQlVYnQQRfMjQV5KnAh0H4s76wkpJZid-w9MJcNb_y_GAdkYiwOW9Z0FXkRgzOQea0b5PdPE4GVSXJO2HzjOUihTrpBmCUw_vgDuZFx4ykaAHEHGqHcztN1v4efSYxNvfdgIY6Vn-3bYKBVl9-lk1haudPcfHOJLrXYvh0MOez9b5iASwfkWJBUT"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 59778560
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
static.criteo.net/design/googlefont/montserrat/montserrat-400.css
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/design/googlefont/montserrat/montserrat-400.css
IP 178.250.0.130:0
GET /design/googlefont/montserrat/montserrat-400.css HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:34:12 GMT
content-type: text/css
last-modified: Thu, 08 Dec 2022 14:06:54 GMT
etag: W/"6391ef7e-675"
expires: Sat, 09 Dec 2023 22:34:12 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=4_x77PnTBSVdD-mFds6_mLz8BV_5iq1kQ_q6C7HP14Y0ji7cnL8jEgEJrunu5rgKuvjNydN5wAk8K-qUoSqRJ8FAbNSlgjBJ46y28REHVpK1Qyh92U3bihGv5-1NtcaGMJKyI2WN3k3Rzy3_-q4kM-331ab8WyHTrl7gqkIlJpfOS6bsGMu29ZM8McB_XRFUP2s8DQVvS0wnpA5728V-RPEh7T1XB7E2e_LFtdCaj87IR2oGiarFGZcrdEjA_-T6MFpIe9jMFpVQY5IdxPt8bUbyMBgUCqooscKYdr4RuPcFIfOpo5jKiKUEQtS66L3U3I7WOGK2whhETDG0Sp0s6jzTShbKaK1pSG6YcExUrppBJnXbgimmFeDZ1zfMtjcDboox47OGLuJuxqh9j0Qq7bxbXDW5Df9vSwLszjvKhp-biM6QjS3vflQiCKqLhCV_kLnJdQ
178.250.2.148200 OK 0 B URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=4_x77PnTBSVdD-mFds6_mLz8BV_5iq1kQ_q6C7HP14Y0ji7cnL8jEgEJrunu5rgKuvjNydN5wAk8K-qUoSqRJ8FAbNSlgjBJ46y28REHVpK1Qyh92U3bihGv5-1NtcaGMJKyI2WN3k3Rzy3_-q4kM-331ab8WyHTrl7gqkIlJpfOS6bsGMu29ZM8McB_XRFUP2s8DQVvS0wnpA5728V-RPEh7T1XB7E2e_LFtdCaj87IR2oGiarFGZcrdEjA_-T6MFpIe9jMFpVQY5IdxPt8bUbyMBgUCqooscKYdr4RuPcFIfOpo5jKiKUEQtS66L3U3I7WOGK2whhETDG0Sp0s6jzTShbKaK1pSG6YcExUrppBJnXbgimmFeDZ1zfMtjcDboox47OGLuJuxqh9j0Qq7bxbXDW5Df9vSwLszjvKhp-biM6QjS3vflQiCKqLhCV_kLnJdQ
IP 178.250.2.148:0
GET /delivery/lg.php?cppv=3&cpp=4_x77PnTBSVdD-mFds6_mLz8BV_5iq1kQ_q6C7HP14Y0ji7cnL8jEgEJrunu5rgKuvjNydN5wAk8K-qUoSqRJ8FAbNSlgjBJ46y28REHVpK1Qyh92U3bihGv5-1NtcaGMJKyI2WN3k3Rzy3_-q4kM-331ab8WyHTrl7gqkIlJpfOS6bsGMu29ZM8McB_XRFUP2s8DQVvS0wnpA5728V-RPEh7T1XB7E2e_LFtdCaj87IR2oGiarFGZcrdEjA_-T6MFpIe9jMFpVQY5IdxPt8bUbyMBgUCqooscKYdr4RuPcFIfOpo5jKiKUEQtS66L3U3I7WOGK2whhETDG0Sp0s6jzTShbKaK1pSG6YcExUrppBJnXbgimmFeDZ1zfMtjcDboox47OGLuJuxqh9j0Qq7bxbXDW5Df9vSwLszjvKhp-biM6QjS3vflQiCKqLhCV_kLnJdQ HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:34:11 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3048447
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=czUifCPcXEEotVk8xXoJnxpbKa_24lngffEILPFLUB5_9XMRNxjUG8VTG5ITdaMZz5qOQZopD4tyk3LY2CAiEnezIC9XXCTmQfSxkNxmeWBP8xqOGWpDtU8TLI_c4ezi6WLt0Li2pm8IJ7Mdm2tTib8oqy-f1Ul3Mt7DlFCCeoh53mTSsl1vGV5whDnwuOqObmdkpI9Zn6T95RJVWoQuNTLEjcy2LjgGZK_aWo6mO89mB3OgFWkQxXqWsZvqVDQZfV4ZPdJAf3WBZq27hvv8EGHrSxf2OEv_HjybJNZkkJPg-P_FVovY8S-cGsiZj2c6NOUVCzn5RSt8OtzaSZ6cYRiCc0UbKGCBpj-rYB-dXQtCW3l2YphVrqhLIrKoJQ7U0KQ0t9IDJmgXPm8LVeVgnGQDlFS2tfAmg6nhuAedwlz76MLKoMooiRJCxOyjNPQN8XPWdg
178.250.2.148200 OK 0 B URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=czUifCPcXEEotVk8xXoJnxpbKa_24lngffEILPFLUB5_9XMRNxjUG8VTG5ITdaMZz5qOQZopD4tyk3LY2CAiEnezIC9XXCTmQfSxkNxmeWBP8xqOGWpDtU8TLI_c4ezi6WLt0Li2pm8IJ7Mdm2tTib8oqy-f1Ul3Mt7DlFCCeoh53mTSsl1vGV5whDnwuOqObmdkpI9Zn6T95RJVWoQuNTLEjcy2LjgGZK_aWo6mO89mB3OgFWkQxXqWsZvqVDQZfV4ZPdJAf3WBZq27hvv8EGHrSxf2OEv_HjybJNZkkJPg-P_FVovY8S-cGsiZj2c6NOUVCzn5RSt8OtzaSZ6cYRiCc0UbKGCBpj-rYB-dXQtCW3l2YphVrqhLIrKoJQ7U0KQ0t9IDJmgXPm8LVeVgnGQDlFS2tfAmg6nhuAedwlz76MLKoMooiRJCxOyjNPQN8XPWdg
IP 178.250.2.148:0
GET /delivery/lg.php?cppv=3&cpp=czUifCPcXEEotVk8xXoJnxpbKa_24lngffEILPFLUB5_9XMRNxjUG8VTG5ITdaMZz5qOQZopD4tyk3LY2CAiEnezIC9XXCTmQfSxkNxmeWBP8xqOGWpDtU8TLI_c4ezi6WLt0Li2pm8IJ7Mdm2tTib8oqy-f1Ul3Mt7DlFCCeoh53mTSsl1vGV5whDnwuOqObmdkpI9Zn6T95RJVWoQuNTLEjcy2LjgGZK_aWo6mO89mB3OgFWkQxXqWsZvqVDQZfV4ZPdJAf3WBZq27hvv8EGHrSxf2OEv_HjybJNZkkJPg-P_FVovY8S-cGsiZj2c6NOUVCzn5RSt8OtzaSZ6cYRiCc0UbKGCBpj-rYB-dXQtCW3l2YphVrqhLIrKoJQ7U0KQ0t9IDJmgXPm8LVeVgnGQDlFS2tfAmg6nhuAedwlz76MLKoMooiRJCxOyjNPQN8XPWdg HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:34:12 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3298606
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/googlefont/lato/lato-400.css
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/design/googlefont/lato/lato-400.css
IP 178.250.0.130:0
GET /design/googlefont/lato/lato-400.css HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:34:12 GMT
content-type: text/css
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
etag: W/"6391eef5-2aa"
expires: Sat, 09 Dec 2023 22:34:12 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/criteo_logo_2021.svg
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/criteo_logo_2021.svg
IP 178.250.0.130:0
GET /flash/icon/criteo_logo_2021.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:34:12 GMT
content-type: image/svg+xml
last-modified: Thu, 27 May 2021 13:21:59 GMT
etag: W/"60af9cf7-891"
expires: Sat, 09 Dec 2023 22:34:12 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/googlefont/opensans/opensans-400.css
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/design/googlefont/opensans/opensans-400.css
IP 178.250.0.130:0
GET /design/googlefont/opensans/opensans-400.css HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:34:13 GMT
content-type: text/css
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
etag: W/"6391f077-9fe"
expires: Sat, 09 Dec 2023 22:34:13 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy.svg
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy.svg
IP 178.250.0.130:0
GET /flash/icon/privacy.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:34:12 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
etag: W/"5e4d1491-646"
expires: Sat, 09 Dec 2023 22:34:12 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/animejs/animejs.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/animejs/animejs.js
IP 178.250.0.130:0
GET /animejs/animejs.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:34:12 GMT
content-type: text/javascript
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
etag: W/"5c9a64eb-3181"
expires: Sat, 09 Dec 2023 22:34:12 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy_small.svg
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy_small.svg
IP 178.250.0.130:0
GET /flash/icon/privacy_small.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:34:12 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
etag: W/"5e42ba84-6aa"
expires: Sat, 09 Dec 2023 22:34:12 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2