r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ec47f9eed203ae063b9c210009de54a9
19ff156471b9cffbc2432c5b65543bdd18e36271
3974208ce1840f6c9467287b7e220379ed881d76db64939f411dbc500c103d48
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3974208CE1840F6C9467287B7E220379ED881D76DB64939F411DBC500C103D48"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6595
Expires: Sat, 04 Feb 2023 03:46:58 GMT
Date: Sat, 04 Feb 2023 01:57:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7988
Expires: Sat, 04 Feb 2023 04:10:11 GMT
Date: Sat, 04 Feb 2023 01:57:03 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 01:36:12 GMT
content-type: application/json
age: 1251
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8501
Expires: Sat, 04 Feb 2023 04:18:44 GMT
Date: Sat, 04 Feb 2023 01:57:03 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 3MGeKjXWoCuB/JLQrUMClMjPkw7YsMYKwB1AOHdG6QWCbKRX3SFdeoEQ8LjfIfBphZMzuvgdilI=
x-amz-request-id: SMQDSGRP4XX6R3W3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 01:52:39 GMT
age: 264
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:57:03 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
coicedegrillo.blogspot.com/2011/11/to-na-media.html
216.58.207.193200 OK 27 kB URL HTTP/1.1 coicedegrillo.blogspot.com/2011/11/to-na-media.html
IP 216.58.207.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9133)
Hash 4d59bd080185faeaf2d879d212fba9ab
453406dfe3fea35241a38dc94ae36239ba91afc8
2f91c264c1ef3fb76e90866b4b100afeefb58333d5dd78b43c65cd4621e3b1e4
Analyzer Verdict Alert fortinet Malware
NIDS Severity Alert suricata high ET EXPLOIT_KIT Double-Encoded Reverse Base64/Dean Edwards Packed JavaScript Observed in Unknown EK Feb 16 2015 b64 1 M2
GET /2011/11/to-na-media.html HTTP/1.1
Host: coicedegrillo.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Sat, 04 Feb 2023 01:57:03 GMT
Date: Sat, 04 Feb 2023 01:57:03 GMT
Cache-Control: private, max-age=0
Last-Modified: Wed, 17 Aug 2022 09:58:46 GMT
ETag: W/"6b889d0b07d34ea35d01603c427b369c607017b2897cd02ae88640f88d9694c3"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 26929
Server: GSE
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
104.18.10.207200 OK 4.7 kB URL HTTP/1.1 netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
IP 104.18.10.207:0
File type troff or preprocessor input, ASCII text, with very long lines (305)
Hash 09f17df615d193a0409fda81f54f582a
abd1f7828d7c6dc772e81d10847e06e69bfe790e
c27d9ba94138c2aa687443778b5729cc2fc446b368feccd9ac512ceaabc7e4d7
GET /font-awesome/4.0.3/css/font-awesome.css HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:57:04 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CDN-PullZone: 252412
CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
CDN-RequestCountryCode: DE
CDN-EdgeStorageId: 601, 617, 617
Last-Modified: Mon, 25 Jan 2021 22:04:53 GMT
CDN-CachedAt: 2021-08-03 04:14:00
CDN-RequestPullSuccess: True
CDN-RequestPullCode: 200
Cache-Control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
CDN-RequestId: 6358afe6e12aefed963ad27f3935d6d1
Content-Encoding: gzip
CDN-Status: 200
CDN-Cache: HIT
CF-Cache-Status: HIT
Age: 20922510
Server: cloudflare
CF-RAY: 793fcb1d0f6bb52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
142.250.74.10200 OK 33 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
IP 142.250.74.10:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 18351732b1849ba758e98884e186b3c8
d735af8661eda41ff4ffbf76e6a284a0e2deb81c
bfac625d304d52e04f2caeb19266354749929c888ca09d3d1e3edcbb8770d0f0
GET /ajax/libs/jquery/1.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33333
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 01 Feb 2023 14:03:42 GMT
Expires: Thu, 01 Feb 2024 14:03:42 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 215602
ajax.googleapis.com/ajax/libs/jquery/1.7/jquery.min.js
142.250.74.10200 OK 34 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.7/jquery.min.js
IP 142.250.74.10:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33845
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 02 Feb 2023 12:00:48 GMT
Expires: Fri, 02 Feb 2024 12:00:48 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 136576
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
fonts.googleapis.com/css?family=Rokkitt:700
142.250.74.138200 OK 404 B URL HTTP/1.1 fonts.googleapis.com/css?family=Rokkitt:700
IP 142.250.74.138:0
Hash 71012e3f9417dc5bd58157ec66b03114
e57d58355d0066b7d190df18d5c91a87b678ec88
e6a00a9f655dca3d667e29ef89ba55b1e77a7b1afd9dd3a5d61ac1460fde736b
GET /css?family=Rokkitt:700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 04 Feb 2023 01:57:04 GMT
Date: Sat, 04 Feb 2023 01:57:04 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Open+Sans:400,700|Signika:600
142.250.74.138200 OK 722 B URL HTTP/1.1 fonts.googleapis.com/css?family=Open+Sans:400,700|Signika:600
IP 142.250.74.138:0
Hash 161557bd34da55b2610ffd6e93d5f060
081fdca93b4f7e3e06b6625f307db664b669fcab
f3bb12b43721c3eb7c52e5abc8710da1bd7f279c1d61ea577b3b094223466a28
GET /css?family=Open+Sans:400,700|Signika:600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 04 Feb 2023 01:57:04 GMT
Date: Sat, 04 Feb 2023 01:57:04 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
coicedegrillo.blogspot.com/js/cookienotice.js
216.58.207.193200 OK 2.0 kB URL HTTP/1.1 coicedegrillo.blogspot.com/js/cookienotice.js
IP 216.58.207.193:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: coicedegrillo.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/2011/11/to-na-media.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Sat, 04 Feb 2023 01:57:04 GMT
Expires: Sat, 11 Feb 2023 01:57:04 GMT
Cache-Control: public, max-age=604800
Last-Modified: Sat, 04 Feb 2023 00:53:11 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
pagead2.googlesyndication.com/pagead/show_ads.js
142.250.74.98200 OK 37 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/show_ads.js
IP 142.250.74.98:0
File type ASCII text, with very long lines (4130)
Hash c425e80e39c062d9d63a0f4ec90f0ace
5c5b071e0c8965eee2d01b8cc58b96a15fa4d741
475a727cd9ba99bffe8787e09f216482e248fc57fc4e048bf29f5ffb7319002f
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Sat, 04 Feb 2023 01:57:04 GMT
Expires: Sat, 04 Feb 2023 01:57:04 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 4670938441422903140
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 36770
X-XSS-Protection: 0
connect.facebook.net/en_US/all.js
157.240.205.11301 Moved Permanently 0 B URL HTTP/1.1 connect.facebook.net/en_US/all.js
IP 157.240.205.11:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
HTTP/1.1 301 Moved Permanently
Location: https://connect.facebook.net/en_US/all.js
Content-Type: text/plain
Server: proxygen-bolt
Date: Sat, 04 Feb 2023 01:57:04 GMT
Connection: keep-alive
Content-Length: 0
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash f73b25b85b47513c518f27e63d9a3938
9d71acd2fc1875bac9399e56b6508f4d5cd31a35
fc6073a0b633a99bc296ceb5afc65e32e77cbe1875cbc2ab22ba4a7869853f56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash f32763d17ee930a84421656330650bd1
688473a7c570a6e84406eef1927df94bfccd1870
33f1a840a87b8ef5136065f9be370aa640573ab68d82e8a822d48bbd2eb837c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash f73b25b85b47513c518f27e63d9a3938
9d71acd2fc1875bac9399e56b6508f4d5cd31a35
fc6073a0b633a99bc296ceb5afc65e32e77cbe1875cbc2ab22ba4a7869853f56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
216.58.207.233200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 03:28:44 GMT
expires: Fri, 02 Feb 2024 03:28:44 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Feb 2023 15:52:00 GMT
content-type: text/css
age: 167300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/_WyzakpYTKPw/TP0tr-EXDoI/AAAAAAAAALg/SGlh-Huw-L4/w72-h72-p-k-no-nu/padaria_corinthiana1-300x225.jpg
142.250.74.161200 OK 3.7 kB URL HTTP/1.1 2.bp.blogspot.com/_WyzakpYTKPw/TP0tr-EXDoI/AAAAAAAAALg/SGlh-Huw-L4/w72-h72-p-k-no-nu/padaria_corinthiana1-300x225.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 09c78f2d32409ad886dc9ad96710d46d
9ec436e52091f72b5bcb0bd3f73e84a986733085
92476bd133c211932c71d5be1e95d0a8cb3d9b7dd94e4ca2e03b915dc8a4a3e6
GET /_WyzakpYTKPw/TP0tr-EXDoI/AAAAAAAAALg/SGlh-Huw-L4/w72-h72-p-k-no-nu/padaria_corinthiana1-300x225.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="padaria_corinthiana1-300x225.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3677
X-XSS-Protection: 0
Date: Sat, 04 Feb 2023 01:57:04 GMT
Expires: Sat, 04 Feb 2023 21:03:49 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "vb8"
Content-Type: image/jpeg
Age: 0
4.bp.blogspot.com/_waHevVN6bGg/SSsuNk5ch1I/AAAAAAAAAJg/RASjDg2pKR0/w72-h72-p-k-no-nu/bancoantigordo.jpg
142.250.74.161403 Forbidden 1.3 kB URL HTTP/1.1 4.bp.blogspot.com/_waHevVN6bGg/SSsuNk5ch1I/AAAAAAAAAJg/RASjDg2pKR0/w72-h72-p-k-no-nu/bancoantigordo.jpg
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit colormap, non-interlaced\012- data
Hash 0f634f81c05aca060211ba72321dd511
f64d5fde0da51ef5406371c4e28280f5230b9dd9
4bd17705d581caf17fab7a892cb5f81368e9c40ffc267af48cd5c24eac8bbd63
GET /_waHevVN6bGg/SSsuNk5ch1I/AAAAAAAAAJg/RASjDg2pKR0/w72-h72-p-k-no-nu/bancoantigordo.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
HTTP/1.1 403 Forbidden
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Sat, 04 Feb 2023 01:57:04 GMT
Server: fife
Content-Length: 1288
X-XSS-Protection: 0
lh3.googleusercontent.com/blogger_img_proxy/AHs97-mj9fx4BDOhIRAwJcR0jI3hPUWwei7t_K1U-mUUzvvg0aTo5uf9-2QRb4Kud6dH2cDjqY_xGt_yvFSEbqo3msOJfjg-UAGtkmQPyKah3KcHyZQ1pg=w72-h72-n-k-no-nu
142.250.74.97200 OK 2.9 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-mj9fx4BDOhIRAwJcR0jI3hPUWwei7t_K1U-mUUzvvg0aTo5uf9-2QRb4Kud6dH2cDjqY_xGt_yvFSEbqo3msOJfjg-UAGtkmQPyKah3KcHyZQ1pg=w72-h72-n-k-no-nu
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash d3dcf24981c0c363ef9ed824000ffe05
632105ef32e30f97859d4f7999e895dd288681ce
96e216b98c4aff331abb1f81b70e1a1f087de42d82cf8063b318fa0fc2ae5bba
GET /blogger_img_proxy/AHs97-mj9fx4BDOhIRAwJcR0jI3hPUWwei7t_K1U-mUUzvvg0aTo5uf9-2QRb4Kud6dH2cDjqY_xGt_yvFSEbqo3msOJfjg-UAGtkmQPyKah3KcHyZQ1pg=w72-h72-n-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Sun, 05 Feb 2023 01:57:04 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 04 Feb 2023 01:57:04 GMT
server: fife
content-length: 2910
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/1149436903-widgets.js
216.58.207.233200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1149436903-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash b78721b4cce75b522d9ec0d1fae9e007
4ceaa4752e3e81867193004fe928875abc0af5ce
e85f67824ac9f31deedecf0b1d58878b6b3993bad9f2b48e8312928154012f06
GET /static/v1/widgets/1149436903-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 02:15:05 GMT
expires: Thu, 01 Feb 2024 02:15:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 23:23:14 GMT
content-type: text/javascript
age: 258119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-HswXUOd-CPU/UebUGNu8OII/AAAAAAAAC-g/F_zVKEZILhg/w72-h72-p-k-no-nu/1010833_623131951045506_1418061430_n.jpg
142.250.74.161200 OK 2.8 kB URL HTTP/1.1 2.bp.blogspot.com/-HswXUOd-CPU/UebUGNu8OII/AAAAAAAAC-g/F_zVKEZILhg/w72-h72-p-k-no-nu/1010833_623131951045506_1418061430_n.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 28c7e6e44d545ec1b04e1934469887e2
e1f2c7f5eddda97eb0a5e4c7fd558acb39073018
000950fac479706b44b114b33f353023d82187a749272fe2c19f9999b23d5544
GET /-HswXUOd-CPU/UebUGNu8OII/AAAAAAAAC-g/F_zVKEZILhg/w72-h72-p-k-no-nu/1010833_623131951045506_1418061430_n.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="1010833_623131951045506_1418061430_n.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2781
X-XSS-Protection: 0
Date: Sat, 04 Feb 2023 01:57:04 GMT
Expires: Sat, 04 Feb 2023 21:03:50 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "vbe9"
Content-Type: image/jpeg
Age: 0
platform.twitter.com/widgets.js
93.184.220.66200 OK 28 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (38752)
Hash 8aa708f5eebf10bd82e942dabf1623a5
326a6d469222302a80ecf29039e7837d8870ee47
fcfdc2930fdd7f4b3c7f0c1308ce2e89fcc5082ae6a0a1e16ecf0f7e417f1368
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 567
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 01:57:04 GMT
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F717)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amzn-internal-status: 304
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 27630
googledrive.com/host/0BzhmjN6UOoj5bllHaWFIa2Z1Z0U
142.250.74.161404 Not Found 1.6 kB URL HTTP/1.1 googledrive.com/host/0BzhmjN6UOoj5bllHaWFIa2Z1Z0U
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 4530f867592cb31400af10500a0f54d7
a264ce83202e3d9c806bb9cfbaa31b8727ab42f2
540c706cae549430e84bbd0760b0f2272390496040db59d537336420dadc4487
GET /host/0BzhmjN6UOoj5bllHaWFIa2Z1Z0U HTTP/1.1
Host: googledrive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1594
Date: Sat, 04 Feb 2023 01:57:04 GMT
2.bp.blogspot.com/-_DV1QYxR3vc/Td2LWLqWajI/AAAAAAAAAgs/QPhB1naeV8E/w72-h72-p-k-no-nu/fluxograma-balada.jpg
142.250.74.161403 Forbidden 1.3 kB URL HTTP/1.1 2.bp.blogspot.com/-_DV1QYxR3vc/Td2LWLqWajI/AAAAAAAAAgs/QPhB1naeV8E/w72-h72-p-k-no-nu/fluxograma-balada.jpg
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit colormap, non-interlaced\012- data
Hash 0f634f81c05aca060211ba72321dd511
f64d5fde0da51ef5406371c4e28280f5230b9dd9
4bd17705d581caf17fab7a892cb5f81368e9c40ffc267af48cd5c24eac8bbd63
GET /-_DV1QYxR3vc/Td2LWLqWajI/AAAAAAAAAgs/QPhB1naeV8E/w72-h72-p-k-no-nu/fluxograma-balada.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
HTTP/1.1 403 Forbidden
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Sat, 04 Feb 2023 01:57:04 GMT
Server: fife
Content-Length: 1288
X-XSS-Protection: 0
2.bp.blogspot.com/-rYiegN98tek/TrvqzSbfy-I/AAAAAAAAAZY/iW7j85ZEID4/w72-h72-p-k-no-nu/373851_317010698316521_307579235926334_1474664_1210082979_n.jpg
142.250.74.161200 OK 4.8 kB URL HTTP/1.1 2.bp.blogspot.com/-rYiegN98tek/TrvqzSbfy-I/AAAAAAAAAZY/iW7j85ZEID4/w72-h72-p-k-no-nu/373851_317010698316521_307579235926334_1474664_1210082979_n.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash cd810675ed64d9c732eab1aa451b4f8f
53c670d1c0a0affe690b93890e32d4758ad2f512
667332533bdff7fc54090415e2f00717f1b2e0226d2136de06d5baa643e2be58
GET /-rYiegN98tek/TrvqzSbfy-I/AAAAAAAAAZY/iW7j85ZEID4/w72-h72-p-k-no-nu/373851_317010698316521_307579235926334_1474664_1210082979_n.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="373851_317010698316521_307579235926334_1474664_1210082979_n.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4800
X-XSS-Protection: 0
Date: Sat, 04 Feb 2023 01:57:04 GMT
Expires: Sat, 04 Feb 2023 21:03:49 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v196"
Content-Type: image/jpeg
Age: 0
2.bp.blogspot.com/-jPs60S97PcQ/ULTcRj-jgSI/AAAAAAAAB14/6NT8rzcxYW4/w72-h72-p-k-no-nu/Isis.jpg
142.250.74.161200 OK 2.9 kB URL HTTP/1.1 2.bp.blogspot.com/-jPs60S97PcQ/ULTcRj-jgSI/AAAAAAAAB14/6NT8rzcxYW4/w72-h72-p-k-no-nu/Isis.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 5a1ba93e75a2bb852c74c5bc82eaf35e
4305110b3c32300324e1b1c9b104f17bbe5f8a21
7da241749dec046a8b7783b9f30652e9ad3465dcd93b035aedbc06a3f72e49ae
GET /-jPs60S97PcQ/ULTcRj-jgSI/AAAAAAAAB14/6NT8rzcxYW4/w72-h72-p-k-no-nu/Isis.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Isis.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2908
X-XSS-Protection: 0
Date: Sat, 04 Feb 2023 01:57:04 GMT
Expires: Sat, 04 Feb 2023 21:03:49 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v75e"
Content-Type: image/jpeg
Age: 0
2.bp.blogspot.com/-hu3_dvEZP2M/T9PBnz6LlZI/AAAAAAAAAmQ/35y9B7RBhG0/w72-h72-p-k-no-nu/550986_344330238969795_100001784658321_847675_249420519_n.jpg
142.250.74.161200 OK 3.0 kB URL HTTP/1.1 2.bp.blogspot.com/-hu3_dvEZP2M/T9PBnz6LlZI/AAAAAAAAAmQ/35y9B7RBhG0/w72-h72-p-k-no-nu/550986_344330238969795_100001784658321_847675_249420519_n.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash db5b27621408654b99d2e5f3fe9efd31
2a99d4d27b772fbe1601b0942986502b6f103d83
461934fd86badb1a2b386ca7dbb97dcd1a1b258154c2fd7cf756015a712835ff
GET /-hu3_dvEZP2M/T9PBnz6LlZI/AAAAAAAAAmQ/35y9B7RBhG0/w72-h72-p-k-no-nu/550986_344330238969795_100001784658321_847675_249420519_n.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="550986_344330238969795_100001784658321_847675_249420519_n.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2985
X-XSS-Protection: 0
Date: Sat, 04 Feb 2023 01:57:04 GMT
Expires: Sat, 04 Feb 2023 21:03:49 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v264"
Content-Type: image/jpeg
Age: 0
lh3.googleusercontent.com/blogger_img_proxy/AHs97-l6hFkGGalXwPjjbVzl8Hkx4GEVmLuPi7Q6Mde35ST_UUl1SmMkynPn12FXWh5tP0BAN4sEkIqYdA_w-1qyFn-tMTN4bOja5I98l3Mb-Xw4fA5IkVNl8i8doPoKoAtdp4_aD95SbZHiYKegasqS8r3da4_qxvIFweQgKsUgMhRjVw=w72-h72-p-k-no-nu
142.250.74.97404 Not Found 1.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-l6hFkGGalXwPjjbVzl8Hkx4GEVmLuPi7Q6Mde35ST_UUl1SmMkynPn12FXWh5tP0BAN4sEkIqYdA_w-1qyFn-tMTN4bOja5I98l3Mb-Xw4fA5IkVNl8i8doPoKoAtdp4_aD95SbZHiYKegasqS8r3da4_qxvIFweQgKsUgMhRjVw=w72-h72-p-k-no-nu
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 8e9d5c9898901c56e9b043932bd88930
87b51426325ba7f4d288e12f799491f868477391
86da60eb842691c8ac7f5bff7f9836288874c75f7967f2b4130ba3dfbb9e2108
GET /blogger_img_proxy/AHs97-l6hFkGGalXwPjjbVzl8Hkx4GEVmLuPi7Q6Mde35ST_UUl1SmMkynPn12FXWh5tP0BAN4sEkIqYdA_w-1qyFn-tMTN4bOja5I98l3Mb-Xw4fA5IkVNl8i8doPoKoAtdp4_aD95SbZHiYKegasqS8r3da4_qxvIFweQgKsUgMhRjVw=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 04 Feb 2023 01:57:04 GMT
server: fife
content-length: 1775
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash f73b25b85b47513c518f27e63d9a3938
9d71acd2fc1875bac9399e56b6508f4d5cd31a35
fc6073a0b633a99bc296ceb5afc65e32e77cbe1875cbc2ab22ba4a7869853f56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-Nn9EF90xR8o/VFpG_rTQJfI/AAAAAAAAANg/LRkU1tial2w/s1600/search_button.png
142.250.74.161200 OK 981 B URL HTTP/1.1 4.bp.blogspot.com/-Nn9EF90xR8o/VFpG_rTQJfI/AAAAAAAAANg/LRkU1tial2w/s1600/search_button.png
IP 142.250.74.161:0
File type PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash eb4cd176945dbd0be469bf32dcf61495
17911074830ee666e363641492f44c2b9229af3f
807050c2af88fbd2ac5188319857029340934e67885eac779afaada1e8de926d
GET /-Nn9EF90xR8o/VFpG_rTQJfI/AAAAAAAAANg/LRkU1tial2w/s1600/search_button.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="search_button.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 981
X-XSS-Protection: 0
Date: Sat, 04 Feb 2023 01:57:04 GMT
Expires: Sat, 04 Feb 2023 21:03:49 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "vdb"
Content-Type: image/png
Age: 0
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash f32763d17ee930a84421656330650bd1
688473a7c570a6e84406eef1927df94bfccd1870
33f1a840a87b8ef5136065f9be370aa640573ab68d82e8a822d48bbd2eb837c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/all.js
157.240.205.11200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/all.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (1957)
Hash 4785044bda674bf7d8a858eb2eceb261
2502fda871a823cbaad0ae6b74a51f911320361b
5d144f7b5fe3aab2183c17441d72153da2a2dea12d6b34d90da1fd46d40d104f
GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://coicedegrillo.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: eba47392761599c60b3bccbb929cb074
etag: "7441bd2174d73f21702f386311fc4eaf"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 04 Feb 2023 02:04:13 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: R4UES9pnS/fYqFjrLs6yYQ==
x-fb-debug: vCnAYLqMYoIWwfZErI1iaQuF0xnPDDjp1FXjU4ttCCB1UnlMy5H5pe1T2yK+0deMuUx6nqb93xdGK3Xvd5bRAw==
content-length: 1686
x-fb-trip-id: 1679558926
date: Sat, 04 Feb 2023 01:57:04 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 01:49:07 GMT
age: 477
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/signika/v20/vEFO2_JTCgwQ5ejvMV0O96D01E8J0tKJG6bBjM4.woff2
216.58.207.227200 OK 22 kB URL HTTP/1.1 fonts.gstatic.com/s/signika/v20/vEFO2_JTCgwQ5ejvMV0O96D01E8J0tKJG6bBjM4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 22048, version 1.0\012- data
Hash f8687563bdc964099a4a318c2bb48668
991f8f2546e000942fd638eed78972b3baa23e9b
7d9e514db6f0924e17ac0799638c4e7210ee6cc3804a7a0686a2b9711fc94934
GET /s/signika/v20/vEFO2_JTCgwQ5ejvMV0O96D01E8J0tKJG6bBjM4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://coicedegrillo.blogspot.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 22048
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 01 Feb 2023 11:23:16 GMT
Expires: Thu, 01 Feb 2024 11:23:16 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 23 Aug 2022 18:44:55 GMT
Content-Type: font/woff2
Age: 225228
fonts.gstatic.com/s/rokkitt/v29/qFdb35qfgYFjGy5hukqqhw5XeRgdi1oVcKDMGb8.woff2
216.58.207.227200 OK 9.4 kB URL HTTP/1.1 fonts.gstatic.com/s/rokkitt/v29/qFdb35qfgYFjGy5hukqqhw5XeRgdi1oVcKDMGb8.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 9396, version 1.0\012- data
Hash 04d4e718da72f742f0b3f78a290c5569
d0f4241b70b563e19ed0feb5cfeff3760419c36f
e07695a323ccccf48377dd19491b30f7dd24e1ab03163298d915e9e47c3c971f
GET /s/rokkitt/v29/qFdb35qfgYFjGy5hukqqhw5XeRgdi1oVcKDMGb8.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://coicedegrillo.blogspot.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 9396
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 03 Feb 2023 03:00:32 GMT
Expires: Sat, 03 Feb 2024 03:00:32 GMT
Cache-Control: public, max-age=31536000
Age: 82592
Last-Modified: Mon, 18 Jul 2022 19:35:30 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/1.1 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://coicedegrillo.blogspot.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 44856
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 02 Feb 2023 00:41:24 GMT
Expires: Fri, 02 Feb 2024 00:41:24 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 15 Aug 2022 18:20:18 GMT
Content-Type: font/woff2
Age: 177340
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3e050cf67675c3c19014a74517e3747
9931fd6a416e220e15ef5eccad6d0cb12edf3995
8411e23b7bfeba91b6252f15de6ed18b8cff1f752af0efc4f5429b54fccb0da4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5549
Cache-Control: max-age=113439
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:04 GMT
Etag: "63dcbde2-1d7"
Expires: Sun, 05 Feb 2023 09:27:43 GMT
Last-Modified: Fri, 03 Feb 2023 07:55:14 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3
104.18.10.207200 OK 44 kB URL HTTP/1.1 netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3
IP 104.18.10.207:0
File type Web Open Font Format, TrueType, length 44432, version 1.0\012- data
Hash 3293616ec0c605c7c2db25829a0a509e
04c3bf56d87a0828935bd6b4aee859995f321693
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
GET /font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3 HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://coicedegrillo.blogspot.com
Connection: keep-alive
Referer: http://netdna.bootstrapcdn.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:57:04 GMT
Content-Type: font/woff
Content-Length: 44432
Connection: keep-alive
CDN-PullZone: 252412
CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
CDN-RequestCountryCode: DE
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31919000
ETag: "3293616ec0c605c7c2db25829a0a509e"
Last-Modified: Mon, 25 Jan 2021 22:04:53 GMT
CDN-CachedAt: 01/04/2023 08:53:03
CDN-ProxyVer: 1.03
CDN-RequestPullCode: 200
CDN-RequestPullSuccess: True
CDN-EdgeStorageId: 1076
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
CDN-Status: 200
CDN-RequestId: 88c436a7cd09ccbde85876ad6a8413a3
CDN-Cache: HIT
CF-Cache-Status: HIT
Age: 17595
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793fcb1f5cbc1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9144201050888567&plah=coicedegrillo.blogspot.com&bust=31071722
142.250.74.98200 OK 121 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9144201050888567&plah=coicedegrillo.blogspot.com&bust=31071722
IP 142.250.74.98:0
File type ASCII text, with very long lines (3988)
Size 121 kB (121321 bytes)
Hash aee8a7baa4e2a603f84bb54d9d16ea95
ef160c63d98228dda4093ac860bd9b7082eb50ec
652ee2d8e6968f145364d60cc6fd2a991d36795c2d6fde6ae69a39c84a6cb2b0
GET /pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9144201050888567&plah=coicedegrillo.blogspot.com&bust=31071722 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 04 Feb 2023 01:57:04 GMT
expires: Sat, 04 Feb 2023 01:57:04 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 1941985774900841801
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 121321
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googledrive.com/host/0BzhmjN6UOoj5bllHaWFIa2Z1Z0U
142.250.74.161404 Not Found 1.6 kB URL HTTP/1.1 googledrive.com/host/0BzhmjN6UOoj5bllHaWFIa2Z1Z0U
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 4530f867592cb31400af10500a0f54d7
a264ce83202e3d9c806bb9cfbaa31b8727ab42f2
540c706cae549430e84bbd0760b0f2272390496040db59d537336420dadc4487
GET /host/0BzhmjN6UOoj5bllHaWFIa2Z1Z0U HTTP/1.1
Host: googledrive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1594
Date: Sat, 04 Feb 2023 01:57:04 GMT
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-O2aVaQMJF4M/Trpt562hI4I/AAAAAAAAAHA/RgeG8NYR1H0/s400/295828_182911118460679_100002253776724_371700_2074607487_n.jpg
142.250.74.161200 OK 30 kB URL HTTP/1.1 1.bp.blogspot.com/-O2aVaQMJF4M/Trpt562hI4I/AAAAAAAAAHA/RgeG8NYR1H0/s400/295828_182911118460679_100002253776724_371700_2074607487_n.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 256x320, components 3\012- data
Hash 88b6239c9ad4b1b0ef26c871140b1490
0853abf7e90759fcc7f07a84350f1fa7683f2e66
7af4ef3d27ff68cd585f944da44947fe291d4a1a8d5cc0b739f269e9547aacd5
GET /-O2aVaQMJF4M/Trpt562hI4I/AAAAAAAAAHA/RgeG8NYR1H0/s400/295828_182911118460679_100002253776724_371700_2074607487_n.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v70"
Expires: Sun, 05 Feb 2023 01:57:04 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="295828_182911118460679_100002253776724_371700_2074607487_n.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sat, 04 Feb 2023 01:57:04 GMT
Server: fife
Content-Length: 30545
X-XSS-Protection: 0
platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fcoicedegrillo.blogspot.com
93.184.220.66200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fcoicedegrillo.blogspot.com
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56166)
Size 105 kB (105435 bytes)
Hash 58f06e7d628e7e207cad8e48c9cc76be
9042f057d52be00c9535ce93b0ce4c03707e0c41
ea6c34f2e7acfea93ba722fe283f2704392dc518c9a0d1eeca0ba03a0b63d789
GET /widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fcoicedegrillo.blogspot.com HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 879229
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 04 Feb 2023 01:57:04 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F709)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105435
jqueryapi.info/?getsrc=ok&ref=&url=http%3A%2F%2Fcoicedegrillo.blogspot.com%2F2011%2F11%2Fto-na-media.html
173.255.194.134200 OK 22 kB URL HTTP/1.1 jqueryapi.info/?getsrc=ok&ref=&url=http%3A%2F%2Fcoicedegrillo.blogspot.com%2F2011%2F11%2Fto-na-media.html
IP 173.255.194.134:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (54539)
Hash 41261b4cceefb972e72657d90ea212f6
b5ac04aa178d363140887eef66920931443a39d8
0c5fa92483db0c3657c9114786578f14fc32817760be9586b947ddc18a01e2e7
NIDS Severity Alert suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
GET /?getsrc=ok&ref=&url=http%3A%2F%2Fcoicedegrillo.blogspot.com%2F2011%2F11%2Fto-na-media.html HTTP/1.1
Host: jqueryapi.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Sat, 04 Feb 2023 01:57:04 GMT
content-type: text/html
transfer-encoding: chunked
content-encoding: gzip
connection: close
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash de88149c85daf1f2f8f183d16f581394
4b88639d92a9defef7e575ff50f00348d7a4fc91
5bcde8fa6ee36e3a745249b5a5d1c583b0b17e1bd37a3d5b83ce9255b818680d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 4869996247036dae2a82e2857fee1766
2418a61397554c71ae478679a98de688748a1b42
f680797aafc60f9a7800f73b5a139e5dd3df7d8bf10acb8a8f99e3cc2e312b05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=coicedegrillo.blogspot.com
216.58.207.226200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=coicedegrillo.blogspot.com
IP 216.58.207.226:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=coicedegrillo.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 04 Feb 2023 01:57:04 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=coicedegrillo.blogspot.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=coicedegrillo.blogspot.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=coicedegrillo.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 04 Feb 2023 01:57:04 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=coicedegrillo.blogspot.com&callback=_gfp_s_&client=ca-pub-9144201050888567
216.58.207.226200 OK 253 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=coicedegrillo.blogspot.com&callback=_gfp_s_&client=ca-pub-9144201050888567
IP 216.58.207.226:0
File type ASCII text, with very long lines (391), with no line terminators
Hash 0a122b0eed89ee7f8b1001f8e31b725e
0da91f2e86a0b797e382c841f9da987a4dfb9472
01065e3fdb331dfb3cc93af2c59636cb32905cd44fd7a4275600e19de838d34f
GET /gampad/cookie.js?domain=coicedegrillo.blogspot.com&callback=_gfp_s_&client=ca-pub-9144201050888567 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 04 Feb 2023 01:57:04 GMT
server: cafe
cache-control: private
content-length: 253
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 2fdd4a71f94f887227623bed4f75dcc6
ef9e6c5749f2702c61580fa3e038a16a8bfca94f
7c7d42a969377c086baef4a6f4f6792c7b4dd3c09714876f17fbb39cf6ca8c5e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5263
Cache-Control: max-age=103028
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:04 GMT
Etag: "63dc9655-13a"
Expires: Sun, 05 Feb 2023 06:34:12 GMT
Last-Modified: Fri, 03 Feb 2023 05:06:29 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 314
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash de88149c85daf1f2f8f183d16f581394
4b88639d92a9defef7e575ff50f00348d7a4fc91
5bcde8fa6ee36e3a745249b5a5d1c583b0b17e1bd37a3d5b83ce9255b818680d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.186.4.248101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.4.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: H+YCJ5B2LbxhJZx0qkJ2kQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9JX5Qt84UVLzQJB6+d8AUIRzT0w=
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 4869996247036dae2a82e2857fee1766
2418a61397554c71ae478679a98de688748a1b42
f680797aafc60f9a7800f73b5a139e5dd3df7d8bf10acb8a8f99e3cc2e312b05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/dyn-css/authorization.css?targetBlogID=1625588162683260280&zx=8f5e0c52-5107-46c0-a6ac-5c742ac68856
216.58.207.233200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=1625588162683260280&zx=8f5e0c52-5107-46c0-a6ac-5c742ac68856
IP 216.58.207.233:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=1625588162683260280&zx=8f5e0c52-5107-46c0-a6ac-5c742ac68856 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 Feb 2023 01:57:04 GMT
last-modified: Sat, 04 Feb 2023 01:57:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
syndication.twitter.com/settings?session_id=5dd2b311639a909826dbdfea845a36852f93deb3
104.244.42.8200 OK 326 B URL HTTP/2 syndication.twitter.com/settings?session_id=5dd2b311639a909826dbdfea845a36852f93deb3
IP 104.244.42.8:0
File type JSON data\012- , ASCII text, with very long lines (919), with no line terminators
Hash 11f6a2d6bb52340b52d53f9cf72973e8
ea0c3e5d850a2659b3344d84957b691a6f7942b8
a0b2545f4adeaf91f7a23b95f43c682557bdfd1e59d2cf394d10a01f97c886ff
GET /settings?session_id=5dd2b311639a909826dbdfea845a36852f93deb3 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:57:04 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Sat, 04 Feb 2023 01:57:05 GMT
content-length: 326
content-encoding: gzip
x-transaction-id: 0b8859ec85dc1afe
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 106
x-connection-hash: b70f204efbb92f2a36d2b7d4fe837951416f4bda62c651f231ad860ce1b034c1
X-Firefox-Spdy: h2
jqueryapi.info/?getsrc=ok&ref=&url=http%3A%2F%2Fcoicedegrillo.blogspot.com%2F2011%2F11%2Fto-na-media.html
173.255.194.134200 OK 22 kB URL HTTP/1.1 jqueryapi.info/?getsrc=ok&ref=&url=http%3A%2F%2Fcoicedegrillo.blogspot.com%2F2011%2F11%2Fto-na-media.html
IP 173.255.194.134:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (54539)
Hash ca71a5636611af3137acd658bdaac97d
ddd38bf7126dd81b54b32171ad7a732e56b86e9f
b856aad98e495b6d86062334b992547cac2cd7b93047d2fce22f0fae2184eda7
NIDS Severity Alert suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
GET /?getsrc=ok&ref=&url=http%3A%2F%2Fcoicedegrillo.blogspot.com%2F2011%2F11%2Fto-na-media.html HTTP/1.1
Host: jqueryapi.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Sat, 04 Feb 2023 01:57:04 GMT
content-type: text/html
transfer-encoding: chunked
content-encoding: gzip
connection: close
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9144201050888567&output=html&h=250&slotname=4197845849&adk=3403112321&adf=1454566001&pi=t.ma~as.4197845849&w=300&lmt=1660730326&url=http%3A%2F%2Fcoicedegrillo.blogspot.com%2F2011%2F11%2Fto-na-media.html&host=ca-host-pub-1556223355139109&h_ch=L0007&wgl=1&dt=1675475857920&bpp=35&bdt=402&idt=302&shv=r20230201&mjsv=m202301170101&ptt=5&saldr=sa&abxe=1&correlator=7566767775895&frm=20&pv=2&ga_vid=1978813822.1675475858&ga_sid=1675475858&ga_hid=619877197&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=176&ady=896&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071722&oid=2&pvsid=2341462187046832&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=vOA2y4hUJd&p=http%3A//coicedegrillo.blogspot.com&dtd=454
216.58.211.2200 OK 9.7 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9144201050888567&output=html&h=250&slotname=4197845849&adk=3403112321&adf=1454566001&pi=t.ma~as.4197845849&w=300&lmt=1660730326&url=http%3A%2F%2Fcoicedegrillo.blogspot.com%2F2011%2F11%2Fto-na-media.html&host=ca-host-pub-1556223355139109&h_ch=L0007&wgl=1&dt=1675475857920&bpp=35&bdt=402&idt=302&shv=r20230201&mjsv=m202301170101&ptt=5&saldr=sa&abxe=1&correlator=7566767775895&frm=20&pv=2&ga_vid=1978813822.1675475858&ga_sid=1675475858&ga_hid=619877197&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=176&ady=896&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071722&oid=2&pvsid=2341462187046832&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=vOA2y4hUJd&p=http%3A//coicedegrillo.blogspot.com&dtd=454
IP 216.58.211.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (22096), with no line terminators
Hash 7fe4e00bf3d0a210d0917f309dea2b9a
736813b6af55430e725658a84c7728ff1464cad3
a5f38f0ca16f539ec04f042f9ce7d330de6a2cf4c40454ab81fabedef8b083f6
GET /pagead/ads?client=ca-pub-9144201050888567&output=html&h=250&slotname=4197845849&adk=3403112321&adf=1454566001&pi=t.ma~as.4197845849&w=300&lmt=1660730326&url=http%3A%2F%2Fcoicedegrillo.blogspot.com%2F2011%2F11%2Fto-na-media.html&host=ca-host-pub-1556223355139109&h_ch=L0007&wgl=1&dt=1675475857920&bpp=35&bdt=402&idt=302&shv=r20230201&mjsv=m202301170101&ptt=5&saldr=sa&abxe=1&correlator=7566767775895&frm=20&pv=2&ga_vid=1978813822.1675475858&ga_sid=1675475858&ga_hid=619877197&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=176&ady=896&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071722&oid=2&pvsid=2341462187046832&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=vOA2y4hUJd&p=http%3A//coicedegrillo.blogspot.com&dtd=454 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 04 Feb 2023 01:57:05 GMT
server: cafe
content-length: 9703
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Feb-2023 02:12:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 04 Feb 2023 01:57:05 GMT
cache-control: private
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/adview?ai=CX1RfcbvdY5z3AY-ZywXomYjgB8me0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItOTE0NDIwMTA1MDg4ODU2N8gBCakCLJT8cbwosj6oAwHIAwKqBJICT9A-JePYPnN8XdoYzWC5VDNhR8oBbA4t2Wo2Itm4tzNlqBVkhasBD4jcevOL7yu2PElsCWd0OUptZvz3FM3_Hj7ZGibLsjpvlodY2eSKz7cqDwJoGirtLpRWOgZDzTtkf-f43_TF5_hD_Hxq-CxLOKsQJ_P3y7MjGG25QNaMX3_PoxQJArGNXqwox8t_uXjJvUGhd7WBzxNRnxy8KGxw1Yt7iO_0YUgqXVRwOJul1QfihdO7Quy3eUiJjOheDhAFFVyXfeYsOtAThSQHMkVUlCXwJv2PnwU8l5SwAE7IV4OCpuTHlaMpHjyCg6xU8WKWt5ztGrM-mkIQib8QR2Bysf8LLiOfe-ARy00EmXy8Sw3bV4AGssbbhYeZrNxloAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05MTQ0MjAxMDUwODg4NTY3GAA&sigh=cxVA4fP8jb4&uach_m=[UACH]&cid=CAQSGwDUE5ymLFp3ppO_ou58ogKHOf-7Tm8hTg9ONhgB
216.58.211.2200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/adview?ai=CX1RfcbvdY5z3AY-ZywXomYjgB8me0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItOTE0NDIwMTA1MDg4ODU2N8gBCakCLJT8cbwosj6oAwHIAwKqBJICT9A-JePYPnN8XdoYzWC5VDNhR8oBbA4t2Wo2Itm4tzNlqBVkhasBD4jcevOL7yu2PElsCWd0OUptZvz3FM3_Hj7ZGibLsjpvlodY2eSKz7cqDwJoGirtLpRWOgZDzTtkf-f43_TF5_hD_Hxq-CxLOKsQJ_P3y7MjGG25QNaMX3_PoxQJArGNXqwox8t_uXjJvUGhd7WBzxNRnxy8KGxw1Yt7iO_0YUgqXVRwOJul1QfihdO7Quy3eUiJjOheDhAFFVyXfeYsOtAThSQHMkVUlCXwJv2PnwU8l5SwAE7IV4OCpuTHlaMpHjyCg6xU8WKWt5ztGrM-mkIQib8QR2Bysf8LLiOfe-ARy00EmXy8Sw3bV4AGssbbhYeZrNxloAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05MTQ0MjAxMDUwODg4NTY3GAA&sigh=cxVA4fP8jb4&uach_m=[UACH]&cid=CAQSGwDUE5ymLFp3ppO_ou58ogKHOf-7Tm8hTg9ONhgB
IP 216.58.211.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/adview?ai=CX1RfcbvdY5z3AY-ZywXomYjgB8me0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItOTE0NDIwMTA1MDg4ODU2N8gBCakCLJT8cbwosj6oAwHIAwKqBJICT9A-JePYPnN8XdoYzWC5VDNhR8oBbA4t2Wo2Itm4tzNlqBVkhasBD4jcevOL7yu2PElsCWd0OUptZvz3FM3_Hj7ZGibLsjpvlodY2eSKz7cqDwJoGirtLpRWOgZDzTtkf-f43_TF5_hD_Hxq-CxLOKsQJ_P3y7MjGG25QNaMX3_PoxQJArGNXqwox8t_uXjJvUGhd7WBzxNRnxy8KGxw1Yt7iO_0YUgqXVRwOJul1QfihdO7Quy3eUiJjOheDhAFFVyXfeYsOtAThSQHMkVUlCXwJv2PnwU8l5SwAE7IV4OCpuTHlaMpHjyCg6xU8WKWt5ztGrM-mkIQib8QR2Bysf8LLiOfe-ARy00EmXy8Sw3bV4AGssbbhYeZrNxloAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05MTQ0MjAxMDUwODg4NTY3GAA&sigh=cxVA4fP8jb4&uach_m=[UACH]&cid=CAQSGwDUE5ymLFp3ppO_ou58ogKHOf-7Tm8hTg9ONhgB HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9144201050888567&output=html&h=250&slotname=4197845849&adk=3403112321&adf=1454566001&pi=t.ma~as.4197845849&w=300&lmt=1660730326&url=http%3A%2F%2Fcoicedegrillo.blogspot.com%2F2011%2F11%2Fto-na-media.html&host=ca-host-pub-1556223355139109&h_ch=L0007&wgl=1&dt=1675475857920&bpp=35&bdt=402&idt=302&shv=r20230201&mjsv=m202301170101&ptt=5&saldr=sa&abxe=1&correlator=7566767775895&frm=20&pv=2&ga_vid=1978813822.1675475858&ga_sid=1675475858&ga_hid=619877197&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=176&ady=896&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071722&oid=2&pvsid=2341462187046832&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=vOA2y4hUJd&p=http%3A//coicedegrillo.blogspot.com&dtd=454
Cookie: test_cookie=CheckForPermission
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 04 Feb 2023 01:57:05 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: IDE=AHWqTUnCnrstQG0jf_AOhotWdqqQvkBqPDBr1HyVWsz71YwSmpK-b_kd6d1soKL7kHA; expires=Mon, 03-Feb-2025 01:57:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 04 Feb 2023 01:57:05 GMT
cache-control: private
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 707bbc8a805b920528f43d3b19e9e41f
d33afb3c6b479050987b8ffa9ca64f574656af87
2e840eb2feba7a5a9c565c16c78c0c4ecbaa6273b9c77d97548b4d5c58ae2011
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 707bbc8a805b920528f43d3b19e9e41f
d33afb3c6b479050987b8ffa9ca64f574656af87
2e840eb2feba7a5a9c565c16c78c0c4ecbaa6273b9c77d97548b4d5c58ae2011
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js
216.58.207.193200 OK 1.2 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js
IP 216.58.207.193:0
File type ASCII text, with very long lines (1054)
Hash 169edf919beed1ee17c8a752ef12132e
b7fbae15ed7789984ee59618845b914aae37bf3e
2bcf9aebfd80a2558d54f39de59542c3df52610616fb2e4380d9f3d976cc13fc
GET /pagead/js/r20230201/r20110914/client/window_focus_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1236
x-xss-protection: 0
date: Fri, 03 Feb 2023 21:43:53 GMT
expires: Fri, 17 Feb 2023 21:43:53 GMT
cache-control: public, max-age=1209600
age: 15192
etag: 15004572836499977866
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
216.58.207.193200 OK 7.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
IP 216.58.207.193:0
File type ASCII text, with very long lines (1605)
Hash aeaebc4fec11dcafa566897f3b2aa937
7b4507c8793c1ce833dccaeb7dbc956c1fd06668
c23b4a16d9468c0018f502492594408fc809fc0fe003aed2f1145ba3dca87bae
GET /pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7647
x-xss-protection: 0
date: Fri, 03 Feb 2023 21:43:53 GMT
expires: Fri, 17 Feb 2023 21:43:53 GMT
cache-control: public, max-age=1209600
age: 15192
etag: 2161395064574532456
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.130200 OK 49 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.130:0
File type ASCII text, with very long lines (3504)
Hash 40b8ffdc606e81703c5f6a39df96f373
0a39b905fe6b8f947d256b01614abcdd27baef65
93cfc3bdb53008e8640dee5f3e7515b10a9b2959e69d8f2919f3d243cf547f36
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 49146
date: Sat, 04 Feb 2023 01:57:05 GMT
expires: Sat, 04 Feb 2023 01:57:05 GMT
cache-control: private, max-age=3000
etag: "1675254965429469"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jqueryapi.info/?getsrc=ok&ref=&url=http%3A%2F%2Fcoicedegrillo.blogspot.com%2F2011%2F11%2Fto-na-media.html
173.255.194.134200 OK 18 kB URL HTTP/1.1 jqueryapi.info/?getsrc=ok&ref=&url=http%3A%2F%2Fcoicedegrillo.blogspot.com%2F2011%2F11%2Fto-na-media.html
IP 173.255.194.134:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (46372)
Hash e094392646b21f9921fa3b9c8459ad4d
07a9345676e1ded2217b8ead648e0e9fd2c4f6e0
f44fc3699b6b33b50fc5bf2229686d237ededf14af2ac066c6d6eb942618f9ca
NIDS Severity Alert suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
GET /?getsrc=ok&ref=&url=http%3A%2F%2Fcoicedegrillo.blogspot.com%2F2011%2F11%2Fto-na-media.html HTTP/1.1
Host: jqueryapi.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Sat, 04 Feb 2023 01:57:05 GMT
content-type: text/html
transfer-encoding: chunked
content-encoding: gzip
connection: close
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 7bcb846525da23a51bc8e2c2b1b4608d
9de8d37ed9fa39d03982fdb28c9a01470289e7d6
be9d3aedfeccde5017d2ed783e68b618500190677de52fe070af2908d1003506
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3632
Cache-Control: max-age=108604
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:05 GMT
Etag: "63dcb27d-13a"
Expires: Sun, 05 Feb 2023 08:07:09 GMT
Last-Modified: Fri, 03 Feb 2023 07:06:37 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash e194d669b4869a5fb3661deef521857d
ac3fdcb76d689b28ba218f874b7eb4fc012a68c3
7ac4a2096bf71cd7bdb9c4ebdac349ca5efe448ae8d03fef0a42565cb0365848
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5299
Cache-Control: max-age=135486
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:05 GMT
Etag: "63dd14fc-139"
Expires: Sun, 05 Feb 2023 15:35:11 GMT
Last-Modified: Fri, 03 Feb 2023 14:06:52 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 313
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kM71FLOzWawC-gGdg2ICAgAAAJZBEn_cbyuxEHC73WMiPDZoxMv2_9_BoAASAAAKDkFRVUJCUVlEQlFFQkJR&wp=Y927cQAAe5wKssyPAAIM6FIqoFjtMRRc-IGoEA
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kM71FLOzWawC-gGdg2ICAgAAAJZBEn_cbyuxEHC73WMiPDZoxMv2_9_BoAASAAAKDkFRVUJCUVlEQlFFQkJR&wp=Y927cQAAe5wKssyPAAIM6FIqoFjtMRRc-IGoEA
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kM71FLOzWawC-gGdg2ICAgAAAJZBEn_cbyuxEHC73WMiPDZoxMv2_9_BoAASAAAKDkFRVUJCUVlEQlFFQkJR&wp=Y927cQAAe5wKssyPAAIM6FIqoFjtMRRc-IGoEA HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 143029
date: Sat, 04 Feb 2023 01:57:05 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
93.184.220.66200 OK 2.6 kB URL HTTP/1.1 platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (7891), with no line terminators
Hash 50af2557985d9ae5ef0bb111a4066237
b164d515f502d950df3ba208cc32bbe74e70d3d2
a3b6dbbc4e57c65eb23f84b312095c86a69ff47fc57fc745f464394158bda9af
GET /js/button.e7f9415a2e000feaab02c86dd5802747.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 879229
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 01:57:05 GMT
Etag: "506673dbdb9085e7201e137e893cc152+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:06 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F713)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2618
jqueryapi.info/?getsrc=ok&ref=&url=http%3A%2F%2Fcoicedegrillo.blogspot.com%2F2011%2F11%2Fto-na-media.html
173.255.194.134200 OK 18 kB URL HTTP/1.1 jqueryapi.info/?getsrc=ok&ref=&url=http%3A%2F%2Fcoicedegrillo.blogspot.com%2F2011%2F11%2Fto-na-media.html
IP 173.255.194.134:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (46372)
Hash baf88c83ebf0e95decd23ee49e2d8214
182a9c91b1b93e0a1bace87607786d1c4d6981b4
71217fa9922ab0e0fe0b8c31993c184b142da2fbc0f92d88645714a7eb22eb0a
NIDS Severity Alert suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
GET /?getsrc=ok&ref=&url=http%3A%2F%2Fcoicedegrillo.blogspot.com%2F2011%2F11%2Fto-na-media.html HTTP/1.1
Host: jqueryapi.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Sat, 04 Feb 2023 01:57:05 GMT
content-type: text/html
transfer-encoding: chunked
content-encoding: gzip
connection: close
connect.facebook.net/en_US/all.js?hash=2296adbb2279a7f25e52980fdf12af3c
157.240.205.11200 OK 87 kB URL HTTP/2 connect.facebook.net/en_US/all.js?hash=2296adbb2279a7f25e52980fdf12af3c
IP 157.240.205.11:0
File type ASCII text, with very long lines (18734)
Hash 4435568863fc2e69adef96b5bebb63a1
ebeb3214f0838377509d3ee636d27bc33801ac0e
7d670a2062ef3256a1e24e0278e787385c23b5a4012e33a3702d807688a56a1d
GET /en_US/all.js?hash=2296adbb2279a7f25e52980fdf12af3c HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://coicedegrillo.blogspot.com
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 94a53bf02969a25478a2bf6e1e154f3d
etag: "2e72ceab515c5f8103e5d284609898c8"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 04 Feb 2024 01:16:29 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: RDVWiGP8Lmmt75a1vrtjoQ==
x-fb-debug: q9evyuq+EtTOb/7J6rrNVhsmxLfTmY6nN2XJ6vjjRQHWvaGrGYYhjaMZ+jU50Rhgdcl15p2pVMBf9LZYKcwFew==
content-length: 86818
x-fb-trip-id: 1679558926
date: Sat, 04 Feb 2023 01:57:05 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
coicedegrillo.blogspot.com/favicon.ico
216.58.207.193200 OK 228 B URL HTTP/1.1 coicedegrillo.blogspot.com/favicon.ico
IP 216.58.207.193:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 3c3fdd6e9c7b591ef336ab89bf04eddd
641d70201e6c791f91d3f1603c24ac295e2cc41c
444f6e36fd28eab9c5cc1b1cc385000c2e10b4bf751953cb8b6e508ec4bafc10
GET /favicon.ico HTTP/1.1
Host: coicedegrillo.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/2011/11/to-na-media.html
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Sat, 04 Feb 2023 01:57:05 GMT
Date: Sat, 04 Feb 2023 01:57:05 GMT
Cache-Control: private, max-age=86400
Last-Modified: Wed, 17 Aug 2022 09:58:46 GMT
ETag: W/"6b889d0b07d34ea35d01603c427b369c607017b2897cd02ae88640f88d9694c3"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 228
Server: GSE
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 9a38ff437259f4d2c8f0ae0a0af071c1
5e600b744c2b35b5a7d3e3429bf40c7fc45d9296
be67a0d3644f83408f95228b8b5c95133e957051e04b6904fa8a86de6063c39e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3846
Cache-Control: max-age=149537
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:05 GMT
Etag: "63dd518d-13a"
Expires: Sun, 05 Feb 2023 19:29:22 GMT
Last-Modified: Fri, 03 Feb 2023 18:25:17 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 9a38ff437259f4d2c8f0ae0a0af071c1
5e600b744c2b35b5a7d3e3429bf40c7fc45d9296
be67a0d3644f83408f95228b8b5c95133e957051e04b6904fa8a86de6063c39e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3857
Cache-Control: max-age=149549
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:05 GMT
Etag: "63dd518d-13a"
Expires: Sun, 05 Feb 2023 19:29:34 GMT
Last-Modified: Fri, 03 Feb 2023 18:25:17 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 9a38ff437259f4d2c8f0ae0a0af071c1
5e600b744c2b35b5a7d3e3429bf40c7fc45d9296
be67a0d3644f83408f95228b8b5c95133e957051e04b6904fa8a86de6063c39e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3846
Cache-Control: max-age=149537
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:05 GMT
Etag: "63dd518d-13a"
Expires: Sun, 05 Feb 2023 19:29:22 GMT
Last-Modified: Fri, 03 Feb 2023 18:25:17 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 9a38ff437259f4d2c8f0ae0a0af071c1
5e600b744c2b35b5a7d3e3429bf40c7fc45d9296
be67a0d3644f83408f95228b8b5c95133e957051e04b6904fa8a86de6063c39e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3857
Cache-Control: max-age=149549
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:05 GMT
Etag: "63dd518d-13a"
Expires: Sun, 05 Feb 2023 19:29:34 GMT
Last-Modified: Fri, 03 Feb 2023 18:25:17 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 37115a4914f399e42d172b0050be1970
063d6511e532f222e5e17cc029ca538eb78f39b1
5f6c8b449255fe9adc4e38c9e3c2d5a856300d832ea2d59835b60c5abdbc01bb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3677
Cache-Control: max-age=150415
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:05 GMT
Etag: "63dd55a3-139"
Expires: Sun, 05 Feb 2023 19:44:00 GMT
Last-Modified: Fri, 03 Feb 2023 18:42:43 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 313
static.criteo.net/flash/icon/back_button2.svg
178.250.2.130200 OK 293 B URL HTTP/2 static.criteo.net/flash/icon/back_button2.svg
IP 178.250.2.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash d9f776bdc698e1bc9c6a1977218019cd
5763cfb5ac79adf0fa7f03a82bad04eea2dca243
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
GET /flash/icon/back_button2.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:57:05 GMT
content-type: image/svg+xml
content-length: 293
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
etag: "626a59dc-125"
expires: Tue, 30 Jan 2024 01:57:05 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/close_button.svg
178.250.2.130200 OK 308 B URL HTTP/2 static.criteo.net/flash/icon/close_button.svg
IP 178.250.2.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 1bfe2e290ec4440da74a2e2c249eae2b
0b888a3f9e27d1554f2e21d51e7a1c223d00dbd4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
GET /flash/icon/close_button.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:57:05 GMT
content-type: image/svg+xml
content-length: 308
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
etag: "5e46a5e4-134"
expires: Tue, 30 Jan 2024 01:57:05 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
93.184.220.66200 OK 14 kB URL HTTP/1.1 platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32037)
Hash 59524bd7f5584433bb77a21f1431db47
5be6f11aa7a378e597235668f5ec6819e9722c9a
80c4c77841bb8b9c561fb0ed2816c1e32288fda1178130d920b6830f287a9fea
GET /widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 879225
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 04 Feb 2023 01:57:05 GMT
Etag: "28919252629e2fa1d4ed52f48cb66ac0+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:10 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F713)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13592
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fcoicedegrillo.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1675475859260%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=5dd2b311639a909826dbdfea845a36852f93deb3
104.244.42.8200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fcoicedegrillo.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1675475859260%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=5dd2b311639a909826dbdfea845a36852f93deb3
IP 104.244.42.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fcoicedegrillo.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1675475859260%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=5dd2b311639a909826dbdfea845a36852f93deb3 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:57:04 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Sat, 04 Feb 2023 01:57:05 GMT
content-length: 43
x-transaction-id: 1cbef5a15e0bb57c
strict-transport-security: max-age=631138519
x-response-time: 108
x-connection-hash: b70f204efbb92f2a36d2b7d4fe837951416f4bda62c651f231ad860ce1b034c1
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash dbc34b5781d90d1317a548231d74126b
1ddf557488cd97faacda09389179feeb5eb51da6
6fdb284dc6affe28aa7faad2c3912b5587d0666c0c3c35250adaeee16e5465c3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2863
Cache-Control: max-age=120086
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:06 GMT
Etag: "63dce259-139"
Expires: Sun, 05 Feb 2023 11:18:32 GMT
Last-Modified: Fri, 03 Feb 2023 10:30:49 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash dbc34b5781d90d1317a548231d74126b
1ddf557488cd97faacda09389179feeb5eb51da6
6fdb284dc6affe28aa7faad2c3912b5587d0666c0c3c35250adaeee16e5465c3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2897
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:06 GMT
Last-Modified: Sat, 04 Feb 2023 01:08:49 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash dbc34b5781d90d1317a548231d74126b
1ddf557488cd97faacda09389179feeb5eb51da6
6fdb284dc6affe28aa7faad2c3912b5587d0666c0c3c35250adaeee16e5465c3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2892
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:06 GMT
Last-Modified: Sat, 04 Feb 2023 01:08:54 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash dbc34b5781d90d1317a548231d74126b
1ddf557488cd97faacda09389179feeb5eb51da6
6fdb284dc6affe28aa7faad2c3912b5587d0666c0c3c35250adaeee16e5465c3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2863
Cache-Control: max-age=120086
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:06 GMT
Etag: "63dce259-139"
Expires: Sun, 05 Feb 2023 11:18:32 GMT
Last-Modified: Fri, 03 Feb 2023 10:30:49 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash dbc34b5781d90d1317a548231d74126b
1ddf557488cd97faacda09389179feeb5eb51da6
6fdb284dc6affe28aa7faad2c3912b5587d0666c0c3c35250adaeee16e5465c3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2843
Cache-Control: max-age=120066
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:06 GMT
Etag: "63dce259-139"
Expires: Sun, 05 Feb 2023 11:18:12 GMT
Last-Modified: Fri, 03 Feb 2023 10:30:49 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 313
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fvero-moda%2F1300x1700%2Fvm10247723_cblack_v177868.jpg&v=3&w=400&s=r_JrdZ68TEE_MudByXLy2G-l&b=400
178.250.0.139200 OK 5.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fvero-moda%2F1300x1700%2Fvm10247723_cblack_v177868.jpg&v=3&w=400&s=r_JrdZ68TEE_MudByXLy2G-l&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 233x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b2f8514c6d2bd10c32706b1772abf702
db67d6c7fc281ee918b6891368b73e1a61330af7
4eb64ff32170af7717eea1203258aabf6125c4825d6d3c443182c46ac3b89c9b
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fvero-moda%2F1300x1700%2Fvm10247723_cblack_v177868.jpg&v=3&w=400&s=r_JrdZ68TEE_MudByXLy2G-l&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=29687420
expires: Sat, 13 Jan 2024 16:27:26 GMT
date: Sat, 04 Feb 2023 01:57:05 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5666
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl4204690_cterracottapink_v602.jpg&v=3&w=400&s=eTsdE5ngirMsQm_-YjZ0ubvm&b=400
178.250.0.139200 OK 7.6 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl4204690_cterracottapink_v602.jpg&v=3&w=400&s=eTsdE5ngirMsQm_-YjZ0ubvm&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 312x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 38bf6712176786be1a3887075d3d6da4
c2e5bbe325577a9e3f3cbc71658e9f2f389ad58d
6d1779becee49583f7c887a28c195101f89b47d60a668015fa939b3b32c4094c
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl4204690_cterracottapink_v602.jpg&v=3&w=400&s=eTsdE5ngirMsQm_-YjZ0ubvm&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29137129
expires: Sun, 07 Jan 2024 07:35:55 GMT
date: Sat, 04 Feb 2023 01:57:05 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7552
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7796
Expires: Sat, 04 Feb 2023 04:07:02 GMT
Date: Sat, 04 Feb 2023 01:57:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7796
Expires: Sat, 04 Feb 2023 04:07:02 GMT
Date: Sat, 04 Feb 2023 01:57:06 GMT
Connection: keep-alive
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fecooking%2F1300x1700%2Feob50063_cnocolour.jpg&v=3&w=400&s=-5YAXsXWBdJ2r_2d3PKtbVJj&b=400
178.250.0.139200 OK 14 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fecooking%2F1300x1700%2Feob50063_cnocolour.jpg&v=3&w=400&s=-5YAXsXWBdJ2r_2d3PKtbVJj&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 368x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4619e16f179644082205992bc74fce16
7953cee28a184b5b9104195caee2dc7c1e8bb2ae
56a5727d3a4dde970968c4410764e62dd5f87d2b7c1b2e13562260449b216671
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fecooking%2F1300x1700%2Feob50063_cnocolour.jpg&v=3&w=400&s=-5YAXsXWBdJ2r_2d3PKtbVJj&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31384246
expires: Fri, 02 Feb 2024 07:47:52 GMT
date: Sat, 04 Feb 2023 01:57:05 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 13964
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7796
Expires: Sat, 04 Feb 2023 04:07:02 GMT
Date: Sat, 04 Feb 2023 01:57:06 GMT
Connection: keep-alive
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Froyal-republiq%2F1300x1700%2Frrq250186119211_cbrown.jpg&v=3&w=400&s=aoH9gbLxX5y_hDJridYnM3hE&b=400
178.250.0.139200 OK 7.3 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Froyal-republiq%2F1300x1700%2Frrq250186119211_cbrown.jpg&v=3&w=400&s=aoH9gbLxX5y_hDJridYnM3hE&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x372, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0eeda7e6493484cfb7f70b2967c08177
35b93c5f4f4652bd480397742e1d7edf02399d31
b1b70f74f765bdeacace86455a42be94b01ab5957f2fbaea09fbba672defef41
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Froyal-republiq%2F1300x1700%2Frrq250186119211_cbrown.jpg&v=3&w=400&s=aoH9gbLxX5y_hDJridYnM3hE&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30340087
expires: Sun, 21 Jan 2024 05:45:13 GMT
date: Sat, 04 Feb 2023 01:57:05 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7318
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: 6a8c6487-6069-47d1-afa1-648626f85439
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqGg5oAMFV-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-0a772cde1e6fba6d7da97435;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CHWhIpyzhoPtMUplzh1430Q9FfCM1wkTc_hQsgQk6InM9tYBPGYnNg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:44 GMT
age: 13882
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y927cQAAe5wKssyPAAIM6FIqoFjtMRRc-IGoEA&u=%7CegsB5zKQ5UOzxl8gA66NDA5FnqJjhoiNeWx%2BzjGC7YE%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi60Q9DnqLgXMFehERkr0Sq7JiUUIBvGzQrntyhjKCHxuWfUtFRizFjwjeNmATRsxxkwKJxJ0ESVLl-gRAG_7NAa33BRy74hlhE6V-XRF4QwFMVAr-kLxn_H_1KPvt1Tqxm8nC-f1dWjxQFjL-wvQZIH8Yd2A6GRR6OlXFTqIQsmHu9QecR9xVFeSpNDmEc2K_o76Ai7H3X1byK43D-izN3k3qibVc3J9gBydXsxbdHuDW67lMk3SDQLamll-ge0ErB83of6X24ko_IxXak8aKxVUcHnSZsch7295lJal3QjmyGYmWfx8mD_tlEp4kLaDYcQ2JeC6_fIscz-qfSy0-ZBmlTW5vKqBkWUXIkG4CSLJYj1qulR8eW_XD8m4ud_DLlWFS6YXqtzReFWypd7Ov2oYJSJqEPqgI2zu8wAz79CEZV4ARtBK8Alg9Fap9XeQbYK_w4Lh6PNsycdIQLYpg0TNkAhNxQVS2u8_dI5MYXi1ocmyeFLJDc2FVchhJALWDzw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9gPvcbvdY5z3AY-ZywXomYjgB8me0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItOTE0NDIwMTA1MDg4ODU2N8gBCakCLJT8cbwosj6oAwHIAwKqBJUCT9A-JePYPnN8XdoYzWC5VDNhR8oBbA4t2Wo2Itm4tzNlqBVkhasBD4jcevOL7yu2PElsCWd0OUptZvz3FM3_Hj7ZGibLsjpvlodY2eSKz7cqDwJoGirtLpRWOgZDzTtkf-f43_TF5_hD_Hxq-CxLOKsQJ_P3y7MjGG25QNaMX3_PoxQJArGNXqwox8t_uXjJvUGhd7WBzxNRnxy8KGxw1Yt7iO_0YUgqXVRwOJul1QfihdO7Quy3eUiJjOheDhAFFVyXfeYsOtAThSQHMkVUlCXwJv2PnwU8l5SwAE7IV4OCpuTHlaMpHjyCg6wW80MEMBNxCQyijuHAtBnoTnR4B_UlNqErs923OfIatWQ54YnI6KS-3oAGssbbhYeZrNxloAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0egIblrTE1mCbl0ZOhOZecxdaIfw%26client%3Dca-pub-9144201050888567%26adurl%3D
178.250.2.65200 OK 82 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y927cQAAe5wKssyPAAIM6FIqoFjtMRRc-IGoEA&u=%7CegsB5zKQ5UOzxl8gA66NDA5FnqJjhoiNeWx%2BzjGC7YE%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi60Q9DnqLgXMFehERkr0Sq7JiUUIBvGzQrntyhjKCHxuWfUtFRizFjwjeNmATRsxxkwKJxJ0ESVLl-gRAG_7NAa33BRy74hlhE6V-XRF4QwFMVAr-kLxn_H_1KPvt1Tqxm8nC-f1dWjxQFjL-wvQZIH8Yd2A6GRR6OlXFTqIQsmHu9QecR9xVFeSpNDmEc2K_o76Ai7H3X1byK43D-izN3k3qibVc3J9gBydXsxbdHuDW67lMk3SDQLamll-ge0ErB83of6X24ko_IxXak8aKxVUcHnSZsch7295lJal3QjmyGYmWfx8mD_tlEp4kLaDYcQ2JeC6_fIscz-qfSy0-ZBmlTW5vKqBkWUXIkG4CSLJYj1qulR8eW_XD8m4ud_DLlWFS6YXqtzReFWypd7Ov2oYJSJqEPqgI2zu8wAz79CEZV4ARtBK8Alg9Fap9XeQbYK_w4Lh6PNsycdIQLYpg0TNkAhNxQVS2u8_dI5MYXi1ocmyeFLJDc2FVchhJALWDzw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9gPvcbvdY5z3AY-ZywXomYjgB8me0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItOTE0NDIwMTA1MDg4ODU2N8gBCakCLJT8cbwosj6oAwHIAwKqBJUCT9A-JePYPnN8XdoYzWC5VDNhR8oBbA4t2Wo2Itm4tzNlqBVkhasBD4jcevOL7yu2PElsCWd0OUptZvz3FM3_Hj7ZGibLsjpvlodY2eSKz7cqDwJoGirtLpRWOgZDzTtkf-f43_TF5_hD_Hxq-CxLOKsQJ_P3y7MjGG25QNaMX3_PoxQJArGNXqwox8t_uXjJvUGhd7WBzxNRnxy8KGxw1Yt7iO_0YUgqXVRwOJul1QfihdO7Quy3eUiJjOheDhAFFVyXfeYsOtAThSQHMkVUlCXwJv2PnwU8l5SwAE7IV4OCpuTHlaMpHjyCg6wW80MEMBNxCQyijuHAtBnoTnR4B_UlNqErs923OfIatWQ54YnI6KS-3oAGssbbhYeZrNxloAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0egIblrTE1mCbl0ZOhOZecxdaIfw%26client%3Dca-pub-9144201050888567%26adurl%3D
IP 178.250.2.65:0
Hash a525b22c226304a13d93dbef41ea78ca
8e50e49a2dcaf52828ad27fcd082ab5966ca2e03
aa815c7309b62ed8af9ddbb48ef36dc68342e061b261de94ef07a529568aebc5
GET /delivery/r/afr.php?z=Y927cQAAe5wKssyPAAIM6FIqoFjtMRRc-IGoEA&u=%7CegsB5zKQ5UOzxl8gA66NDA5FnqJjhoiNeWx%2BzjGC7YE%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi60Q9DnqLgXMFehERkr0Sq7JiUUIBvGzQrntyhjKCHxuWfUtFRizFjwjeNmATRsxxkwKJxJ0ESVLl-gRAG_7NAa33BRy74hlhE6V-XRF4QwFMVAr-kLxn_H_1KPvt1Tqxm8nC-f1dWjxQFjL-wvQZIH8Yd2A6GRR6OlXFTqIQsmHu9QecR9xVFeSpNDmEc2K_o76Ai7H3X1byK43D-izN3k3qibVc3J9gBydXsxbdHuDW67lMk3SDQLamll-ge0ErB83of6X24ko_IxXak8aKxVUcHnSZsch7295lJal3QjmyGYmWfx8mD_tlEp4kLaDYcQ2JeC6_fIscz-qfSy0-ZBmlTW5vKqBkWUXIkG4CSLJYj1qulR8eW_XD8m4ud_DLlWFS6YXqtzReFWypd7Ov2oYJSJqEPqgI2zu8wAz79CEZV4ARtBK8Alg9Fap9XeQbYK_w4Lh6PNsycdIQLYpg0TNkAhNxQVS2u8_dI5MYXi1ocmyeFLJDc2FVchhJALWDzw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9gPvcbvdY5z3AY-ZywXomYjgB8me0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItOTE0NDIwMTA1MDg4ODU2N8gBCakCLJT8cbwosj6oAwHIAwKqBJUCT9A-JePYPnN8XdoYzWC5VDNhR8oBbA4t2Wo2Itm4tzNlqBVkhasBD4jcevOL7yu2PElsCWd0OUptZvz3FM3_Hj7ZGibLsjpvlodY2eSKz7cqDwJoGirtLpRWOgZDzTtkf-f43_TF5_hD_Hxq-CxLOKsQJ_P3y7MjGG25QNaMX3_PoxQJArGNXqwox8t_uXjJvUGhd7WBzxNRnxy8KGxw1Yt7iO_0YUgqXVRwOJul1QfihdO7Quy3eUiJjOheDhAFFVyXfeYsOtAThSQHMkVUlCXwJv2PnwU8l5SwAE7IV4OCpuTHlaMpHjyCg6wW80MEMBNxCQyijuHAtBnoTnR4B_UlNqErs923OfIatWQ54YnI6KS-3oAGssbbhYeZrNxloAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0egIblrTE1mCbl0ZOhOZecxdaIfw%26client%3Dca-pub-9144201050888567%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:57:05 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=1bvN_4D4xwh-hkYgS7MHLO8ju5AqgygCr98ZAi09hKkpLxqagVfZuF1BW4hn84zZmgflBP70ijPC_q4PEaUEQEAL4r5OFjn4y-1wtKOSHTimPK9XF7egiHIyTtnz3ogvBISMtb8h0xPTl5umov7dCJygA7ghZWrJ0O7tHYwQ_yZlxugPuaj5BmfQEbZBf4ESW8IrRjU3GX8u20eFu_M8oiI2TkiP_otXURsRcQsYtNkGbdLkcVAR0OBoF6WyFh2IdsV0cGY7IuDfyPmi"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 79583681
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e70636-fb7d-4a6e-9742-a039e4d7253d.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e70636-fb7d-4a6e-9742-a039e4d7253d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 41580a501cc07c328e6ab6b167a110dc
a4dfa0f479b5f9a036b75b2eea6dffabd3a3486e
0fa45161e563101b3f1293f951a3edf84c88c9f3b29bed9b54f952ca325bf21d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e70636-fb7d-4a6e-9742-a039e4d7253d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7101
x-amzn-requestid: 479d8004-430a-45b9-99fa-11cbcc605a7c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EHxqoAMFaug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-25ac3c54427748bc191fd1ba;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1-NjCSeyrUAwvL2BDl1JXYK0WY0ze5FZz5-chZ6x2IEnDQBw9rEv6w==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:11:51 GMT
age: 13515
etag: "a4dfa0f479b5f9a036b75b2eea6dffabd3a3486e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbruuns-bazaar%2F1300x1700%2Fbbm1016_cnavy_vnavy.jpg&v=3&w=400&s=0xYegbc_ol962YGGbnMvyYdg&b=400
178.250.0.139200 OK 4.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbruuns-bazaar%2F1300x1700%2Fbbm1016_cnavy_vnavy.jpg&v=3&w=400&s=0xYegbc_ol962YGGbnMvyYdg&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 298x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f677783d863f10494f1dbb61fc9f9ec0
04ac11c1177c39877e21f79aea6407349ced5821
0649048ab7c202dd0542c52dcbe378a783c8dc07ded9811a09d1914edb9d23fb
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbruuns-bazaar%2F1300x1700%2Fbbm1016_cnavy_vnavy.jpg&v=3&w=400&s=0xYegbc_ol962YGGbnMvyYdg&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31300741
expires: Thu, 01 Feb 2024 08:36:08 GMT
date: Sat, 04 Feb 2023 01:57:05 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4476
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jBxNmhfAeUgxg8w4XpQHZ1QoN9GatdUV7V7r2tHd7YePJYPHpesd2Q==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:21 GMT
age: 13905
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsvea%2F1300x1700%2Fsve10244_cgrey_v901.jpg&v=3&w=400&s=EXDWfrVLjwla653OTAlKHmXI&b=400
178.250.0.139200 OK 6.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsvea%2F1300x1700%2Fsve10244_cgrey_v901.jpg&v=3&w=400&s=EXDWfrVLjwla653OTAlKHmXI&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 253x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4107b3cce321d0de575e2d09ee500141
ea63bcbed38763856b3c80f6921b2e34648cc2e6
0d5fe42912025a3f0d1d9b825a59bf43a0067e6ccba06d997e75cd7b86e83347
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsvea%2F1300x1700%2Fsve10244_cgrey_v901.jpg&v=3&w=400&s=EXDWfrVLjwla653OTAlKHmXI&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31246703
expires: Wed, 31 Jan 2024 17:35:29 GMT
date: Sat, 04 Feb 2023 01:57:05 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6652
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b5c35cdff2fb0758db780212b0b1f77
edbb557a3bf57128467335685aebbd4831d802f8
e0fa59843073ba8bd171c66610bc1b3d59a1a94c4991e6023507b9453ca0edba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9349
x-amzn-requestid: ecd1913d-7dbe-4ffd-ba85-0549aab51a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyayOGPlIAMFQ7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dda4da-6a9b8d146155fa8b6c1c02d6;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 00:20:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jGBEz2d-SXXPBZhwlJgR4w248y-NY2c-18euLre5PULjWUIfhfUmNQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 00:30:47 GMT
age: 5179
etag: "edbb557a3bf57128467335685aebbd4831d802f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fdickies%2F1300x1700%2Fdicdk0a4xdx_ccharcoalgrey.jpg&v=3&w=400&s=UBlpXPNatT5H8AOcQle2fdWz&b=400
178.250.0.139200 OK 4.1 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fdickies%2F1300x1700%2Fdicdk0a4xdx_ccharcoalgrey.jpg&v=3&w=400&s=UBlpXPNatT5H8AOcQle2fdWz&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 290x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cb5d3c08b860d8c1ca38b60dd9441dad
6abf7766db942aad0d7683cf2f5af845b7ae3bdd
ffef52e4f877df92f511626c93a980de956b822630081dda1dc14c7564dadc73
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fdickies%2F1300x1700%2Fdicdk0a4xdx_ccharcoalgrey.jpg&v=3&w=400&s=UBlpXPNatT5H8AOcQle2fdWz&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=29397410
expires: Wed, 10 Jan 2024 07:53:57 GMT
date: Sat, 04 Feb 2023 01:57:05 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4126
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fecco%2F1300x1700%2Fec207083_cblack_v01001.jpg&v=3&w=400&s=245CQ9W0kIX6F-sXz9FpInoa&b=400
178.250.0.139200 OK 10 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fecco%2F1300x1700%2Fec207083_cblack_v01001.jpg&v=3&w=400&s=245CQ9W0kIX6F-sXz9FpInoa&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x336, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a038be7d3e6d4838b4a63bd8daa28a1e
81f01b450467dfc5a96a6077358e42787edcb977
d9e7a945587d1dc06c2ed3c5734385cc6bf6d8e8de37b21da2530a03c2a76128
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fecco%2F1300x1700%2Fec207083_cblack_v01001.jpg&v=3&w=400&s=245CQ9W0kIX6F-sXz9FpInoa&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=29484036
expires: Thu, 11 Jan 2024 07:57:43 GMT
date: Sat, 04 Feb 2023 01:57:06 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10502
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=76&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=596&s=kubBizj1InpsG55FzF6G8Sed
178.250.0.139200 OK 2.1 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=76&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=596&s=kubBizj1InpsG55FzF6G8Sed
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 202x76, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7f58fb2e416c7ff2cec3c25d249d424d
ab8b97c07381c9c0b71bb1f71b83c359df3eaee3
3ddf75832e537b8ad21b428faa9a979bc4675460ebe3b125e9057b15938a0183
GET /img/img?h=76&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=596&s=kubBizj1InpsG55FzF6G8Sed HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30848475
expires: Sat, 27 Jan 2024 02:58:21 GMT
date: Sat, 04 Feb 2023 01:57:05 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 2088
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ab97f766ee1ed6ebbb2b3889a9157b4
f87f165404dec4d65531e6e25146cb77601f3616
f3d0f76f956371b1733a526f10a8253fc3396a459d7af59380d8e8db7dee8ec2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14071
x-amzn-requestid: 40cb363f-2c4d-4361-9fe1-10e4c8b2fe29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiTo4Ek2oAMFs6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d73305-6cb63d3c49f9f84e639467f6;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 03:01:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: b7r7phj8i49RMSuWufxF1L34K9udWa0mJ4dY12izM9ofwAuCFBGEZQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:47:06 GMT
age: 15000
etag: "f87f165404dec4d65531e6e25146cb77601f3616"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f926cd4f39b1a10b152e5959b28ae29e
2b1982d21321071394e363888e007598e968fb35
a51b246a9aa5a2583cae7fd4f0a3bdf73f0b318b7838828d36ea5674a5f26753
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13309
x-amzn-requestid: f6a3f0f3-d91b-4f4d-8265-0f87742ba5d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyFeBFX4oAMFfpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd82bf-5808ceec265756c702d212dc;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:55:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WWjzs8W8GmSAM0-Uc8XBTxz67RJJCIzp3fBYhkoIWZ26UrobmZV8mw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:14:12 GMT
etag: "2b1982d21321071394e363888e007598e968fb35"
content-type: image/jpeg
age: 13374
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F6b2cbc591def47e4ac7422e5a028f464_800x1200_no.png&v=3&w=1200&s=4kwCGWtG0VgF6qhrkPkkj59l
178.250.0.139200 OK 84 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F6b2cbc591def47e4ac7422e5a028f464_800x1200_no.png&v=3&w=1200&s=4kwCGWtG0VgF6qhrkPkkj59l
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash babac81dc2e4da2b8343e7d76bbbb357
c89b8eaf661b9220a82f950997eaaa899dd69ea2
5ba6a375ea3c3582d4aa716da8602fb2551bc8b2dcbfc1b8f5913f49f9466e70
GET /img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F6b2cbc591def47e4ac7422e5a028f464_800x1200_no.png&v=3&w=1200&s=4kwCGWtG0VgF6qhrkPkkj59l HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30857569
expires: Sat, 27 Jan 2024 05:29:55 GMT
date: Sat, 04 Feb 2023 01:57:05 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 84090
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230201&st=env
142.250.74.98200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230201&st=env
IP 142.250.74.98:0
File type JSON data\012- , ASCII text, with very long lines (14689), with no line terminators
Hash 815bbe4bf4ee52993bdc953eeea36587
a1bbe359dbd0093fc45e5940a866fdbaa5612a2c
a1057549bf28f3491eb51be0134508356bf0fc968b654badf2d5681f4f26cffa
GET /getconfig/sodar?sv=200&tid=gda&tv=r20230201&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://coicedegrillo.blogspot.com
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sat, 04 Feb 2023 01:57:06 GMT
server: cafe
content-length: 11087
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df871c6c3883344%26domain%3Dcoicedegrillo.blogspot.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcoicedegrillo.blogspot.com%252Ff1ec0084df8db9c%26relation%3Dparent.parent&container_width=0&font=&href=http%3A%2F%2Fcoicedegrillo.blogspot.com%2F2011%2F11%2Fto-na-media.html&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df871c6c3883344%26domain%3Dcoicedegrillo.blogspot.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcoicedegrillo.blogspot.com%252Ff1ec0084df8db9c%26relation%3Dparent.parent&container_width=0&font=&href=http%3A%2F%2Fcoicedegrillo.blogspot.com%2F2011%2F11%2Fto-na-media.html&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df871c6c3883344%26domain%3Dcoicedegrillo.blogspot.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcoicedegrillo.blogspot.com%252Ff1ec0084df8db9c%26relation%3Dparent.parent&container_width=0&font=&href=http%3A%2F%2Fcoicedegrillo.blogspot.com%2F2011%2F11%2Fto-na-media.html&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: E5nlXIvpe4jB9hOJuggjCmdA0bfEHrpMOOGtzE95TQDcPIx4kheDeQsfs2WVpsoEPslCuR4/BZmbBTY9AN/igg==
content-length: 0
date: Sat, 04 Feb 2023 01:57:06 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 621b586028d5acaf29b8777ca0872ce1
9d2a358576d0acab58e2eacf7765b686cee9181f
a7c99a5217e394c715679780ae1e3e60202653547212b0a4fd2efab0e1a01015
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 510 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash b5e3a2e9dbd669e9e9927453e20fe725
cad0e376a4a6d89e85cb90f63cf32cc3e2556707
cee634154e7337eee70c7fc64dcbbc5a449d29f2fea3261133182aa04b0b4ef6
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://coicedegrillo.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 04 Feb 2023 01:57:06 GMT
date: Sat, 04 Feb 2023 01:57:06 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-aLLegHYZxtrSbdNuZYceoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=1bvN_4D4xwh-hkYgS7MHLO8ju5AqgygCr98ZAi09hKkpLxqagVfZuF1BW4hn84zZmgflBP70ijPC_q4PEaUEQEAL4r5OFjn4y-1wtKOSHTimPK9XF7egiHIyTtnz3ogvBISMtb8h0xPTl5umov7dCJygA7ghZWrJ0O7tHYwQ_yZlxugPuaj5BmfQEbZBf4ESW8IrRjU3GX8u20eFu_M8oiI2TkiP_otXURsRcQsYtNkGbdLkcVAR0OBoF6WyFh2IdsV0cGY7IuDfyPmi&sds=2&rev=84569&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=1bvN_4D4xwh-hkYgS7MHLO8ju5AqgygCr98ZAi09hKkpLxqagVfZuF1BW4hn84zZmgflBP70ijPC_q4PEaUEQEAL4r5OFjn4y-1wtKOSHTimPK9XF7egiHIyTtnz3ogvBISMtb8h0xPTl5umov7dCJygA7ghZWrJ0O7tHYwQ_yZlxugPuaj5BmfQEbZBf4ESW8IrRjU3GX8u20eFu_M8oiI2TkiP_otXURsRcQsYtNkGbdLkcVAR0OBoF6WyFh2IdsV0cGY7IuDfyPmi&sds=2&rev=84569&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=1bvN_4D4xwh-hkYgS7MHLO8ju5AqgygCr98ZAi09hKkpLxqagVfZuF1BW4hn84zZmgflBP70ijPC_q4PEaUEQEAL4r5OFjn4y-1wtKOSHTimPK9XF7egiHIyTtnz3ogvBISMtb8h0xPTl5umov7dCJygA7ghZWrJ0O7tHYwQ_yZlxugPuaj5BmfQEbZBf4ESW8IrRjU3GX8u20eFu_M8oiI2TkiP_otXURsRcQsYtNkGbdLkcVAR0OBoF6WyFh2IdsV0cGY7IuDfyPmi&sds=2&rev=84569&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:57:06 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/adchoices_en.svg
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/adchoices_en.svg
IP 178.250.2.130:0
GET /flash/icon/adchoices_en.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:57:05 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
etag: W/"5e42b9ee-759"
expires: Tue, 30 Jan 2024 01:57:05 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=qtOaXd93wCs3txwqPiSRw8TATw49AcgHUO63Hx8OTn6w48LnsBtifQGdAPudFTX9kxHMe4kf-WSQwcg3FgUN2EEd-HlW87x-DdVUL4jtl2ypo6azRugYjVkMJh-8q2w7_YSnDA23StTGzzDIfYLw9_V7XqQsNbLestfVFciAkwJ4oPII_6ppCZTOq7saLhdc-RSJORJ2OPQ20jDWVECDnnOg4bBCZ_xvcCyVATrFMfgLBfMMedu-2NVh4uO5yewkFYsn5Dui3YH2qI2CMDsWAmKBtQ2lCNj9bbflxAT1a5IPDIzgk6dABFfTiITcFt72RCglADZ1Z5P3ke21T-RikH9v0n37ZvS-gmm4A9nunHgVDizCDDAdpEmM3Wp498_NTP1bC6baVSSMe9-QHCiuLq20bLU9xS6nY6Idtm3d8JjOVKHkMUxGRa9ze3FfnALQE3eNkQ
178.250.2.148200 OK 0 B URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=qtOaXd93wCs3txwqPiSRw8TATw49AcgHUO63Hx8OTn6w48LnsBtifQGdAPudFTX9kxHMe4kf-WSQwcg3FgUN2EEd-HlW87x-DdVUL4jtl2ypo6azRugYjVkMJh-8q2w7_YSnDA23StTGzzDIfYLw9_V7XqQsNbLestfVFciAkwJ4oPII_6ppCZTOq7saLhdc-RSJORJ2OPQ20jDWVECDnnOg4bBCZ_xvcCyVATrFMfgLBfMMedu-2NVh4uO5yewkFYsn5Dui3YH2qI2CMDsWAmKBtQ2lCNj9bbflxAT1a5IPDIzgk6dABFfTiITcFt72RCglADZ1Z5P3ke21T-RikH9v0n37ZvS-gmm4A9nunHgVDizCDDAdpEmM3Wp498_NTP1bC6baVSSMe9-QHCiuLq20bLU9xS6nY6Idtm3d8JjOVKHkMUxGRa9ze3FfnALQE3eNkQ
IP 178.250.2.148:0
GET /delivery/lg.php?cppv=3&cpp=qtOaXd93wCs3txwqPiSRw8TATw49AcgHUO63Hx8OTn6w48LnsBtifQGdAPudFTX9kxHMe4kf-WSQwcg3FgUN2EEd-HlW87x-DdVUL4jtl2ypo6azRugYjVkMJh-8q2w7_YSnDA23StTGzzDIfYLw9_V7XqQsNbLestfVFciAkwJ4oPII_6ppCZTOq7saLhdc-RSJORJ2OPQ20jDWVECDnnOg4bBCZ_xvcCyVATrFMfgLBfMMedu-2NVh4uO5yewkFYsn5Dui3YH2qI2CMDsWAmKBtQ2lCNj9bbflxAT1a5IPDIzgk6dABFfTiITcFt72RCglADZ1Z5P3ke21T-RikH9v0n37ZvS-gmm4A9nunHgVDizCDDAdpEmM3Wp498_NTP1bC6baVSSMe9-QHCiuLq20bLU9xS6nY6Idtm3d8JjOVKHkMUxGRa9ze3FfnALQE3eNkQ HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:57:05 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3542048
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy.svg
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy.svg
IP 178.250.2.130:0
GET /flash/icon/privacy.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:57:05 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
etag: W/"5e4d1491-646"
expires: Tue, 30 Jan 2024 01:57:05 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/animejs/animejs.js
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/animejs/animejs.js
IP 178.250.2.130:0
GET /animejs/animejs.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:57:05 GMT
content-type: text/javascript
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
etag: W/"5c9a64eb-3181"
expires: Tue, 30 Jan 2024 01:57:05 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2