r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5961
Expires: Sun, 05 Feb 2023 19:30:13 GMT
Date: Sun, 05 Feb 2023 17:50:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9098
Expires: Sun, 05 Feb 2023 20:22:30 GMT
Date: Sun, 05 Feb 2023 17:50:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 17:33:56 GMT
content-type: application/json
age: 1016
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.pazarem.com/2021/03/wii-ntsc-super-mario-all-stars.html
142.250.74.179301 Moved Permanently 204 B URL HTTP/1.1 www.pazarem.com/2021/03/wii-ntsc-super-mario-all-stars.html
IP 142.250.74.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 3767a82ff44f149bfa41ae5c03be9721
c7470a98cfc82ae29101ccb6e1422b697c470a52
4d493a1d8ccb85a057d4b0dee7f63e6e6aed2a3018c5b6088be74a044c515983
GET /2021/03/wii-ntsc-super-mario-all-stars.html HTTP/1.1
Host: www.pazarem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.pazarem.com/2021/03/wii-ntsc-super-mario-all-stars.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sun, 05 Feb 2023 17:50:52 GMT
Expires: Sun, 05 Feb 2023 17:50:52 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 204
Server: GSE
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16779
Expires: Sun, 05 Feb 2023 22:30:31 GMT
Date: Sun, 05 Feb 2023 17:50:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Lp+rGbza/7NzCWQpkDN/FK4+Bt/C66hDDoOOh4eiQNm1Ju9/wFvqLCL/HONhD+3Mr8wOxXsv0Pw=
x-amz-request-id: AD0ZF4VTXK4WX7RK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 16:53:21 GMT
age: 3451
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 17:50:52 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/INm8VPBL4lQ
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/INm8VPBL4lQ
IP 142.250.74.131:0
Hash 188bd3b08e85a8af5c08ab24d977a2c8
db444779f3520e09c14520ecc88105a1a182eeb8
27a517831e507c39341f65346a143e0c951c9ad4ddaa3118bb25bf71d13efd94
POST /s/gts1d4/INm8VPBL4lQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:52 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 17:49:07 GMT
age: 105
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2162
Expires: Sun, 05 Feb 2023 18:26:55 GMT
Date: Sun, 05 Feb 2023 17:50:53 GMT
Connection: keep-alive
www.pazarem.com/2021/03/wii-ntsc-super-mario-all-stars.html
142.250.74.179200 OK 41 kB URL HTTP/2 www.pazarem.com/2021/03/wii-ntsc-super-mario-all-stars.html
IP 142.250.74.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8997)
Hash 980ac00d0a15b6af7cc09751c6209a3c
3d054a9367e5a75539f3170b5bd22f8d50150b8f
77481d5ea81318f88b9cc311517c6466e20310bf28e141be171d73a63e36cd71
GET /2021/03/wii-ntsc-super-mario-all-stars.html HTTP/1.1
Host: www.pazarem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sun, 05 Feb 2023 17:50:53 GMT
date: Sun, 05 Feb 2023 17:50:53 GMT
cache-control: private, max-age=0
last-modified: Sun, 05 Feb 2023 02:02:21 GMT
etag: W/"0a094c5b4410247232042ad02cfbf953f4e28e253ae6bfb4b02f252d237931ac"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 41050
server: GSE
X-Firefox-Spdy: h2
www.pazarem.com/js/cookienotice.js
142.250.74.179200 OK 2.0 kB URL HTTP/2 www.pazarem.com/js/cookienotice.js
IP 142.250.74.179:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: www.pazarem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/2021/03/wii-ntsc-super-mario-all-stars.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Sun, 05 Feb 2023 17:50:53 GMT
expires: Sun, 12 Feb 2023 17:50:53 GMT
cache-control: public, max-age=604800
last-modified: Sun, 05 Feb 2023 14:50:43 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.240.57.100101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.240.57.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gg4xQWFK6M2LDSmUcDRh2g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XuhyuaJjQ89U2O1F5Q/NNYQhY90=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 78e6a848b80f008114441eeea30981db
8e71ebc1aa0b43ed2221190e219e05b43e71c665
336471ebc6bfd6bb215e142c41469feaa78cb2ba389bcdb89a52ca7ab385e85f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 78e6a848b80f008114441eeea30981db
8e71ebc1aa0b43ed2221190e219e05b43e71c665
336471ebc6bfd6bb215e142c41469feaa78cb2ba389bcdb89a52ca7ab385e85f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 78e6a848b80f008114441eeea30981db
8e71ebc1aa0b43ed2221190e219e05b43e71c665
336471ebc6bfd6bb215e142c41469feaa78cb2ba389bcdb89a52ca7ab385e85f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6504477252813882027f848727dec391
be962ce99c3b930792367715ac57a88ef89d8a50
5b8caefbedeb817645442e9e9907e5c6fdd1b9e657e73e7859e4e311409c8f51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-167984870-3
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-167984870-3
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 6882b07b8ac5e79bcf8cf6188c5d1f3d
bd2aa715fd85f2dcaedad44808ae038d3ff6c801
f3ad4b610fe5650fab17318ab562e51d19167bbd827020afa0c676fed0f13d33
GET /gtag/js?id=UA-167984870-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 Feb 2023 17:50:53 GMT
expires: Sun, 05 Feb 2023 17:50:53 GMT
cache-control: private, max-age=900
last-modified: Sun, 05 Feb 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43886
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-exjBhu7eP1Y/YD-E-FWTAKI/AAAAAAAAC0o/UZVpak26ax0F6R4tCFIVjh7pUQS6dCxzACLcBGAsYHQ/w200-h104/i_26337.jpg
142.250.74.161200 OK 8.8 kB URL HTTP/2 1.bp.blogspot.com/-exjBhu7eP1Y/YD-E-FWTAKI/AAAAAAAAC0o/UZVpak26ax0F6R4tCFIVjh7pUQS6dCxzACLcBGAsYHQ/w200-h104/i_26337.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 199x104, components 3\012- data
Hash 367c8752af42cc7412415001348068c4
29a1b9ac69580325a15946a8691edab9f1e3f790
aa7c25c754d72b718498010f17b05176428eb0b1e2fbe1761fb67db0a9434bac
GET /-exjBhu7eP1Y/YD-E-FWTAKI/AAAAAAAAC0o/UZVpak26ax0F6R4tCFIVjh7pUQS6dCxzACLcBGAsYHQ/w200-h104/i_26337.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vb4b"
expires: Mon, 06 Feb 2023 17:50:53 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="i_26337.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 17:50:53 GMT
server: fife
content-length: 8819
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-89dNPJuSza4/YD-E-DEvqBI/AAAAAAAAC0k/2um_1wCsakEasas5REFLPzllbqPDY-4IgCLcBGAsYHQ/w200-h150/134098--super-mario-all-stars.png
142.250.74.161200 OK 10 kB URL HTTP/2 1.bp.blogspot.com/-89dNPJuSza4/YD-E-DEvqBI/AAAAAAAAC0k/2um_1wCsakEasas5REFLPzllbqPDY-4IgCLcBGAsYHQ/w200-h150/134098--super-mario-all-stars.png
IP 142.250.74.161:0
File type PNG image data, 200 x 150, 8-bit colormap, non-interlaced\012- data
Hash 008d48aa38c986c8ff134d81b5f2d674
ccbd1f86f9c77b7bad15fbed3fda776d893c00ec
1b269162f8c2116000dc8c82db61429bc5d07aff4ca36faab8937924f454d01e
GET /-89dNPJuSza4/YD-E-DEvqBI/AAAAAAAAC0k/2um_1wCsakEasas5REFLPzllbqPDY-4IgCLcBGAsYHQ/w200-h150/134098--super-mario-all-stars.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vb4c"
expires: Mon, 06 Feb 2023 17:50:53 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="134098--super-mario-all-stars.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 17:50:53 GMT
server: fife
content-length: 10502
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-uv5-Ztnnxbs/YD-Cok5ueAI/AAAAAAAAC0Y/I3w5gMULCeM9LkB84lvI8CMMEXxzyYCtACLcBGAsYHQ/s320/61oxzPhd4KL._AC_SL1075_.jpg
142.250.74.161200 OK 42 kB URL HTTP/2 1.bp.blogspot.com/-uv5-Ztnnxbs/YD-Cok5ueAI/AAAAAAAAC0Y/I3w5gMULCeM9LkB84lvI8CMMEXxzyYCtACLcBGAsYHQ/s320/61oxzPhd4KL._AC_SL1075_.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 230x320, components 3\012- data
Hash 505dcfacb170d5ef72fea342ab97e0b5
3437d6551145ce926572d40d6ab37404485bab5d
cc3b4fedbc579a095539df023f59b8c4cb62ad7b22c414ccfebd7934bc509554
GET /-uv5-Ztnnxbs/YD-Cok5ueAI/AAAAAAAAC0Y/I3w5gMULCeM9LkB84lvI8CMMEXxzyYCtACLcBGAsYHQ/s320/61oxzPhd4KL._AC_SL1075_.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vb47"
expires: Mon, 06 Feb 2023 17:50:53 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="61oxzPhd4KL._AC_SL1075_.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 17:50:53 GMT
server: fife
content-length: 42149
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-G7wD4rZstCM/YD-E9w3e4DI/AAAAAAAAC0g/tAG-48ba8nUGUrvKVWyzA_pucrJRakiEACLcBGAsYHQ/w200-h150/se306fbacf84d086d5a56393654187691.jpg
142.250.74.161200 OK 17 kB URL HTTP/2 1.bp.blogspot.com/-G7wD4rZstCM/YD-E9w3e4DI/AAAAAAAAC0g/tAG-48ba8nUGUrvKVWyzA_pucrJRakiEACLcBGAsYHQ/w200-h150/se306fbacf84d086d5a56393654187691.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 200x150, components 3\012- data
Hash aa69e0a3aa5287f66fee9031ab83a4dc
9e5c5c2dfd291237f5988af49bd4e80c396d114b
ff6247a4e16244ae994272dadaad356f07d1793fc9feebb62de051fda54434cd
GET /-G7wD4rZstCM/YD-E9w3e4DI/AAAAAAAAC0g/tAG-48ba8nUGUrvKVWyzA_pucrJRakiEACLcBGAsYHQ/w200-h150/se306fbacf84d086d5a56393654187691.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vb4c"
expires: Mon, 06 Feb 2023 17:50:53 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="se306fbacf84d086d5a56393654187691.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 17:50:53 GMT
server: fife
content-length: 16838
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
216.58.207.233200 OK 17 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (1441)
Hash f18def4ccec463cf908f91e7cba7f2c1
02d95f67edd84a44c82255ca7abcdbf7f4d0cee5
12b91cbf31131a10b1fc2aa05047c027caeac0d6e0ca5deadf418fff63d68082
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 17447
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 15:34:38 GMT
expires: Wed, 31 Jan 2024 15:34:38 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Jan 2023 15:51:51 GMT
content-type: text/javascript
age: 440175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
142.250.74.106200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (32077)
Hash fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec
GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 03:22:46 GMT
expires: Mon, 05 Feb 2024 03:22:46 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 52087
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/1149436903-widgets.js
216.58.207.233200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1149436903-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash b78721b4cce75b522d9ec0d1fae9e007
4ceaa4752e3e81867193004fe928875abc0af5ce
e85f67824ac9f31deedecf0b1d58878b6b3993bad9f2b48e8312928154012f06
GET /static/v1/widgets/1149436903-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 02:15:05 GMT
expires: Thu, 01 Feb 2024 02:15:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 23:23:14 GMT
content-type: text/javascript
age: 401748
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 78e6a848b80f008114441eeea30981db
8e71ebc1aa0b43ed2221190e219e05b43e71c665
336471ebc6bfd6bb215e142c41469feaa78cb2ba389bcdb89a52ca7ab385e85f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 008ec668ac16e8385e24d1ffdd321745
040bf9b4c9248e4d05da2b69bdf3ed83c3c0452d
60a69a8456882f4f9261e3fe2f10bd9d114d41784f4d997872521adcd088ae23
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-hcibKlfxBaA/XvInWPBIlaI/AAAAAAAABdU/bPpCZ5f0ohw9tcqv_iZkhO1viekGUA3TACK4BGAYYCw/s1600/COVER-ICON-PAZAREM.png
142.250.74.161200 OK 22 kB URL HTTP/2 1.bp.blogspot.com/-hcibKlfxBaA/XvInWPBIlaI/AAAAAAAABdU/bPpCZ5f0ohw9tcqv_iZkhO1viekGUA3TACK4BGAYYCw/s1600/COVER-ICON-PAZAREM.png
IP 142.250.74.161:0
File type PNG image data, 400 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash ca8c51aafc56b93a1fdc22d1df97a1e4
5f6eda1f1526c9306855c4e03a69057c8b69b918
744972caeb23a1151e1c289e7cc4bd267be8cb6210e2971e6ecad8a312b8b436
GET /-hcibKlfxBaA/XvInWPBIlaI/AAAAAAAABdU/bPpCZ5f0ohw9tcqv_iZkhO1viekGUA3TACK4BGAYYCw/s1600/COVER-ICON-PAZAREM.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="COVER-ICON-PAZAREM.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 21515
x-xss-protection: 0
date: Sun, 05 Feb 2023 17:50:53 GMT
expires: Sat, 04 Feb 2023 00:36:42 GMT
cache-control: public, max-age=86400, no-transform
etag: "v5d6"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 28c3f02ba8cac75c2f1945e7be499cae
82390270ea7ee981db3fae587295029f335726da
ce1f772f6bd3cdd88e6f161731958d8bce7e3c019c9e618d0ed37560b79b0a4c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2140
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:53 GMT
Last-Modified: Sun, 05 Feb 2023 17:15:13 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3679
Expires: Sun, 05 Feb 2023 18:52:12 GMT
Date: Sun, 05 Feb 2023 17:50:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: c11233d1-ef16-4b03-9174-a493011dc0ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEoFHOKIAMFZwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8166-4a290e811547293f437311bb;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:49:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1F0bxib8bn4kZvGBTL63ecNDDEy6XZ8kIb8K5BNqusVL9SvAAARUJw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:11:45 GMT
age: 70748
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3679
Expires: Sun, 05 Feb 2023 18:52:12 GMT
Date: Sun, 05 Feb 2023 17:50:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3679
Expires: Sun, 05 Feb 2023 18:52:12 GMT
Date: Sun, 05 Feb 2023 17:50:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65cd12302c9ca5468dbc9a98155970e0
a0c63213c3021e40f8ea54f2da6a5c165ed5cfd1
8463155faca74f13ec4500fed98289d8bfbdc4a989d1cb7580736018eadf1000
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7992
x-amzn-requestid: ba4f95d9-6081-4b34-955c-bbe8e7b2335c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEEjGsdIAMF84w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8083-7666baa66ccdec9b5fec8736;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A3c6sSs_b8KkREPa26a8X9NTEZpHGDjElR9hT-NXwg6dYpeuRNZXfA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:11:06 GMT
age: 70787
etag: "a0c63213c3021e40f8ea54f2da6a5c165ed5cfd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3679
Expires: Sun, 05 Feb 2023 18:52:12 GMT
Date: Sun, 05 Feb 2023 17:50:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3679
Expires: Sun, 05 Feb 2023 18:52:12 GMT
Date: Sun, 05 Feb 2023 17:50:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b3e7140400336984afc6093c1246f863
59e0b21cdf4cfdac3f1ea05badd007727939ac42
4d927e74922159db5d07b9947fa1021cff74bb7b55759960cb3941d05c1e8f11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9579
x-amzn-requestid: c474008d-a6a9-409b-88e2-c55062044575
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzQtnFGhoAMF5Zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddfb23-54dd67257ba25ad24e977a9c;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 06:28:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0Of3BK3VqVMGQGDIODQthVmi7BC8Ney4zgGCpVuzYc1j6D8RRP-AxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 12:03:14 GMT
age: 20859
etag: "59e0b21cdf4cfdac3f1ea05badd007727939ac42"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 14:53:51 GMT
age: 10622
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8e0be7db14d930d6227443314bcd1747
4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d
baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12967
x-amzn-requestid: 38c58626-f4ad-4e2b-ad71-a628519d2ea2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmEdHFwCoAMFhxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8b453-7da6d0c1093468d320caaa1e;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 06:25:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t8dZTwod1-pZr8ACfp-6gfEu0TA3kGpfJrQeF8VgLg2tlrt03sa6Bg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 03:40:08 GMT
age: 51045
etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7a466d89c75ff3459b7328591db52cf
c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb
e73243be3d01d12a224c4e9826c4f52610cf7722eee69f62755278d7550705f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3474
x-amzn-requestid: 5846c080-9f25-4590-863c-8af2126cdbe1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WXEEbnoAMFRdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded0f9-1bd490125feadc14366e7ca0;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:41:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d8aQmkW-aqLFpb79RynlJG2vY1GTDbjLNY0Qukgg_WIjdI6cmbVKFw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:10:58 GMT
etag: "c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb"
content-type: image/jpeg
age: 70795
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
1.bp.blogspot.com/-cTwNFwzubdE/X6vreqjvDEI/AAAAAAAACJs/PZFE58v8wuQQDDOtpre90tqexHxir-AGgCPcBGAYYCw/w680/Car%25C3%25A1tula_PAL_SSBB.jpg
142.250.74.161200 OK 117 kB URL HTTP/2 1.bp.blogspot.com/-cTwNFwzubdE/X6vreqjvDEI/AAAAAAAACJs/PZFE58v8wuQQDDOtpre90tqexHxir-AGgCPcBGAYYCw/w680/Car%25C3%25A1tula_PAL_SSBB.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 640x904, components 3\012- data
Size 117 kB (117399 bytes)
Hash c9911e13bffbcd6ce4776805fe53cd46
d173bd65170575e68b9baebb4457aa9a0d8b27c9
bd151893c4853467649d83237f3481106cce1f1984a656580f482d3e968dd456
GET /-cTwNFwzubdE/X6vreqjvDEI/AAAAAAAACJs/PZFE58v8wuQQDDOtpre90tqexHxir-AGgCPcBGAYYCw/w680/Car%25C3%25A1tula_PAL_SSBB.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Car_tula_PAL_SSBB.jpg";filename*=UTF-8''Car%C3%A1tula_PAL_SSBB.jpg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 117399
x-xss-protection: 0
date: Sun, 05 Feb 2023 17:50:53 GMT
expires: Sat, 04 Feb 2023 00:36:42 GMT
cache-control: public, max-age=86400, no-transform
etag: "v89b"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ads.themoneytizer.com/moneybile.js
185.76.9.19200 OK 17 kB URL HTTP/2 ads.themoneytizer.com/moneybile.js
IP 185.76.9.19:0
ASN #60068 Datacamp Limited
Hash 5936222273ed289b4fa18730ae56a1d6
53727649844df236fc3b643f93c62020f7637cd8
c5491e632ee250e59601b58c0d22ab5b04641eea08e818b84f37470ad40ea90d
GET /moneybile.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 17:50:53 GMT
content-type: application/javascript
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
expires: Sat, 04 Feb 2023 18:08:14 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1675620495
server: CDN77-Turbo
x-77-nzt: AblMCQ2P8FX/bk0BAA
x-77-nzt-ray: c0a4cc28c606d33b7decdf63888d2332
x-cache: HIT
x-age: 85358
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
142.250.74.163200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pazarem.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 13:07:14 GMT
expires: Fri, 02 Feb 2024 13:07:14 GMT
cache-control: public, max-age=31536000
age: 276219
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
142.250.74.163200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pazarem.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 10:05:57 GMT
expires: Fri, 02 Feb 2024 10:05:57 GMT
cache-control: public, max-age=31536000
age: 287096
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
142.250.74.163200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pazarem.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 12:46:52 GMT
expires: Wed, 31 Jan 2024 12:46:52 GMT
cache-control: public, max-age=31536000
age: 450241
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
104.18.11.207200 OK 77 kB URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 104.18.11.207:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pazarem.com
Connection: keep-alive
Referer: https://stackpath.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 17:50:53 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 08/17/2022 18:20:14
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: d10f1411dc50bd1d47c774d2c3389c7c
cdn-cache: HIT
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 794d7db2da83fac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2
142.250.74.163200 OK 8.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 8668, version 1.0\012- data
Hash a242ba0df3a128a2cab929a8c45d5056
d70e2c70b21cbb66cd883ae56e2dedacefd81c7c
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
GET /s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pazarem.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8668
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Feb 2023 10:20:25 GMT
expires: Sun, 04 Feb 2024 10:20:25 GMT
cache-control: public, max-age=31536000
age: 113428
last-modified: Wed, 27 Apr 2022 16:07:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ba6a3b01ed9a1b27b2917f9cba5a59e1
7bc5fc055a16456f6247adfb8bedbf4c83602c8c
785024750322b6ee8e1e9cd17d3a733150a129ee7e3c301048535b740fc0ba06
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5143
Cache-Control: max-age=153356
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:54 GMT
Etag: "63df8c73-117"
Expires: Tue, 07 Feb 2023 12:26:50 GMT
Last-Modified: Sun, 05 Feb 2023 11:01:07 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 1477744ca58888706eb423d04c644e6e
db1514fe35ceae3a882d4f458b529561c3c68fac
40465956eaadfa80f157b5fe6452f8acad61c5e105b3daa5be2489b85e09b917
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6377
Cache-Control: max-age=164292
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:54 GMT
Etag: "63dfb259-138"
Expires: Tue, 07 Feb 2023 15:29:06 GMT
Last-Modified: Sun, 05 Feb 2023 13:42:49 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 312
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 733547835cd9d804b421736bc47921da
f5eb3d6794e12405f915c8e3cc71b61d7c67e314
45cabc26c476812a02e93282f7cb74b2de67cc84eea8e69cd84c1a51743f1158
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "45CABC26C476812A02E93282F7CB74B2DE67CC84EEA8E69CD84C1A51743F1158"
Last-Modified: Sat, 04 Feb 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6316
Expires: Sun, 05 Feb 2023 19:36:10 GMT
Date: Sun, 05 Feb 2023 17:50:54 GMT
Connection: keep-alive
onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1675619495195
51.89.9.251204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1675619495195
IP 51.89.9.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=2a897e3f18e6769&cb=1675619495195 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8a336af4fc482fe800f30d92ef416f77
71f9895648d3a35e4d4fe4ef3cce9437542730f6
ea4569adf8d62a45fc80a99564252ec1d2d9be8e6e33079472ca168abe7b37d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA4569ADF8D62A45FC80A99564252EC1D2D9BE8E6E33079472CA168ABE7B37D9"
Last-Modified: Sun, 05 Feb 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13638
Expires: Sun, 05 Feb 2023 21:38:12 GMT
Date: Sun, 05 Feb 2023 17:50:54 GMT
Connection: keep-alive
tag.leadplace.fr/libJsLP.js
145.239.192.166200 OK 5.5 kB URL HTTP/1.1 tag.leadplace.fr/libJsLP.js
IP 145.239.192.166:0
Hash a0c24f993bc0901cfe62d1e801cb2b45
7eb2bdce06161ae486bc8e7ecd0b5c9c4f7b2984
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
GET /libJsLP.js HTTP/1.1
Host: tag.leadplace.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 05 Feb 2023 17:50:54 GMT
Content-Type: application/javascript
Content-Length: 5547
Last-Modified: Thu, 14 Oct 2021 07:27:52 GMT
ETag: "6167dbf8-15ab"
Accept-Ranges: bytes
X-IPLB-Request-ID: 5B5A2A9A:4842_91EFC0A6:01BB_63DFEC7E_6C431E37:237B9
X-IPLB-Instance: 30195
p.cpx.to/p/12773/px.js
52.18.129.185200 OK 2.0 kB IP 52.18.129.185:0
File type ASCII text, with very long lines (1990), with no line terminators
Hash f439aad0d08f6305aa19a339a948084d
e01bb3707cab1c39dd4e78efeea438902182c3e0
d2581f2491c811e1e503e840938053e668884798e5dcc5eb43de83d146a7ed89
GET /p/12773/px.js HTTP/1.1
Host: p.cpx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
cache-control: max-age=2419200, public
content-type: application/javascript; charset=UTF-8
date: Sun, 05 Feb 2023 17:50:53 GMT
Content-Length: 1990
Connection: keep-alive
ads.themoneytizer.com/s/requestform.js?siteId=103169&formatId=24
185.76.9.19200 OK 13 kB URL HTTP/2 ads.themoneytizer.com/s/requestform.js?siteId=103169&formatId=24
IP 185.76.9.19:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (9723)
Hash f62fca8efb5adcdc25fffe6e9d4135eb
7306e9ed88930728bd6e890e1010d0ff4b82261d
f45e87a2284fa59a0c536987e121b85e9e2d1074dae3a14c82379af3f40b3844
GET /s/requestform.js?siteId=103169&formatId=24 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 17:50:53 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1676224253
server: CDN77-Turbo
x-77-nzt: AblMCQ0aQzah
x-77-nzt-ray: c0a4cc28c606d33b7decdf6390290229
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fwww.pazarem.com%2F2021%2F03%2Fwii-ntsc-super-mario-all-stars.html&id=MTIZ
145.239.192.166200 OK 0 B URL HTTP/1.1 tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fwww.pazarem.com%2F2021%2F03%2Fwii-ntsc-super-mario-all-stars.html&id=MTIZ
IP 145.239.192.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wckr.php?ref=https%3A%2F%2Fwww.pazarem.com%2F2021%2F03%2Fwii-ntsc-super-mario-all-stars.html&id=MTIZ HTTP/1.1
Host: tag.leadplace.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 05 Feb 2023 17:50:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Request-ID: 5B5A2A9A:4842_91EFC0A6:01BB_63DFEC7E_6C431E3F:237B9
X-IPLB-Instance: 30195
script.4dex.io/localstore.js
172.67.75.241200 OK 268 B URL HTTP/1.1 script.4dex.io/localstore.js
IP 172.67.75.241:0
File type ASCII text, with very long lines (482)
Hash 58fe1f2623397cca72ecea6ee95d76b9
ac4d33ae761cf330574597936273a9c5d82f96d0
7cb0b5944c53bbacc5983fbef96aa0c1f514ec12da81666765610eae562a9020
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 17:50:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 190766
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZTKiZIj6Vxx6ujdzRbAwNqF%2BFci54xLQYCoRb6Z01ANW%2BD3Zmm0emmaKdNvSrzZUvZHc7noDdT%2FKpnrvUi5HsNyqAezrScWPv6eFy5eAjgxYZD%2BYOTZ8MrMNMmQiqBq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794d7db51a4cb515-OSL
Content-Encoding: br
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eb0e0c25454e9b4c02a9b0c9d7d6f7d0
bd2267d81c5bd0cbb2db0b5549b9fdc5170a7000
ec5e00a0e1169a333229204bbd0ecfa72e686d2cfafdbd617648a8bfd1549abd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC5E00A0E1169A333229204BBD0ECFA72E686D2CFAFDBD617648A8BFD1549ABD"
Last-Modified: Sat, 04 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8741
Expires: Sun, 05 Feb 2023 20:16:35 GMT
Date: Sun, 05 Feb 2023 17:50:54 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 8942dac2c3b84167c8c1c36c8c5dbc24
3202c79b026ed05cd1568065cfba03cffe066637
998bc79f4dc7577f16aa29eea707a9f74380352848fae678f2f9e1a5a5ea42c5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 356
Cache-Control: max-age=151817
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:54 GMT
Etag: "63df9923-138"
Expires: Tue, 07 Feb 2023 12:01:11 GMT
Last-Modified: Sun, 05 Feb 2023 11:55:15 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 312
id5-sync.com/api/config/prebid
162.19.138.117200 134 B URL HTTP/1.1 id5-sync.com/api/config/prebid
IP 162.19.138.117:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99be75395b3c89cdd6781761e5a85ad2
225a8b587c3545be2581aa9ac2b630b51679d7be
559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1
POST /api/config/prebid HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 95
Origin: https://www.pazarem.com
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://www.pazarem.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 05 Feb 2023 17:50:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 8942dac2c3b84167c8c1c36c8c5dbc24
3202c79b026ed05cd1568065cfba03cffe066637
998bc79f4dc7577f16aa29eea707a9f74380352848fae678f2f9e1a5a5ea42c5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 356
Cache-Control: max-age=151817
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:54 GMT
Etag: "63df9923-138"
Expires: Tue, 07 Feb 2023 12:01:11 GMT
Last-Modified: Sun, 05 Feb 2023 11:55:15 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 312
kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fwww.pazarem.com%2F2021%2F03%2Fwii-ntsc-super-mario-all-stars.html
51.15.145.116200 OK 882 B URL HTTP/1.1 kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fwww.pazarem.com%2F2021%2F03%2Fwii-ntsc-super-mario-all-stars.html
IP 51.15.145.116:0
File type JSON data\012- , ASCII text, with very long lines (2312), with no line terminators
Hash ae5295098505848507e55bd0fe961a09
08095a3ed176e4ae456220a8170a674a3262597f
8bd0655cb3831cb95ebdbc6cd43a625bd0d3b0b15352bd0705b2096fc47810fa
GET /api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fwww.pazarem.com%2F2021%2F03%2Fwii-ntsc-super-mario-all-stars.html HTTP/1.1
Host: kvt.sddan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.pazarem.com
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 05 Feb 2023 17:50:54 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://www.pazarem.com
Cache-Control: private, max-age=60
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
script.4dex.io/adagio.js
172.67.75.241200 OK 23 kB IP 172.67.75.241:0
File type ASCII text, with very long lines (65354)
Hash 0ffb2c9b6dd933ae18ab7dc729d58e69
bb88b2f3fc47452873348d1cdcb7ea3d4a2bbc10
0cd0e55fa43693dfe4b04a225bf7774eb3f66e232828f8d661547728475a12f2
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pazarem.com/
Origin: https://www.pazarem.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 17:50:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Vary: Origin, Accept-Encoding
Access-Control-Expose-Headers:
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5rSKq%2FX4MScrMUNks9%2BbOxKj23BainGwBiTGt4EDMYOuf6Mc9TO9RXHCTbZH8JiyS8f9kTTxQAReNULsy29dKQ2T29FQE4%2BAigYUTwABTofZgI8droYPG9NGd2DA%2Fgm"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794d7db58affb515-OSL
Content-Encoding: br
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9b065dd10769b4123608f9a5e4605f6a
99ed1febf2e2e6e51fe64dc9ff0e84bb494a2369
78b576dd0b15b786715efdd4a5d204643f51e27e72593679775be417a3ccfa53
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 17:50:54 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 19:14:54 GMT
Expires: Thu, 09 Feb 2023 19:14:53 GMT
Etag: "99ed1febf2e2e6e51fe64dc9ff0e84bb494a2369"
Cache-Control: max-age=350038,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794d7db59855b503-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 62fee7d67016395e394bb6198ed16f20
4930912f30f06b318246f88ab2d4b0ef8310fcf6
500be9dcad6eb9ad87713914ba24532e52327cbef07393ea38cb6648ed335dc8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 17:50:54 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 12:04:33 GMT
Expires: Sun, 12 Feb 2023 12:04:32 GMT
Etag: "4930912f30f06b318246f88ab2d4b0ef8310fcf6"
Cache-Control: max-age=583417,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794d7db59b76fab8-OSL
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.pazarem.com%2F&domain=www.pazarem.com&cw=1&lsw=1
178.250.0.157200 OK 867 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.pazarem.com%2F&domain=www.pazarem.com&cw=1&lsw=1
IP 178.250.0.157:0
Hash 63fef399c966d07c5c823fa0cdc52dfc
1f1a7399f60c17e7cb1690a2123f9d4b05897ceb
5ae5be531021867ba790e200eeb8555909d16f1e9dd15d8a821e2538315c9c5e
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.pazarem.com%2F&domain=www.pazarem.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.pazarem.com
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 17:50:53 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://www.pazarem.com
server-processing-duration-in-ticks: 1352347
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
s.cpx.to/fire.js?pid=12773&ref=&url=https%3A%2F%2Fwww.pazarem.com%2F2021%2F03%2Fwii-ntsc-super-mario-all-stars.html&hn_ver=40&fid=807998b8-dc0f-4d98-949e-3e192f3c21ba
52.215.141.31200 OK 702 B URL HTTP/1.1 s.cpx.to/fire.js?pid=12773&ref=&url=https%3A%2F%2Fwww.pazarem.com%2F2021%2F03%2Fwii-ntsc-super-mario-all-stars.html&hn_ver=40&fid=807998b8-dc0f-4d98-949e-3e192f3c21ba
IP 52.215.141.31:0
File type ASCII text, with very long lines (702), with no line terminators
Hash 84f6a5fe6ab06e0f5d843eca9a896563
23f2fdb9c9d694b97ae341622e9d587ca7eeb113
6cbaa9013194f4e205f5386ecf90ea2e256b8d62f48476db37746743806ec193
GET /fire.js?pid=12773&ref=&url=https%3A%2F%2Fwww.pazarem.com%2F2021%2F03%2Fwii-ntsc-super-mario-all-stars.html&hn_ver=40&fid=807998b8-dc0f-4d98-949e-3e192f3c21ba HTTP/1.1
Host: s.cpx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 17:50:54 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 702
Connection: keep-alive
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: none
cache-control: no-store, must-revalidate, private, max-age=0
pragma: no-cache
p3p: CP="NOI DEV ADM"
expires: Mon, 30 Jan 2023 15:31:00 UTC
set-cookie: cpSess=c5c330aa8b5fda3; Expires=Mon, 05 Feb 2024 17:50:54 GMT; Domain=.cpx.to; Path=/; Secure; HttpOnly; SameSite=None
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
142.250.74.164200 OK 665 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 142.250.74.164:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash c7f89fdd783e35486b22625cb506da04
7a45defd22786b1ca257b21bb74d758149037426
3a695a81a72e80c5b9ce0889c960c64c9af49fc5e6c7e90a377686943020e4ad
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 05 Feb 2023 17:50:54 GMT
date: Sun, 05 Feb 2023 17:50:54 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 665
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7d887fc3e3b7a68b7872c76802085c0
eb26f820776e7d87a00489eb14f918e5f6945835
915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7d887fc3e3b7a68b7872c76802085c0
eb26f820776e7d87a00489eb14f918e5f6945835
915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7d887fc3e3b7a68b7872c76802085c0
eb26f820776e7d87a00489eb14f918e5f6945835
915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c.adsco.re/
104.17.166.186304 Not Modified 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
If-None-Match: W/"xkCBFtC0Wl/JiS60JFipuQ=="
TE: trailers
HTTP/2 304 Not Modified
date: Sun, 05 Feb 2023 17:50:54 GMT
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Wed, 08 Mar 2023 17:50:54 GMT
etag: W/"xkCBFtC0Wl/JiS60JFipuQ=="
cf-cache-status: HIT
age: 3009415
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d7db7bc3ab4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 89cb314fd96ee7eecd69c34d471055fe
0773c53bc7741323d666d69b39a73ec53167ed17
0e0811aec04223315893249a43c4a8b5140c5031651263a427c9885215e4719e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E0811AEC04223315893249A43C4A8B5140C5031651263A427C9885215E4719E"
Last-Modified: Sat, 04 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3519
Expires: Sun, 05 Feb 2023 18:49:33 GMT
Date: Sun, 05 Feb 2023 17:50:54 GMT
Connection: keep-alive
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.78200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sun, 05 Feb 2023 17:50:54 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+132; expires=Tue, 04-Feb-2025 17:50:54 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Feb 2023 17:50:54 GMT
cache-control: private
X-Firefox-Spdy: h2
lb.eu-1-id5-sync.com/lb/v1
162.19.138.117200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 162.19.138.117:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e85f2d01b4123338083c6490217f75a8
31d4b3e58363add094e5d1c2286fd95b43d66ab7
d62879c38f055a848740c27418cd9b6fa0b5fa97a8427db1ccc2b8ba1653910a
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.pazarem.com
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://www.pazarem.com
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 05 Feb 2023 17:50:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash b23324d6f4d0e667817fe82657ea263e
d82916373ee96db4ec3f53ce1c45be33335eb5d2
591a0efe0ebb8eeda4679ee09e9bfe90d09af104f101724781bac817a2902cae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6199
Cache-Control: max-age=163730
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:54 GMT
Etag: "63dfb0d9-139"
Expires: Tue, 07 Feb 2023 15:19:44 GMT
Last-Modified: Sun, 05 Feb 2023 13:36:25 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.78200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.78:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1558
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Sun, 05 Feb 2023 17:50:54 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+594; expires=Tue, 04-Feb-2025 17:50:54 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Feb 2023 17:50:54 GMT
X-Firefox-Spdy: h2
6.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pazarem.com
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 17:50:54 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://www.pazarem.com
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d7db83bd11c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.pazarem.com
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 17:50:53 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=83ApWF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3lvclBXUExSYUs2VzA3M21KbUx6R2NrMzB6YktSekdyS243SlVpVWtnbDI; expires=Fri, 01 Mar 2024 17:50:54 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://www.pazarem.com
server-processing-duration-in-ticks: 125707
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 643ce50f51750bf612f83935e98f135b
e2e21e9713f3795c64e23fd064f475a6daffab2e
33042f72234ef6663f2bc6bc512ba936260b1e7e33a27e00e98036cc24f8aa72
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "33042F72234EF6663F2BC6BC512BA936260B1E7E33A27E00E98036CC24F8AA72"
Last-Modified: Fri, 03 Feb 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5375
Expires: Sun, 05 Feb 2023 19:20:29 GMT
Date: Sun, 05 Feb 2023 17:50:54 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 62fee7d67016395e394bb6198ed16f20
4930912f30f06b318246f88ab2d4b0ef8310fcf6
500be9dcad6eb9ad87713914ba24532e52327cbef07393ea38cb6648ed335dc8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 17:50:54 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 12:04:33 GMT
Expires: Sun, 12 Feb 2023 12:04:32 GMT
Etag: "4930912f30f06b318246f88ab2d4b0ef8310fcf6"
Cache-Control: max-age=583417,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794d7db86dabfab8-OSL
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pazarem.com
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 17:50:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://www.pazarem.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
ibxgfv9e2axa.l4.adsco.re/
185.200.118.90200 OK 0 B URL HTTP/1.1 ibxgfv9e2axa.l4.adsco.re/
IP 185.200.118.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ibxgfv9e2axa.l4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.pazarem.com
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 17:50:54 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
143.204.42.129200 OK 26 kB URL HTTP/1.1 d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
IP 143.204.42.129:0
File type ASCII text, with very long lines (16085)
Hash 8703fc9eead243fe2f47380e962d7fa2
3d9f707259112fa9ccdd1e676f00eadcff71906c
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
GET /a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js HTTP/1.1
Host: d2zur9cc2gf1tx.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 25704
Connection: keep-alive
Accept-Ranges: bytes
Date: Sun, 05 Feb 2023 07:43:38 GMT
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: APIIuXhMXmWM1OvYB4mhUPqmzvJCVTyzJAJjwJnJLO6AM2zVlp30fA==
Age: 36436
ced.sascdn.com/tag/1097/smart.js
23.36.77.24200 OK 33 kB URL HTTP/1.1 ced.sascdn.com/tag/1097/smart.js
IP 23.36.77.24:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash ab5d7bcba6f9bbe86e71d3f75061efc8
bf137eb7dc8285e29d986f6b8f3272f6f979bc0e
a973cdadddcd9ba18f6e262f602d39e091090e4a94ac036b3fc4f7428e5b84e6
GET /tag/1097/smart.js HTTP/1.1
Host: ced.sascdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 32964
Cache-Control: public, max-age=7200
Expires: Sun, 05 Feb 2023 19:50:54 GMT
Date: Sun, 05 Feb 2023 17:50:54 GMT
Connection: keep-alive
www.google-analytics.com/analytics.js
216.58.207.206200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.58.207.206:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 05 Feb 2023 17:44:08 GMT
expires: Sun, 05 Feb 2023 19:44:08 GMT
cache-control: public, max-age=7200
age: 406
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7afb8eb5dcbd727fb69c14bfabe20e72
d4b1cc1973e4200a371f0aa8c5ec8232d780a77b
ca0a46edfe267973b60ff163d696fe7c0e862e56ee3f90f098bf309f276c987f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 13445df27c5946c36783669a3417a5fa
650b82bef702b6f9cb428b1bfcb78ed6ffde305a
46f9aaa584df5a324426eb0e3effc01b7d0a93c285d4d7060ec39dba2b5b06ff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6481
Cache-Control: max-age=93836
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:55 GMT
Etag: "63de9ebc-1d7"
Expires: Mon, 06 Feb 2023 19:54:51 GMT
Last-Modified: Sat, 04 Feb 2023 18:06:52 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f31d413448fb27f6006f2545602f47ff
59841d25babb3ba8963eba808c51fcea6492590a
dc69d16cb98638c74987c8bdb4613c2e7837b39a0423fefdfb2b7f518f21134c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5401
Cache-Control: max-age=102496
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:55 GMT
Etag: "63dec4c6-1d7"
Expires: Mon, 06 Feb 2023 22:19:11 GMT
Last-Modified: Sat, 04 Feb 2023 20:49:10 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 62fee7d67016395e394bb6198ed16f20
4930912f30f06b318246f88ab2d4b0ef8310fcf6
500be9dcad6eb9ad87713914ba24532e52327cbef07393ea38cb6648ed335dc8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 17:50:55 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 12:04:33 GMT
Expires: Sun, 12 Feb 2023 12:04:32 GMT
Etag: "4930912f30f06b318246f88ab2d4b0ef8310fcf6"
Cache-Control: max-age=583417,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794d7db70aa3b503-OSL
cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=807998b8-dc0f-4d98-949e-3e192f3c21ba
142.250.74.162302 Found 341 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=807998b8-dc0f-4d98-949e-3e192f3c21ba
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 76b601b92d13de383e63dc865698733c
542ec81ae272c100e85e2547752d6184c0837560
c2af0210947cdc3288dd0b9f490a886c5981d9bccd3290355fd6967dd720441c
GET /pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=807998b8-dc0f-4d98-949e-3e192f3c21ba HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=807998b8-dc0f-4d98-949e-3e192f3c21ba&google_tc=
date: Sun, 05 Feb 2023 17:50:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 341
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 05-Feb-2023 18:05:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
142.250.74.35200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (633)
Size 164 kB (163841 bytes)
Hash fe98364486b3206867b17008f995646f
35a5e9aa210970f7abd718d99e629c6982a3cc02
1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a
GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 08:53:11 GMT
expires: Wed, 31 Jan 2024 08:53:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
age: 464264
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.pazarem.com/favicon.ico
142.250.74.179200 OK 528 B URL HTTP/2 www.pazarem.com/favicon.ico
IP 142.250.74.179:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash e48844dd45fa21d4d98d4b6d73745f14
4cb7623be6c1741a3ba33ba71f9ef2662fb228ac
f6fbd5367d3f4e51e6d05e96aaededfee8455c480ec964b77d358463355f6dc1
GET /favicon.ico HTTP/1.1
Host: www.pazarem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/2021/03/wii-ntsc-super-mario-all-stars.html
Cookie: _pbjs_userid_consent_data=3524755945110770; sharedid=4df6a12a-6df5-4a04-9e61-905f2ec8fbec; cto_bundle=KHsG-F9jak15ZXNIQ250elp4TkpZNlBPTUp0T3k2aVZoZTNTZm9FZ25oNHcyUFZNTzI1SnhacVNzMiUyRno5RHFBNlc0S3RXRWklMkZHYnZXaGx4YWpocXZPejBpeGRyNlFxSkpiJTJGTktwYzdFc00lMkJHbXRMSDZFZHJBbDVEZUZkYXdkVXNCaUU1; cto_bidid=PsiwCl9seFRkd0pWV1J2NWF6bUFYZmpCbHFPNlowbzlJQmk0Tm11aWhyNTBlVElBRFJpME5XUGw2V25aTXhDZlRrdzRBV05ITmJRQWlVVkhSWHdSJTJGZEdUVFZ3JTNEJTNE; a=uHEMHT2UiffrmgtAH6g6TUzmDO3StBI0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon; charset=UTF-8
expires: Sun, 05 Feb 2023 17:50:54 GMT
date: Sun, 05 Feb 2023 17:50:54 GMT
cache-control: private, max-age=86400
last-modified: Sun, 05 Feb 2023 02:02:21 GMT
etag: W/"0a094c5b4410247232042ad02cfbf953f4e28e253ae6bfb4b02f252d237931ac"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 528
server: GSE
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=5b417277-26d6-4202-7cc1-d4b79e6ccc27&reqId=8956a4d9-39e8-4dc7-540b-8c130864a016&zdid=1258
142.250.74.162302 Found 447 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=5b417277-26d6-4202-7cc1-d4b79e6ccc27&reqId=8956a4d9-39e8-4dc7-540b-8c130864a016&zdid=1258
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 18e60e3963e5b1de299db67fa8d73213
77f30f18233c01e7829fe7e303f14bf156f9c078
a115598e9bce1195f03349b4af5da0135f2e92a6772882ae92bbe6a5683d3fac
GET /pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=5b417277-26d6-4202-7cc1-d4b79e6ccc27&reqId=8956a4d9-39e8-4dc7-540b-8c130864a016&zdid=1258 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=5b417277-26d6-4202-7cc1-d4b79e6ccc27&reqId=8956a4d9-39e8-4dc7-540b-8c130864a016&zdid=1258&google_tc=
date: Sun, 05 Feb 2023 17:50:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 447
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 05-Feb-2023 18:05:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
162.19.138.117200 43 B URL HTTP/1.1 id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
IP 162.19.138.117:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /i/12/9.gif?gdpr=&gdpr_consent= HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Sun, 05-Feb-2023 17:55:55 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Sun, 05-Feb-2023 17:55:55 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Sun, 05-Feb-2023 17:55:55 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Sun, 05-Feb-2023 17:55:55 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Sun, 05-Feb-2023 17:55:55 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Sun, 05-Feb-2023 17:55:55 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Sun, 05 Feb 2023 17:50:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3df6a2ef0673760172cd3d0dffb9689c
4d01cfe8a9493e1977a140ea946322e74cf11b75
99dffa81b41fdb7c4f4806f460d4f8a8f9eafabcac64b4b9a27f9feb28112762
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5311
Cache-Control: max-age=148444
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:55 GMT
Etag: "63df789c-1d7"
Expires: Tue, 07 Feb 2023 11:04:59 GMT
Last-Modified: Sun, 05 Feb 2023 09:36:28 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 67975a8ecb9da2555df0fa9e58a247f7
6b69b59d7b0d7bf0eef04dad7b649110c1b34993
e3053a8eea52a4c7e3203f3a409a7eb20848b7cc2a5894e66e13d796012a3376
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 17:50:55 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 09 Feb 2023 15:52:40 GMT
ETag: "6b69b59d7b0d7bf0eef04dad7b649110c1b34993"
Last-Modified: Sun, 05 Feb 2023 15:52:41 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1796
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794d7dba4951b518-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c2c21e92eb02f73e22fedb97e669acbd
b8c4c47940973a603190ebd6a113f86ae05edb4d
bad0e25ee40e8fb6527e429f721acfa3ea793883b1343f94a1374e8582b7440f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BAD0E25EE40E8FB6527E429F721ACFA3EA793883B1343F94A1374E8582B7440F"
Last-Modified: Fri, 03 Feb 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5975
Expires: Sun, 05 Feb 2023 19:30:30 GMT
Date: Sun, 05 Feb 2023 17:50:55 GMT
Connection: keep-alive
connect.facebook.net/es_ES/sdk.js
157.240.221.16200 OK 1.7 kB URL HTTP/2 connect.facebook.net/es_ES/sdk.js
IP 157.240.221.16:0
File type ASCII text, with very long lines (1957)
Hash 7327502c11809042051b644189ced6b4
e882ac2990ecf4cea2dc6ea064fb12e5367cad62
4fa5f1de0758d9fa696c19caeb0a7e319f78a01c3493f31d3200bca5805c3f80
GET /es_ES/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: a7d527e7c8e08e09f84e1f9784491045
etag: "798556d301f5b798a6583bf5d854a381"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 05 Feb 2023 18:09:33 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: cydQLBGAkEIFG2RBic7WtA==
x-fb-debug: FuRkMiFj6lzkUZeiUn67mYN8GVdgD8lZBPmomEOnCwiEnizWIRHz/G4DFxDjKqywpiilBEymJVSx+4ipEOG/Xw==
priority: u=3,i
content-length: 1686
x-fb-trip-id: 1679558926
date: Sun, 05 Feb 2023 17:50:55 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&a=1658915822&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pazarem.com%2F2021%2F03%2Fwii-ntsc-super-mario-all-stars.html&ul=en-us&de=UTF-8&dt=%5BWII%5D%20%5BNTSC%5D%20Super%20Mario%20All-Stars&sd=24-bit&sr=1280x1024&vp=1268x898&je=0&_u=YEBAAUABAAAAACAAI~&jid=220209328&gjid=817819411&cid=2010908052.1675619496&tid=UA-167984870-3&_gid=1127399165.1675619496&_r=1&_slc=1>m=457e3210&z=1741118249
216.58.207.206200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=1658915822&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pazarem.com%2F2021%2F03%2Fwii-ntsc-super-mario-all-stars.html&ul=en-us&de=UTF-8&dt=%5BWII%5D%20%5BNTSC%5D%20Super%20Mario%20All-Stars&sd=24-bit&sr=1280x1024&vp=1268x898&je=0&_u=YEBAAUABAAAAACAAI~&jid=220209328&gjid=817819411&cid=2010908052.1675619496&tid=UA-167984870-3&_gid=1127399165.1675619496&_r=1&_slc=1>m=457e3210&z=1741118249
IP 216.58.207.206:0
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j99&a=1658915822&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pazarem.com%2F2021%2F03%2Fwii-ntsc-super-mario-all-stars.html&ul=en-us&de=UTF-8&dt=%5BWII%5D%20%5BNTSC%5D%20Super%20Mario%20All-Stars&sd=24-bit&sr=1280x1024&vp=1268x898&je=0&_u=YEBAAUABAAAAACAAI~&jid=220209328&gjid=817819411&cid=2010908052.1675619496&tid=UA-167984870-3&_gid=1127399165.1675619496&_r=1&_slc=1>m=457e3210&z=1741118249 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.pazarem.com
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.pazarem.com
date: Sun, 05 Feb 2023 17:50:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&a=1658915822&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pazarem.com%2F2021%2F03%2Fwii-ntsc-super-mario-all-stars.html&ul=en-us&de=UTF-8&dt=%5BWII%5D%20%5BNTSC%5D%20Super%20Mario%20All-Stars&sd=24-bit&sr=1280x1024&vp=1268x898&je=0&_u=YEDAAUABAAAAACAAI~&jid=1717549051&gjid=513419824&cid=2010908052.1675619496&tid=UA-167984870-1&_gid=1127399165.1675619496&_r=1&_slc=1&z=321637307
216.58.207.206200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=1658915822&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pazarem.com%2F2021%2F03%2Fwii-ntsc-super-mario-all-stars.html&ul=en-us&de=UTF-8&dt=%5BWII%5D%20%5BNTSC%5D%20Super%20Mario%20All-Stars&sd=24-bit&sr=1280x1024&vp=1268x898&je=0&_u=YEDAAUABAAAAACAAI~&jid=1717549051&gjid=513419824&cid=2010908052.1675619496&tid=UA-167984870-1&_gid=1127399165.1675619496&_r=1&_slc=1&z=321637307
IP 216.58.207.206:0
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j99&a=1658915822&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pazarem.com%2F2021%2F03%2Fwii-ntsc-super-mario-all-stars.html&ul=en-us&de=UTF-8&dt=%5BWII%5D%20%5BNTSC%5D%20Super%20Mario%20All-Stars&sd=24-bit&sr=1280x1024&vp=1268x898&je=0&_u=YEDAAUABAAAAACAAI~&jid=1717549051&gjid=513419824&cid=2010908052.1675619496&tid=UA-167984870-1&_gid=1127399165.1675619496&_r=1&_slc=1&z=321637307 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.pazarem.com
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.pazarem.com
date: Sun, 05 Feb 2023 17:50:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
id5-sync.com/g/v2/102.json
162.19.138.117200 216 B URL HTTP/1.1 id5-sync.com/g/v2/102.json
IP 162.19.138.117:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5a5e6cc488d11ef93581804855d6733f
d271de9fb11c7ed2d6675a16f1bc5859af106fad
f34ba140ac87142dde424e9d09949b229cb32441d1fa8b55f160ffe3657ad55f
POST /g/v2/102.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 247
Origin: https://www.pazarem.com
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://www.pazarem.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 05 Feb 2023 17:50:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=807998b8-dc0f-4d98-949e-3e192f3c21ba&google_tc=
142.250.74.162302 Found 292 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=807998b8-dc0f-4d98-949e-3e192f3c21ba&google_tc=
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 3c5e8d423799ee59d9774dc0594e799a
3602044f002743b8e64c475d8427e4ddca5660de
9e476bd1917a07a9787980e98b3ce58a3dc4ca7c9212dc66c43f68387b9c161d
GET /pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=807998b8-dc0f-4d98-949e-3e192f3c21ba&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pazarem.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://s.cpx.to/ca.png?dsp=dbm&fid=807998b8-dc0f-4d98-949e-3e192f3c21ba&google_error=3
date: Sun, 05 Feb 2023 17:50:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 292
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=5b417277-26d6-4202-7cc1-d4b79e6ccc27&reqId=8956a4d9-39e8-4dc7-540b-8c130864a016&zdid=1258&google_tc=
142.250.74.162302 Found 437 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=5b417277-26d6-4202-7cc1-d4b79e6ccc27&reqId=8956a4d9-39e8-4dc7-540b-8c130864a016&zdid=1258&google_tc=
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash e28af6babbb66cfdc4222b911147d37d
9cfe7d79a586ed3f663c00ef0a205e252ea3ab3a
0a93d1a287353a60f7850a981a2363d9d3f99aceec7db9815bfb48f6ca21f21d
GET /pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=5b417277-26d6-4202-7cc1-d4b79e6ccc27&reqId=8956a4d9-39e8-4dc7-540b-8c130864a016&zdid=1258&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pazarem.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=5b417277-26d6-4202-7cc1-d4b79e6ccc27&reqId=8956a4d9-39e8-4dc7-540b-8c130864a016&zdid=1258&google_error=3
date: Sun, 05 Feb 2023 17:50:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 437
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
104.22.24.87200 OK 184 B URL HTTP/2 spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
IP 104.22.24.87:0
File type ASCII text, with no line terminators
Hash 16761020a0662b7d87be7015cd5a1529
6289d0a8aee14f24729af1391023a2ada8d82c33
3c8ff26a1359449d17f79c47dea6137f7b5616fcb4cff18c4b0a842b900e5a78
GET /?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pazarem.com
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 17:50:54 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://www.pazarem.com
set-cookie: zc=5b417277-26d6-4202-7cc1-d4b79e6ccc27; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
zsc=%DAn%D1lH%88%26%BFO%BD%F7%86ndr%E7Z%C8%94.j%B6p%D2%3C%E0%5B%D5r%F23%AF%D3%5C%98%26%05P%7D%DE%26%CF%99%E3%D3%3A%00+%B2%AB%E1%E2%BC%93%F6%9A%9CIu%FD_%A1-%A2%03%C4%95%E0%C3%8Al%F5%E1%17%0C%A5%F5%CA%E2%0A%91b5; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 794d7db4d8a6b4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
35.71.131.137200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
IP 35.71.131.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 17:50:55 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f31d413448fb27f6006f2545602f47ff
59841d25babb3ba8963eba808c51fcea6492590a
dc69d16cb98638c74987c8bdb4613c2e7837b39a0423fefdfb2b7f518f21134c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5401
Cache-Control: max-age=102496
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:55 GMT
Etag: "63dec4c6-1d7"
Expires: Mon, 06 Feb 2023 22:19:11 GMT
Last-Modified: Sat, 04 Feb 2023 20:49:10 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
s.cpx.to/ca.png?dsp=dbm&fid=807998b8-dc0f-4d98-949e-3e192f3c21ba&google_error=3
52.215.141.31200 OK 95 B URL HTTP/1.1 s.cpx.to/ca.png?dsp=dbm&fid=807998b8-dc0f-4d98-949e-3e192f3c21ba&google_error=3
IP 52.215.141.31:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9606fa62df0ffe87253f3baf418f0e42
fe8520ab0bf1622350513d685ece5faf70b4e8c1
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
GET /ca.png?dsp=dbm&fid=807998b8-dc0f-4d98-949e-3e192f3c21ba&google_error=3 HTTP/1.1
Host: s.cpx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pazarem.com/
Connection: keep-alive
Cookie: cpSess=c5c330aa8b5fda3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 17:50:55 GMT
Content-Type: image/png
Content-Length: 95
Connection: keep-alive
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: none
cache-control: no-store, must-revalidate, private, max-age=0
pragma: no-cache
set-cookie: cpSess=c5c330aa8b5fda3; Expires=Mon, 05 Feb 2024 17:50:55 GMT; Domain=.cpx.to; Path=/; Secure; HttpOnly; SameSite=None
mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=5b417277-26d6-4202-7cc1-d4b79e6ccc27&reqId=8956a4d9-39e8-4dc7-540b-8c130864a016&zdid=1258&google_error=3
104.22.24.87200 OK 95 B URL HTTP/2 mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=5b417277-26d6-4202-7cc1-d4b79e6ccc27&reqId=8956a4d9-39e8-4dc7-540b-8c130864a016&zdid=1258&google_error=3
IP 104.22.24.87:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=5b417277-26d6-4202-7cc1-d4b79e6ccc27&reqId=8956a4d9-39e8-4dc7-540b-8c130864a016&zdid=1258&google_error=3 HTTP/1.1
Host: mwzeom.zeotap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pazarem.com/
Connection: keep-alive
Cookie: zc=5b417277-26d6-4202-7cc1-d4b79e6ccc27; zsc=%DAn%D1lH%88%26%BFO%BD%F7%86ndr%E7Z%C8%94.j%B6p%D2%3C%E0%5B%D5r%F23%AF%D3%5C%98%26%05P%7D%DE%26%CF%99%E3%D3%3A%00+%B2%AB%E1%E2%BC%93%F6%9A%9CIu%FD_%A1-%A2%03%C4%95%E0%C3%8Al%F5%E1%17%0C%A5%F5%CA%E2%0A%91b5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 17:50:55 GMT
content-type: image/png
content-length: 95
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://www.pazarem.com
set-cookie: zc=5b417277-26d6-4202-7cc1-d4b79e6ccc27; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 794d7dbada99b4ff-OSL
X-Firefox-Spdy: h2
ibxgfv9e2axa.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 ibxgfv9e2axa.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ibxgfv9e2axa.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.pazarem.com
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 17:50:55 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 38d6041488926d00ce47d44a224dcf85
adb307149c1ccbff39171dbcec950a1bc4a3555b
6af704be5ac7effb872d2f932626d74b74a7918700e57e8118a056fe0745488a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4959
Cache-Control: max-age=132990
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:55 GMT
Etag: "63df3d9e-139"
Expires: Tue, 07 Feb 2023 06:47:25 GMT
Last-Modified: Sun, 05 Feb 2023 05:24:46 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 38d6041488926d00ce47d44a224dcf85
adb307149c1ccbff39171dbcec950a1bc4a3555b
6af704be5ac7effb872d2f932626d74b74a7918700e57e8118a056fe0745488a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4388
Cache-Control: max-age=132419
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:55 GMT
Etag: "63df3d9e-139"
Expires: Tue, 07 Feb 2023 06:37:54 GMT
Last-Modified: Sun, 05 Feb 2023 05:24:46 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 313
id5-sync.com/g/v2/12.json
162.19.138.117200 216 B URL HTTP/1.1 id5-sync.com/g/v2/12.json
IP 162.19.138.117:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7a7c04e79a434b35b68433aba9526779
dff23ca5383b4732327b090838638be45523eba5
f51cd49b98cb001dfb4891350002501666a6d5a08fedb262a04cec9d8d06b113
POST /g/v2/12.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 317
Origin: https://www.pazarem.com
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://www.pazarem.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 05 Feb 2023 17:50:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12773%26ref%3D%26url%3Dhttps%253A%252F%252Fwww.pazarem.com%252F2021%252F03%252Fwii-ntsc-super-mario-all-stars.html%26hn_ver%3D40%26fid%3D807998b8-dc0f-4d98-949e-3e192f3c21ba
68.67.160.117307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12773%26ref%3D%26url%3Dhttps%253A%252F%252Fwww.pazarem.com%252F2021%252F03%252Fwii-ntsc-super-mario-all-stars.html%26hn_ver%3D40%26fid%3D807998b8-dc0f-4d98-949e-3e192f3c21ba
IP 68.67.160.117:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12773%26ref%3D%26url%3Dhttps%253A%252F%252Fwww.pazarem.com%252F2021%252F03%252Fwii-ntsc-super-mario-all-stars.html%26hn_ver%3D40%26fid%3D807998b8-dc0f-4d98-949e-3e192f3c21ba HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 17:50:55 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12773%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Fwww.pazarem.com%25252F2021%25252F03%25252Fwii-ntsc-super-mario-all-stars.html%2526hn_ver%253D40%2526fid%253D807998b8-dc0f-4d98-949e-3e192f3c21ba
AN-X-Request-Uuid: fb3bff20-80d0-44e5-bf25-8b22f7617e3b
Set-Cookie: uuid2=4000059673585181130; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 17:50:55 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
ww1097.smartadserver.com/genericpost
81.17.55.112204 No Content 0 B URL HTTP/1.1 ww1097.smartadserver.com/genericpost
IP 81.17.55.112:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /genericpost HTTP/1.1
Host: ww1097.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.pazarem.com/
Origin: https://www.pazarem.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
date: Sun, 05 Feb 2023 17:50:55 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://www.pazarem.com
vary: Origin
connect.facebook.net/es_ES/sdk.js?hash=88a96e3d5e203c9f8656be5d749cf1ea
157.240.221.16200 OK 87 kB URL HTTP/2 connect.facebook.net/es_ES/sdk.js?hash=88a96e3d5e203c9f8656be5d749cf1ea
IP 157.240.221.16:0
File type ASCII text, with very long lines (13192)
Hash 84e4fcc1264b478d4b3c54a916dc6ec2
9cd7867a546608dfcb025f96af43c1b3d3c1fdda
482f5ea3d5fe578a42424016ed43b4870c65f09b8e17b5b45af052a04112e599
GET /es_ES/sdk.js?hash=88a96e3d5e203c9f8656be5d749cf1ea HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pazarem.com
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 7abe3ddb4eab820d4cf0f5e8d2a7a724
etag: "c9fee8fdbaf60d195c5b459fb6d474e8"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 05 Feb 2024 14:37:27 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: hOT8wSZLR41LPFSpFtxuwg==
x-fb-debug: 7N25LwLxCJUjMtUCnCHrK0Fdbtc5V+L8WMB9OdWWqud9y+CRKZJ++s0tF8wA/ZpV6zzbKAvxi1YJLCFD3Zf94w==
content-length: 87043
x-fb-trip-id: 1679558926
date: Sun, 05 Feb 2023 17:50:55 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ww1097.smartadserver.com/genericpost
81.17.55.112200 OK 1.6 kB URL HTTP/1.1 ww1097.smartadserver.com/genericpost
IP 81.17.55.112:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (2500)
Hash e5ccdb437925458e6ac8552bdbadb9f3
fb8048acba0b0ccdf6e04afb161d24a3937bd19f
99b0fd66a6e84c0faa8e6a36f287cc238ab2a57fca281739195512e29fdb6a16
POST /genericpost HTTP/1.1
Host: ww1097.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/javascript
Content-Length: 409
Origin: https://www.pazarem.com
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/javascript; charset=UTF-8
date: Sun, 05 Feb 2023 17:50:55 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.pazarem.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100%3b%24sw%3d1280%3b%24sh%3d1024; expires=Mon, 05 Feb 2024 17:50:55 GMT; domain=.smartadserver.com; path=/
vs=561434=5310350; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 05 Feb 2024 17:50:55 GMT; domain=.smartadserver.com; path=/
pid=8579188614307384877; expires=Mon, 05 Feb 2024 17:50:55 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638112162553601400&o=1; expires=Mon, 06 Feb 2023 17:50:55 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 06 Feb 2023 17:50:55 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 6041256
adsco.re/p
162.252.214.5200 OK 411 B IP 162.252.214.5:0
File type ASCII text, with very long lines (487), with no line terminators
Hash 7390352bb9f768f931933e39ca5cffec
1b85a69313175ceccbc9e56a8cb7478a7a641adb
85a8b12df0c1d9ecf143eada31062639cfca0ef3fc7f7fb8b8c52cd4e865219f
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2506
Origin: https://www.pazarem.com
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 17:50:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://www.pazarem.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
pixel.quantserve.com/pixel;r=568164066;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwww.pazarem.com%2F2021%2F03%2Fwii-ntsc-super-mario-all-stars.html;uht=2;fpan=1;fpa=P0-549357700-1675619496382;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230203135208;cm=;gdpr=0;ref=;d=pazarem.com;dst=0;et=1675619496491;tzo=0;ogl=url.https%3A%2F%2Fwww%252Epazarem%252Ecom%2F2021%2F03%2Fwii-ntsc-super-mario-all-stars%252Ehtml%2Ctitle.%5BWII%5D%20%5BNTSC%5D%20Super%20Mario%20All-Stars%2Cdescription.Super%20Mario%20All-Stars%20iso%252C%20descargar%20Super%20Mario%20All-Stars%252C%20descargar%20Super%20Mari%2Cimage.https%3A%2F%2F1%252Ebp%252Eblogspot%252Ecom%2F-uv5-Ztnnxbs%2FYD-Cok5ueAI%2FAAAAAAAAC0Y%2FI3w5gMULCeM9LkB84;ses=33676ce1-3bf6-4b93-9f58-32910b81d0aa
91.228.74.244200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=568164066;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwww.pazarem.com%2F2021%2F03%2Fwii-ntsc-super-mario-all-stars.html;uht=2;fpan=1;fpa=P0-549357700-1675619496382;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230203135208;cm=;gdpr=0;ref=;d=pazarem.com;dst=0;et=1675619496491;tzo=0;ogl=url.https%3A%2F%2Fwww%252Epazarem%252Ecom%2F2021%2F03%2Fwii-ntsc-super-mario-all-stars%252Ehtml%2Ctitle.%5BWII%5D%20%5BNTSC%5D%20Super%20Mario%20All-Stars%2Cdescription.Super%20Mario%20All-Stars%20iso%252C%20descargar%20Super%20Mario%20All-Stars%252C%20descargar%20Super%20Mari%2Cimage.https%3A%2F%2F1%252Ebp%252Eblogspot%252Ecom%2F-uv5-Ztnnxbs%2FYD-Cok5ueAI%2FAAAAAAAAC0Y%2FI3w5gMULCeM9LkB84;ses=33676ce1-3bf6-4b93-9f58-32910b81d0aa
IP 91.228.74.244:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=568164066;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwww.pazarem.com%2F2021%2F03%2Fwii-ntsc-super-mario-all-stars.html;uht=2;fpan=1;fpa=P0-549357700-1675619496382;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230203135208;cm=;gdpr=0;ref=;d=pazarem.com;dst=0;et=1675619496491;tzo=0;ogl=url.https%3A%2F%2Fwww%252Epazarem%252Ecom%2F2021%2F03%2Fwii-ntsc-super-mario-all-stars%252Ehtml%2Ctitle.%5BWII%5D%20%5BNTSC%5D%20Super%20Mario%20All-Stars%2Cdescription.Super%20Mario%20All-Stars%20iso%252C%20descargar%20Super%20Mario%20All-Stars%252C%20descargar%20Super%20Mari%2Cimage.https%3A%2F%2F1%252Ebp%252Eblogspot%252Ecom%2F-uv5-Ztnnxbs%2FYD-Cok5ueAI%2FAAAAAAAAC0Y%2FI3w5gMULCeM9LkB84;ses=33676ce1-3bf6-4b93-9f58-32910b81d0aa HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 17:50:55 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=63dfec7f-65914-b3499-9b34a; expires=Thu, 07-Mar-2024 17:50:55 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
178.250.0.157200 OK 24 kB URL HTTP/2 gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP 178.250.0.157:0
Hash b82e9d8abd88a183199b9cb8be3479e1
78559dc91b06a7b85bb7293d004ea9dfa4dd2b79
1967489562d055ac82e6c5ebcb6ebce22e7a31db1dbdaea964b7a011733ce95c
GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 17:50:54 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 1032215
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 03:13:01 GMT
expires: Fri, 02 Feb 2024 03:13:01 GMT
cache-control: public, max-age=31536000
age: 311874
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.pazarem.com/feeds/posts/default?alt=json-in-script&max-results=3&callback=jQuery112407860218654213342_1675619495207&_=1675619495208
142.250.74.179200 OK 6.6 kB URL HTTP/2 www.pazarem.com/feeds/posts/default?alt=json-in-script&max-results=3&callback=jQuery112407860218654213342_1675619495207&_=1675619495208
IP 142.250.74.179:0
File type Unicode text, UTF-8 text, with very long lines (51606)
Hash df05b1a6ca11de18f57b72eb73688ebf
2c8d576f77a598c1e8f5092f1c5cc0a16930f029
9635a227e80d86d25541e59b48e1992f436c4d165151a11084ad0ca9a24e4a2c
GET /feeds/posts/default?alt=json-in-script&max-results=3&callback=jQuery112407860218654213342_1675619495207&_=1675619495208 HTTP/1.1
Host: www.pazarem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.pazarem.com/2021/03/wii-ntsc-super-mario-all-stars.html
Cookie: _pbjs_userid_consent_data=3524755945110770; sharedid=4df6a12a-6df5-4a04-9e61-905f2ec8fbec; cto_bundle=KHsG-F9jak15ZXNIQ250elp4TkpZNlBPTUp0T3k2aVZoZTNTZm9FZ25oNHcyUFZNTzI1SnhacVNzMiUyRno5RHFBNlc0S3RXRWklMkZHYnZXaGx4YWpocXZPejBpeGRyNlFxSkpiJTJGTktwYzdFc00lMkJHbXRMSDZFZHJBbDVEZUZkYXdkVXNCaUU1; cto_bidid=PsiwCl9seFRkd0pWV1J2NWF6bUFYZmpCbHFPNlowbzlJQmk0Tm11aWhyNTBlVElBRFJpME5XUGw2V25aTXhDZlRrdzRBV05ITmJRQWlVVkhSWHdSJTJGZEdUVFZ3JTNEJTNE; a=uHEMHT2UiffrmgtAH6g6TUzmDO3StBI0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"97b23563dc7822596bf85e99cc3d5784c7f035d4d82b09b2641a70d78cdeaab3"
date: Sun, 05 Feb 2023 17:50:55 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Sun, 05 Feb 2023 17:50:56 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Sun, 05 Feb 2023 02:02:21 GMT
content-encoding: gzip
content-length: 6615
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash f26d5481a18bcf64b0421f80f30c35ab
4962f67774adcba3a20cf9c4d26d4d45bcb0d2ea
d02eda5fdcd7f8918c3753054923061885b07155764140d32349b55acd998f94
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4556
Cache-Control: max-age=106311
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:55 GMT
Etag: "63ded6fa-13a"
Expires: Mon, 06 Feb 2023 23:22:46 GMT
Last-Modified: Sat, 04 Feb 2023 22:06:50 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 314
secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12773%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Fwww.pazarem.com%25252F2021%25252F03%25252Fwii-ntsc-super-mario-all-stars.html%2526hn_ver%253D40%2526fid%253D807998b8-dc0f-4d98-949e-3e192f3c21ba
68.67.160.117302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12773%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Fwww.pazarem.com%25252F2021%25252F03%25252Fwii-ntsc-super-mario-all-stars.html%2526hn_ver%253D40%2526fid%253D807998b8-dc0f-4d98-949e-3e192f3c21ba
IP 68.67.160.117:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12773%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Fwww.pazarem.com%25252F2021%25252F03%25252Fwii-ntsc-super-mario-all-stars.html%2526hn_ver%253D40%2526fid%253D807998b8-dc0f-4d98-949e-3e192f3c21ba HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pazarem.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 17:50:55 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://s.cpx.to/an_fire?app_nexus_uid=0&pid=12773&ref=&url=https%3A%2F%2Fwww.pazarem.com%2F2021%2F03%2Fwii-ntsc-super-mario-all-stars.html&hn_ver=40&fid=807998b8-dc0f-4d98-949e-3e192f3c21ba
AN-X-Request-Uuid: 6f6ef93c-1198-453f-a68d-1567f0bcff75
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bf1533d3ca5e8edb536fdc6eb045c5c9
e506e83ca9763df541e4c502cd9a694f8e062c28
6a02ff7c345c5d0f2061b4587e96eef9d4c1f5812538ad4c34b1dd96a1e5aaba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A02FF7C345C5D0F2061B4587E96EEF9D4C1F5812538AD4C34B1DD96A1E5AABA"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7633
Expires: Sun, 05 Feb 2023 19:58:08 GMT
Date: Sun, 05 Feb 2023 17:50:55 GMT
Connection: keep-alive
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Origin.FromBundle~1&entry=c~Idfs.Rtus.147.Headers.Bundle~1&entry=c~Idfs.Rtus.147.Events.InitiateFetch~1
178.250.0.162200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Origin.FromBundle~1&entry=c~Idfs.Rtus.147.Headers.Bundle~1&entry=c~Idfs.Rtus.147.Events.InitiateFetch~1
IP 178.250.0.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Origin.FromBundle~1&entry=c~Idfs.Rtus.147.Headers.Bundle~1&entry=c~Idfs.Rtus.147.Events.InitiateFetch~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 17:50:55 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
s.cpx.to/an_fire?app_nexus_uid=0&pid=12773&ref=&url=https%3A%2F%2Fwww.pazarem.com%2F2021%2F03%2Fwii-ntsc-super-mario-all-stars.html&hn_ver=40&fid=807998b8-dc0f-4d98-949e-3e192f3c21ba
52.215.141.31200 OK 95 B URL HTTP/1.1 s.cpx.to/an_fire?app_nexus_uid=0&pid=12773&ref=&url=https%3A%2F%2Fwww.pazarem.com%2F2021%2F03%2Fwii-ntsc-super-mario-all-stars.html&hn_ver=40&fid=807998b8-dc0f-4d98-949e-3e192f3c21ba
IP 52.215.141.31:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9606fa62df0ffe87253f3baf418f0e42
fe8520ab0bf1622350513d685ece5faf70b4e8c1
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
GET /an_fire?app_nexus_uid=0&pid=12773&ref=&url=https%3A%2F%2Fwww.pazarem.com%2F2021%2F03%2Fwii-ntsc-super-mario-all-stars.html&hn_ver=40&fid=807998b8-dc0f-4d98-949e-3e192f3c21ba HTTP/1.1
Host: s.cpx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pazarem.com/
Connection: keep-alive
Cookie: cpSess=c5c330aa8b5fda3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 17:50:55 GMT
Content-Type: image/png
Content-Length: 95
Connection: keep-alive
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: none
cache-control: no-store, must-revalidate, private, max-age=0
pragma: no-cache
set-cookie: cpSess=c5c330aa8b5fda3; Expires=Mon, 05 Feb 2024 17:50:55 GMT; Domain=.cpx.to; Path=/; Secure; HttpOnly; SameSite=None
p3p: CP="NOI DEV ADM"
expires: Sun, 05 Feb 2023 17:50:55 UTC
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash ac8b33eb68fd8d5f611116594c3326d1
89aa6286e8ded31543670700bbf654af765ae8ed
35a7e4b69296584d3e99884546805b4d86379db704254685bbbdaedd015babef
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 05 Feb 2023 17:50:55 GMT
Last-Modified: Sun, 05 Feb 2023 16:25:21 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: izwbULInXelxHXmHYm0RcO3o6JcMW7xw9uAIqqxnkzQYejb9KBrW5A==
Age: 5134
secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
104.110.14.155301 Moved Permanently 0 B URL HTTP/2 secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
IP 104.110.14.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
date: Sun, 05 Feb 2023 17:50:55 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.pazarem.com/feeds/posts/default/-/Juegos%20de%20Wii?alt=json-in-script&max-results=3&callback=jQuery112407860218654213342_1675619495209&_=1675619495210
142.250.74.179200 OK 4.9 kB URL HTTP/2 www.pazarem.com/feeds/posts/default/-/Juegos%20de%20Wii?alt=json-in-script&max-results=3&callback=jQuery112407860218654213342_1675619495209&_=1675619495210
IP 142.250.74.179:0
File type Unicode text, UTF-8 text, with very long lines (28187)
Hash 91834480e61148e77e028d4dbe517ea7
a1818d1586eeaf11e3f5be359e488b79cc2d4f97
d6245a06475414421bb8becc79dd8c9588ab7d6569ed45eaa9a0e31c3471eedb
GET /feeds/posts/default/-/Juegos%20de%20Wii?alt=json-in-script&max-results=3&callback=jQuery112407860218654213342_1675619495209&_=1675619495210 HTTP/1.1
Host: www.pazarem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.pazarem.com/2021/03/wii-ntsc-super-mario-all-stars.html
Cookie: _pbjs_userid_consent_data=3524755945110770; sharedid=4df6a12a-6df5-4a04-9e61-905f2ec8fbec; cto_bundle=KHsG-F9jak15ZXNIQ250elp4TkpZNlBPTUp0T3k2aVZoZTNTZm9FZ25oNHcyUFZNTzI1SnhacVNzMiUyRno5RHFBNlc0S3RXRWklMkZHYnZXaGx4YWpocXZPejBpeGRyNlFxSkpiJTJGTktwYzdFc00lMkJHbXRMSDZFZHJBbDVEZUZkYXdkVXNCaUU1; cto_bidid=PsiwCl9seFRkd0pWV1J2NWF6bUFYZmpCbHFPNlowbzlJQmk0Tm11aWhyNTBlVElBRFJpME5XUGw2V25aTXhDZlRrdzRBV05ITmJRQWlVVkhSWHdSJTJGZEdUVFZ3JTNEJTNE; a=uHEMHT2UiffrmgtAH6g6TUzmDO3StBI0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"5c22ada4d5b7ac434bcb91ac9b73d8a3608b6b718eba1d9407db94e7b1026f65"
date: Sun, 05 Feb 2023 17:50:55 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Sun, 05 Feb 2023 17:50:56 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Sun, 05 Feb 2023 02:02:21 GMT
content-encoding: gzip
content-length: 4911
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
108.128.16.246200 OK 20 B URL HTTP/1.1 adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
IP 108.128.16.246:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7 HTTP/1.1
Host: adtrack.adleadevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pazarem.com
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.pazarem.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Encoding: gzip
Content-Type: application/x-javascript
Date: Sun, 05 Feb 2023 17:50:55 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sun, 05 Feb 2023 17:50:55 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Length: 20
Connection: keep-alive
gum.criteo.com/syncframe?origin=rtus&topUrl=www.pazarem.com
178.250.0.157200 OK 5.2 kB URL HTTP/2 gum.criteo.com/syncframe?origin=rtus&topUrl=www.pazarem.com
IP 178.250.0.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Hash 8ab1aa9bd88116f5d3b6f028571bdd08
dadca3d84954b514d16bb9370e21700c44d8e9ac
04d2faf710bbd5df4ba9d7d6a2080a3dcbbbc7e1754b32cdac678580ce2ed7be
GET /syncframe?origin=rtus&topUrl=www.pazarem.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 17:50:54 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=6ac5da01-52c8-4214-8d47-88311bed155a; expires=Fri, 01 Mar 2024 17:50:54 GMT; domain=.criteo.com; path=/; secure; samesite=none
optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 622393
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Playfair+Display:400,400i,700|Poppins:400,400i,500,500i,600,600i,700,700i
142.250.74.106200 OK 39 kB URL HTTP/2 fonts.googleapis.com/css?family=Playfair+Display:400,400i,700|Poppins:400,400i,500,500i,600,600i,700,700i
IP 142.250.74.106:0
Hash 967cade3bbccf8ce4aa716f5e28611a2
e455cc123c1d845778a45a2241ce8deaa4e2bf76
5b0e5426238ef59dd5125e4321b92831f15babb11af4498c41682ac0d9cf1016
GET /css?family=Playfair+Display:400,400i,700|Poppins:400,400i,500,500i,600,600i,700,700i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 Feb 2023 17:50:53 GMT
date: Sun, 05 Feb 2023 17:50:53 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
104.88.9.101200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
IP 104.88.9.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?p=smartadserver&endpoint=eu HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pazarem.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 05 Feb 2023 17:50:55 GMT
Connection: keep-alive
Vary: Accept-Encoding
eus.rubiconproject.com/usync.js
104.88.9.101200 OK 10 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP 104.88.9.101:0
File type ASCII text, with very long lines (18426)
Hash ace04dfac15be0d79f56e38980902803
74a2251fe600f3104efd44849521d642e97d327a
d5e456c23f9ff36e83dea3b7f3a550ee21ce615ea6e92c78c5be0f90b982d22f
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Sun, 05 Feb 2023 08:43:42 GMT
Content-Encoding: gzip
Content-Length: 10009
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=53607
Expires: Mon, 06 Feb 2023 08:44:22 GMT
Date: Sun, 05 Feb 2023 17:50:55 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 77c548ed6dbee7a04321102c3d93db5c
3f4a20119d052c6c8e5f4224a2948ffd559f96b3
5d553cadff959602e40d007c876a01e0dd4540640c64bbb2679300d43326c603
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6140
Cache-Control: max-age=130596
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:55 GMT
Etag: "63df2fa7-139"
Expires: Tue, 07 Feb 2023 06:07:31 GMT
Last-Modified: Sun, 05 Feb 2023 04:25:11 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 77c548ed6dbee7a04321102c3d93db5c
3f4a20119d052c6c8e5f4224a2948ffd559f96b3
5d553cadff959602e40d007c876a01e0dd4540640c64bbb2679300d43326c603
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6144
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:55 GMT
Last-Modified: Sun, 05 Feb 2023 16:08:31 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 313
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 17:50:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
ag.gbc.criteo.com/newidsd
185.235.84.1200 OK 511 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.1:0
Hash 25e08eda7b61296cc981f02498f0eea3
6d3a0e41b561fad05f52a65a07b119343b4e4104
c2ac11eb3e100b962f6ad6fd39e4cc6a2a7111bf7105f5d1bdef3712316d3430
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 17:50:55 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 114640
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash d52c7bb568b09443dd3ad9466d9fe584
8f9c590d5d4a856370a47261d5942033e6c6c60c
7831f1a6fb87a264deacba45561ca5b3f231b8b802f0d87c3625b59c521414be
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 17:50:55 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 18:42:14 GMT
Expires: Fri, 10 Feb 2023 18:42:13 GMT
Etag: "8f9c590d5d4a856370a47261d5942033e6c6c60c"
Cache-Control: max-age=434477,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794d7dbe6c46fab8-OSL
ibxgfv9e2axa.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 ibxgfv9e2axa.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ibxgfv9e2axa.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.pazarem.com
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 17:50:55 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ef93957e7647de6875c55fc7dcfaa912
db22475c14c297db2f90b0b4d3dd6f5210e573b1
6bf15bb83446ac97e63455961ba37f9f93c60fad1abd422403969847c8b6f6c2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6155
Cache-Control: max-age=118714
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:56 GMT
Etag: "63df012f-1d7"
Expires: Tue, 07 Feb 2023 02:49:30 GMT
Last-Modified: Sun, 05 Feb 2023 01:06:55 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
pixel-eu.rubiconproject.com/exchange/sync.php?p=smartadserver
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel-eu.rubiconproject.com/exchange/sync.php?p=smartadserver
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=smartadserver HTTP/1.1
Host: pixel-eu.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 2eb7d209ab67664d6226c75331547ba1
Content-Type: image/gif
betteradsystem.com/ifPAKs.html?_=BQFiAAAAAAAACZUAAqKogKm_wR4Nn5Xk3DPBwYDe3Gu_Yd9MglprKUgE9CBP98OrxdPwgOY1rd-6Xt3fLFdwM9kDLlbrlnZM5o7KQD4yArg83Mlj34MvEpMQ5MDQZ30wJs5vk_9HCbU-I5YqzdL9LwpKignTkc7rxkiY7JmAeKja8YJ2IYWqZVNc4D0TPFCBa2ZZ9iXlZUhVl-3gbZWVl-UJVOTiRUY64Hq-zyO3NXoCCN3BDVwUzn8CzAOY8a32AOD0hY0WBx6qSqYLSHfwHJ-_exGnlsTMW1UoJMN26GOpoaNucLEqyLvkzEr2Cq30Qlo-JRvCuXz_dqr06Om6CvPlIFMu3kkETHwAwd-HBAvB48E0V6xoiikSLjQOv-9GQSb68UNU7D4XSj8NC4hm_7jTb6sTUNQGC1TaVLqcP9-xa3m8u3B8hu4zwpe_ZIYOUFsSvzc1uY-Rzu6kSPmHwaP7s8f0gafu38ArYMg&v=4&HpwPdxbU=4175213&minBid=&sjKXaARd=0,0&bcPdJKxO=&kQdHSUxL=&s=1280,1024,1,1280,1024,0
162.252.213.208200 OK 44 B URL HTTP/2 betteradsystem.com/ifPAKs.html?_=BQFiAAAAAAAACZUAAqKogKm_wR4Nn5Xk3DPBwYDe3Gu_Yd9MglprKUgE9CBP98OrxdPwgOY1rd-6Xt3fLFdwM9kDLlbrlnZM5o7KQD4yArg83Mlj34MvEpMQ5MDQZ30wJs5vk_9HCbU-I5YqzdL9LwpKignTkc7rxkiY7JmAeKja8YJ2IYWqZVNc4D0TPFCBa2ZZ9iXlZUhVl-3gbZWVl-UJVOTiRUY64Hq-zyO3NXoCCN3BDVwUzn8CzAOY8a32AOD0hY0WBx6qSqYLSHfwHJ-_exGnlsTMW1UoJMN26GOpoaNucLEqyLvkzEr2Cq30Qlo-JRvCuXz_dqr06Om6CvPlIFMu3kkETHwAwd-HBAvB48E0V6xoiikSLjQOv-9GQSb68UNU7D4XSj8NC4hm_7jTb6sTUNQGC1TaVLqcP9-xa3m8u3B8hu4zwpe_ZIYOUFsSvzc1uY-Rzu6kSPmHwaP7s8f0gafu38ArYMg&v=4&HpwPdxbU=4175213&minBid=&sjKXaARd=0,0&bcPdJKxO=&kQdHSUxL=&s=1280,1024,1,1280,1024,0
IP 162.252.213.208:0
File type ASCII text, with no line terminators
Hash d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /ifPAKs.html?_=BQFiAAAAAAAACZUAAqKogKm_wR4Nn5Xk3DPBwYDe3Gu_Yd9MglprKUgE9CBP98OrxdPwgOY1rd-6Xt3fLFdwM9kDLlbrlnZM5o7KQD4yArg83Mlj34MvEpMQ5MDQZ30wJs5vk_9HCbU-I5YqzdL9LwpKignTkc7rxkiY7JmAeKja8YJ2IYWqZVNc4D0TPFCBa2ZZ9iXlZUhVl-3gbZWVl-UJVOTiRUY64Hq-zyO3NXoCCN3BDVwUzn8CzAOY8a32AOD0hY0WBx6qSqYLSHfwHJ-_exGnlsTMW1UoJMN26GOpoaNucLEqyLvkzEr2Cq30Qlo-JRvCuXz_dqr06Om6CvPlIFMu3kkETHwAwd-HBAvB48E0V6xoiikSLjQOv-9GQSb68UNU7D4XSj8NC4hm_7jTb6sTUNQGC1TaVLqcP9-xa3m8u3B8hu4zwpe_ZIYOUFsSvzc1uY-Rzu6kSPmHwaP7s8f0gafu38ArYMg&v=4&HpwPdxbU=4175213&minBid=&sjKXaARd=0,0&bcPdJKxO=&kQdHSUxL=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: betteradsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Sun, 05 Feb 2023 17:50:56 GMT
X-Firefox-Spdy: h2
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.147.Origin.FromSyncframeBundle~1
178.250.0.162200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.147.Origin.FromSyncframeBundle~1
IP 178.250.0.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.147.Origin.FromSyncframeBundle~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 17:50:55 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
token.rubiconproject.com/token?pid=2249&pt=n
69.173.144.165302 Found 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=2249&pt=n
IP 69.173.144.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=2249&pt=n HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 302 Found
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
content-length: 0
pixel.rubiconproject.com/exchange/sync.php?p=a9us
69.173.144.139204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/exchange/sync.php?p=a9us
IP 69.173.144.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=a9us HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Content-Type: image/gif
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4b89c5c00cc87658461f2b7f7b4286d7
4ebc7969c342e80d97cbc96c397f9f90789d6124
93ced48af967cdfd78f47bb15ee0ac4c4600754a9cfc984dd268b9a7d1ac2451
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4b89c5c00cc87658461f2b7f7b4286d7
4ebc7969c342e80d97cbc96c397f9f90789d6124
93ced48af967cdfd78f47bb15ee0ac4c4600754a9cfc984dd268b9a7d1ac2451
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
67.220.224.150302 Found 0 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
IP 67.220.224.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Sun, 05 Feb 2023 17:50:56 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: CFGQQRTS1D9WTJZR7KTE
Set-Cookie: ad-id=AxSkhgMpz0fcmIzIwciU2Oo|t; Domain=.amazon-adsystem.com; Expires=Sun, 01-Oct-2023 17:50:56 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4b89c5c00cc87658461f2b7f7b4286d7
4ebc7969c342e80d97cbc96c397f9f90789d6124
93ced48af967cdfd78f47bb15ee0ac4c4600754a9cfc984dd268b9a7d1ac2451
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4b89c5c00cc87658461f2b7f7b4286d7
4ebc7969c342e80d97cbc96c397f9f90789d6124
93ced48af967cdfd78f47bb15ee0ac4c4600754a9cfc984dd268b9a7d1ac2451
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash db5681f68f5f1abbaa27cf332cc74734
115b3ba0718aa6df4fb337362b442662b4356188
1cefb3fda341d31e35eb7764d551b177b5e4477deb263d14a9a2616bd7a64ed2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5585
Cache-Control: max-age=172131
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:56 GMT
Etag: "63dfd412-1d7"
Expires: Tue, 07 Feb 2023 17:39:47 GMT
Last-Modified: Sun, 05 Feb 2023 16:06:42 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
euw1.smartadserver.com/h/aip?uii=8038286360019592922&tmstp=6944558364&ckid=8579188614307384877&systgt=%24qc%3d1311348260%3b%24ql%3dMedium%3b%24qpc%3d1006%3b%24qt%3d216_1430_41056t%3b%24dma%3d0%3b%24b%3d12999%3b%24o%3d11100%3b%24sw%3d1280%3b%24sh%3d1024&acd=1675619455349&envtype=0&hol_cpm=0&opid=c7bad9cb-3266-4984-959e-012a05621a4e&opdt=1675619455357&siteid=561434&tgt=%24dt%3d1t&gdpr=0&visit=V&statid=19&imptype=0&intgtype=0&pgDomain=https%3a%2f%2fwww.pazarem.com%2f2021%2f03%2fwii-ntsc-super-mario-all-stars.html&cappid=8579188614307384877&capp=0&mcrdbt=0&insid=10503467&imgid=0&pgid=1703462&fmtid=45570&isLazy=0
89.149.192.65200 OK 43 B URL HTTP/1.1 euw1.smartadserver.com/h/aip?uii=8038286360019592922&tmstp=6944558364&ckid=8579188614307384877&systgt=%24qc%3d1311348260%3b%24ql%3dMedium%3b%24qpc%3d1006%3b%24qt%3d216_1430_41056t%3b%24dma%3d0%3b%24b%3d12999%3b%24o%3d11100%3b%24sw%3d1280%3b%24sh%3d1024&acd=1675619455349&envtype=0&hol_cpm=0&opid=c7bad9cb-3266-4984-959e-012a05621a4e&opdt=1675619455357&siteid=561434&tgt=%24dt%3d1t&gdpr=0&visit=V&statid=19&imptype=0&intgtype=0&pgDomain=https%3a%2f%2fwww.pazarem.com%2f2021%2f03%2fwii-ntsc-super-mario-all-stars.html&cappid=8579188614307384877&capp=0&mcrdbt=0&insid=10503467&imgid=0&pgid=1703462&fmtid=45570&isLazy=0
IP 89.149.192.65:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /h/aip?uii=8038286360019592922&tmstp=6944558364&ckid=8579188614307384877&systgt=%24qc%3d1311348260%3b%24ql%3dMedium%3b%24qpc%3d1006%3b%24qt%3d216_1430_41056t%3b%24dma%3d0%3b%24b%3d12999%3b%24o%3d11100%3b%24sw%3d1280%3b%24sh%3d1024&acd=1675619455349&envtype=0&hol_cpm=0&opid=c7bad9cb-3266-4984-959e-012a05621a4e&opdt=1675619455357&siteid=561434&tgt=%24dt%3d1t&gdpr=0&visit=V&statid=19&imptype=0&intgtype=0&pgDomain=https%3a%2f%2fwww.pazarem.com%2f2021%2f03%2fwii-ntsc-super-mario-all-stars.html&cappid=8579188614307384877&capp=0&mcrdbt=0&insid=10503467&imgid=0&pgid=1703462&fmtid=45570&isLazy=0 HTTP/1.1
Host: euw1.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Sun, 05 Feb 2023 17:50:55 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: Trk0=Value=1703462&Creation=05%2f02%2f2023+17%3a50%3a56; expires=Tue, 07 Mar 2023 17:50:56 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0bb3a776c8cb025e4dec9056ccbd236b
c47932e3b7dacc753885c9deb080f7a066ee3cbe
4a159720533ce330d1bdb9d6de77ff41188467cccc7a26d7efcfa599f7d56996
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5473
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:56 GMT
Last-Modified: Sun, 05 Feb 2023 16:19:43 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
67.220.224.150200 OK 43 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
IP 67.220.224.150:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6851dbf491ae442da3314f19e8aff085
ecfec27263608c4ae7cd4f8e0cebb1b061df2ac3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
GET /s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Sun, 05 Feb 2023 17:50:56 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
x-amz-rid: 2RHK495VEQ5FMCPT9YYH
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash c1ceef929ca0e6165ee7761c8b430292
6bc10d89ee17ed76e4875cce60bcb00e9fe35fa6
093a3fd281d47464163990b2cf21181c4edf298f84e6102b972e015ed62f8584
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 05 Feb 2023 17:50:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 04 Feb 2023 20:23:39 GMT
Expires: Sun, 05 Feb 2023 20:23:39 GMT
ETag: "6bc10d89ee17ed76e4875cce60bcb00e9fe35fa6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash d52c7bb568b09443dd3ad9466d9fe584
8f9c590d5d4a856370a47261d5942033e6c6c60c
7831f1a6fb87a264deacba45561ca5b3f231b8b802f0d87c3625b59c521414be
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 17:50:56 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 18:42:14 GMT
Expires: Fri, 10 Feb 2023 18:42:13 GMT
Etag: "8f9c590d5d4a856370a47261d5942033e6c6c60c"
Cache-Control: max-age=434476,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794d7dc15f64fab8-OSL
pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=1BPsrqSk4dro&ev=1&pid=560687
69.173.144.139204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=1BPsrqSk4dro&ev=1&pid=560687
IP 69.173.144.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=390200&nid=5120&put=1BPsrqSk4dro&ev=1&pid=560687 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Content-Type: image/gif
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 636ba4e0c51ceb43a86852976dc33b29
11ad8309638345756f7aef463ea0785e6952ee78
2cb28b3fc3585bc8f43643480ca20b904deb283cc00bc8f67f9cdf32b6a170e9
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 17:50:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 09 Feb 2023 16:15:37 GMT
ETag: "11ad8309638345756f7aef463ea0785e6952ee78"
Last-Modified: Sun, 05 Feb 2023 16:15:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1347
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794d7dc33aa9b518-OSL
match.deepintent.com/usersync/143
8.18.47.7200 OK 0 B URL HTTP/2 match.deepintent.com/usersync/143
IP 8.18.47.7:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usersync/143 HTTP/1.1
Host: match.deepintent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Sun, 05 Feb 2023 17:50:56 GMT
server: a
X-Firefox-Spdy: h2
b1sync.zemanta.com/usersync/rubicon/
64.74.236.95302 Found 109 B URL HTTP/1.1 b1sync.zemanta.com/usersync/rubicon/
IP 64.74.236.95:0
File type HTML document, ASCII text
Hash da91b0bebbbc88996f7fbc89fb2e26ed
b5d4536ac72b8ae1b84f19e04b8fc89b03b9af7d
23465be5cbf42ea06d10032446b2950d4e0993c70f5a7e7af666480d5ce65800
GET /usersync/rubicon/ HTTP/1.1
Host: b1sync.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Content-Length: 109
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=
Pragma: no-cache
Date: Sun, 05 Feb 2023 17:50:56 GMT
pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=
69.173.144.139204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=
IP 69.173.144.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=144598&nid=3992&expires=30&put= HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Content-Type: image/gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgPKeY2ZlY1tXwJi-4QfLfQyOVXALZv8GajTOUIE-n5PAhUewEL0MUcgY4Bg21FBj3tpip0S7Zsl6Ss_e0X1qSWNEpG7_CNJazWcHLgbB4EJMP2C9iswnD1w23nNLPeojHy_pHJ17qMpci8DsMxHzI3lQg2Ixp1iTB1RqlkQ5A2aS2CJavJI0A1Yw/w200-h113/Elden_Ring_game_screen.jpg
142.250.74.97200 OK 14 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgPKeY2ZlY1tXwJi-4QfLfQyOVXALZv8GajTOUIE-n5PAhUewEL0MUcgY4Bg21FBj3tpip0S7Zsl6Ss_e0X1qSWNEpG7_CNJazWcHLgbB4EJMP2C9iswnD1w23nNLPeojHy_pHJ17qMpci8DsMxHzI3lQg2Ixp1iTB1RqlkQ5A2aS2CJavJI0A1Yw/w200-h113/Elden_Ring_game_screen.jpg
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 200x112, components 3\012- data
Hash 3d011b53289577a26113a8a7e0a0ca1c
5b39703fc6dfa742bce0e1af0058fc60f8d9efe2
1bb94de91ceba6dfad14f36a365d478c2d21b6f7e808d27c37b1bc989e16e984
GET /img/b/R29vZ2xl/AVvXsEgPKeY2ZlY1tXwJi-4QfLfQyOVXALZv8GajTOUIE-n5PAhUewEL0MUcgY4Bg21FBj3tpip0S7Zsl6Ss_e0X1qSWNEpG7_CNJazWcHLgbB4EJMP2C9iswnD1w23nNLPeojHy_pHJ17qMpci8DsMxHzI3lQg2Ixp1iTB1RqlkQ5A2aS2CJavJI0A1Yw/w200-h113/Elden_Ring_game_screen.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vcde"
expires: Mon, 06 Feb 2023 17:50:56 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Elden_Ring_game_screen.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 17:50:56 GMT
server: fife
content-length: 13571
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4b89c5c00cc87658461f2b7f7b4286d7
4ebc7969c342e80d97cbc96c397f9f90789d6124
93ced48af967cdfd78f47bb15ee0ac4c4600754a9cfc984dd268b9a7d1ac2451
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:50:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blogger.googleusercontent.com/img/a/AVvXsEg2Rti_mp60a_vHIyuldxJg-OTg5sb4hv6DXbMKg-712mgLnMBEq_uukt8zTCiHSva1fEBgexEoYi0IylUfR1LrMlhtcsGIx6pcllUNbxyP2pvlhhP49QqYFkklvH5VIxcY0pT0HRF66vyNkEa-5RLSFZR-TTlvR48Eqrdodd_Jk_ePu-9kBkWdbw=w200-h113
142.250.74.97200 OK 3.7 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEg2Rti_mp60a_vHIyuldxJg-OTg5sb4hv6DXbMKg-712mgLnMBEq_uukt8zTCiHSva1fEBgexEoYi0IylUfR1LrMlhtcsGIx6pcllUNbxyP2pvlhhP49QqYFkklvH5VIxcY0pT0HRF66vyNkEa-5RLSFZR-TTlvR48Eqrdodd_Jk_ePu-9kBkWdbw=w200-h113
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 200x112, components 3\012- data
Hash 076b3b321bf461e860c608690a60f8ea
7e256d9c54439ef2841f29f780a69f201b56e4fc
5a3d46f26508968e44a6c438461e3e25ff968ad72f9d84118dc90d9831141815
GET /img/a/AVvXsEg2Rti_mp60a_vHIyuldxJg-OTg5sb4hv6DXbMKg-712mgLnMBEq_uukt8zTCiHSva1fEBgexEoYi0IylUfR1LrMlhtcsGIx6pcllUNbxyP2pvlhhP49QqYFkklvH5VIxcY0pT0HRF66vyNkEa-5RLSFZR-TTlvR48Eqrdodd_Jk_ePu-9kBkWdbw=w200-h113 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vccf"
expires: Mon, 06 Feb 2023 17:50:56 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="104610_411687.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 17:50:56 GMT
server: fife
content-length: 3696
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEiAB-tYAVazn5C5so3csX58YZ6LhCGheURvzsHTIU8MEc65bpKJRiSIv9JPFmUP5_WdL-eWVZTqzEet9-hYciotgJtGDsZSHHigZfCAzJxQkwn2ELqU4xs208eyakS8aOxNjsVb0GQiItzu1bUhke_GTPMthPEkT7aX0USyld8WeqS1YgbTZ1Eq5Q=s72-c
142.250.74.97200 OK 3.8 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEiAB-tYAVazn5C5so3csX58YZ6LhCGheURvzsHTIU8MEc65bpKJRiSIv9JPFmUP5_WdL-eWVZTqzEet9-hYciotgJtGDsZSHHigZfCAzJxQkwn2ELqU4xs208eyakS8aOxNjsVb0GQiItzu1bUhke_GTPMthPEkT7aX0USyld8WeqS1YgbTZ1Eq5Q=s72-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash e10d8cead817aa3ef2850c7624361b2b
0c03a7d92776350bd6f805dab9cd7b05bbaaa685
4134da6be08541251a647be31c6eb4582159121945a785b05a2fefd3affa9763
GET /img/a/AVvXsEiAB-tYAVazn5C5so3csX58YZ6LhCGheURvzsHTIU8MEc65bpKJRiSIv9JPFmUP5_WdL-eWVZTqzEet9-hYciotgJtGDsZSHHigZfCAzJxQkwn2ELqU4xs208eyakS8aOxNjsVb0GQiItzu1bUhke_GTPMthPEkT7aX0USyld8WeqS1YgbTZ1Eq5Q=s72-c HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vcd2"
expires: Mon, 06 Feb 2023 17:50:56 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="zZyMbHcVTvszjJOHEO2F8HxYzfFjRXhA.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 17:50:56 GMT
server: fife
content-length: 3765
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKrR-tNj3_p_Fj0bC2b11-_fiCt4UPAofX8ofclsM-cFYC7KPqD9v9cutsAsL6uC28N2tdSNRWnNqj8NdQUw6-Nui_ly_To-v7AKVr_1UydqPIqECQzd9TBrpGoy6ikby_NLxetF-LWA8YcHhOm_B6OGuT1hJML290t2tPuU-7MB8guWPYTPk3PQ/w640-h480/aGhopp3MHppi7kooGE2Dtt8C.png
142.250.74.97200 OK 78 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKrR-tNj3_p_Fj0bC2b11-_fiCt4UPAofX8ofclsM-cFYC7KPqD9v9cutsAsL6uC28N2tdSNRWnNqj8NdQUw6-Nui_ly_To-v7AKVr_1UydqPIqECQzd9TBrpGoy6ikby_NLxetF-LWA8YcHhOm_B6OGuT1hJML290t2tPuU-7MB8guWPYTPk3PQ/w640-h480/aGhopp3MHppi7kooGE2Dtt8C.png
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 640x480, components 3\012- data
Hash 1b45972fc05c28fa0bcd46370bc4af85
25f2443170e3521d49b7fac7c27399ab81cd673a
f3e7b6424c1d378eaab003b8da3ae5e7a3efafdd4bdffae735f41c04534b65be
GET /img/b/R29vZ2xl/AVvXsEgKrR-tNj3_p_Fj0bC2b11-_fiCt4UPAofX8ofclsM-cFYC7KPqD9v9cutsAsL6uC28N2tdSNRWnNqj8NdQUw6-Nui_ly_To-v7AKVr_1UydqPIqECQzd9TBrpGoy6ikby_NLxetF-LWA8YcHhOm_B6OGuT1hJML290t2tPuU-7MB8guWPYTPk3PQ/w640-h480/aGhopp3MHppi7kooGE2Dtt8C.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vcdb"
expires: Mon, 06 Feb 2023 17:50:56 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="aGhopp3MHppi7kooGE2Dtt8C.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 17:50:56 GMT
server: fife
content-length: 77581
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjVWzQMXpu0mdSPfWnUIZJMALeDF_Qr8MREN0ZVtjizhK-aTgSM-zYkKD8GvlvrtfHtwKD6NGgqXFXM_YKFDq-SL39zo6vDlbOX6SEjVCO0zyVQXmFTu4bdzXekAqz7cVQv9iUBI9vyCIpVZibi28Wj4e6827wxc6WbWuf9Hv7SRXfW0dK1Qyyjjw/w200-h113/Elden_Ring_Tip1.png
142.250.74.97200 OK 46 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjVWzQMXpu0mdSPfWnUIZJMALeDF_Qr8MREN0ZVtjizhK-aTgSM-zYkKD8GvlvrtfHtwKD6NGgqXFXM_YKFDq-SL39zo6vDlbOX6SEjVCO0zyVQXmFTu4bdzXekAqz7cVQv9iUBI9vyCIpVZibi28Wj4e6827wxc6WbWuf9Hv7SRXfW0dK1Qyyjjw/w200-h113/Elden_Ring_Tip1.png
IP 142.250.74.97:0
File type PNG image data, 200 x 112, 8-bit/color RGB, non-interlaced\012- data
Hash af338d99f9ea0a70c823a64d76d721e5
1cdeab346ccd9ec4217c0cfc159932e2d1f43485
2d3081ed4e2b1b1cbf300355d59416db75c8241ae35106eec45a9cc8812d3fe5
GET /img/b/R29vZ2xl/AVvXsEjVWzQMXpu0mdSPfWnUIZJMALeDF_Qr8MREN0ZVtjizhK-aTgSM-zYkKD8GvlvrtfHtwKD6NGgqXFXM_YKFDq-SL39zo6vDlbOX6SEjVCO0zyVQXmFTu4bdzXekAqz7cVQv9iUBI9vyCIpVZibi28Wj4e6827wxc6WbWuf9Hv7SRXfW0dK1Qyyjjw/w200-h113/Elden_Ring_Tip1.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vcdf"
expires: Mon, 06 Feb 2023 17:50:56 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Elden_Ring_Tip1.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 17:50:56 GMT
server: fife
content-length: 46410
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEiAB-tYAVazn5C5so3csX58YZ6LhCGheURvzsHTIU8MEc65bpKJRiSIv9JPFmUP5_WdL-eWVZTqzEet9-hYciotgJtGDsZSHHigZfCAzJxQkwn2ELqU4xs208eyakS8aOxNjsVb0GQiItzu1bUhke_GTPMthPEkT7aX0USyld8WeqS1YgbTZ1Eq5Q=s320
142.250.74.97200 OK 38 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEiAB-tYAVazn5C5so3csX58YZ6LhCGheURvzsHTIU8MEc65bpKJRiSIv9JPFmUP5_WdL-eWVZTqzEet9-hYciotgJtGDsZSHHigZfCAzJxQkwn2ELqU4xs208eyakS8aOxNjsVb0GQiItzu1bUhke_GTPMthPEkT7aX0USyld8WeqS1YgbTZ1Eq5Q=s320
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x320, components 3\012- data
Hash 6b2297883da67a02bcf859012079820f
bd4315b1e4f754a5b9ae226e272c37c9eeedfd73
409b5a868edb76611a1fccb34f7b8cd6f2388dc6951931ff88cda17a6cb00cff
GET /img/a/AVvXsEiAB-tYAVazn5C5so3csX58YZ6LhCGheURvzsHTIU8MEc65bpKJRiSIv9JPFmUP5_WdL-eWVZTqzEet9-hYciotgJtGDsZSHHigZfCAzJxQkwn2ELqU4xs208eyakS8aOxNjsVb0GQiItzu1bUhke_GTPMthPEkT7aX0USyld8WeqS1YgbTZ1Eq5Q=s320 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vcd2"
expires: Mon, 06 Feb 2023 17:50:56 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="zZyMbHcVTvszjJOHEO2F8HxYzfFjRXhA.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 17:50:56 GMT
server: fife
content-length: 37921
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEipG1fmqp8Y9zdRCuhPkSxeocWu1qy6VCFSbSiT5Z2c1pFN86ZV8lU4xT0uOyLnFGBz_cIh72J53pb--w483klU-mcacw4cm29XR2Exdr78NguUPhVbdciNLiD1hA-ipQqHK8ViDJGSOqkKUlscDbhpQn8YX_k7mCRlP61QExR1FqQKG-BiGlmRPw=w200-h113
142.250.74.97200 OK 7.0 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEipG1fmqp8Y9zdRCuhPkSxeocWu1qy6VCFSbSiT5Z2c1pFN86ZV8lU4xT0uOyLnFGBz_cIh72J53pb--w483klU-mcacw4cm29XR2Exdr78NguUPhVbdciNLiD1hA-ipQqHK8ViDJGSOqkKUlscDbhpQn8YX_k7mCRlP61QExR1FqQKG-BiGlmRPw=w200-h113
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 200x112, components 3\012- data
Hash c1b4faa33c97c301c1a4c0b17375d8f9
137f4a900b63a5c85ecf18987974ca382da963df
811603c7871f762b79726e5261cc83f87f5f72817f03dc865938fcef589103c4
GET /img/a/AVvXsEipG1fmqp8Y9zdRCuhPkSxeocWu1qy6VCFSbSiT5Z2c1pFN86ZV8lU4xT0uOyLnFGBz_cIh72J53pb--w483klU-mcacw4cm29XR2Exdr78NguUPhVbdciNLiD1hA-ipQqHK8ViDJGSOqkKUlscDbhpQn8YX_k7mCRlP61QExR1FqQKG-BiGlmRPw=w200-h113 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vcce"
expires: Mon, 06 Feb 2023 17:50:56 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="3193114-gameplay_littlenightmares_20170210_site.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 17:50:56 GMT
server: fife
content-length: 6956
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKrR-tNj3_p_Fj0bC2b11-_fiCt4UPAofX8ofclsM-cFYC7KPqD9v9cutsAsL6uC28N2tdSNRWnNqj8NdQUw6-Nui_ly_To-v7AKVr_1UydqPIqECQzd9TBrpGoy6ikby_NLxetF-LWA8YcHhOm_B6OGuT1hJML290t2tPuU-7MB8guWPYTPk3PQ/s72-w640-h480-c/aGhopp3MHppi7kooGE2Dtt8C.png
142.250.74.97200 OK 3.6 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKrR-tNj3_p_Fj0bC2b11-_fiCt4UPAofX8ofclsM-cFYC7KPqD9v9cutsAsL6uC28N2tdSNRWnNqj8NdQUw6-Nui_ly_To-v7AKVr_1UydqPIqECQzd9TBrpGoy6ikby_NLxetF-LWA8YcHhOm_B6OGuT1hJML290t2tPuU-7MB8guWPYTPk3PQ/s72-w640-h480-c/aGhopp3MHppi7kooGE2Dtt8C.png
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 630c5d0bd632501b565a2e2426da71c2
4ddf78c017f9b112316076441e9522fa5fa0d967
3e05cb0bcb2a2f9c38f8f5176399826b39696d9ab57b45f335caf60a3266ecd2
GET /img/b/R29vZ2xl/AVvXsEgKrR-tNj3_p_Fj0bC2b11-_fiCt4UPAofX8ofclsM-cFYC7KPqD9v9cutsAsL6uC28N2tdSNRWnNqj8NdQUw6-Nui_ly_To-v7AKVr_1UydqPIqECQzd9TBrpGoy6ikby_NLxetF-LWA8YcHhOm_B6OGuT1hJML290t2tPuU-7MB8guWPYTPk3PQ/s72-w640-h480-c/aGhopp3MHppi7kooGE2Dtt8C.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vcdb"
expires: Mon, 06 Feb 2023 17:50:56 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="aGhopp3MHppi7kooGE2Dtt8C.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 17:50:56 GMT
server: fife
content-length: 3610
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhG4AHYqlGlLIqmHzrhcDaSk7pablfoWqzLHRYmeq3YW86va_hdzYFmdjZMZVGKc2XWPYeR3DF0UIA4pWUGvSNVu_0yvcCGvHWZjt0jwNto2IiYoO_KGvtN-DFvdK1YGFOPTcDMagI2ECT0DCSuRmE-yuMLRmYO_EEiOr_kezmNqQ_0bPqM3eSo6Q/s320/jd2017-e3-253689_e9nv444.jpg
142.250.74.97200 OK 69 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhG4AHYqlGlLIqmHzrhcDaSk7pablfoWqzLHRYmeq3YW86va_hdzYFmdjZMZVGKc2XWPYeR3DF0UIA4pWUGvSNVu_0yvcCGvHWZjt0jwNto2IiYoO_KGvtN-DFvdK1YGFOPTcDMagI2ECT0DCSuRmE-yuMLRmYO_EEiOr_kezmNqQ_0bPqM3eSo6Q/s320/jd2017-e3-253689_e9nv444.jpg
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 227x320, components 3\012- data
Hash 1c58142249151e5c3d2de637642f428b
56d357f7c80aa8a018ae509ad2eb02af43b5f7b9
70b87198ba9f98f5b0cc5a8106567da607d0340064608d44b7f3b9e64fb5a700
GET /img/b/R29vZ2xl/AVvXsEhG4AHYqlGlLIqmHzrhcDaSk7pablfoWqzLHRYmeq3YW86va_hdzYFmdjZMZVGKc2XWPYeR3DF0UIA4pWUGvSNVu_0yvcCGvHWZjt0jwNto2IiYoO_KGvtN-DFvdK1YGFOPTcDMagI2ECT0DCSuRmE-yuMLRmYO_EEiOr_kezmNqQ_0bPqM3eSo6Q/s320/jd2017-e3-253689_e9nv444.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vcea"
expires: Mon, 06 Feb 2023 17:50:56 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="jd2017-e3-253689_e9nv444.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 17:50:56 GMT
server: fife
content-length: 69038
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEjvQYeX8JdHaJjFMQo1ge6mUPqpaB43L91rI0ZJQvMzyHNlapZWz4rf9uu-HweQGl8AsLB89ArsM7MkBiWHj8LAPVH3ncblw7-Ca223LSuKp5QiTD6sO0kcxge6MBl9y0llumQRNT2WIGd7uFpcBCVhSicElh27tbLdGoFtFeXRyhWUDZ0NzQMfxA=w200-h113
142.250.74.97200 OK 9.2 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEjvQYeX8JdHaJjFMQo1ge6mUPqpaB43L91rI0ZJQvMzyHNlapZWz4rf9uu-HweQGl8AsLB89ArsM7MkBiWHj8LAPVH3ncblw7-Ca223LSuKp5QiTD6sO0kcxge6MBl9y0llumQRNT2WIGd7uFpcBCVhSicElh27tbLdGoFtFeXRyhWUDZ0NzQMfxA=w200-h113
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 200x112, components 3\012- data
Hash f09bd50fe112c59fbf42f79f45a3c37a
7ff47291024b1d4c2d30226e9e209e0ab073cff5
9a829b395366f8ca1e6499a411fbd34ee5070d72000b09820504e43a5817e4dd
GET /img/a/AVvXsEjvQYeX8JdHaJjFMQo1ge6mUPqpaB43L91rI0ZJQvMzyHNlapZWz4rf9uu-HweQGl8AsLB89ArsM7MkBiWHj8LAPVH3ncblw7-Ca223LSuKp5QiTD6sO0kcxge6MBl9y0llumQRNT2WIGd7uFpcBCVhSicElh27tbLdGoFtFeXRyhWUDZ0NzQMfxA=w200-h113 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vcd0"
expires: Mon, 06 Feb 2023 17:50:56 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="ss_dc50de84d6c767c913a363ab548018e6ebe23e94.1920x1080.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 17:50:56 GMT
server: fife
content-length: 9225
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiW4rdqiI1HMy82SjmC2Y5OvKf1jb49ngVORMXuRB44NNgRLlpTugWKhjNEzQ0mzgbl72v_Iht62dItV3GwzkQbYg92_fuXYiSupJ242tWuZeS7Val53UBWAJAAMlOcOQt3mvK944QfehhQu9641sk63MNI8mH-arVyzfibnC0l-xbe0GoRUkAx4g/w200-h113/Just-Dance-2017-140616-024.jpg
142.250.74.97200 OK 17 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiW4rdqiI1HMy82SjmC2Y5OvKf1jb49ngVORMXuRB44NNgRLlpTugWKhjNEzQ0mzgbl72v_Iht62dItV3GwzkQbYg92_fuXYiSupJ242tWuZeS7Val53UBWAJAAMlOcOQt3mvK944QfehhQu9641sk63MNI8mH-arVyzfibnC0l-xbe0GoRUkAx4g/w200-h113/Just-Dance-2017-140616-024.jpg
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 200x112, components 3\012- data
Hash 71be08e93b6407e18a87ad7a8edeaa81
2860feb5bc98c5e92276a889625c3f0be85e1001
60152e150a5a9b37bbf5ae7c83565f5e8d479d2a41cd32c313f4c3c02a765b63
GET /img/b/R29vZ2xl/AVvXsEiW4rdqiI1HMy82SjmC2Y5OvKf1jb49ngVORMXuRB44NNgRLlpTugWKhjNEzQ0mzgbl72v_Iht62dItV3GwzkQbYg92_fuXYiSupJ242tWuZeS7Val53UBWAJAAMlOcOQt3mvK944QfehhQu9641sk63MNI8mH-arVyzfibnC0l-xbe0GoRUkAx4g/w200-h113/Just-Dance-2017-140616-024.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vcea"
expires: Mon, 06 Feb 2023 17:50:56 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Just-Dance-2017-140616-024.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 17:50:56 GMT
server: fife
content-length: 16919
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhG4AHYqlGlLIqmHzrhcDaSk7pablfoWqzLHRYmeq3YW86va_hdzYFmdjZMZVGKc2XWPYeR3DF0UIA4pWUGvSNVu_0yvcCGvHWZjt0jwNto2IiYoO_KGvtN-DFvdK1YGFOPTcDMagI2ECT0DCSuRmE-yuMLRmYO_EEiOr_kezmNqQ_0bPqM3eSo6Q/w680/jd2017-e3-253689_e9nv444.jpg
142.250.74.97200 OK 251 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhG4AHYqlGlLIqmHzrhcDaSk7pablfoWqzLHRYmeq3YW86va_hdzYFmdjZMZVGKc2XWPYeR3DF0UIA4pWUGvSNVu_0yvcCGvHWZjt0jwNto2IiYoO_KGvtN-DFvdK1YGFOPTcDMagI2ECT0DCSuRmE-yuMLRmYO_EEiOr_kezmNqQ_0bPqM3eSo6Q/w680/jd2017-e3-253689_e9nv444.jpg
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 680x959, components 3\012- data
Size 251 kB (250919 bytes)
Hash 8e1b9fb85302c0f937bf999b9f5c0518
3623a6ef8cf5191e32b51fe2e943fdcdb4d8379b
369a8b02d375b66fb0b83752d0d45eccdeacccdc60a1c9a359f2ce4c46213143
GET /img/b/R29vZ2xl/AVvXsEhG4AHYqlGlLIqmHzrhcDaSk7pablfoWqzLHRYmeq3YW86va_hdzYFmdjZMZVGKc2XWPYeR3DF0UIA4pWUGvSNVu_0yvcCGvHWZjt0jwNto2IiYoO_KGvtN-DFvdK1YGFOPTcDMagI2ECT0DCSuRmE-yuMLRmYO_EEiOr_kezmNqQ_0bPqM3eSo6Q/w680/jd2017-e3-253689_e9nv444.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vcea"
expires: Mon, 06 Feb 2023 17:50:56 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="jd2017-e3-253689_e9nv444.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 17:50:56 GMT
server: fife
content-length: 250919
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiItnXfBYwj_UZ8w1DXgxIFNcdFcfSYBL8becB_CkG5_kTqXWy6YJm-8U-m_QSnZ-JfeH264wwLfBEsapTQzlZvdwn7ShKdgwJy-alOFdc1hod5T25QVEVOJkaRJkAc2DudNJMynUaulEeVK000P1xhBS7n6jDxIjEjYWAAjmzgvjiaqLLgVHye1g/w200-h113/justdance2017_1923223b.jpg
142.250.74.97200 OK 15 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiItnXfBYwj_UZ8w1DXgxIFNcdFcfSYBL8becB_CkG5_kTqXWy6YJm-8U-m_QSnZ-JfeH264wwLfBEsapTQzlZvdwn7ShKdgwJy-alOFdc1hod5T25QVEVOJkaRJkAc2DudNJMynUaulEeVK000P1xhBS7n6jDxIjEjYWAAjmzgvjiaqLLgVHye1g/w200-h113/justdance2017_1923223b.jpg
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 200x112, components 3\012- data
Hash 29cf57d3eabe9ced16db7bb2c9b2fbf7
fecaf122036e5a4492dc6cdc3eef31418e44cc54
73f3ae587a45d559e206553baa8a4bda02145969934088ff2109eabdae03c4ff
GET /img/b/R29vZ2xl/AVvXsEiItnXfBYwj_UZ8w1DXgxIFNcdFcfSYBL8becB_CkG5_kTqXWy6YJm-8U-m_QSnZ-JfeH264wwLfBEsapTQzlZvdwn7ShKdgwJy-alOFdc1hod5T25QVEVOJkaRJkAc2DudNJMynUaulEeVK000P1xhBS7n6jDxIjEjYWAAjmzgvjiaqLLgVHye1g/w200-h113/justdance2017_1923223b.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vce8"
expires: Mon, 06 Feb 2023 17:50:56 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="justdance2017_1923223b.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 17:50:56 GMT
server: fife
content-length: 15411
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgqO_dbuYNeP5QPwwjwRqOJYXdKAtgo0wVO2YSVz85yeYentd6BQ4rTHIyFTMzB9iz-Lz9nEba7NK1Mflo7n_08wm2nZN548I8Advg66AUEQSAfBlgmgasGJp2RPg8JMh208FLFtovY47-kWcYtC9siX8vSQvcPLWh6VJU-fgFw9xGXLviTM8_FxA/w200-h113/ss_713d599033d98a4c2a414a3b9ea167390a4501b1.1920x1080.jpg
142.250.74.97200 OK 18 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgqO_dbuYNeP5QPwwjwRqOJYXdKAtgo0wVO2YSVz85yeYentd6BQ4rTHIyFTMzB9iz-Lz9nEba7NK1Mflo7n_08wm2nZN548I8Advg66AUEQSAfBlgmgasGJp2RPg8JMh208FLFtovY47-kWcYtC9siX8vSQvcPLWh6VJU-fgFw9xGXLviTM8_FxA/w200-h113/ss_713d599033d98a4c2a414a3b9ea167390a4501b1.1920x1080.jpg
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 200x112, components 3\012- data
Hash 693224e0d9d6834dcb69b159ab0b1707
8a4a7a691316d5314f37683fb65c0fc64c172576
baaf4e6923555ae905f41193de9fbe9552decd8593f9ff79907ed20dd3cd6e3e
GET /img/b/R29vZ2xl/AVvXsEgqO_dbuYNeP5QPwwjwRqOJYXdKAtgo0wVO2YSVz85yeYentd6BQ4rTHIyFTMzB9iz-Lz9nEba7NK1Mflo7n_08wm2nZN548I8Advg66AUEQSAfBlgmgasGJp2RPg8JMh208FLFtovY47-kWcYtC9siX8vSQvcPLWh6VJU-fgFw9xGXLviTM8_FxA/w200-h113/ss_713d599033d98a4c2a414a3b9ea167390a4501b1.1920x1080.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vce9"
expires: Mon, 06 Feb 2023 17:50:56 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="ss_713d599033d98a4c2a414a3b9ea167390a4501b1.1920x1080.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 17:50:56 GMT
server: fife
content-length: 17679
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhg7_VGp2q_u7CNk364f_J67hKmYYox9HpGeKTq6WehhXj91nIcJFWbzxkd42R8BiZVXRnJkD6AMMa-wgJ1VnF8r-ndCF-iWMToIV9FtBTNbtLSVTlaKYVmEpVKL4HEO777Z7Nh6gd5Io8zGm6FUIv-n3DvaJpEvoCe4Dscq8Zpl6F4lAEFy8kczA/w200-h105/2022311143067_1.jpg
142.250.74.97200 OK 12 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhg7_VGp2q_u7CNk364f_J67hKmYYox9HpGeKTq6WehhXj91nIcJFWbzxkd42R8BiZVXRnJkD6AMMa-wgJ1VnF8r-ndCF-iWMToIV9FtBTNbtLSVTlaKYVmEpVKL4HEO777Z7Nh6gd5Io8zGm6FUIv-n3DvaJpEvoCe4Dscq8Zpl6F4lAEFy8kczA/w200-h105/2022311143067_1.jpg
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 200x105, components 3\012- data
Hash e334403aa5c3abb96c1cfa84229141a6
47e3ffaa57c46db738ba0769c42c2b85d64c28ff
65061c273204c6f3d8bcf1fbfc9a6604894aa352099753d5a4168e820d4665b3
GET /img/b/R29vZ2xl/AVvXsEhg7_VGp2q_u7CNk364f_J67hKmYYox9HpGeKTq6WehhXj91nIcJFWbzxkd42R8BiZVXRnJkD6AMMa-wgJ1VnF8r-ndCF-iWMToIV9FtBTNbtLSVTlaKYVmEpVKL4HEO777Z7Nh6gd5Io8zGm6FUIv-n3DvaJpEvoCe4Dscq8Zpl6F4lAEFy8kczA/w200-h105/2022311143067_1.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vcdd"
expires: Mon, 06 Feb 2023 17:50:56 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="2022311143067_1.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 17:50:56 GMT
server: fife
content-length: 12304
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tg.socdm.com/rtb/sync?proto=rubicon
124.146.215.49302 Found 0 B URL HTTP/1.1 tg.socdm.com/rtb/sync?proto=rubicon
IP 124.146.215.49:0
ASN #2514 NTT PC Communications, Inc.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/sync?proto=rubicon HTTP/1.1
Host: tg.socdm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 05 Feb 2023 17:50:56 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://pixel.rubiconproject.com/tap.php?v=71722&nid=3668&expires=30&put=Y9-sgMCo8YUAANvbCQ4AAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Set-Cookie: SOSYNC=anNvbjp7InJ1Ymljb24iOjE2NzU2MTk0NTZ9; path=/; expires=Tue, 4-Feb-25 17:50:56 GMT; domain=socdm.com; secure; SameSite=None
X-SO-Ads-Time: 1
X-SO-HostName: m-ad398.dc4p.scaleout.jp
X-SO-LB-Hostname: m-tgng33.dc4p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=rubicon","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"Y9-sgMCo8YUAANvbCQ4AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad398"}
X-SO-Key: Y9-sgMCo8YUAANvbCQ4AAAAA
X-SO-IP: 91.90.42.154
X-SO-Cluster-ID: 0
X-SO-Upstream-ID: m-ad398
pixel.rubiconproject.com/tap.php?v=71722&nid=3668&expires=30&put=Y9-sgMCo8YUAANvbCQ4AAAAA
69.173.144.139204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=71722&nid=3668&expires=30&put=Y9-sgMCo8YUAANvbCQ4AAAAA
IP 69.173.144.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=71722&nid=3668&expires=30&put=Y9-sgMCo8YUAANvbCQ4AAAAA HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Content-Type: image/gif
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1092c4dd4d9ca4d09462ae46e1dd7c1
17444ff60be1afbc40d3653fa936f9eaf9478068
ea8362c7249080b34288ee675f70333607fc3be37e716fdcf63e4901849def9f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7288
x-amzn-requestid: 1aa297f5-2f9a-45be-b823-1eb4d5887769
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WrwH-iIAMFyhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded17e-2b630b4a302b8ae118883b71;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:43:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z2oKgp1keqEkvN6jjsUepMbrxD4JCXKAOHrMNJHcuXN0CpulUh5GLA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:39 GMT
etag: "17444ff60be1afbc40d3653fa936f9eaf9478068"
content-type: image/jpeg
age: 72441
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ebd06a4f04aee6ee09b9737e4e73a37e
44138c8ae5efe271a9acdeb522ca1d0610c708ea
479e77ece1920259090d4962d480a0817ea1237a595152f6cf1302ba4eccded7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4215
Cache-Control: max-age=147751
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 17:51:01 GMT
Etag: "63df7a35-1d7"
Expires: Tue, 07 Feb 2023 10:53:32 GMT
Last-Modified: Sun, 05 Feb 2023 09:43:17 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
trck.wargaming.net/nea6n3t5/?t=1&pub_id=5096679-1211340928-0&xid=167561945611130TNOTV415326358024V11
92.223.23.230301 Moved Permanently 22 B URL HTTP/1.1 trck.wargaming.net/nea6n3t5/?t=1&pub_id=5096679-1211340928-0&xid=167561945611130TNOTV415326358024V11
IP 92.223.23.230:0
ASN #199524 G-Core Labs S.A.
File type ASCII text, with no line terminators
Hash 0e0bf67572311f8a23814419ff24ee9a
78328dfc54708433cdfb3e7857e57f87ec443b08
c5f6c267ba4a2964fff5d304d4a1e79c371ce30d32eaf017b3bb40becccd58d2
GET /nea6n3t5/?t=1&pub_id=5096679-1211340928-0&xid=167561945611130TNOTV415326358024V11 HTTP/1.1
Host: trck.wargaming.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 05 Feb 2023 17:51:01 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 22
Connection: keep-alive
Location: https://promo.worldofwarships.eu/glows-58347/eu-en/?t=1&pub_id=5096679-1211340928-0&xid=167561945611130TNOTV415326358024V11&sid=SID6GyoukzvaWTVBHlehGck1RI5XNrBvENe3e-t0gPmzAPEWs9FZ99xmf-ZOMsr4jEhZ-OfY9qVAxTb616uc18Ei-taFoojEkC_nikiilH_F4DjGWr99o7zmI02-4K12BBnguknHxahscGS&enctid=cqatixqeg7su&lpsn=WOWS+Xmas+2023&foris=1&teclient=1675619461288055400&utm_source=networks&utm_medium=affiliate&utm_campaign=nea6n3t5&utm_content=5096679-1211340928-0
Set-Cookie: STIDREFERRAL=SID6GyoukzvaWTVBHlehGck1RI5XNrBvENe3e-t0gPmzAPEWs9FZ99xmf-ZOMsr4jEhZ-OfY9qVAxTb616uc18Ei-taFoojEkC_nikiilH_F4DjGWr99o7zmI02-4K12BBnguknHxahscGS; Domain=wargaming.net; Max-Age=2592000; Path=/; SameSite=None; Secure
enctid=cqatixqeg7su; Domain=wargaming.net; Max-Age=2592000; Path=/; SameSite=None; Secure
teclient=1675619461288055400; Domain=wargaming.net; Max-Age=315360000; Path=/; SameSite=None; Secure
Cache-Control: no-cache
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash db2900f5ad26f4d92f551e1d10e2ce7b
ed14394da449b5318c25109ebb65c1ca2fb4cf2f
f991f2734bc92ff74dee4df082bd397e3417c013c2241a17dc66949539c84359
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F991F2734BC92FF74DEE4DF082BD397E3417C013C2241A17DC66949539C84359"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4814
Expires: Sun, 05 Feb 2023 19:11:15 GMT
Date: Sun, 05 Feb 2023 17:51:01 GMT
Connection: keep-alive
image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D807998b8-dc0f-4d98-949e-3e192f3c21ba
185.64.189.110200 OK 0 B URL HTTP/2 image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D807998b8-dc0f-4d98-949e-3e192f3c21ba
IP 185.64.189.110:0
GET /AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D807998b8-dc0f-4d98-949e-3e192f3c21ba HTTP/1.1
Host: image2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pazarem.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 17:50:54 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=rtus&domain=pazarem.com&sn=FirefoxSyncframe&so=3&topUrl=www.pazarem.com&bundle=KHsG-F9jak15ZXNIQ250elp4TkpZNlBPTUp0T3k2aVZoZTNTZm9FZ25oNHcyUFZNTzI1SnhacVNzMiUyRno5RHFBNlc0S3RXRWklMkZHYnZXaGx4YWpocXZPejBpeGRyNlFxSkpiJTJGTktwYzdFc00lMkJHbXRMSDZFZHJBbDVEZUZkYXdkVXNCaUU1&info=uihbnF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3lvclBXUExSYUs2VzA3M21KbUx6R2NPZGwlMkZtQ1l6ZmFiZjYlMkZKJTJCdlFFcFg&idsd=-1160900114,-651095151&cw=1&rtusCallerId=147&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=rtus&domain=pazarem.com&sn=FirefoxSyncframe&so=3&topUrl=www.pazarem.com&bundle=KHsG-F9jak15ZXNIQ250elp4TkpZNlBPTUp0T3k2aVZoZTNTZm9FZ25oNHcyUFZNTzI1SnhacVNzMiUyRno5RHFBNlc0S3RXRWklMkZHYnZXaGx4YWpocXZPejBpeGRyNlFxSkpiJTJGTktwYzdFc00lMkJHbXRMSDZFZHJBbDVEZUZkYXdkVXNCaUU1&info=uihbnF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3lvclBXUExSYUs2VzA3M21KbUx6R2NPZGwlMkZtQ1l6ZmFiZjYlMkZKJTJCdlFFcFg&idsd=-1160900114,-651095151&cw=1&rtusCallerId=147&lsw=1
IP 178.250.0.157:0
GET /sid/json?origin=rtus&domain=pazarem.com&sn=FirefoxSyncframe&so=3&topUrl=www.pazarem.com&bundle=KHsG-F9jak15ZXNIQ250elp4TkpZNlBPTUp0T3k2aVZoZTNTZm9FZ25oNHcyUFZNTzI1SnhacVNzMiUyRno5RHFBNlc0S3RXRWklMkZHYnZXaGx4YWpocXZPejBpeGRyNlFxSkpiJTJGTktwYzdFc00lMkJHbXRMSDZFZHJBbDVEZUZkYXdkVXNCaUU1&info=uihbnF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3lvclBXUExSYUs2VzA3M21KbUx6R2NPZGwlMkZtQ1l6ZmFiZjYlMkZKJTJCdlFFcFg&idsd=-1160900114,-651095151&cw=1&rtusCallerId=147&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=rtus&topUrl=www.pazarem.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 17:50:54 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1212103
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.106200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.106:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 17:50:55 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 112206
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/gen.js?type=24
185.76.9.19200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/gen.js?type=24
IP 185.76.9.19:0
ASN #60068 Datacamp Limited
GET /s/gen.js?type=24 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 17:50:53 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1676053106
server: CDN77-Turbo
x-77-nzt: AblMCQ3ra+T/i5wCAA
x-77-nzt-ray: c0a4cc28c606d33b7decdf63c5b3e628
x-cache: HIT
x-age: 171147
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.11.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.11.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 17:50:53 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 21066207
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 794d7db1b8b8b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
91.228.74.244200 OK 0 B URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.244:0
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 17:50:55 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "u+riIbpeWSVolXo4r+dT2g=="
expires: Sun, 12 Feb 2023 17:50:55 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
104.22.24.87200 OK 0 B URL HTTP/2 spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
IP 104.22.24.87:0
GET /mapper.js?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 17:50:54 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://www.pazarem.com
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 794d7db3ae30b4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
54.230.111.33200 OK 0 B URL HTTP/2 rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
IP 54.230.111.33:0
GET /rules-p-6Fv0cGNfc_bw8.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sun, 05 Feb 2023 17:41:08 GMT
last-modified: Thu, 13 Oct 2022 22:35:53 GMT
etag: W/"1f431dc94c1f033d6666f0fe637e2d7b"
x-amz-server-side-encryption: AES256
cache-control: max-age=3600
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vVLbap7Vz6VgrWoJsz3HoZbbQBhKwQOQanG5EriFB8w_qdW_VFxNVw==
age: 588
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.pazarem.com%2F&domain=www.pazarem.com&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.pazarem.com%2F&domain=www.pazarem.com&cw=1&lsw=1
IP 178.250.0.157:0
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.pazarem.com%2F&domain=www.pazarem.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.pazarem.com/
Origin: https://www.pazarem.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 17:50:53 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.pazarem.com
server-processing-duration-in-ticks: 452561
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=83ApWF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3lvclBXUExSYUs2VzA3M21KbUx6R2NrMzB6YktSekdyS243SlVpVWtnbDI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 17:50:54 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=uihbnF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3lvclBXUExSYUs2VzA3M21KbUx6R2NPZGwlMkZtQ1l6ZmFiZjYlMkZKJTJCdlFFcFg; expires=Fri, 01 Mar 2024 17:50:55 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 390790
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.betteradsystem.com/mock-min.js
185.76.9.16200 OK 0 B URL HTTP/2 www.betteradsystem.com/mock-min.js
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
GET /mock-min.js HTTP/1.1
Host: www.betteradsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pazarem.com
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 17:50:53 GMT
content-type: application/x-javascript
alt-svc: quic="185.76.9.13:443"; ma=2592000; v="44,43,39"
expires: Tue, 07 Feb 2023 09:16:04 GMT
access-control-allow-origin: *
link: <https://betteradsystem.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-accel-expires: @1675761364
server: CDN77-Turbo
x-77-nzt: AblMCQ3kbuj/KRAHAA
x-77-nzt-ray: c0a4cc28b60c1a3e7decdf635ed37535
x-cache: HIT
x-age: 462889
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ads.themoneytizer.com/moneybid7_28/build_noconsent/dist/prebid.js
185.76.9.19200 OK 0 B URL HTTP/2 ads.themoneytizer.com/moneybid7_28/build_noconsent/dist/prebid.js
IP 185.76.9.19:0
ASN #60068 Datacamp Limited
GET /moneybid7_28/build_noconsent/dist/prebid.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 17:50:53 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 21:13:59 GMT
expires: Sat, 04 Feb 2023 18:08:15 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1675620500
server: CDN77-Turbo
x-77-nzt: AblMCQ0B0k3/aU0BAA
x-77-nzt-ray: c0a4cc28c606d33b7decdf63f51c8839
x-cache: HIT
x-age: 85353
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D807998b8-dc0f-4d98-949e-3e192f3c21ba
185.64.189.110302 Found 0 B URL HTTP/2 image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D807998b8-dc0f-4d98-949e-3e192f3c21ba
IP 185.64.189.110:0
GET /AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D807998b8-dc0f-4d98-949e-3e192f3c21ba HTTP/1.1
Host: image2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sun, 05 Feb 2023 17:50:54 GMT
set-cookie: KTPCACOOKIE=true; domain=pubmatic.com; secure; expires=Sat, 06-May-2023 17:50:54 GMT; path=/
location: https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D807998b8-dc0f-4d98-949e-3e192f3c21ba
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
bh.contextweb.com/bh/rtset?pid=560687&ev=1&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D390200%26nid%3D5120%26put%3D%25%25VGUID%25%25
198.148.27.139302 Found 0 B URL HTTP/2 bh.contextweb.com/bh/rtset?pid=560687&ev=1&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D390200%26nid%3D5120%26put%3D%25%25VGUID%25%25
IP 198.148.27.139:0
GET /bh/rtset?pid=560687&ev=1&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D390200%26nid%3D5120%26put%3D%25%25VGUID%25%25 HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-5ffd6ccc57-cpz9n
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=1BPsrqSk4dro&ev=1&pid=560687
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: V=1BPsrqSk4dro;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Wed, 31-Jan-2024 17:50:56 GMT;Max-Age=31104000;SameSite=None
INGRESSCOOKIE=b4627e3500355cd5; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
promo.worldofwarships.eu/glows-58347/eu-en/?t=1&pub_id=5096679-1211340928-0&xid=167561945611130TNOTV415326358024V11&sid=SID6GyoukzvaWTVBHlehGck1RI5XNrBvENe3e-t0gPmzAPEWs9FZ99xmf-ZOMsr4jEhZ-OfY9qVAxTb616uc18Ei-taFoojEkC_nikiilH_F4DjGWr99o7zmI02-4K12BBnguknHxahscGS&enctid=cqatixqeg7su&lpsn=WOWS+Xmas+2023&foris=1&teclient=1675619461288055400&utm_source=networks&utm_medium=affiliate&utm_campaign=nea6n3t5&utm_content=5096679-1211340928-0
185.244.209.62200 OK 0 B URL HTTP/2 promo.worldofwarships.eu/glows-58347/eu-en/?t=1&pub_id=5096679-1211340928-0&xid=167561945611130TNOTV415326358024V11&sid=SID6GyoukzvaWTVBHlehGck1RI5XNrBvENe3e-t0gPmzAPEWs9FZ99xmf-ZOMsr4jEhZ-OfY9qVAxTb616uc18Ei-taFoojEkC_nikiilH_F4DjGWr99o7zmI02-4K12BBnguknHxahscGS&enctid=cqatixqeg7su&lpsn=WOWS+Xmas+2023&foris=1&teclient=1675619461288055400&utm_source=networks&utm_medium=affiliate&utm_campaign=nea6n3t5&utm_content=5096679-1211340928-0
IP 185.244.209.62:0
ASN #58286 Electric-IT Business S.R.L.
GET /glows-58347/eu-en/?t=1&pub_id=5096679-1211340928-0&xid=167561945611130TNOTV415326358024V11&sid=SID6GyoukzvaWTVBHlehGck1RI5XNrBvENe3e-t0gPmzAPEWs9FZ99xmf-ZOMsr4jEhZ-OfY9qVAxTb616uc18Ei-taFoojEkC_nikiilH_F4DjGWr99o7zmI02-4K12BBnguknHxahscGS&enctid=cqatixqeg7su&lpsn=WOWS+Xmas+2023&foris=1&teclient=1675619461288055400&utm_source=networks&utm_medium=affiliate&utm_campaign=nea6n3t5&utm_content=5096679-1211340928-0 HTTP/1.1
Host: promo.worldofwarships.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pazarem.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 17:51:01 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 22 Dec 2022 12:14:01 GMT
etag: W/"95ae5192a8217bab3406137f03478c39"
x-amz-request-id: tx0000000000000003188fe-0063c15593-1da6e21f-ed1
cache: HIT
x-cached-since: 2023-02-02T13:14:46+00:00
x-id: osix-up-gc4
content-encoding: gzip
X-Firefox-Spdy: h2
ads.themoneytizer.com/IIQUniversalID.js
185.76.9.19200 OK 0 B URL HTTP/2 ads.themoneytizer.com/IIQUniversalID.js
IP 185.76.9.19:0
ASN #60068 Datacamp Limited
GET /IIQUniversalID.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 17:50:53 GMT
content-type: application/javascript
last-modified: Wed, 12 Oct 2022 18:48:43 GMT
expires: Sat, 04 Feb 2023 18:08:14 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1675620495
server: CDN77-Turbo
x-77-nzt: AblMCQ3Io1P/bk0BAA
x-77-nzt-ray: c0a4cc28c606d33b7decdf63e3db1731
x-cache: HIT
x-age: 85358
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
1.bp.blogspot.com/-ZozEZ9oLqN0/WXN9zwznaVI/AAAAAAAAA0c/KlljFrHisQ8AUKd4DyVmGfxt50YFLY_dgCPcBGAYYCw/w680/mario-kart-wii-cover.jpg
142.250.74.161200 OK 0 B URL HTTP/2 1.bp.blogspot.com/-ZozEZ9oLqN0/WXN9zwznaVI/AAAAAAAAA0c/KlljFrHisQ8AUKd4DyVmGfxt50YFLY_dgCPcBGAYYCw/w680/mario-kart-wii-cover.jpg
IP 142.250.74.161:0
GET /-ZozEZ9oLqN0/WXN9zwznaVI/AAAAAAAAA0c/KlljFrHisQ8AUKd4DyVmGfxt50YFLY_dgCPcBGAYYCw/w680/mario-kart-wii-cover.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="mario-kart-wii-cover.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 161344
x-xss-protection: 0
date: Sun, 05 Feb 2023 17:50:53 GMT
expires: Sat, 04 Feb 2023 00:36:42 GMT
cache-control: public, max-age=86400, no-transform
etag: "v347"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP 178.250.0.157:0
GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pazarem.com/
x-crto-bundle: KHsG-F9jak15ZXNIQ250elp4TkpZNlBPTUp0T3k2aVZoZTNTZm9FZ25oNHcyUFZNTzI1SnhacVNzMiUyRno5RHFBNlc0S3RXRWklMkZHYnZXaGx4YWpocXZPejBpeGRyNlFxSkpiJTJGTktwYzdFc00lMkJHbXRMSDZFZHJBbDVEZUZkYXdkVXNCaUU1
Origin: https://www.pazarem.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 17:50:54 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://www.pazarem.com
server-processing-duration-in-ticks: 1857350
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
c.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pazarem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 17:50:54 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Wed, 08 Mar 2023 17:50:54 GMT
etag: W/"xkCBFtC0Wl/JiS60JFipuQ=="
cf-cache-status: HIT
age: 3009415
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d7db6dac1b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2