simpliciaty.blogspot.com/2019/11/faye-rings.html
142.250.74.161301 Moved Permanently 198 B URL HTTP/1.1 simpliciaty.blogspot.com/2019/11/faye-rings.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 2a5cfe5728175e4c27e59343f984f767
fc28ad71a513c78c086c97179adba04a97c4eac0
0a18e2059644914db2e0c3de16ddbd165c052fabfc981966040bfcec01c042a0
Analyzer Verdict Alert fortinet Phishing
GET /2019/11/faye-rings.html HTTP/1.1
Host: simpliciaty.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://simpliciaty.blogspot.com/2019/11/faye-rings.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sat, 26 Nov 2022 22:57:48 GMT
Expires: Sat, 26 Nov 2022 22:57:48 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 198
Server: GSE
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4449
Expires: Sun, 27 Nov 2022 00:11:57 GMT
Date: Sat, 26 Nov 2022 22:57:48 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5199
Cache-Control: max-age=133199
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:48 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:57:47 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5370
Expires: Sun, 27 Nov 2022 00:27:18 GMT
Date: Sat, 26 Nov 2022 22:57:48 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 22:17:33 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2415
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: c4AEIUtcSspFZxrD1ZPoIYZx2iAMwTF24HghXcIn/9D7vuj80hNhPmA03zj1ycp6qq+fq7vRtsPrfaT7+gF+WQ==
x-amz-request-id: 846KZYX5WE8ER9PR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 22:44:24 GMT
age: 804
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 22:57:48 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3af86ffa45a38a9c1893246384fd98e2
443689828d8fe68cad492ff311ee181721fcd921
1374059b5c6ebd6bbbfd8ed4af2e53dc050801a38098f6de394e523d8be2e792
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
simpliciaty.blogspot.com/2019/11/faye-rings.html
142.250.74.161200 OK 23 kB URL HTTP/2 simpliciaty.blogspot.com/2019/11/faye-rings.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6967)
Hash 0bba6f9485b0c96f1eeaca6a8ee8832c
61a1f1a877c3c6a986339e26695e2576ddf918dc
5764afae0931afb0d9f29bf975865990ba46c0f5141947071084b4bb63cd01b6
Analyzer Verdict Alert fortinet Phishing
GET /2019/11/faye-rings.html HTTP/1.1
Host: simpliciaty.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 26 Nov 2022 22:57:49 GMT
date: Sat, 26 Nov 2022 22:57:49 GMT
cache-control: private, max-age=0
last-modified: Sat, 26 Nov 2022 22:06:49 GMT
etag: W/"69eed2c3397a080094fa655f6085c95cc9e9c4999ff5edef3a249863cecf0b7f"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 23158
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3af86ffa45a38a9c1893246384fd98e2
443689828d8fe68cad492ff311ee181721fcd921
1374059b5c6ebd6bbbfd8ed4af2e53dc050801a38098f6de394e523d8be2e792
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 13c265f2c258e0bcea2ac1149188d332
3d42f91eec1fae7ff5e243d2a35afdd5a6d58db0
26666f4ea8fe16648ef9593216b725f692a1cb913763b186cd19d59e7875a930
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6150
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:49 GMT
Last-Modified: Sat, 26 Nov 2022 21:15:20 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
142.250.74.138200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (32077)
Hash fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec
GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpliciaty.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:51:00 GMT
expires: Thu, 23 Nov 2023 18:51:00 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 274009
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3777052dd051aadd51d7ed0abe02aeb8
ef84205bb29e91e9b0bc1dec2bb1d087937dd74f
5f2c213da2f9b19ecd1a1b8b2eef8c431dad7a587bdb24338741b0848b2228c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 88e42375d2172305f819b892225cf877
674324641f82700172e72fe259ee2241361e2ea1
6dce3754a67df878b536c368657a492a1f908d408fe7fe5ba43c5d24c44434b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2926900591855492&host=ca-host-pub-1556223355139109
216.58.207.194200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2926900591855492&host=ca-host-pub-1556223355139109
IP 216.58.207.194:0
File type ASCII text, with very long lines (4885)
Hash a8da549586350ef54831a737ab8d1076
4ff98f8b7eae1221884b01f52cee22a7c896bc48
d4ca064c84be62470122667b5490d5f8a9530c25ef862e83b66875384121c87a
GET /pagead/js/adsbygoogle.js?client=ca-pub-2926900591855492&host=ca-host-pub-1556223355139109 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://simpliciaty.blogspot.com
Connection: keep-alive
Referer: https://simpliciaty.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 26 Nov 2022 22:57:49 GMT
expires: Sat, 26 Nov 2022 22:57:49 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 1820853081617708658
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49012
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 13c265f2c258e0bcea2ac1149188d332
3d42f91eec1fae7ff5e243d2a35afdd5a6d58db0
26666f4ea8fe16648ef9593216b725f692a1cb913763b186cd19d59e7875a930
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6150
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:49 GMT
Last-Modified: Sat, 26 Nov 2022 21:15:20 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
www.blogger.com/static/v1/widgets/2342155703-widgets.js
142.250.74.105200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpliciaty.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 16:02:03 GMT
expires: Tue, 21 Nov 2023 16:02:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 00:52:59 GMT
content-type: text/javascript
age: 456946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i
142.250.74.10200 OK 1.4 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i
IP 142.250.74.10:0
Hash 407ffdde306520d2b80cf144d6e8363c
9abd44afe75012a4c583ca7a356a3ac79437063b
641e9a8622ac1e5e4ec9d2130e1a4faf23ad1039e50f70afa20fadd61200fc10
GET /css?family=Open+Sans:400,400i,600,600i,700,700i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpliciaty.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 22:57:49 GMT
date: Sat, 26 Nov 2022 22:57:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6983392700438f228fa9b5bba4594fc5
d27c65105b44a2e1ff7663ba0021a475b5b30cd2
557627dbab910f61773f0f818efc6b18bb2b5816175199b997684a799c1c97e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/dyn-css/authorization.css?targetBlogID=6418357737852317739&zx=d065cba4-077d-4b47-a22b-50485495db1a
142.250.74.105200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=6418357737852317739&zx=d065cba4-077d-4b47-a22b-50485495db1a
IP 142.250.74.105:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=6418357737852317739&zx=d065cba4-077d-4b47-a22b-50485495db1a HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpliciaty.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 26 Nov 2022 22:57:49 GMT
last-modified: Sat, 26 Nov 2022 22:57:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpliciaty.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 26 Nov 2022 22:41:08 GMT
expires: Sun, 27 Nov 2022 00:41:08 GMT
cache-control: public, max-age=7200
age: 1001
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
216.58.207.195200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Hash 17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://simpliciaty.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 18:59:14 GMT
expires: Tue, 21 Nov 2023 18:59:14 GMT
cache-control: public, max-age=31536000
age: 446315
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://simpliciaty.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:42:51 GMT
expires: Fri, 24 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 234898
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 22:08:54 GMT
cache-control: public,max-age=3600
age: 2935
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
142.250.74.162200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpliciaty.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Sat, 26 Nov 2022 18:45:12 GMT
expires: Sat, 10 Dec 2022 18:45:12 GMT
cache-control: public, max-age=1209600
age: 15157
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.11.207200 OK 126 kB URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.11.207:0
File type ASCII text, with very long lines (30837)
Size 126 kB (126197 bytes)
Hash 00ba27acee1855c17524fdcffdbb57d6
59be7a6f84f44599eeaa1669601caec63c1792de
72597d434f8d8d0da200c5dc7990264e4541027e191f5d262063c053c565078c
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpliciaty.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:57:49 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 14950223
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 770639ab7b8bb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ae452333438465bef0a71a80768855a0
dae89646a66487e12b6dba40b7796c4b608506bd
dc15bc4a1e175a446f69fedc8475164a75477dd7a455b044f0ca85884f873917
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4087
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:50 GMT
Last-Modified: Sat, 26 Nov 2022 21:49:43 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5490
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:50 GMT
Last-Modified: Sat, 26 Nov 2022 21:26:20 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash 43cb7a4376b6af10597f6df5ba2ad10f
e6ba4210930a7757c83c6a1611554e082b15c1df
c18e5206a41963494fdc30224a1259953230a8f37385e21675c28002c9a3e858
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpliciaty.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: b9c3c13e40a01437c0a106010dea11ad
etag: "7c74377000d1bfd82dcc42b22814afc4"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 26 Nov 2022 23:02:09 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: Q8t6Q3a2rxBZf231uirRDw==
x-fb-debug: 0qDoyQnJ/QOzQtfWDIpOGeC+njcYvIuhxwBJU4AUXuRLE3NjZ2MWoj/N3aA7b1vTJyuzlzwCVKhVwnanHs1fEg==
priority: u=3,i
content-length: 1686
x-fb-trip-id: 1904183273
date: Sat, 26 Nov 2022 22:57:50 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d3c9b092aee5820bdab6595daad65d61
89e983faeedf25b3e15696f9bf6dbf76feb07868
58d24c4dde4a578c2c0191a19a5a42bdcb5be03b21a1907f60c8deaee78b7331
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 69b4c95baca69139e9e4f7e5ffa6bace
a33af721a9defcb815716234aafdb69de7169455
9f752625bea112bc5402067fd695ba893590e6de9844de640a663e4e8fdc1475
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=simpliciaty.blogspot.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=simpliciaty.blogspot.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=simpliciaty.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpliciaty.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 26 Nov 2022 22:57:50 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-73829375-1&cid=1469575071.1669503470&jid=85410006&gjid=1578384106&_gid=516309928.1669503470&_u=IEBAAEAAAAAAACAAI~&z=1929979608
142.250.150.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-73829375-1&cid=1469575071.1669503470&jid=85410006&gjid=1578384106&_gid=516309928.1669503470&_u=IEBAAEAAAAAAACAAI~&z=1929979608
IP 142.250.150.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-73829375-1&cid=1469575071.1669503470&jid=85410006&gjid=1578384106&_gid=516309928.1669503470&_u=IEBAAEAAAAAAACAAI~&z=1929979608 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://simpliciaty.blogspot.com
Connection: keep-alive
Referer: https://simpliciaty.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://simpliciaty.blogspot.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 26 Nov 2022 22:57:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 15619e238e943befcd5fa4737f76c851
7198f9cb4672d54e5d6812730b875b6172e64b53
7ecac89dd434501d9e15d8c728d1ec497ac7b4962285396c7fbfcc7987700ca0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=simpliciaty.blogspot.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=simpliciaty.blogspot.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=simpliciaty.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpliciaty.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 26 Nov 2022 22:57:50 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ae452333438465bef0a71a80768855a0
dae89646a66487e12b6dba40b7796c4b608506bd
dc15bc4a1e175a446f69fedc8475164a75477dd7a455b044f0ca85884f873917
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4087
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:50 GMT
Last-Modified: Sat, 26 Nov 2022 21:49:43 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js?hash=675ada9ad1b0066b2cd5a9f093646307
31.13.72.12200 OK 87 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=675ada9ad1b0066b2cd5a9f093646307
IP 31.13.72.12:0
File type ASCII text, with very long lines (13192)
Hash 72cc092f737d7ffdcbcbd5da09164078
70ff3222c975fa1c8c01fb18373912ca652d6b78
91c8e60926e26d1bbe064c9e1aa5fc439119574fed64d21e4e1d8a17808acc5f
GET /en_US/sdk.js?hash=675ada9ad1b0066b2cd5a9f093646307 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://simpliciaty.blogspot.com
Connection: keep-alive
Referer: https://simpliciaty.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 9963b8d4ac99d0db62a3fb54fca2b189
etag: "f25d1e88f15b2706219e06881351743c"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 26 Nov 2023 21:44:40 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: cswJL3N9f/3Ly9XaCRZAeA==
x-fb-debug: 4z4qKNngJpunK8wryGl7WYYfdVJ/QwFQ7Eg6fARMIcnnrZLrt74aT1wizMU59zXVVc+sTrJK9YEesTKq+MJDAg==
priority: u=3,i
content-length: 86898
x-fb-trip-id: 1904183273
date: Sat, 26 Nov 2022 22:57:50 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-73829375-1&cid=1469575071.1669503470&jid=85410006&_u=IEBAAEAAAAAAACAAI~&z=50630557
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-73829375-1&cid=1469575071.1669503470&jid=85410006&_u=IEBAAEAAAAAAACAAI~&z=50630557
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-73829375-1&cid=1469575071.1669503470&jid=85410006&_u=IEBAAEAAAAAAACAAI~&z=50630557 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpliciaty.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 22:57:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9f6cc8d3fe9092a6d3901e873a87fd87
2e0aac117a4cc57596efb3d6f6624c269f94b031
e73982e62b92abac3d15b161f4525448cc2bc8b9bacefdcbfc6f87b74ec372e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-73829375-1&cid=1469575071.1669503470&jid=85410006&_u=IEBAAEAAAAAAACAAI~&z=50630557
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-73829375-1&cid=1469575071.1669503470&jid=85410006&_u=IEBAAEAAAAAAACAAI~&z=50630557
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-73829375-1&cid=1469575071.1669503470&jid=85410006&_u=IEBAAEAAAAAAACAAI~&z=50630557 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpliciaty.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 22:57:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e4d661d999b855142d472fd230fb4ab3
b4be1feeaccc98768ec3393929772bd8f75deed7
97a1c1b509250dd99cde7f76b53a43b7ee415011744414d83f5980df2e11dc60
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e4d661d999b855142d472fd230fb4ab3
b4be1feeaccc98768ec3393929772bd8f75deed7
97a1c1b509250dd99cde7f76b53a43b7ee415011744414d83f5980df2e11dc60
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e4d661d999b855142d472fd230fb4ab3
b4be1feeaccc98768ec3393929772bd8f75deed7
97a1c1b509250dd99cde7f76b53a43b7ee415011744414d83f5980df2e11dc60
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
44.242.3.166101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.3.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IgfQb0kt99EkUX0+OWG2Og==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: P2chhjP3YD4S3bMZUL9PQyvix7E=
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhAbVOsE_u0pLTMDiQQiljHbOrLLpmD6rXhPtUyY_OCWmbwOMDCDZ-RN5Lcjqoj19qQoS6jE09vZiYmysIPPIOOaKd7bYBJjuU5QI3hWkx743BgMl1FO30Hnh-sHxAaAGSveeqFByS7p67yKfpLTLs_OQjVWKMEsqmpo_10pBIwKiC-SX6QEY3bW2UA/w380/Persephone-Rings.png
142.250.74.33200 OK 41 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhAbVOsE_u0pLTMDiQQiljHbOrLLpmD6rXhPtUyY_OCWmbwOMDCDZ-RN5Lcjqoj19qQoS6jE09vZiYmysIPPIOOaKd7bYBJjuU5QI3hWkx743BgMl1FO30Hnh-sHxAaAGSveeqFByS7p67yKfpLTLs_OQjVWKMEsqmpo_10pBIwKiC-SX6QEY3bW2UA/w380/Persephone-Rings.png
IP 142.250.74.33:0
File type PNG image data, 380 x 380, 8-bit/color RGB, non-interlaced\012- data
Hash 788d4b52ab1bb84e9e953ed7b9a46bbc
f76d6ddf8359951589fee3edd9678771c7ebd716
83944a10ab39144fa604509f452656c0ee018c195f59e16473082220be0f4958
GET /img/b/R29vZ2xl/AVvXsEhAbVOsE_u0pLTMDiQQiljHbOrLLpmD6rXhPtUyY_OCWmbwOMDCDZ-RN5Lcjqoj19qQoS6jE09vZiYmysIPPIOOaKd7bYBJjuU5QI3hWkx743BgMl1FO30Hnh-sHxAaAGSveeqFByS7p67yKfpLTLs_OQjVWKMEsqmpo_10pBIwKiC-SX6QEY3bW2UA/w380/Persephone-Rings.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpliciaty.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1379"
expires: Sun, 27 Nov 2022 22:57:50 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Persephone-Rings.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sat, 26 Nov 2022 22:57:50 GMT
server: fife
content-length: 41070
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjehaljuJXBFut2G1kzNgChNSInvKKpmp9iNrkfOX51k733kCDAlcHpjw7Ra8eNwmcikfo6jUnqy06R79lhHDiQO55VqmKXLwvDtXni6aEqib64nA-XLlTIkL-4w22A-A0ZdCjcnNnD16MAx5ua0oMkLSomYKdoQ-MQ9KZxShtnHYm7YN0dpymNa8ZV/w380/SeiraNecklace.png
142.250.74.33200 OK 28 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjehaljuJXBFut2G1kzNgChNSInvKKpmp9iNrkfOX51k733kCDAlcHpjw7Ra8eNwmcikfo6jUnqy06R79lhHDiQO55VqmKXLwvDtXni6aEqib64nA-XLlTIkL-4w22A-A0ZdCjcnNnD16MAx5ua0oMkLSomYKdoQ-MQ9KZxShtnHYm7YN0dpymNa8ZV/w380/SeiraNecklace.png
IP 142.250.74.33:0
File type PNG image data, 380 x 475, 8-bit/color RGB, non-interlaced\012- data
Hash 4b8edf5f5b5c9e807e1ed5c38d68055b
8c80315c307bd3fb467c8cf53401740913b2050f
ff1df248b3251a925accb597694e6f04f05b8185b69a62582a57d7ef8ad302ef
GET /img/b/R29vZ2xl/AVvXsEjehaljuJXBFut2G1kzNgChNSInvKKpmp9iNrkfOX51k733kCDAlcHpjw7Ra8eNwmcikfo6jUnqy06R79lhHDiQO55VqmKXLwvDtXni6aEqib64nA-XLlTIkL-4w22A-A0ZdCjcnNnD16MAx5ua0oMkLSomYKdoQ-MQ9KZxShtnHYm7YN0dpymNa8ZV/w380/SeiraNecklace.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpliciaty.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v13ba"
expires: Sun, 27 Nov 2022 22:57:50 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SeiraNecklace.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sat, 26 Nov 2022 22:57:50 GMT
server: fife
content-length: 28485
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhwTV0Lma_1DHchzdIWoM9tTie5iXM7YXmuAK-JF9nNgKU3mE2mD2R-d37zhgr4DA3quUlClEZklP8uweVsTGu181j68pJOBIJGmrs-jPvu4PZsdGi3gCebvhH3SBjP8f3UTTqtmlCRMJJYU49-FP4REdt16TFKkuGHXqczvS0xSpU4jhYk9n2GwW7F/w380/Standalone-Necklace-Collection2.png
142.250.74.33200 OK 27 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhwTV0Lma_1DHchzdIWoM9tTie5iXM7YXmuAK-JF9nNgKU3mE2mD2R-d37zhgr4DA3quUlClEZklP8uweVsTGu181j68pJOBIJGmrs-jPvu4PZsdGi3gCebvhH3SBjP8f3UTTqtmlCRMJJYU49-FP4REdt16TFKkuGHXqczvS0xSpU4jhYk9n2GwW7F/w380/Standalone-Necklace-Collection2.png
IP 142.250.74.33:0
File type PNG image data, 380 x 290, 8-bit/color RGB, non-interlaced\012- data
Hash 446d038458829047a383e60771c6efb8
40cb712595c4a35836e2ef2eb45d8cc74b7a8ea1
fbf7325976c4320edbf985f18837e6bce80ac9971914cf48134a272bbd6eaa45
GET /img/b/R29vZ2xl/AVvXsEhwTV0Lma_1DHchzdIWoM9tTie5iXM7YXmuAK-JF9nNgKU3mE2mD2R-d37zhgr4DA3quUlClEZklP8uweVsTGu181j68pJOBIJGmrs-jPvu4PZsdGi3gCebvhH3SBjP8f3UTTqtmlCRMJJYU49-FP4REdt16TFKkuGHXqczvS0xSpU4jhYk9n2GwW7F/w380/Standalone-Necklace-Collection2.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpliciaty.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1395"
expires: Sun, 27 Nov 2022 22:57:50 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Standalone-Necklace-Collection2.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sat, 26 Nov 2022 22:57:50 GMT
server: fife
content-length: 26880
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e4d661d999b855142d472fd230fb4ab3
b4be1feeaccc98768ec3393929772bd8f75deed7
97a1c1b509250dd99cde7f76b53a43b7ee415011744414d83f5980df2e11dc60
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 816d70da869514eb692b661a8226d9c1
a89905476481099656b3461acd454ad11ad5584d
cd03b16cdd0d63deb1336dec06481a119a46359358605c8faca8955f90939a34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019
142.250.74.163200 OK 14 kB URL HTTP/2 www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019
IP 142.250.74.163:0
File type C++ source, ASCII text, with very long lines (1921)
Hash 48a3f12d2425ba123d53524adc123834
c8f4ecbe239261b944879c18ec1a353d0cc674ba
632e1fbd2bba00a95491c806cdf850014b1b617323f698c492272d917603e20b
GET /mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 14118
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 10:43:31 GMT
expires: Mon, 20 Feb 2023 10:43:31 GMT
cache-control: public, max-age=7776000
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
content-type: text/javascript
age: 389660
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
142.250.74.163200 OK 205 B URL HTTP/2 www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
IP 142.250.74.163:0
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 4087858e2c9db9aa8f6a840aedcfb533
d1ffe861da6bd0e95fd1a365b0c3d3ceb6cd58a3
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
GET /images/icons/material/system/2x/feedback_grey600_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 205
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 22:24:50 GMT
expires: Sun, 26 Nov 2023 22:24:50 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 1981
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
142.250.74.163200 OK 604 B URL HTTP/2 www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
IP 142.250.74.163:0
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 7bd42e5a35b5fb3ff852d6ea9191ca83
8a141eb392a05a2dea3dcd83b97940ef70a81ebc
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
GET /images/icons/material/system/2x/settings_grey600_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 22:22:45 GMT
expires: Sun, 26 Nov 2023 22:22:45 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 2106
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.130200 OK 48 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.130:0
File type ASCII text, with very long lines (3502)
Hash 297e24828abaf97fb29460fd75369140
e9e02d737f1bcf9874a55562edff5f795a1c170c
cdbe4e689ca060e94f00f0aa4c45a89efacddac90df42929ff42a3bff44a9d3e
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 48265
date: Sat, 26 Nov 2022 22:57:51 GMT
expires: Sat, 26 Nov 2022 22:57:51 GMT
cache-control: private, max-age=3000
etag: "1668095300071091"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash be0da545931a6e6f06c7eb8395b8a3af
bea09f1e5d361abfe41135f1497b1b469699b912
3428d08f184d29f34d4067e1796ecfa6aa9f9cc6e76006fac23aaf175bdd4eaf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.2mdn.net/simgad/8614254508539722937
142.250.74.70200 OK 39 kB URL HTTP/2 s0.2mdn.net/simgad/8614254508539722937
IP 142.250.74.70:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 728x90, components 3\012- data
Hash d71093e85b25ed8fe9e5e44b490f0774
1b088c59e48d4cee955b1020d9c50b2547726705
185075932b35d23e4825b832df16c1e4f0f52e51ad38e53ab6fec398d2c8c353
GET /simgad/8614254508539722937 HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 38917
x-content-type-options: nosniff
x-dns-prefetch-control: off
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 10:41:37 GMT
expires: Wed, 22 Nov 2023 10:41:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Nov 2022 13:14:18 GMT
content-type: image/jpeg
age: 389774
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_-lRRYdvSwjxOHnKIoYf2oGYEQWXgiHjX81PDdjQ9C8gxKYbQ9aH418Z3MHVj4-RXYZaDJylmMy7Ik4VqgEjmJvKprCxxnQp_hM43HOEtL0Jc6p7iXGTT91_TbYNwG-9PGnhEatVlyAiQeF0vPZrR_4b9wnK5vnUggly5dJt_K2Jo44aPyYxyE3-hUsL91txLSHX9Ar3QmyASa6x-rSvx_hXZK-mlmqYtlWMvPyQxVgzDHBXnP1FF02GQ2ApsbqflTfaiGbBpfSpVT6Vfq1MZPpnjOfZUbmHKQZomzWksqO3pUUz6L6hlThlZY0I1deFseK1hQrMz7dUb0_K-fy5U1DJ_rSUzJJ-F14qhhC-AjWBJ58mtX84ZotJrLzo9MKPH2y-hYhLNhvZD0Jsse9K0jOY6-5U3fZHTB_zAxwqpAdKtZsDP3k4v3tsLRDhQLstf2u7pINjHunp1X1jlwQujRywlPP6fhhmA64Wf1srZw2JIhzTE8XPd7leDgWGgE1siyTGLiaQgS753bN1o8PkIWxxPPW6xGSu1mhqYiaYASctz2dWYzxpMHc55vFDz-dcVdNQ6sEMLwQmJC--fnJT-ZEE0N3vxzNQFIaVXoIeT4iNGuV10jjW-srKcZiAEOiz2JG6A5CMZlmDHnsy-oHKuQkfyOTxSAVFC2ZEkgOX5h7XJ0-nH8C5wHbcLenqrtFNWD1b9cn6WL1p3zwErK5gg_w1PaWZBEJ9gokkLhlIS_95aVfUqwgKBkGybr-ik9iUzALVEysHYi1GRZKzns8bxC5CeWEJLeWLCIs1MOj1KCCQ8G3mkVcKiJknzzodw5vNM-6rrXjXBDotFXhKDNxOtWAXUkzDgr7Ux4RtEid63r4zI_kIrbUW8ea7FWKfvvcinWR-_P8d_gEEENEM7q6R51Kbafq3EYMO9RB1V7k3-ymAbRVMFOtl5ruB9t-Wut6iWDSvmFQrVr-jFWoweGXGM9hvs-konxDzPNxk5e3zugN4oOj9H9QTUGp2UA27kMpuHS7NGbW944NuU-kDDSnYARsZH8IDO3GOA-MtWo2l7BufPOWSojGLGZ88Lvo7zo_nfyLOY6TB4HuQfqD5r5PrlriSeh7bxByIBYtDVb1RHVnMpkFnFOfGOeklBep1iwWAa8009uh-3FUIF-6WqynaYxt1UMTnC2iJSwdZdsdpbn7868591Ii-JRDSsGv45ZhJnO20t4Q&sai=AMfl-YQIqWIUL3UbDSXuyzmV9i9jJQlLbGDIeeYOrpgVbrEiveTa_AHLanuUoDvuUTAx9PQO9DKcUQc-gON1shL-iN9-7SExOF4HqulVyI_eqmngqFmikn5vVM6KuBBZbx9hY5bNTRsXpuV70yENbQux_oyG8fID3uP-pVGQc2SBY5EXFOymmkrIHQvSGV1nXF72CFHw9WaPWkZASYaMjUVPkguHMu7oOv5GaPBGrGQHR_P7VmNwqoPCBQ&sig=Cg0ArKJSzFhQG0fbL-RVEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20221110.23686&arae=0&ftch=1&adurl=
142.250.74.98200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_-lRRYdvSwjxOHnKIoYf2oGYEQWXgiHjX81PDdjQ9C8gxKYbQ9aH418Z3MHVj4-RXYZaDJylmMy7Ik4VqgEjmJvKprCxxnQp_hM43HOEtL0Jc6p7iXGTT91_TbYNwG-9PGnhEatVlyAiQeF0vPZrR_4b9wnK5vnUggly5dJt_K2Jo44aPyYxyE3-hUsL91txLSHX9Ar3QmyASa6x-rSvx_hXZK-mlmqYtlWMvPyQxVgzDHBXnP1FF02GQ2ApsbqflTfaiGbBpfSpVT6Vfq1MZPpnjOfZUbmHKQZomzWksqO3pUUz6L6hlThlZY0I1deFseK1hQrMz7dUb0_K-fy5U1DJ_rSUzJJ-F14qhhC-AjWBJ58mtX84ZotJrLzo9MKPH2y-hYhLNhvZD0Jsse9K0jOY6-5U3fZHTB_zAxwqpAdKtZsDP3k4v3tsLRDhQLstf2u7pINjHunp1X1jlwQujRywlPP6fhhmA64Wf1srZw2JIhzTE8XPd7leDgWGgE1siyTGLiaQgS753bN1o8PkIWxxPPW6xGSu1mhqYiaYASctz2dWYzxpMHc55vFDz-dcVdNQ6sEMLwQmJC--fnJT-ZEE0N3vxzNQFIaVXoIeT4iNGuV10jjW-srKcZiAEOiz2JG6A5CMZlmDHnsy-oHKuQkfyOTxSAVFC2ZEkgOX5h7XJ0-nH8C5wHbcLenqrtFNWD1b9cn6WL1p3zwErK5gg_w1PaWZBEJ9gokkLhlIS_95aVfUqwgKBkGybr-ik9iUzALVEysHYi1GRZKzns8bxC5CeWEJLeWLCIs1MOj1KCCQ8G3mkVcKiJknzzodw5vNM-6rrXjXBDotFXhKDNxOtWAXUkzDgr7Ux4RtEid63r4zI_kIrbUW8ea7FWKfvvcinWR-_P8d_gEEENEM7q6R51Kbafq3EYMO9RB1V7k3-ymAbRVMFOtl5ruB9t-Wut6iWDSvmFQrVr-jFWoweGXGM9hvs-konxDzPNxk5e3zugN4oOj9H9QTUGp2UA27kMpuHS7NGbW944NuU-kDDSnYARsZH8IDO3GOA-MtWo2l7BufPOWSojGLGZ88Lvo7zo_nfyLOY6TB4HuQfqD5r5PrlriSeh7bxByIBYtDVb1RHVnMpkFnFOfGOeklBep1iwWAa8009uh-3FUIF-6WqynaYxt1UMTnC2iJSwdZdsdpbn7868591Ii-JRDSsGv45ZhJnO20t4Q&sai=AMfl-YQIqWIUL3UbDSXuyzmV9i9jJQlLbGDIeeYOrpgVbrEiveTa_AHLanuUoDvuUTAx9PQO9DKcUQc-gON1shL-iN9-7SExOF4HqulVyI_eqmngqFmikn5vVM6KuBBZbx9hY5bNTRsXpuV70yENbQux_oyG8fID3uP-pVGQc2SBY5EXFOymmkrIHQvSGV1nXF72CFHw9WaPWkZASYaMjUVPkguHMu7oOv5GaPBGrGQHR_P7VmNwqoPCBQ&sig=Cg0ArKJSzFhQG0fbL-RVEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20221110.23686&arae=0&ftch=1&adurl=
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsv_-lRRYdvSwjxOHnKIoYf2oGYEQWXgiHjX81PDdjQ9C8gxKYbQ9aH418Z3MHVj4-RXYZaDJylmMy7Ik4VqgEjmJvKprCxxnQp_hM43HOEtL0Jc6p7iXGTT91_TbYNwG-9PGnhEatVlyAiQeF0vPZrR_4b9wnK5vnUggly5dJt_K2Jo44aPyYxyE3-hUsL91txLSHX9Ar3QmyASa6x-rSvx_hXZK-mlmqYtlWMvPyQxVgzDHBXnP1FF02GQ2ApsbqflTfaiGbBpfSpVT6Vfq1MZPpnjOfZUbmHKQZomzWksqO3pUUz6L6hlThlZY0I1deFseK1hQrMz7dUb0_K-fy5U1DJ_rSUzJJ-F14qhhC-AjWBJ58mtX84ZotJrLzo9MKPH2y-hYhLNhvZD0Jsse9K0jOY6-5U3fZHTB_zAxwqpAdKtZsDP3k4v3tsLRDhQLstf2u7pINjHunp1X1jlwQujRywlPP6fhhmA64Wf1srZw2JIhzTE8XPd7leDgWGgE1siyTGLiaQgS753bN1o8PkIWxxPPW6xGSu1mhqYiaYASctz2dWYzxpMHc55vFDz-dcVdNQ6sEMLwQmJC--fnJT-ZEE0N3vxzNQFIaVXoIeT4iNGuV10jjW-srKcZiAEOiz2JG6A5CMZlmDHnsy-oHKuQkfyOTxSAVFC2ZEkgOX5h7XJ0-nH8C5wHbcLenqrtFNWD1b9cn6WL1p3zwErK5gg_w1PaWZBEJ9gokkLhlIS_95aVfUqwgKBkGybr-ik9iUzALVEysHYi1GRZKzns8bxC5CeWEJLeWLCIs1MOj1KCCQ8G3mkVcKiJknzzodw5vNM-6rrXjXBDotFXhKDNxOtWAXUkzDgr7Ux4RtEid63r4zI_kIrbUW8ea7FWKfvvcinWR-_P8d_gEEENEM7q6R51Kbafq3EYMO9RB1V7k3-ymAbRVMFOtl5ruB9t-Wut6iWDSvmFQrVr-jFWoweGXGM9hvs-konxDzPNxk5e3zugN4oOj9H9QTUGp2UA27kMpuHS7NGbW944NuU-kDDSnYARsZH8IDO3GOA-MtWo2l7BufPOWSojGLGZ88Lvo7zo_nfyLOY6TB4HuQfqD5r5PrlriSeh7bxByIBYtDVb1RHVnMpkFnFOfGOeklBep1iwWAa8009uh-3FUIF-6WqynaYxt1UMTnC2iJSwdZdsdpbn7868591Ii-JRDSsGv45ZhJnO20t4Q&sai=AMfl-YQIqWIUL3UbDSXuyzmV9i9jJQlLbGDIeeYOrpgVbrEiveTa_AHLanuUoDvuUTAx9PQO9DKcUQc-gON1shL-iN9-7SExOF4HqulVyI_eqmngqFmikn5vVM6KuBBZbx9hY5bNTRsXpuV70yENbQux_oyG8fID3uP-pVGQc2SBY5EXFOymmkrIHQvSGV1nXF72CFHw9WaPWkZASYaMjUVPkguHMu7oOv5GaPBGrGQHR_P7VmNwqoPCBQ&sig=Cg0ArKJSzFhQG0fbL-RVEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20221110.23686&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://googleads.g.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Sat, 26 Nov 2022 22:57:51 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 26-Nov-2022 23:12:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 26 Nov 2022 22:57:51 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash be0da545931a6e6f06c7eb8395b8a3af
bea09f1e5d361abfe41135f1497b1b469699b912
3428d08f184d29f34d4067e1796ecfa6aa9f9cc6e76006fac23aaf175bdd4eaf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13963
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 22:57:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13963
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 22:57:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13963
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 22:57:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13963
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 22:57:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f80a9a9b55da31c98663e157dde74a19
26b8dd82140c0db021048e11bff65a391dc6b444
680c39e4ea1d784db9831958942a64f3e83618dc443c8bcaa34223d85bb5b926
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6859
x-amzn-requestid: 4a1b13ad-9455-401d-a914-c1ada2191977
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYTHRroAMFR8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-4e5d630b23cdeb2e4b6d75d1;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qk03VFAQ1od0YzamiePUE8VQp9kBv_fy5gDUrVSlLGLSdn5v4JQbvw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 14:28:34 GMT
age: 30557
etag: "26b8dd82140c0db021048e11bff65a391dc6b444"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
age: 4537
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 741ddfb19764ac9a77509e7e87cfbfb2
308c08784ce4a0757cbd112807555b83e17a1d56
e9271a76da94d8b655860c3b00d111396c5d3a227fd2f19e0ef400fd5e84d87e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8817
x-amzn-requestid: 33d3ca17-7878-4897-a634-5f626a64e820
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cJ40OEOqIAMFaOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6380a1b4-040288d571fc10b96d893fa4;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 11:06:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: f_U8KSYET6kaKAPbEV7sHW0tO6JGijsqUvghniwzFCRd2YGQjVlFoA==
via: 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 10:16:33 GMT
etag: "308c08784ce4a0757cbd112807555b83e17a1d56"
content-type: image/jpeg
age: 45678
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8aa8094-2375-4409-9501-0fe4e50b766d.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8aa8094-2375-4409-9501-0fe4e50b766d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d6328cb630204883d77babc9922075f1
e440f7b94b53b6e7880b26f9653b1b266aae0190
b15144c88277e24acde95b45e56fb2d237f5b1d34a9590aa5aa2741f7102a9fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8aa8094-2375-4409-9501-0fe4e50b766d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8584
x-amzn-requestid: ef9e42a9-be9d-4239-831d-4c4250b0cb8d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCKAsGTDIAMFa1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8a04-17e610e05ee024007d64c6ea;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 02:48:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t-piL9xKmcPO_0sQryoAbpT03ZaUonSHkGK6eD3fid_WrQRJgEvgrw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 14:36:47 GMT
age: 30064
etag: "e440f7b94b53b6e7880b26f9653b1b266aae0190"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 433875a1b1fef34e45f2d8ac344c07e3
f2129466436cbbdd58abe42a47fb7af19eba58e6
ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5099
x-amzn-requestid: 57648043-7820-453d-9549-0f743b6c2557
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4jFBvoAMFl1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-53b59d607b82c264180f469d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VsdLWuh4rCawI5V0YYGaHxEMl2YEVNgsbjfCwzDsrnCZhRK2FkCkVw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "f2129466436cbbdd58abe42a47fb7af19eba58e6"
content-type: image/jpeg
age: 4537
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8197b890-dd48-403d-9c61-3406a67e2578.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8197b890-dd48-403d-9c61-3406a67e2578.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 48713d6090df316bed8ab2b1e6698d70
767a6fef172a54d7659417d9cb809d955d130562
702a09de59300336419371adafae4185f7ad8bca43dc4e633f748f68feb967c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8197b890-dd48-403d-9c61-3406a67e2578.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3669
x-amzn-requestid: 66d1c64e-532e-4661-84dc-90b0d1569a3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8Jr3FUtIAMFc1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2318-6946a6345e5702cb7d968616;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:04:56 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: Nt2hePjJ3CZ4bJR0I87O25Z0lX_4KOcoD4_DitVZteBlMJiuG1JCcg==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 3bb2b699cd244bf37141ea08a6a61732.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 11:39:25 GMT
age: 40706
etag: "767a6fef172a54d7659417d9cb809d955d130562"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_-lRRYdvSwjxOHnKIoYf2oGYEQWXgiHjX81PDdjQ9C8gxKYbQ9aH418Z3MHVj4-RXYZaDJylmMy7Ik4VqgEjmJvKprCxxnQp_hM43HOEtL0Jc6p7iXGTT91_TbYNwG-9PGnhEatVlyAiQeF0vPZrR_4b9wnK5vnUggly5dJt_K2Jo44aPyYxyE3-hUsL91txLSHX9Ar3QmyASa6x-rSvx_hXZK-mlmqYtlWMvPyQxVgzDHBXnP1FF02GQ2ApsbqflTfaiGbBpfSpVT6Vfq1MZPpnjOfZUbmHKQZomzWksqO3pUUz6L6hlThlZY0I1deFseK1hQrMz7dUb0_K-fy5U1DJ_rSUzJJ-F14qhhC-AjWBJ58mtX84ZotJrLzo9MKPH2y-hYhLNhvZD0Jsse9K0jOY6-5U3fZHTB_zAxwqpAdKtZsDP3k4v3tsLRDhQLstf2u7pINjHunp1X1jlwQujRywlPP6fhhmA64Wf1srZw2JIhzTE8XPd7leDgWGgE1siyTGLiaQgS753bN1o8PkIWxxPPW6xGSu1mhqYiaYASctz2dWYzxpMHc55vFDz-dcVdNQ6sEMLwQmJC--fnJT-ZEE0N3vxzNQFIaVXoIeT4iNGuV10jjW-srKcZiAEOiz2JG6A5CMZlmDHnsy-oHKuQkfyOTxSAVFC2ZEkgOX5h7XJ0-nH8C5wHbcLenqrtFNWD1b9cn6WL1p3zwErK5gg_w1PaWZBEJ9gokkLhlIS_95aVfUqwgKBkGybr-ik9iUzALVEysHYi1GRZKzns8bxC5CeWEJLeWLCIs1MOj1KCCQ8G3mkVcKiJknzzodw5vNM-6rrXjXBDotFXhKDNxOtWAXUkzDgr7Ux4RtEid63r4zI_kIrbUW8ea7FWKfvvcinWR-_P8d_gEEENEM7q6R51Kbafq3EYMO9RB1V7k3-ymAbRVMFOtl5ruB9t-Wut6iWDSvmFQrVr-jFWoweGXGM9hvs-konxDzPNxk5e3zugN4oOj9H9QTUGp2UA27kMpuHS7NGbW944NuU-kDDSnYARsZH8IDO3GOA-MtWo2l7BufPOWSojGLGZ88Lvo7zo_nfyLOY6TB4HuQfqD5r5PrlriSeh7bxByIBYtDVb1RHVnMpkFnFOfGOeklBep1iwWAa8009uh-3FUIF-6WqynaYxt1UMTnC2iJSwdZdsdpbn7868591Ii-JRDSsGv45ZhJnO20t4Q&sai=AMfl-YQIqWIUL3UbDSXuyzmV9i9jJQlLbGDIeeYOrpgVbrEiveTa_AHLanuUoDvuUTAx9PQO9DKcUQc-gON1shL-iN9-7SExOF4HqulVyI_eqmngqFmikn5vVM6KuBBZbx9hY5bNTRsXpuV70yENbQux_oyG8fID3uP-pVGQc2SBY5EXFOymmkrIHQvSGV1nXF72CFHw9WaPWkZASYaMjUVPkguHMu7oOv5GaPBGrGQHR_P7VmNwqoPCBQ&sig=Cg0ArKJSzFhQG0fbL-RVEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=386&vt=11&dtpt=383&dett=2&cstd=0&cisv=r20221110.23686&arae=0&ftch=1&adurl=
142.250.74.98200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_-lRRYdvSwjxOHnKIoYf2oGYEQWXgiHjX81PDdjQ9C8gxKYbQ9aH418Z3MHVj4-RXYZaDJylmMy7Ik4VqgEjmJvKprCxxnQp_hM43HOEtL0Jc6p7iXGTT91_TbYNwG-9PGnhEatVlyAiQeF0vPZrR_4b9wnK5vnUggly5dJt_K2Jo44aPyYxyE3-hUsL91txLSHX9Ar3QmyASa6x-rSvx_hXZK-mlmqYtlWMvPyQxVgzDHBXnP1FF02GQ2ApsbqflTfaiGbBpfSpVT6Vfq1MZPpnjOfZUbmHKQZomzWksqO3pUUz6L6hlThlZY0I1deFseK1hQrMz7dUb0_K-fy5U1DJ_rSUzJJ-F14qhhC-AjWBJ58mtX84ZotJrLzo9MKPH2y-hYhLNhvZD0Jsse9K0jOY6-5U3fZHTB_zAxwqpAdKtZsDP3k4v3tsLRDhQLstf2u7pINjHunp1X1jlwQujRywlPP6fhhmA64Wf1srZw2JIhzTE8XPd7leDgWGgE1siyTGLiaQgS753bN1o8PkIWxxPPW6xGSu1mhqYiaYASctz2dWYzxpMHc55vFDz-dcVdNQ6sEMLwQmJC--fnJT-ZEE0N3vxzNQFIaVXoIeT4iNGuV10jjW-srKcZiAEOiz2JG6A5CMZlmDHnsy-oHKuQkfyOTxSAVFC2ZEkgOX5h7XJ0-nH8C5wHbcLenqrtFNWD1b9cn6WL1p3zwErK5gg_w1PaWZBEJ9gokkLhlIS_95aVfUqwgKBkGybr-ik9iUzALVEysHYi1GRZKzns8bxC5CeWEJLeWLCIs1MOj1KCCQ8G3mkVcKiJknzzodw5vNM-6rrXjXBDotFXhKDNxOtWAXUkzDgr7Ux4RtEid63r4zI_kIrbUW8ea7FWKfvvcinWR-_P8d_gEEENEM7q6R51Kbafq3EYMO9RB1V7k3-ymAbRVMFOtl5ruB9t-Wut6iWDSvmFQrVr-jFWoweGXGM9hvs-konxDzPNxk5e3zugN4oOj9H9QTUGp2UA27kMpuHS7NGbW944NuU-kDDSnYARsZH8IDO3GOA-MtWo2l7BufPOWSojGLGZ88Lvo7zo_nfyLOY6TB4HuQfqD5r5PrlriSeh7bxByIBYtDVb1RHVnMpkFnFOfGOeklBep1iwWAa8009uh-3FUIF-6WqynaYxt1UMTnC2iJSwdZdsdpbn7868591Ii-JRDSsGv45ZhJnO20t4Q&sai=AMfl-YQIqWIUL3UbDSXuyzmV9i9jJQlLbGDIeeYOrpgVbrEiveTa_AHLanuUoDvuUTAx9PQO9DKcUQc-gON1shL-iN9-7SExOF4HqulVyI_eqmngqFmikn5vVM6KuBBZbx9hY5bNTRsXpuV70yENbQux_oyG8fID3uP-pVGQc2SBY5EXFOymmkrIHQvSGV1nXF72CFHw9WaPWkZASYaMjUVPkguHMu7oOv5GaPBGrGQHR_P7VmNwqoPCBQ&sig=Cg0ArKJSzFhQG0fbL-RVEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=386&vt=11&dtpt=383&dett=2&cstd=0&cisv=r20221110.23686&arae=0&ftch=1&adurl=
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsv_-lRRYdvSwjxOHnKIoYf2oGYEQWXgiHjX81PDdjQ9C8gxKYbQ9aH418Z3MHVj4-RXYZaDJylmMy7Ik4VqgEjmJvKprCxxnQp_hM43HOEtL0Jc6p7iXGTT91_TbYNwG-9PGnhEatVlyAiQeF0vPZrR_4b9wnK5vnUggly5dJt_K2Jo44aPyYxyE3-hUsL91txLSHX9Ar3QmyASa6x-rSvx_hXZK-mlmqYtlWMvPyQxVgzDHBXnP1FF02GQ2ApsbqflTfaiGbBpfSpVT6Vfq1MZPpnjOfZUbmHKQZomzWksqO3pUUz6L6hlThlZY0I1deFseK1hQrMz7dUb0_K-fy5U1DJ_rSUzJJ-F14qhhC-AjWBJ58mtX84ZotJrLzo9MKPH2y-hYhLNhvZD0Jsse9K0jOY6-5U3fZHTB_zAxwqpAdKtZsDP3k4v3tsLRDhQLstf2u7pINjHunp1X1jlwQujRywlPP6fhhmA64Wf1srZw2JIhzTE8XPd7leDgWGgE1siyTGLiaQgS753bN1o8PkIWxxPPW6xGSu1mhqYiaYASctz2dWYzxpMHc55vFDz-dcVdNQ6sEMLwQmJC--fnJT-ZEE0N3vxzNQFIaVXoIeT4iNGuV10jjW-srKcZiAEOiz2JG6A5CMZlmDHnsy-oHKuQkfyOTxSAVFC2ZEkgOX5h7XJ0-nH8C5wHbcLenqrtFNWD1b9cn6WL1p3zwErK5gg_w1PaWZBEJ9gokkLhlIS_95aVfUqwgKBkGybr-ik9iUzALVEysHYi1GRZKzns8bxC5CeWEJLeWLCIs1MOj1KCCQ8G3mkVcKiJknzzodw5vNM-6rrXjXBDotFXhKDNxOtWAXUkzDgr7Ux4RtEid63r4zI_kIrbUW8ea7FWKfvvcinWR-_P8d_gEEENEM7q6R51Kbafq3EYMO9RB1V7k3-ymAbRVMFOtl5ruB9t-Wut6iWDSvmFQrVr-jFWoweGXGM9hvs-konxDzPNxk5e3zugN4oOj9H9QTUGp2UA27kMpuHS7NGbW944NuU-kDDSnYARsZH8IDO3GOA-MtWo2l7BufPOWSojGLGZ88Lvo7zo_nfyLOY6TB4HuQfqD5r5PrlriSeh7bxByIBYtDVb1RHVnMpkFnFOfGOeklBep1iwWAa8009uh-3FUIF-6WqynaYxt1UMTnC2iJSwdZdsdpbn7868591Ii-JRDSsGv45ZhJnO20t4Q&sai=AMfl-YQIqWIUL3UbDSXuyzmV9i9jJQlLbGDIeeYOrpgVbrEiveTa_AHLanuUoDvuUTAx9PQO9DKcUQc-gON1shL-iN9-7SExOF4HqulVyI_eqmngqFmikn5vVM6KuBBZbx9hY5bNTRsXpuV70yENbQux_oyG8fID3uP-pVGQc2SBY5EXFOymmkrIHQvSGV1nXF72CFHw9WaPWkZASYaMjUVPkguHMu7oOv5GaPBGrGQHR_P7VmNwqoPCBQ&sig=Cg0ArKJSzFhQG0fbL-RVEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=386&vt=11&dtpt=383&dett=2&cstd=0&cisv=r20221110.23686&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://googleads.g.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Sat, 26 Nov 2022 22:57:51 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 26-Nov-2022 23:12:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 26 Nov 2022 22:57:51 GMT
X-Firefox-Spdy: h2
p4-dziex3c2cbmjw-cfmk2o7yw2ypo4km-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
142.250.74.67200 OK 204 B URL HTTP/2 p4-dziex3c2cbmjw-cfmk2o7yw2ypo4km-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
IP 142.250.74.67:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ed64a398b1ee80a3365dceedcd62db10
f4d1e1810464e182258b7a77b0ff2cff278c4973
5abd37fe473fb1ea9c110a348868f8edfb5fa0c887983ab6fc1fe8d1a78eea85
GET /v6exp3/redir.html HTTP/1.1
Host: p4-dziex3c2cbmjw-cfmk2o7yw2ypo4km-if-v6exp3-v4.metric.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-amc90sCS3_bRO5dxbK8T-w' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 204
date: Sat, 26 Nov 2022 22:57:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 0562ec366d5074b0ccbbc09aa0bf270c
cd73a29a99396e789d016ec6ceb867b4ebbb6a27
f079530d7c77ee50f5607dba5e183321fad178b71521de5d37e1c737b98d726c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6182
Cache-Control: max-age=145327
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:51 GMT
Etag: "63821678-13a"
Expires: Mon, 28 Nov 2022 15:19:58 GMT
Last-Modified: Sat, 26 Nov 2022 13:36:56 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 314
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kM71FLOzWbAJmAKdg2ICAgAAAHHLr3x14o24EO6ZgmN_T2gXrxjUezkrXgASAAA&wp=Y4KZ7gAOL0ICHklgAAWm2baiJCTtrF5vLz_P1g
178.250.2.129200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kM71FLOzWbAJmAKdg2ICAgAAAHHLr3x14o24EO6ZgmN_T2gXrxjUezkrXgASAAA&wp=Y4KZ7gAOL0ICHklgAAWm2baiJCTtrF5vLz_P1g
IP 178.250.2.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kM71FLOzWbAJmAKdg2ICAgAAAHHLr3x14o24EO6ZgmN_T2gXrxjUezkrXgASAAA&wp=Y4KZ7gAOL0ICHklgAAWm2baiJCTtrF5vLz_P1g HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 273856
date: Sat, 26 Nov 2022 22:57:51 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 22992fd74cd15d18bd692f6beda86d99
0d7bcf1d3bd47c158f8644725686f3789f637473
7cd4e32f3564daacbed1b6b25b53a4cf696e5355172133c9aa663facc62eefb4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4177
Cache-Control: max-age=91504
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:51 GMT
Etag: "63814c0e-139"
Expires: Mon, 28 Nov 2022 00:22:55 GMT
Last-Modified: Fri, 25 Nov 2022 23:13:18 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
216.58.207.195200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 15:21:36 GMT
expires: Thu, 23 Nov 2023 15:21:36 GMT
cache-control: public, max-age=31536000
age: 286575
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ebed87c2caeb00f3daca76b91f1d5856
0b524def376f7bf90143e8c002fbbdc776d4b457
9d50a898f0edaf6c38ef9827dcfc72de00b8afd71fde693644c3e7424f6efaa4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5423
Cache-Control: max-age=169058
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:52 GMT
Etag: "63827623-118"
Expires: Mon, 28 Nov 2022 21:55:30 GMT
Last-Modified: Sat, 26 Nov 2022 20:25:07 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
104.17.24.14200 OK 4.4 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (2171)
Hash 44c72b9bddfecacc9114e84d685dd085
38f3ff57b9b64a38fc2153eb30564b7fc1c86349
c82afd4f2d89288b4b79244f0c24264810b11326670710ac8e28e7bfc87c7991
GET /ajax/libs/webfont/1.6.28/webfontloader.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:57:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 4420
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04030-30d9"
last-modified: Mon, 04 May 2020 16:17:52 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 240114
expires: Thu, 16 Nov 2023 22:57:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hR7y56sqIkBG%2BUjBdxxXSqMsA6xR7%2FEEMRfzqZTpuqnfsHHZtcuFJktObp5%2FvN%2BXG%2Fuea%2BItJmR8fmyY192zGO%2BR%2Bo4uREquIgnRtX7QR77e3Ev0K1W50%2FEg0yeODAQRe5c%2Bx1AB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 770639bcae5eb4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y4KZ7gAOL0ICHklgAAWm2baiJCTtrF5vLz_P1g&u=%7Cn%2FC9tqacPJR1kHgc9%2BO9m2D%2FDH0CFUfXuMJbhUhjQpA%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wex4wrickbMUZRKOKI9x3CRWxXwI91a8pDDJ69kuVluLmZxu1Ki7VVhwYwpFybsbxqZ4SvE43byYSjT4tSD4BnjQ64sMdvbg0hoUJEkhEBQL8Y1oG3zq5CaI0q1GsUrTuugQBab1x2P-kVDd3jjxmJMJTNMdqqtn9W6ThM_bYBi6jvloSJqAJCxYUkXdrIWRhEK7e5lSkUhha6LknFfnCxvX4V3kdQTtRhau4ABL29M8PSZjbbqTOEVs9wgKiESfpYC2u8Prj7hGCHYvJPayqhH_fYWJJiSPEMKhPo-OV9kTyimLHXYNPzcI4y3GfZkBK43kH7EEy_MFfx3BE1OjL-iT2RiMSSSedY8L13T5dpL6eYlluiA7fxRivgrobupHSs78ZuNDkZ6NkHiZasLXA81pPA2AGjJlgtjLKDs10h6ve9ARVEH-ob82Wi7aZIHtZbPWxC1HZk77gVFV3AMIHYdt1--yu7gScZvivrOP6KFPDQ2LjH5uaotmyybUmu_RxgIdtIq6G_Gi3-ROpHWyhAj&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxPME7pmCY8LeOOCS-cAP2c2W8A3JntKxXI3w4taTAcCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0yOTI2OTAwNTkxODU1NDkyyAEJqQL9XeJ6n3CxPqgDAaoE-QFP0NFKIzrebCZmj_c8SgcjFW6qa_63LfOepF540bxSMU-LyNk18RUxR0jzTyB01TddukCupNRBS1hdvb9ucR6l9qYoF1_-VeenTbGjjV_KH81Re8MmbRbuAdLf4NB6C55TLJgk-k_S3aaHErXGckcKw2uCKQATJ1WO3jmF_2mSS23rnobm0Ma92enfcgIcxZlsKtYyk2CQPWhp3HJLIrJbDx74YczRX2fQrzo5VeFSnpTpCM661OD7IM29gDck_S3ef8KIWAOku9aGADCVKTyCyqKZA5odpUQ8Uy9P3oLFjwECpN-d_7YEaNhC38sdVxw_WtXzXOj95D2ABt2t4pzGm42riwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3cC4nHIpQrqKwRN2sPGKl_fDfNPw%26client%3Dca-pub-2926900591855492%26adurl%3D
178.250.0.138200 OK 54 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y4KZ7gAOL0ICHklgAAWm2baiJCTtrF5vLz_P1g&u=%7Cn%2FC9tqacPJR1kHgc9%2BO9m2D%2FDH0CFUfXuMJbhUhjQpA%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wex4wrickbMUZRKOKI9x3CRWxXwI91a8pDDJ69kuVluLmZxu1Ki7VVhwYwpFybsbxqZ4SvE43byYSjT4tSD4BnjQ64sMdvbg0hoUJEkhEBQL8Y1oG3zq5CaI0q1GsUrTuugQBab1x2P-kVDd3jjxmJMJTNMdqqtn9W6ThM_bYBi6jvloSJqAJCxYUkXdrIWRhEK7e5lSkUhha6LknFfnCxvX4V3kdQTtRhau4ABL29M8PSZjbbqTOEVs9wgKiESfpYC2u8Prj7hGCHYvJPayqhH_fYWJJiSPEMKhPo-OV9kTyimLHXYNPzcI4y3GfZkBK43kH7EEy_MFfx3BE1OjL-iT2RiMSSSedY8L13T5dpL6eYlluiA7fxRivgrobupHSs78ZuNDkZ6NkHiZasLXA81pPA2AGjJlgtjLKDs10h6ve9ARVEH-ob82Wi7aZIHtZbPWxC1HZk77gVFV3AMIHYdt1--yu7gScZvivrOP6KFPDQ2LjH5uaotmyybUmu_RxgIdtIq6G_Gi3-ROpHWyhAj&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxPME7pmCY8LeOOCS-cAP2c2W8A3JntKxXI3w4taTAcCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0yOTI2OTAwNTkxODU1NDkyyAEJqQL9XeJ6n3CxPqgDAaoE-QFP0NFKIzrebCZmj_c8SgcjFW6qa_63LfOepF540bxSMU-LyNk18RUxR0jzTyB01TddukCupNRBS1hdvb9ucR6l9qYoF1_-VeenTbGjjV_KH81Re8MmbRbuAdLf4NB6C55TLJgk-k_S3aaHErXGckcKw2uCKQATJ1WO3jmF_2mSS23rnobm0Ma92enfcgIcxZlsKtYyk2CQPWhp3HJLIrJbDx74YczRX2fQrzo5VeFSnpTpCM661OD7IM29gDck_S3ef8KIWAOku9aGADCVKTyCyqKZA5odpUQ8Uy9P3oLFjwECpN-d_7YEaNhC38sdVxw_WtXzXOj95D2ABt2t4pzGm42riwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3cC4nHIpQrqKwRN2sPGKl_fDfNPw%26client%3Dca-pub-2926900591855492%26adurl%3D
IP 178.250.0.138:0
Hash 0f47ce7ff999d23d1a452f6a504bfb90
b4ced0239909c9e0e14a15ae55d0d8839cab54ff
d8a1ffdd54beba7529dd149f2cdf803c6f18f7ee28a5a4ae3422a794b48506e2
GET /delivery/r/afr.php?z=Y4KZ7gAOL0ICHklgAAWm2baiJCTtrF5vLz_P1g&u=%7Cn%2FC9tqacPJR1kHgc9%2BO9m2D%2FDH0CFUfXuMJbhUhjQpA%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wex4wrickbMUZRKOKI9x3CRWxXwI91a8pDDJ69kuVluLmZxu1Ki7VVhwYwpFybsbxqZ4SvE43byYSjT4tSD4BnjQ64sMdvbg0hoUJEkhEBQL8Y1oG3zq5CaI0q1GsUrTuugQBab1x2P-kVDd3jjxmJMJTNMdqqtn9W6ThM_bYBi6jvloSJqAJCxYUkXdrIWRhEK7e5lSkUhha6LknFfnCxvX4V3kdQTtRhau4ABL29M8PSZjbbqTOEVs9wgKiESfpYC2u8Prj7hGCHYvJPayqhH_fYWJJiSPEMKhPo-OV9kTyimLHXYNPzcI4y3GfZkBK43kH7EEy_MFfx3BE1OjL-iT2RiMSSSedY8L13T5dpL6eYlluiA7fxRivgrobupHSs78ZuNDkZ6NkHiZasLXA81pPA2AGjJlgtjLKDs10h6ve9ARVEH-ob82Wi7aZIHtZbPWxC1HZk77gVFV3AMIHYdt1--yu7gScZvivrOP6KFPDQ2LjH5uaotmyybUmu_RxgIdtIq6G_Gi3-ROpHWyhAj&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxPME7pmCY8LeOOCS-cAP2c2W8A3JntKxXI3w4taTAcCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0yOTI2OTAwNTkxODU1NDkyyAEJqQL9XeJ6n3CxPqgDAaoE-QFP0NFKIzrebCZmj_c8SgcjFW6qa_63LfOepF540bxSMU-LyNk18RUxR0jzTyB01TddukCupNRBS1hdvb9ucR6l9qYoF1_-VeenTbGjjV_KH81Re8MmbRbuAdLf4NB6C55TLJgk-k_S3aaHErXGckcKw2uCKQATJ1WO3jmF_2mSS23rnobm0Ma92enfcgIcxZlsKtYyk2CQPWhp3HJLIrJbDx74YczRX2fQrzo5VeFSnpTpCM661OD7IM29gDck_S3ef8KIWAOku9aGADCVKTyCyqKZA5odpUQ8Uy9P3oLFjwECpN-d_7YEaNhC38sdVxw_WtXzXOj95D2ABt2t4pzGm42riwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3cC4nHIpQrqKwRN2sPGKl_fDfNPw%26client%3Dca-pub-2926900591855492%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:57:51 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=I3G6zKG1LjTjY2ina5-eKQx-Rs-zCpqh8Y9zr_pICzHzQl6fybg2RDViPrtyaKSJO9fJ1PWSKFZqmhv1wpv12qZc4iOecE1WMuqKUVV85x6kL8VqugTaMLpGpGsl_DBPByRleM3w9Bh5nhY8XWhQ7DmUfDOoXz6gOEMAWLdQNM2CiBM0xDjCMxT7go-louhTtm5DpXccGPIBim2notcVoFVQmjmR6xx84ScRm6IL4HFjbi2O5-O2mWikVNeyCbL76glC0g"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 85314018
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ebed87c2caeb00f3daca76b91f1d5856
0b524def376f7bf90143e8c002fbbdc776d4b457
9d50a898f0edaf6c38ef9827dcfc72de00b8afd71fde693644c3e7424f6efaa4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5423
Cache-Control: max-age=169058
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:52 GMT
Etag: "63827623-118"
Expires: Mon, 28 Nov 2022 21:55:30 GMT
Last-Modified: Sat, 26 Nov 2022 20:25:07 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 075b978d5014c00a9cb96e9971337061
68c7c339233a16b5ab4c2e4814fe479b1b467ebd
8f6a792b948278a69165b1c2108c488cfd8df36b3d21e7b3964f5ca3cc879422
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4079
Cache-Control: max-age=85970
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:52 GMT
Etag: "638136d3-138"
Expires: Sun, 27 Nov 2022 22:50:42 GMT
Last-Modified: Fri, 25 Nov 2022 21:42:43 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 075b978d5014c00a9cb96e9971337061
68c7c339233a16b5ab4c2e4814fe479b1b467ebd
8f6a792b948278a69165b1c2108c488cfd8df36b3d21e7b3964f5ca3cc879422
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4079
Cache-Control: max-age=85970
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:52 GMT
Etag: "638136d3-138"
Expires: Sun, 27 Nov 2022 22:50:42 GMT
Last-Modified: Fri, 25 Nov 2022 21:42:43 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 075b978d5014c00a9cb96e9971337061
68c7c339233a16b5ab4c2e4814fe479b1b467ebd
8f6a792b948278a69165b1c2108c488cfd8df36b3d21e7b3964f5ca3cc879422
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4079
Cache-Control: max-age=85970
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:52 GMT
Etag: "638136d3-138"
Expires: Sun, 27 Nov 2022 22:50:42 GMT
Last-Modified: Fri, 25 Nov 2022 21:42:43 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 075b978d5014c00a9cb96e9971337061
68c7c339233a16b5ab4c2e4814fe479b1b467ebd
8f6a792b948278a69165b1c2108c488cfd8df36b3d21e7b3964f5ca3cc879422
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4079
Cache-Control: max-age=85970
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:52 GMT
Etag: "638136d3-138"
Expires: Sun, 27 Nov 2022 22:50:42 GMT
Last-Modified: Fri, 25 Nov 2022 21:42:43 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 3852b37eaf8eba233a2ee7fe68e5e37a
3bdd2fd87ab90d0d47bc13c4f7f62574ed227a76
bda9bbb7a73b5f06187e8e2e307643de64055d7c0107b7a07a9a71034978ed4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6230
Cache-Control: max-age=122357
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:52 GMT
Etag: "6381bc8f-13a"
Expires: Mon, 28 Nov 2022 08:57:09 GMT
Last-Modified: Sat, 26 Nov 2022 07:13:19 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 314
static.criteo.net/flash/icon/back_button2.svg
178.250.0.130200 OK 293 B URL HTTP/2 static.criteo.net/flash/icon/back_button2.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash d9f776bdc698e1bc9c6a1977218019cd
5763cfb5ac79adf0fa7f03a82bad04eea2dca243
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
GET /flash/icon/back_button2.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 22:57:52 GMT
content-type: image/svg+xml
content-length: 293
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
etag: "626a59dc-125"
expires: Tue, 21 Nov 2023 22:57:52 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/close_button.svg
178.250.0.130200 OK 308 B URL HTTP/2 static.criteo.net/flash/icon/close_button.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 1bfe2e290ec4440da74a2e2c249eae2b
0b888a3f9e27d1554f2e21d51e7a1c223d00dbd4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
GET /flash/icon/close_button.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 22:57:52 GMT
content-type: image/svg+xml
content-length: 308
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
etag: "5e46a5e4-134"
expires: Tue, 21 Nov 2023 22:57:52 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash bfeca0cee3e1e4c7a1cc17748442d9e4
66d6f00f250d953376d1f8238bfdbce12eee7496
41154f4b9a3a1fd3f5e12fd434325d9a0ab1c9e24ab430aa9afff13db53d8e0b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6390
Cache-Control: max-age=138346
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:52 GMT
Etag: "6381fa64-138"
Expires: Mon, 28 Nov 2022 13:23:38 GMT
Last-Modified: Sat, 26 Nov 2022 11:37:08 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash bfeca0cee3e1e4c7a1cc17748442d9e4
66d6f00f250d953376d1f8238bfdbce12eee7496
41154f4b9a3a1fd3f5e12fd434325d9a0ab1c9e24ab430aa9afff13db53d8e0b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6390
Cache-Control: max-age=138346
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:52 GMT
Etag: "6381fa64-138"
Expires: Mon, 28 Nov 2022 13:23:38 GMT
Last-Modified: Sat, 26 Nov 2022 11:37:08 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash bfeca0cee3e1e4c7a1cc17748442d9e4
66d6f00f250d953376d1f8238bfdbce12eee7496
41154f4b9a3a1fd3f5e12fd434325d9a0ab1c9e24ab430aa9afff13db53d8e0b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6390
Cache-Control: max-age=138346
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:52 GMT
Etag: "6381fa64-138"
Expires: Mon, 28 Nov 2022 13:23:38 GMT
Last-Modified: Sat, 26 Nov 2022 11:37:08 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash bfeca0cee3e1e4c7a1cc17748442d9e4
66d6f00f250d953376d1f8238bfdbce12eee7496
41154f4b9a3a1fd3f5e12fd434325d9a0ab1c9e24ab430aa9afff13db53d8e0b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6281
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:57:52 GMT
Last-Modified: Sat, 26 Nov 2022 21:13:11 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 312
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:26:57 GMT
expires: Thu, 23 Nov 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 271855
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ffransa%2F1300x1700%2Ffra20610233_cinfinity_v174015.jpg&v=3&w=800&s=tPRDxhKjLufmHsXyvZYar0UI&b=800
178.250.2.135200 OK 38 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ffransa%2F1300x1700%2Ffra20610233_cinfinity_v174015.jpg&v=3&w=800&s=tPRDxhKjLufmHsXyvZYar0UI&b=800
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 667x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f07e259af15f10dabfe1f029d5bf21dd
3a9f7aa55a2de8d52b073aa9263bc98ec254535c
713758623ec0a3892516093e504840378055d6fc14445fcc764f46da03fb8849
GET /img/img?c=3&cq=256&h=800&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ffransa%2F1300x1700%2Ffra20610233_cinfinity_v174015.jpg&v=3&w=800&s=tPRDxhKjLufmHsXyvZYar0UI&b=800 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31323604
expires: Fri, 24 Nov 2023 11:57:57 GMT
date: Sat, 26 Nov 2022 22:57:52 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 37742
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221028%2F51f24e8aa0f94bbe8b239c64eae51437_img_horizontal_1.jpg&v=3&w=1200&s=9MD4swMXUrd7ZbkmNAi1JhN6
178.250.2.135200 OK 46 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221028%2F51f24e8aa0f94bbe8b239c64eae51437_img_horizontal_1.jpg&v=3&w=1200&s=9MD4swMXUrd7ZbkmNAi1JhN6
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x628, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e3271a53f2fc58cc4d50b6cd2dfaaf10
9a9b6ccc8485f512658ef7a111663b30dac73902
2d9020d73cfce433763a2f94ac72303748902877f9d0d6030a17232a80baf2d0
GET /img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221028%2F51f24e8aa0f94bbe8b239c64eae51437_img_horizontal_1.jpg&v=3&w=1200&s=9MD4swMXUrd7ZbkmNAi1JhN6 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=28863750
expires: Fri, 27 Oct 2023 00:40:22 GMT
date: Sat, 26 Nov 2022 22:57:51 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 45590
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbirgitte-herskind%2F1300x1700%2Fbhd3932781_csummerchecks_v31.jpg&v=3&w=800&s=9YJ7S91fm13bgpANar621bEb&b=800
178.250.2.135200 OK 88 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbirgitte-herskind%2F1300x1700%2Fbhd3932781_csummerchecks_v31.jpg&v=3&w=800&s=9YJ7S91fm13bgpANar621bEb&b=800
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 407x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 03ccd85d345c85b1ca29b43e5b589f9a
c19b9d620ca5cc317e4c808c8b2c1a07da17cfbf
949b6bc0471dc9174c256b46eb68c15868c1ec5deb3fbe9d2f3715c150b45eda
GET /img/img?c=3&cq=256&h=800&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbirgitte-herskind%2F1300x1700%2Fbhd3932781_csummerchecks_v31.jpg&v=3&w=800&s=9YJ7S91fm13bgpANar621bEb&b=800 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30541108
expires: Wed, 15 Nov 2023 10:36:20 GMT
date: Sat, 26 Nov 2022 22:57:51 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 88208
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fpavement%2F1300x1700%2Fpav20005_cblack.jpg&v=3&w=800&s=aF0Y9di-IHK5pq_7S7hfMxtt&b=800
178.250.2.135200 OK 21 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fpavement%2F1300x1700%2Fpav20005_cblack.jpg&v=3&w=800&s=aF0Y9di-IHK5pq_7S7hfMxtt&b=800
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 604x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 52dcd1066662f95a6956c94417c60d04
78241621c5e4d73c32939ae28dfc7c14826b6ba7
3f0c86f0ada203700f6a7224bc09404e611194de14f645ed1d2eb2f6f482cfef
GET /img/img?c=3&cq=256&h=800&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fpavement%2F1300x1700%2Fpav20005_cblack.jpg&v=3&w=800&s=aF0Y9di-IHK5pq_7S7hfMxtt&b=800 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=29141308
expires: Mon, 30 Oct 2023 05:46:21 GMT
date: Sat, 26 Nov 2022 22:57:51 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 21268
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgap%2F1300x1700%2Fgap000619044_choneyimhome_v407.jpg&v=3&w=800&s=Rx-5hoLc1ogXxOBTkbY_iACR&b=800
178.250.2.135200 OK 18 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgap%2F1300x1700%2Fgap000619044_choneyimhome_v407.jpg&v=3&w=800&s=Rx-5hoLc1ogXxOBTkbY_iACR&b=800
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 545x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1070e05f07e7c1311072a2f4fd2fcb11
60b9ad11a171e309050a408b55a659ac606b0267
5429e01560fb25747dfcc3aeca124a34b2b31b574498fcc330c6a32e2141ba7f
GET /img/img?c=3&cq=256&h=800&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgap%2F1300x1700%2Fgap000619044_choneyimhome_v407.jpg&v=3&w=800&s=Rx-5hoLc1ogXxOBTkbY_iACR&b=800 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=29162610
expires: Mon, 30 Oct 2023 11:41:23 GMT
date: Sat, 26 Nov 2022 22:57:51 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 18222
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=I3G6zKG1LjTjY2ina5-eKQx-Rs-zCpqh8Y9zr_pICzHzQl6fybg2RDViPrtyaKSJO9fJ1PWSKFZqmhv1wpv12qZc4iOecE1WMuqKUVV85x6kL8VqugTaMLpGpGsl_DBPByRleM3w9Bh5nhY8XWhQ7DmUfDOoXz6gOEMAWLdQNM2CiBM0xDjCMxT7go-louhTtm5DpXccGPIBim2notcVoFVQmjmR6xx84ScRm6IL4HFjbi2O5-O2mWikVNeyCbL76glC0g&sds=2&rev=83599&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=I3G6zKG1LjTjY2ina5-eKQx-Rs-zCpqh8Y9zr_pICzHzQl6fybg2RDViPrtyaKSJO9fJ1PWSKFZqmhv1wpv12qZc4iOecE1WMuqKUVV85x6kL8VqugTaMLpGpGsl_DBPByRleM3w9Bh5nhY8XWhQ7DmUfDOoXz6gOEMAWLdQNM2CiBM0xDjCMxT7go-louhTtm5DpXccGPIBim2notcVoFVQmjmR6xx84ScRm6IL4HFjbi2O5-O2mWikVNeyCbL76glC0g&sds=2&rev=83599&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=I3G6zKG1LjTjY2ina5-eKQx-Rs-zCpqh8Y9zr_pICzHzQl6fybg2RDViPrtyaKSJO9fJ1PWSKFZqmhv1wpv12qZc4iOecE1WMuqKUVV85x6kL8VqugTaMLpGpGsl_DBPByRleM3w9Bh5nhY8XWhQ7DmUfDOoXz6gOEMAWLdQNM2CiBM0xDjCMxT7go-louhTtm5DpXccGPIBim2notcVoFVQmjmR6xx84ScRm6IL4HFjbi2O5-O2mWikVNeyCbL76glC0g&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:57:52 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/criteo_logo_2021.svg
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/criteo_logo_2021.svg
IP 178.250.0.130:0
GET /flash/icon/criteo_logo_2021.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 22:57:52 GMT
content-type: image/svg+xml
last-modified: Thu, 27 May 2021 13:21:59 GMT
etag: W/"60af9cf7-891"
expires: Tue, 21 Nov 2023 22:57:52 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/adchoices_en.svg
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/adchoices_en.svg
IP 178.250.0.130:0
GET /flash/icon/adchoices_en.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 22:57:52 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
etag: W/"5e42b9ee-759"
expires: Tue, 21 Nov 2023 22:57:52 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=QEH9EN93wCs3txwqPiSRw8TATw5TAPQoonG6Yyi5yzyljmltOPLAVQ-N0dQdGyHd5QWOrhsb0Y6aWyabujB8wpx-8hFzLSeCGAsl-wk0rAVY-MjW4JDpVYlHcahhNHMEMO5V84gPCY3CvN--yw1s5VSt-b0Bf1IXtp7Qi9u5CQUyINHgp3sDL2znZdF9KPuthAeul1VDnEHWdCamNByD8gZNQA2QABrVUWhNOM8OL-LGG8Hegc16yx4CDNPf792dKwFP1emqcLox9W2JW5FhGWdNU7XUjNikacAOcp8A9bD74hiXapUoCwV5jJcdPjCmu4DkQ9VyJAMEer_GddYuO171zAh3r3vpIQykKiIDVagR5HE4lbJMd5fYVYvbkELQR6LemImiyHpbe_E7tGiBS79y23l3WlCnnusr63TsMK06roPjrkjTBVhbruwjhNHEy6yhnw
178.250.0.160200 OK 0 B URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=QEH9EN93wCs3txwqPiSRw8TATw5TAPQoonG6Yyi5yzyljmltOPLAVQ-N0dQdGyHd5QWOrhsb0Y6aWyabujB8wpx-8hFzLSeCGAsl-wk0rAVY-MjW4JDpVYlHcahhNHMEMO5V84gPCY3CvN--yw1s5VSt-b0Bf1IXtp7Qi9u5CQUyINHgp3sDL2znZdF9KPuthAeul1VDnEHWdCamNByD8gZNQA2QABrVUWhNOM8OL-LGG8Hegc16yx4CDNPf792dKwFP1emqcLox9W2JW5FhGWdNU7XUjNikacAOcp8A9bD74hiXapUoCwV5jJcdPjCmu4DkQ9VyJAMEer_GddYuO171zAh3r3vpIQykKiIDVagR5HE4lbJMd5fYVYvbkELQR6LemImiyHpbe_E7tGiBS79y23l3WlCnnusr63TsMK06roPjrkjTBVhbruwjhNHEy6yhnw
IP 178.250.0.160:0
GET /delivery/lg.php?cppv=3&cpp=QEH9EN93wCs3txwqPiSRw8TATw5TAPQoonG6Yyi5yzyljmltOPLAVQ-N0dQdGyHd5QWOrhsb0Y6aWyabujB8wpx-8hFzLSeCGAsl-wk0rAVY-MjW4JDpVYlHcahhNHMEMO5V84gPCY3CvN--yw1s5VSt-b0Bf1IXtp7Qi9u5CQUyINHgp3sDL2znZdF9KPuthAeul1VDnEHWdCamNByD8gZNQA2QABrVUWhNOM8OL-LGG8Hegc16yx4CDNPf792dKwFP1emqcLox9W2JW5FhGWdNU7XUjNikacAOcp8A9bD74hiXapUoCwV5jJcdPjCmu4DkQ9VyJAMEer_GddYuO171zAh3r3vpIQykKiIDVagR5HE4lbJMd5fYVYvbkELQR6LemImiyHpbe_E7tGiBS79y23l3WlCnnusr63TsMK06roPjrkjTBVhbruwjhNHEy6yhnw HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:57:51 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2880804
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy_small.svg
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy_small.svg
IP 178.250.0.130:0
GET /flash/icon/privacy_small.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 22:57:52 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
etag: W/"5e42ba84-6aa"
expires: Tue, 21 Nov 2023 22:57:52 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fundingchoicesmessages.google.com/i/pub-2926900591855492?ers=1
142.250.74.46200 OK 0 B URL HTTP/2 fundingchoicesmessages.google.com/i/pub-2926900591855492?ers=1
IP 142.250.74.46:0
GET /i/pub-2926900591855492?ers=1 HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpliciaty.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 26 Nov 2022 22:57:49 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-a-nUaI65rHwg0Agw3TMdVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.criteo.net/animejs/animejs.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/animejs/animejs.js
IP 178.250.0.130:0
GET /animejs/animejs.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 22:57:52 GMT
content-type: text/javascript
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
etag: W/"5c9a64eb-3181"
expires: Tue, 21 Nov 2023 22:57:52 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy.svg
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy.svg
IP 178.250.0.130:0
GET /flash/icon/privacy.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 22:57:52 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
etag: W/"5e4d1491-646"
expires: Tue, 21 Nov 2023 22:57:52 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2