r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3862
Expires: Thu, 02 Feb 2023 03:06:45 GMT
Date: Thu, 02 Feb 2023 02:02:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10521
Expires: Thu, 02 Feb 2023 04:57:44 GMT
Date: Thu, 02 Feb 2023 02:02:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 01:43:27 GMT
content-type: application/json
age: 1136
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7076
Expires: Thu, 02 Feb 2023 04:00:19 GMT
Date: Thu, 02 Feb 2023 02:02:23 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PjutDrR00ks39sC8fVckituNvAAjSy1FitB6EIa2zrMC6faRyzMgAASMuu3fP7KXaifDu74RyMY=
x-amz-request-id: VKRVN8J0MDWG6Z2W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 01:22:53 GMT
age: 2370
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:02:23 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
dusunmekvepaylasmak.blogspot.hu/search/label/7'den%207'ye%20bedava%20kampanyas%C4%B1n%C4%B1%201%20Nisan'a%20kadar%20uzatt%C4%B1
216.58.207.193302 Moved Temporarily 252 B URL HTTP/1.1 dusunmekvepaylasmak.blogspot.hu/search/label/7'den%207'ye%20bedava%20kampanyas%C4%B1n%C4%B1%201%20Nisan'a%20kadar%20uzatt%C4%B1
IP 216.58.207.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash c8e008b17c49a973883e8e632015ea0d
2bd97cc6c47d346fea554e4d826ca69d4e5aa713
1a631a6e6213237037f8764f7d132d13013596cf3ce5b73a031e2ced5c14fe41
Analyzer Verdict Alert fortinet Malware
GET /search/label/7'den%207'ye%20bedava%20kampanyas%C4%B1n%C4%B1%201%20Nisan'a%20kadar%20uzatt%C4%B1 HTTP/1.1
Host: dusunmekvepaylasmak.blogspot.hu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://dusunmekvepaylasmak.blogspot.com/search/label/7'den%207'ye%20bedava%20kampanyas%C4%B1n%C4%B1%201%20Nisan'a%20kadar%20uzatt%C4%B1
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Thu, 02 Feb 2023 02:02:24 GMT
Expires: Thu, 02 Feb 2023 02:02:24 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 252
Server: GSE
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 01:41:43 GMT
age: 1241
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11182
Expires: Thu, 02 Feb 2023 05:08:46 GMT
Date: Thu, 02 Feb 2023 02:02:24 GMT
Connection: keep-alive
dusunmekvepaylasmak.blogspot.com/search/label/7'den%207'ye%20bedava%20kampanyas%C4%B1n%C4%B1%201%20Nisan'a%20kadar%20uzatt%C4%B1
216.58.207.193301 Moved Permanently 252 B URL HTTP/1.1 dusunmekvepaylasmak.blogspot.com/search/label/7'den%207'ye%20bedava%20kampanyas%C4%B1n%C4%B1%201%20Nisan'a%20kadar%20uzatt%C4%B1
IP 216.58.207.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 852a491e2572afe1d09a9559802ed77f
4ad418c62e9441df2ca8887c7f27c3768266601d
1ba984395672bac3d46cf489107dce216c7e85571d17d8e258862e486964f2f8
Analyzer Verdict Alert fortinet Malware
GET /search/label/7'den%207'ye%20bedava%20kampanyas%C4%B1n%C4%B1%201%20Nisan'a%20kadar%20uzatt%C4%B1 HTTP/1.1
Host: dusunmekvepaylasmak.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://dusunmekvepaylasmak.blogspot.com/search/label/7'den%207'ye%20bedava%20kampanyas%C4%B1n%C4%B1%201%20Nisan'a%20kadar%20uzatt%C4%B1
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Thu, 02 Feb 2023 02:02:24 GMT
Expires: Thu, 02 Feb 2023 02:02:24 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 252
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 160ff46273e80b1a0523615a5a30b060
7ccdc86678b4cddb5b6c36e42e884ca11866ae59
0eb9af55430b8b3c5c429edae27548a210d638227ba2c23d29a715bc5b79a477
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.34.56.119101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.34.56.119:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: s7acl05WNeoSHnvQ1sWazw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DsseEU/guJYW3pYbEGJl5hC0mDM=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4867
Expires: Thu, 02 Feb 2023 03:23:32 GMT
Date: Thu, 02 Feb 2023 02:02:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4867
Expires: Thu, 02 Feb 2023 03:23:32 GMT
Date: Thu, 02 Feb 2023 02:02:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4867
Expires: Thu, 02 Feb 2023 03:23:32 GMT
Date: Thu, 02 Feb 2023 02:02:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4867
Expires: Thu, 02 Feb 2023 03:23:32 GMT
Date: Thu, 02 Feb 2023 02:02:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4867
Expires: Thu, 02 Feb 2023 03:23:32 GMT
Date: Thu, 02 Feb 2023 02:02:25 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 02:29:58 GMT
age: 84747
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df4a4906103a8f409c066b1cded71384
22847e3926db3e3d5f6b529297a4abe8b377c3a6
84a14b73b2cc7f4641eaa5539cbee0a109ae2b05cf88d06797a2b00c8d4f0c43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9221
x-amzn-requestid: 209c2ad4-7a1f-4867-bf98-4ca8621111a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTBFv5IAMFgqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-1627a9d603c69f7760ad013b;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kAkcQOKAvuq3k-X081MLCqon-cnQJqGryVeE0fwX0a7bcXgJlySIvg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:12:07 GMT
age: 13818
etag: "22847e3926db3e3d5f6b529297a4abe8b377c3a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 395bb0f71f9eba82f5ca23548d08900f
b1fada280c7ea3eb775a6fa46ce173a51eb045f5
7443babb69532e1ee3ee779e05ad4f62de2c5bf62548bcb5702f8290a527664c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11367
x-amzn-requestid: 67702c15-9a68-46ec-95e5-efb57f08e2f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5OGfBoAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6e-033182ba55fdd0230ad5a270;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H1HIK6zdv95V96NxqSfHCqYtDQNPZ9NLAwG5oM5mwRr3nAUR0BPxlg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:25:11 GMT
age: 13034
etag: "b1fada280c7ea3eb775a6fa46ce173a51eb045f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23ac16a6-b0c6-4c81-9bd1-78ee332bf49a.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23ac16a6-b0c6-4c81-9bd1-78ee332bf49a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0ceb09fa3caa0fcda4a6314141e2d019
d08f43956f6859e4c2385231bb5506262257445f
a2100701c69f86920b14714b19ec14db9ebfd91000f0ec2397b8f27d981bc1ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23ac16a6-b0c6-4c81-9bd1-78ee332bf49a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14593
x-amzn-requestid: 796fc590-5a08-4765-b861-e5f707e4d7f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdLoFHQoAMFaAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbe3-3f93635c337e77e453bba394;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gYo5IyA5mM2B5nw6O2QkkZ6-go2CzG8Nwb_pWSixGplAl7LsbmWUiQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:00:19 GMT
age: 14526
etag: "d08f43956f6859e4c2385231bb5506262257445f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 41c44051cc3b4c69924df66048e7566b
5c6a12595c3f6005fec4baa84b16575951e72178
72dff70bcb417c088aba013a486e1dbabe099b40fb718a283f1ba220b142b848
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7450
x-amzn-requestid: 1b3ef150-9b12-4b8b-94e6-0d6debbd24ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTDFmPoAMF-UQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-0fea883b0ce1a1b933dc2be8;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: kJt9M6jkAc3_ouNRDkJ76Njz9yKNesoJjBK_ja3dTcz5oiowk6LKbQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:25:10 GMT
age: 13035
etag: "5c6a12595c3f6005fec4baa84b16575951e72178"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 160ff46273e80b1a0523615a5a30b060
7ccdc86678b4cddb5b6c36e42e884ca11866ae59
0eb9af55430b8b3c5c429edae27548a210d638227ba2c23d29a715bc5b79a477
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6790e3bf4d10b1ffba32a22dc588c640
cdae35517dfea800134393a1095f44462bc428a5
4f4132588ee7337fff24da64b89e43b277c4ef0a2646acfba37aea08fc0f4256
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9416
x-amzn-requestid: acc48967-4cc1-4bfd-bc33-7bcefd8e6547
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKVGjqIAMFa2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-1d1cd4de0a30760e792d32e5;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tO6GOuwj9So6Itm9ug-EQgF5iJ3NPidhS8OY4LpBvq0XftWTqGcOHA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:57:16 GMT
age: 14709
etag: "cdae35517dfea800134393a1095f44462bc428a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3d29f78f39e32e907ddeeb9cddb2460e
79697c5da8c1a7f0a8c1e4e73c155695ea7a4fce
d5161650375a0a70a98fd4b3f2f2d2d8150133d6cb1722a1dc64973a0ad42934
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
216.58.207.233200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 09:41:18 GMT
expires: Wed, 31 Jan 2024 09:41:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Jan 2023 14:52:06 GMT
content-type: text/css
age: 145268
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 7c9cfd95365e4c498af2087df6694290
02d175c10c7f423deedcc2e4f59f6267f0701398
7f03c9ef03abc468b3c246e34fdd1465d131a8ba963aa735b0894af5ab371d5a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6441
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:26 GMT
Last-Modified: Thu, 02 Feb 2023 00:15:05 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1263a80e4bed64529b9e8ca61ccea9b8
97356de87ac091a56de8bb5485ce99712408d62b
f174c72446dbd9a2d0f1b6f74f02bec21d15d8da763b976d7bb9e598e786a7ee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
142.250.74.106200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (32341)
Hash 856f85cc1b07156fa844b44a10c236c2
7cef457c0e1cd0c20f4e699564ea8997f0332021
c61aa9ce7b32f93630abac1a4b27382f9333e0ff69477c9d9099070ae0742b01
GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 06:03:15 GMT
expires: Fri, 26 Jan 2024 06:03:15 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 590351
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-19531429-2
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-19531429-2
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 6827dcc4a890edc1bf5351437ed79c3e
7003eb1b0d3edeadd1f63b327ba1e6e0b2e44ee9
4ed3700f385286461a42cd5e60490879f0b9b9bec1438934859253e298bcde55
GET /gtag/js?id=UA-19531429-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 02 Feb 2023 02:02:26 GMT
expires: Thu, 02 Feb 2023 02:02:26 GMT
cache-control: private, max-age=900
last-modified: Thu, 02 Feb 2023 00:50:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43942
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dusunmekvepaylasmak.blogspot.com/search/label/7'den%207'ye%20bedava%20kampanyas%C4%B1n%C4%B1%201%20Nisan'a%20kadar%20uzatt%C4%B1
216.58.207.193200 OK 121 kB URL HTTP/2 dusunmekvepaylasmak.blogspot.com/search/label/7'den%207'ye%20bedava%20kampanyas%C4%B1n%C4%B1%201%20Nisan'a%20kadar%20uzatt%C4%B1
IP 216.58.207.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (526)
Size 121 kB (121073 bytes)
Hash f8e409c6d0311103aa763fa346d763f2
fef70859219925ef6615ee99174a1be6db75b663
156de4398356a5c76dc793c090614c3f12679cc7ff94fee4a2f6dd9679c7d164
Analyzer Verdict Alert fortinet Malware
GET /search/label/7'den%207'ye%20bedava%20kampanyas%C4%B1n%C4%B1%201%20Nisan'a%20kadar%20uzatt%C4%B1 HTTP/1.1
Host: dusunmekvepaylasmak.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
content-security-policy-report-only: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.blogger.com/cspreport
content-type: text/html; charset=UTF-8
expires: Thu, 02 Feb 2023 02:02:25 GMT
date: Thu, 02 Feb 2023 02:02:25 GMT
cache-control: private, max-age=0
last-modified: Wed, 11 Jan 2023 14:43:35 GMT
etag: W/"ee1f36bd9892526c8d03b1a6d5a8cb77db8a2e927358c53660b19e58cc7f8a11"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 121073
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-xEd01iu7wYs/WNQyp2_ZylI/AAAAAAAAfYw/4aDtHLGAUJsFyha667k1Mq5s4DQuw7jSgCLcB/w72-h72-p-k-no-nu/sut_tozu_ile_ilgili_resimler.png
142.250.74.161200 OK 6.2 kB URL HTTP/2 2.bp.blogspot.com/-xEd01iu7wYs/WNQyp2_ZylI/AAAAAAAAfYw/4aDtHLGAUJsFyha667k1Mq5s4DQuw7jSgCLcB/w72-h72-p-k-no-nu/sut_tozu_ile_ilgili_resimler.png
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash aa25670b8226d8b5752fd5a198fd73a4
be1908b060ec7bf840e8d2b0aa4c930fe11910d6
f1b63d3ceb7dd55aae1a46fc852703730d58d88efcd5be463741c6718e7557c4
GET /-xEd01iu7wYs/WNQyp2_ZylI/AAAAAAAAfYw/4aDtHLGAUJsFyha667k1Mq5s4DQuw7jSgCLcB/w72-h72-p-k-no-nu/sut_tozu_ile_ilgili_resimler.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="sut_tozu_ile_ilgili_resimler.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 6242
x-xss-protection: 0
date: Thu, 02 Feb 2023 02:02:26 GMT
expires: Thu, 02 Feb 2023 16:59:51 GMT
cache-control: public, max-age=86400, no-transform
etag: "v7d8d"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 55479aa6e6608aa0344e94646fa04c2c
d7473adebf241cab9efcc8fd47282e227fb5f6a4
7400dad1d76fa2f944fa7d67210de19b51b9692cf38f53624e04a84b48162943
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 522
Cache-Control: max-age=119939
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:26 GMT
Etag: "63da492b-118"
Expires: Fri, 03 Feb 2023 11:21:25 GMT
Last-Modified: Wed, 01 Feb 2023 11:12:43 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
142.250.74.46200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1429)
Hash 2354fa28c58e16af89e7da6224aeca93
6bd3430a81730ed77c5d53f5406ddb40306ecabd
dc35ae752b7be035bd3a3bd4ae205e41afce5fa8f88e1bfe0e9524610df10f3b
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20950
date: Thu, 02 Feb 2023 02:02:26 GMT
expires: Thu, 02 Feb 2023 02:02:26 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "03884666a30c671f"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3d29f78f39e32e907ddeeb9cddb2460e
79697c5da8c1a7f0a8c1e4e73c155695ea7a4fce
d5161650375a0a70a98fd4b3f2f2d2d8150133d6cb1722a1dc64973a0ad42934
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-HUmtqrqd1vY/UdBT1ue1sFI/AAAAAAAAHLQ/-XCWnkloqIk/w72-h72-p-k-no-nu/kopek_memesi_Hidradenitis_s%C3%BCpp%C3%BCrativa.jpg
142.250.74.161200 OK 2.6 kB URL HTTP/2 4.bp.blogspot.com/-HUmtqrqd1vY/UdBT1ue1sFI/AAAAAAAAHLQ/-XCWnkloqIk/w72-h72-p-k-no-nu/kopek_memesi_Hidradenitis_s%C3%BCpp%C3%BCrativa.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 27fb438b2231a8fb9354d3a94e88d675
3a8767652d71f34a91c17e6bcfa51dd4efbe0a39
60d540d1619ec165029a7d4755b7a269ce4eededfe6a30f9c5b825773af5c064
GET /-HUmtqrqd1vY/UdBT1ue1sFI/AAAAAAAAHLQ/-XCWnkloqIk/w72-h72-p-k-no-nu/kopek_memesi_Hidradenitis_s%C3%BCpp%C3%BCrativa.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="kopek_memesi_Hidradenitis_s_pp_rativa.jpg";filename*=UTF-8''kopek_memesi_Hidradenitis_s%C3%BCpp%C3%BCrativa.jpg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2571
x-xss-protection: 0
date: Thu, 02 Feb 2023 02:02:26 GMT
expires: Thu, 02 Feb 2023 16:59:51 GMT
cache-control: public, max-age=86400, no-transform
etag: "v71fc"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-IGiL3PugZAY/WOkUkw_t33I/AAAAAAAAf9o/klSQhEhtekcdUeFGu4p1Iqry9pj4wOiMwCLcB/w72-h72-p-k-no-nu/rafadan_tayfa_trt_cizgi_film.jpg
142.250.74.161200 OK 4.5 kB URL HTTP/2 2.bp.blogspot.com/-IGiL3PugZAY/WOkUkw_t33I/AAAAAAAAf9o/klSQhEhtekcdUeFGu4p1Iqry9pj4wOiMwCLcB/w72-h72-p-k-no-nu/rafadan_tayfa_trt_cizgi_film.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash ec5fcd46230caf0da45a16686274f1cb
0f6ab0f39b022b8b641c566d68ce811854f4aa9d
2763d313411a14a376c085e44d14fab586ac4e935bbc1932e8c67d4453234aa3
GET /-IGiL3PugZAY/WOkUkw_t33I/AAAAAAAAf9o/klSQhEhtekcdUeFGu4p1Iqry9pj4wOiMwCLcB/w72-h72-p-k-no-nu/rafadan_tayfa_trt_cizgi_film.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="rafadan_tayfa_trt_cizgi_film.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4484
x-xss-protection: 0
date: Thu, 02 Feb 2023 02:02:26 GMT
expires: Thu, 02 Feb 2023 16:59:51 GMT
cache-control: public, max-age=86400, no-transform
etag: "v7fdb"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 7c9cfd95365e4c498af2087df6694290
02d175c10c7f423deedcc2e4f59f6267f0701398
7f03c9ef03abc468b3c246e34fdd1465d131a8ba963aa735b0894af5ab371d5a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6441
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:26 GMT
Last-Modified: Thu, 02 Feb 2023 00:15:05 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 280
4.bp.blogspot.com/-eEQ1wGAHge8/WO7Hs45GUbI/AAAAAAAAgFE/ECg4dqGkGI4SsvpcmeU5zTiKrzodfWnCACLcB/w72-h72-p-k-no-nu/1930-otto-pilny-esir_k%25C3%25B6le-pazari-tablo.jpg
142.250.74.161200 OK 2.5 kB URL HTTP/2 4.bp.blogspot.com/-eEQ1wGAHge8/WO7Hs45GUbI/AAAAAAAAgFE/ECg4dqGkGI4SsvpcmeU5zTiKrzodfWnCACLcB/w72-h72-p-k-no-nu/1930-otto-pilny-esir_k%25C3%25B6le-pazari-tablo.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash baa9d06bcef2697388ab6393245d1ac3
03b4fa0d4f6bf24dcf771901e6fbda91c8ba796b
d6d167706d609d87aa2a48e337f22dd9c0dfda289cdca0d79ab5b18b0511b695
GET /-eEQ1wGAHge8/WO7Hs45GUbI/AAAAAAAAgFE/ECg4dqGkGI4SsvpcmeU5zTiKrzodfWnCACLcB/w72-h72-p-k-no-nu/1930-otto-pilny-esir_k%25C3%25B6le-pazari-tablo.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="1930-otto-pilny-esir_k_le-pazari-tablo.jpg";filename*=UTF-8''1930-otto-pilny-esir_k%C3%B6le-pazari-tablo.jpg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2468
x-xss-protection: 0
date: Thu, 02 Feb 2023 02:02:26 GMT
expires: Wed, 25 Jan 2023 07:24:57 GMT
cache-control: public, max-age=86400, no-transform
etag: "v8059"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-20442478-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-20442478-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash b1b0f4a37df9f7a3221b845c0b93c1ce
0caefbc1051880f92875d2fa938278345b1cb0f3
9fd6455c065c23912876c40efd5b60c369b1f304b50eaa128fcdff3c70247d9a
GET /gtag/js?id=UA-20442478-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 02 Feb 2023 02:02:26 GMT
expires: Thu, 02 Feb 2023 02:02:26 GMT
cache-control: private, max-age=900
last-modified: Thu, 02 Feb 2023 00:50:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43937
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.2200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.2:0
File type ASCII text, with very long lines (3642)
Hash 3432f14ae960ae295afda63aa9a013b9
090757629b6ad9db06860ec9374afda4a0672c91
bd40ca143d7853819b8cb107c298165ff8f475e085a4076b68c6f0e2563aac88
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 02 Feb 2023 02:02:26 GMT
expires: Thu, 02 Feb 2023 02:02:26 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 7250894703656625153
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50096
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-9qcp8ikE9qo/UeK13fWU81I/AAAAAAAAHZY/tkvLjLo_sps/s72-c/turkcell_vinn_3g_modem_ayarlari.jpg
142.250.74.161200 OK 2.2 kB URL HTTP/2 2.bp.blogspot.com/-9qcp8ikE9qo/UeK13fWU81I/AAAAAAAAHZY/tkvLjLo_sps/s72-c/turkcell_vinn_3g_modem_ayarlari.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 3feda69b54a7382821cea05719fd60f7
38c4c734a116c904aef9b12dee521f2d231dd1da
bc791c45c72bbb86a69ba1d4463e82b7cde6cb1f849606740e9ab1f8743c09ec
GET /-9qcp8ikE9qo/UeK13fWU81I/AAAAAAAAHZY/tkvLjLo_sps/s72-c/turkcell_vinn_3g_modem_ayarlari.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="turkcell_vinn_3g_modem_ayarlari.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2162
x-xss-protection: 0
date: Thu, 02 Feb 2023 02:02:26 GMT
expires: Thu, 02 Feb 2023 16:59:51 GMT
cache-control: public, max-age=86400, no-transform
etag: "v71fc"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-bFZ2VZE22V0/Tis_QtOxbPI/AAAAAAAAAeU/J3hNDLWPsV8/s72-c/sigaranin_zararlari-sigara-cigara-sigaranin_faydalari.jpg
142.250.74.161200 OK 3.3 kB URL HTTP/2 4.bp.blogspot.com/-bFZ2VZE22V0/Tis_QtOxbPI/AAAAAAAAAeU/J3hNDLWPsV8/s72-c/sigaranin_zararlari-sigara-cigara-sigaranin_faydalari.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 224d3ec59a39b8cdd2d4c077d110c666
74bfa0bc3bbd7d8928b4b92eed15d3fec387dc96
8e58417455611270809624f5418459976924a39b03d7b3cc7e34f2408d5a45aa
GET /-bFZ2VZE22V0/Tis_QtOxbPI/AAAAAAAAAeU/J3hNDLWPsV8/s72-c/sigaranin_zararlari-sigara-cigara-sigaranin_faydalari.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="sigaranin_zararlari-sigara-cigara-sigaranin_faydalari.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3254
x-xss-protection: 0
date: Thu, 02 Feb 2023 02:02:26 GMT
expires: Wed, 25 Jan 2023 07:24:58 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1e5"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-BOY9-Uh8zIE/Un9g9Ie9CkI/AAAAAAAAH-I/ULqDya2ZItA/s72-c/10_aralik_insan_haklari_gunu.jpg
142.250.74.161200 OK 3.4 kB URL HTTP/2 1.bp.blogspot.com/-BOY9-Uh8zIE/Un9g9Ie9CkI/AAAAAAAAH-I/ULqDya2ZItA/s72-c/10_aralik_insan_haklari_gunu.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 1122177369c440f76d151b7a4edfa980
44eaed05623ad05aff05e00c3d9b2a5ff4a8335d
373a198f79ff7304371ba901dacb92918e05808978932388a2e727fcc6e70617
GET /-BOY9-Uh8zIE/Un9g9Ie9CkI/AAAAAAAAH-I/ULqDya2ZItA/s72-c/10_aralik_insan_haklari_gunu.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="10_aralik_insan_haklari_gunu.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3365
x-xss-protection: 0
date: Thu, 02 Feb 2023 02:02:26 GMT
expires: Thu, 02 Feb 2023 16:59:51 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1fe3"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-HUmtqrqd1vY/UdBT1ue1sFI/AAAAAAAAHLQ/-XCWnkloqIk/s72-c/kopek_memesi_Hidradenitis_s%C3%BCpp%C3%BCrativa.jpg
142.250.74.161200 OK 2.5 kB URL HTTP/2 4.bp.blogspot.com/-HUmtqrqd1vY/UdBT1ue1sFI/AAAAAAAAHLQ/-XCWnkloqIk/s72-c/kopek_memesi_Hidradenitis_s%C3%BCpp%C3%BCrativa.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 56135157d216e4eec2eb28a4eeb1fbb9
ef67d140c4ecf6ac7f339eb3e5d45fabe21b2e9b
2e1a2083a1acc23a31793d7a9a35810e6c44c8112a413dee00c0c2848c02b751
GET /-HUmtqrqd1vY/UdBT1ue1sFI/AAAAAAAAHLQ/-XCWnkloqIk/s72-c/kopek_memesi_Hidradenitis_s%C3%BCpp%C3%BCrativa.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v71fc"
expires: Fri, 03 Feb 2023 02:02:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="kopek_memesi_Hidradenitis_s_pp_rativa.jpg";filename*=UTF-8''kopek_memesi_Hidradenitis_s%C3%BCpp%C3%BCrativa.jpg
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 02:02:26 GMT
server: fife
content-length: 2545
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-kUiaHahkxD0/XfVN3K8_XvI/AAAAAAABN3Q/TA5Ta0QzxWsctxrq5tWNR47rcDEBxC3ewCLcBGAsYHQ/w72-h72-p-k-no-nu/sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_ya%25C5%259Fam_sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_beslenme.png
142.250.74.161200 OK 11 kB URL HTTP/2 1.bp.blogspot.com/-kUiaHahkxD0/XfVN3K8_XvI/AAAAAAABN3Q/TA5Ta0QzxWsctxrq5tWNR47rcDEBxC3ewCLcBGAsYHQ/w72-h72-p-k-no-nu/sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_ya%25C5%259Fam_sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_beslenme.png
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash 279edb5b823b4f55f7c83479a93225e3
01356acda7ff0acedb0051e71745fee61d67f62c
3935368604f5e255ee391a2f871167446fce3ed81b1df1fc7474b8e9cd358f17
GET /-kUiaHahkxD0/XfVN3K8_XvI/AAAAAAABN3Q/TA5Ta0QzxWsctxrq5tWNR47rcDEBxC3ewCLcBGAsYHQ/w72-h72-p-k-no-nu/sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_ya%25C5%259Fam_sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_beslenme.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="sa_l_kl__ya_am_sa_l_kl__beslenme.png";filename*=UTF-8''sa%C4%9Fl%C4%B1kl%C4%B1_ya%C5%9Fam_sa%C4%9Fl%C4%B1kl%C4%B1_beslenme.png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 10679
x-xss-protection: 0
date: Thu, 02 Feb 2023 02:02:26 GMT
expires: Thu, 02 Feb 2023 16:59:51 GMT
cache-control: public, max-age=86400, no-transform
etag: "v13776"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/1149436903-widgets.js
216.58.207.233200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1149436903-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash b78721b4cce75b522d9ec0d1fae9e007
4ceaa4752e3e81867193004fe928875abc0af5ce
e85f67824ac9f31deedecf0b1d58878b6b3993bad9f2b48e8312928154012f06
GET /static/v1/widgets/1149436903-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 02:15:05 GMT
expires: Thu, 01 Feb 2024 02:15:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 23:23:14 GMT
content-type: text/javascript
age: 85641
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-20442478-1&l=dataLayer&cx=c
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-20442478-1&l=dataLayer&cx=c
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 48a507cd18eeaa23200b83e9b98cd372
7892196d303b4c38ce2a235f7fc6caf8a3ecaf1e
453efe10cafe5444b7b0bf2f7279dc5b27c32ff381039fcd585d14cdf8a5732d
GET /gtag/js?id=UA-20442478-1&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 02 Feb 2023 02:02:26 GMT
expires: Thu, 02 Feb 2023 02:02:26 GMT
cache-control: private, max-age=900
last-modified: Thu, 02 Feb 2023 00:50:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43930
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs
142.250.74.46200 OK 33 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs
IP 142.250.74.46:0
File type ASCII text, with very long lines (1448)
Hash c670bba0fa340185c44b3fac93e00cae
021879412d3f8abaccdcff865b854b921eb8ec55
ac11ab0c58130b4efaf12471b158b7c98163de532aeaf2a5417f4eee51d8f333
GET /_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 32813
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 10:06:07 GMT
expires: Mon, 29 Jan 2024 10:06:07 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 07 Jan 2023 15:19:07 GMT
content-type: text/javascript; charset=UTF-8
age: 316579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/_FfC0Fw3HxcE/TRuVpWVZpJI/AAAAAAAAAJY/sPqn6idlbLw/s72-c/kosgeb.jpg
142.250.74.161200 OK 4.1 kB URL HTTP/2 1.bp.blogspot.com/_FfC0Fw3HxcE/TRuVpWVZpJI/AAAAAAAAAJY/sPqn6idlbLw/s72-c/kosgeb.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 6d50be519c80191ee9043c30938eb53c
5c764bc1ae85cca9936117ea0ec1ca7de8989a28
58c82626ef5bbae4f1cbc39e7df75682d1d9c678cf2a2d0e4b280779d5b5089c
GET /_FfC0Fw3HxcE/TRuVpWVZpJI/AAAAAAAAAJY/sPqn6idlbLw/s72-c/kosgeb.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="kosgeb.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4100
x-xss-protection: 0
date: Thu, 02 Feb 2023 02:02:26 GMT
expires: Wed, 25 Jan 2023 07:24:58 GMT
cache-control: public, max-age=86400, no-transform
etag: "v96"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-jXYId3ytCf0/UeBnGRkkuwI/AAAAAAAAHXg/ZpPWZVlFScs/s72-c/NASREDDIN_HOCA_ILE_ILGILI_KARIKATUR-YA_TUTARSA.jpg
142.250.74.161200 OK 3.9 kB URL HTTP/2 1.bp.blogspot.com/-jXYId3ytCf0/UeBnGRkkuwI/AAAAAAAAHXg/ZpPWZVlFScs/s72-c/NASREDDIN_HOCA_ILE_ILGILI_KARIKATUR-YA_TUTARSA.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash f91fb184622c776de69f08e56b12601c
5800b6197cc43faa89c793e1aafe440e1da702d0
9056fe9741c4a058dc1111aac665ca879e406cdf4b44ac0f4fd64ebb7912202d
GET /-jXYId3ytCf0/UeBnGRkkuwI/AAAAAAAAHXg/ZpPWZVlFScs/s72-c/NASREDDIN_HOCA_ILE_ILGILI_KARIKATUR-YA_TUTARSA.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="NASREDDIN_HOCA_ILE_ILGILI_KARIKATUR-YA_TUTARSA.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3855
x-xss-protection: 0
date: Thu, 02 Feb 2023 02:02:26 GMT
expires: Wed, 25 Jan 2023 07:24:58 GMT
cache-control: public, max-age=86400, no-transform
etag: "v71fc"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-b_ZayJi_MU0/WKoOrsFiSxI/AAAAAAAAeO0/Jk-YlSPl5H49R022xSiqce1qnmKk3ljIgCLcB/s72-c/facebook_arkadas_gizliligi_duzenleme.png
142.250.74.161200 OK 9.5 kB URL HTTP/2 2.bp.blogspot.com/-b_ZayJi_MU0/WKoOrsFiSxI/AAAAAAAAeO0/Jk-YlSPl5H49R022xSiqce1qnmKk3ljIgCLcB/s72-c/facebook_arkadas_gizliligi_duzenleme.png
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash 305d8fe3e2814664363d50f38c6f1453
aab5de26887140b7f27847196bfcc9aae7a7d7c2
cec8134471a879005b14d26803e313bbbcb5e0ab2c2e5af693604ef142980c0d
GET /-b_ZayJi_MU0/WKoOrsFiSxI/AAAAAAAAeO0/Jk-YlSPl5H49R022xSiqce1qnmKk3ljIgCLcB/s72-c/facebook_arkadas_gizliligi_duzenleme.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="facebook_arkadas_gizliligi_duzenleme.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 9459
x-xss-protection: 0
date: Thu, 02 Feb 2023 02:02:26 GMT
expires: Thu, 02 Feb 2023 16:59:51 GMT
cache-control: public, max-age=86400, no-transform
etag: "v78ef"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-pDbaztqQK9c/TvsCMQBjIXI/AAAAAAAACEI/yDMnjfNyEhM/s72-c/cicek_leylak-cicek_resimleri.jpg
142.250.74.161200 OK 6.3 kB URL HTTP/2 3.bp.blogspot.com/-pDbaztqQK9c/TvsCMQBjIXI/AAAAAAAACEI/yDMnjfNyEhM/s72-c/cicek_leylak-cicek_resimleri.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 425231c8fe8e77bdff8aec15f1d48354
1284a6adf99fc6e901ad2d7cd48ad8fc155b3190
6ff8f3e8fc1254ddff62c5e3ca84aae62d0edad1afbb087c51c941887e33c9b0
GET /-pDbaztqQK9c/TvsCMQBjIXI/AAAAAAAACEI/yDMnjfNyEhM/s72-c/cicek_leylak-cicek_resimleri.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="cicek_leylak-cicek_resimleri.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 6296
x-xss-protection: 0
date: Thu, 02 Feb 2023 02:02:26 GMT
expires: Wed, 25 Jan 2023 07:24:58 GMT
cache-control: public, max-age=86400, no-transform
etag: "v842"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737fb1a7e54ea78dd56b4ac44a2c1de8
4fc7537db04c8cedc6a98ea38cfcaa6ba5c8a3a7
596cb4e532b0f523b844981b7e60fba87eb3a904b0a40dfdc3802a02650f790e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/_FfC0Fw3HxcE/TRo33GUkBRI/AAAAAAAAAHo/gnp8VLgEBf0/s72-c/sigara-yasagi-bulent-duzgit.jpg
142.250.74.161200 OK 3.4 kB URL HTTP/2 1.bp.blogspot.com/_FfC0Fw3HxcE/TRo33GUkBRI/AAAAAAAAAHo/gnp8VLgEBf0/s72-c/sigara-yasagi-bulent-duzgit.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 875a5eb0b263a336d4dba17b36b67d98
4eedf6bb827cf2cfba70af9f579b7a39b6cd8581
b08d7462edc4af114d3250b105b4689fbc3bd36c687fb6149df5da0a8341d285
GET /_FfC0Fw3HxcE/TRo33GUkBRI/AAAAAAAAAHo/gnp8VLgEBf0/s72-c/sigara-yasagi-bulent-duzgit.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="sigara-yasagi-bulent-duzgit.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3364
x-xss-protection: 0
date: Thu, 02 Feb 2023 02:02:26 GMT
expires: Thu, 02 Feb 2023 16:59:51 GMT
cache-control: public, max-age=86400, no-transform
etag: "v7a"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116325 bytes)
Hash ff4671f71c958029bbf6d9694284da70
7535744f2dbaf99902a54fc529e760b08a73f265
123f781673b2e45e18df36b64984674f489a5f3541c69e295f01f554b8d3c738
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116325
date: Thu, 02 Feb 2023 02:02:26 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/-a1sGPWTrfHY/TYFcuCk5FxI/AAAAAAAAAcU/TV8lXh8FTBE/w72-h72-p-k-no-nu/20050923.jpg
142.250.74.97200 OK 4.1 kB URL HTTP/2 lh3.googleusercontent.com/-a1sGPWTrfHY/TYFcuCk5FxI/AAAAAAAAAcU/TV8lXh8FTBE/w72-h72-p-k-no-nu/20050923.jpg
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 330b9498ebf6bf12a2936236806e5353
e5e24e253fb29071dfbc0c37c84496916d3332fe
df55bb1bcafba9089dc6151fad702e33275fb88ce87d59df46e7a501a0ad4a37
GET /-a1sGPWTrfHY/TYFcuCk5FxI/AAAAAAAAAcU/TV8lXh8FTBE/w72-h72-p-k-no-nu/20050923.jpg HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="20050923.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4140
x-xss-protection: 0
date: Thu, 02 Feb 2023 02:02:26 GMT
expires: Tue, 31 Jan 2023 09:27:30 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1c5"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
142.250.74.67200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 14:34:21 GMT
expires: Fri, 26 Jan 2024 14:34:21 GMT
cache-control: public, max-age=31536000
age: 559685
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2
142.250.74.67200 OK 5.5 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 5544, version 1.0\012- data
Hash 0ed299a4bb5262e17e2145783b2c18f1
65af2a037a5ef8a8d383d518377ea1f9f6837631
cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5544
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 00:22:56 GMT
expires: Tue, 30 Jan 2024 00:22:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:03:48 GMT
content-type: font/woff2
age: 265170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
142.250.74.106200 OK 6.0 kB URL HTTP/2 fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
IP 142.250.74.106:0
Hash e86200c5dd0365e73643fba9b8181f6f
1136354e23d90e550e5b6711f1c484854b2ba46a
f56e43558a9b0e63d08038362bdb93b4e760403a31bc94102dbbeb5958b3845e
GET /css?family=Poppins:300,400,500,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Feb 2023 02:02:26 GMT
date: Thu, 02 Feb 2023 02:02:26 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&a=1038046681&t=pageview&_s=1&dl=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2F7%27den%25207%27ye%2520bedava%2520kampanyas%25C4%25B1n%25C4%25B1%25201%2520Nisan%27a%2520kadar%2520uzatt%25C4%25B1&ul=en-us&de=UTF-8&dt=D%C3%BC%C5%9F%C3%BCnmek%20ve%20Payla%C5%9Fmak%3A%207%27den%207%27ye%20bedava%20kampanyas%C4%B1n%C4%B1%201%20Nisan%27a%20kadar%20uzatt%C4%B1&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aEDAAUADQAAAACAAI~&jid=1070752910&gjid=314230869&cid=1819585788.1675303371&tid=UA-20442478-1&_gid=1052750995.1675303371&_r=1&_slc=1>m=2ou1u0&z=1613772848
142.250.74.78200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=1038046681&t=pageview&_s=1&dl=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2F7%27den%25207%27ye%2520bedava%2520kampanyas%25C4%25B1n%25C4%25B1%25201%2520Nisan%27a%2520kadar%2520uzatt%25C4%25B1&ul=en-us&de=UTF-8&dt=D%C3%BC%C5%9F%C3%BCnmek%20ve%20Payla%C5%9Fmak%3A%207%27den%207%27ye%20bedava%20kampanyas%C4%B1n%C4%B1%201%20Nisan%27a%20kadar%20uzatt%C4%B1&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aEDAAUADQAAAACAAI~&jid=1070752910&gjid=314230869&cid=1819585788.1675303371&tid=UA-20442478-1&_gid=1052750995.1675303371&_r=1&_slc=1>m=2ou1u0&z=1613772848
IP 142.250.74.78:0
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j99&a=1038046681&t=pageview&_s=1&dl=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2F7%27den%25207%27ye%2520bedava%2520kampanyas%25C4%25B1n%25C4%25B1%25201%2520Nisan%27a%2520kadar%2520uzatt%25C4%25B1&ul=en-us&de=UTF-8&dt=D%C3%BC%C5%9F%C3%BCnmek%20ve%20Payla%C5%9Fmak%3A%207%27den%207%27ye%20bedava%20kampanyas%C4%B1n%C4%B1%201%20Nisan%27a%20kadar%20uzatt%C4%B1&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aEDAAUADQAAAACAAI~&jid=1070752910&gjid=314230869&cid=1819585788.1675303371&tid=UA-20442478-1&_gid=1052750995.1675303371&_r=1&_slc=1>m=2ou1u0&z=1613772848 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://dusunmekvepaylasmak.blogspot.com
date: Thu, 02 Feb 2023 02:02:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
142.250.74.67200 OK 5.4 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 5384, version 1.0\012- data
Hash 96b6d54684daa94742f7bfd72a981213
72c3ac29b2fcceea390d3a51c7a892efde65e4d9
4ce2c84c474fb80b33e347ae6f356796021d6fd42e88a6352fc6e9ca0b22bd63
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5384
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:53:51 GMT
expires: Fri, 02 Feb 2024 00:53:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:11:38 GMT
content-type: font/woff2
age: 4115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
142.250.74.67200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 02:42:35 GMT
expires: Wed, 31 Jan 2024 02:42:35 GMT
cache-control: public, max-age=31536000
age: 170391
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20230131/r20190131/zrt_lookup.html
142.250.74.130200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230131/r20190131/zrt_lookup.html
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230131/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:56:08 GMT
expires: Thu, 16 Feb 2023 00:56:08 GMT
cache-control: public, max-age=1209600
age: 3978
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
142.250.74.67200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 04:05:29 GMT
expires: Tue, 30 Jan 2024 04:05:29 GMT
cache-control: public, max-age=31536000
age: 251817
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-1Wa7j8ojbqA/WIKLXo2UJNI/AAAAAAAAdTc/Kldiwcnm54o5hmJq4a_jjoCgvCeWPYmKgCLcB/w72-h72-p-k-no-nu/recep_ivedik-5-sinema-film.png
142.250.74.161200 OK 10 kB URL HTTP/2 2.bp.blogspot.com/-1Wa7j8ojbqA/WIKLXo2UJNI/AAAAAAAAdTc/Kldiwcnm54o5hmJq4a_jjoCgvCeWPYmKgCLcB/w72-h72-p-k-no-nu/recep_ivedik-5-sinema-film.png
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash a5569296b90cc489b4b765cbb398519d
1d8821014f0b070a698fea2529de58fa27384036
3b149537d649221f94ffb155073a00139763416bd1e07578f9bff44f727f5a15
GET /-1Wa7j8ojbqA/WIKLXo2UJNI/AAAAAAAAdTc/Kldiwcnm54o5hmJq4a_jjoCgvCeWPYmKgCLcB/w72-h72-p-k-no-nu/recep_ivedik-5-sinema-film.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v754d"
expires: Fri, 03 Feb 2023 02:02:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="recep_ivedik-5-sinema-film.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 02:02:26 GMT
server: fife
content-length: 10253
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.67200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:48:03 GMT
expires: Fri, 26 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 533663
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.67200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 16:40:43 GMT
expires: Fri, 26 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 552103
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737fb1a7e54ea78dd56b4ac44a2c1de8
4fc7537db04c8cedc6a98ea38cfcaa6ba5c8a3a7
596cb4e532b0f523b844981b7e60fba87eb3a904b0a40dfdc3802a02650f790e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/gtm/js?id=GTM-5WCFSJ2&t=gtag_UA_19531429_2&cid=1819585788.1675303371
142.250.74.78200 OK 46 kB URL HTTP/2 www.google-analytics.com/gtm/js?id=GTM-5WCFSJ2&t=gtag_UA_19531429_2&cid=1819585788.1675303371
IP 142.250.74.78:0
File type ASCII text, with very long lines (1759)
Hash cb609e96a71786644ffd96a7c0b50bb6
2946fbafe4e84a3e84cbcf16fd9ca886c23870c2
641f5ec0075755fa84fccbdbe83e6cfc1685fa813db50b52d1fe38a643b4641c
GET /gtm/js?id=GTM-5WCFSJ2&t=gtag_UA_19531429_2&cid=1819585788.1675303371 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 02 Feb 2023 02:02:26 GMT
expires: Thu, 02 Feb 2023 02:02:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-Ls5G9RgZdzA/WM0LvJo7B_I/AAAAAAAAfJ8/xXfclUtqoJIr6OK3B_ruBIeaHnEEc-7XgCLcB/w72-h72-p-k-no-nu/nazim_hikmet-vera_tulyakova.png
142.250.74.161200 OK 11 kB URL HTTP/2 4.bp.blogspot.com/-Ls5G9RgZdzA/WM0LvJo7B_I/AAAAAAAAfJ8/xXfclUtqoJIr6OK3B_ruBIeaHnEEc-7XgCLcB/w72-h72-p-k-no-nu/nazim_hikmet-vera_tulyakova.png
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash 3b49a6afca3735f090084324106efa21
3839b6397c4793aaec4bc989639320b8dc27ecb3
54cb45c40e1969423207a718f1188344e83bf340deff857d3b695ab39481fc6d
GET /-Ls5G9RgZdzA/WM0LvJo7B_I/AAAAAAAAfJ8/xXfclUtqoJIr6OK3B_ruBIeaHnEEc-7XgCLcB/w72-h72-p-k-no-nu/nazim_hikmet-vera_tulyakova.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7ca0"
expires: Fri, 03 Feb 2023 02:02:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="nazim_hikmet-vera_tulyakova.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 02:02:26 GMT
server: fife
content-length: 11443
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash e7828189bd156ca360d2a167ddae6cc6
2ed4c2fc359948c7c3ee65bb54d3b2bff7eb2386
826f5df8635a0a6ee468a30fe465ebaea7fb7f1130a85258aefca4fdd4ed5e09
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:02:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 06 Feb 2023 01:19:53 GMT
ETag: "2ed4c2fc359948c7c3ee65bb54d3b2bff7eb2386"
Last-Modified: Thu, 02 Feb 2023 01:19:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792f583bbb83b503-OSL
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-20442478-1&cid=1819585788.1675303371&jid=1070752910&gjid=314230869&_gid=1052750995.1675303371&_u=aEDAAUACQAAAACAAI~&z=204666063
64.233.162.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-20442478-1&cid=1819585788.1675303371&jid=1070752910&gjid=314230869&_gid=1052750995.1675303371&_u=aEDAAUACQAAAACAAI~&z=204666063
IP 64.233.162.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-20442478-1&cid=1819585788.1675303371&jid=1070752910&gjid=314230869&_gid=1052750995.1675303371&_u=aEDAAUACQAAAACAAI~&z=204666063 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://dusunmekvepaylasmak.blogspot.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 02 Feb 2023 02:02:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
widget.boomads.com/scripts/widget.js
83.66.162.128200 OK 1.1 kB URL HTTP/1.1 widget.boomads.com/scripts/widget.js
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type Unicode text, UTF-8 (with BOM) text, with very long lines (445), with CRLF line terminators
Hash ed2b316a78c01ecfd467a238bdb5a894
9820a06beef95ab789d3211359dfbe34d11c339e
0626a69c458560c8f8fadb5c81f56d9009e89951aa89f4fff3d4ef445d1b94e7
GET /scripts/widget.js HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Age: 3
Date: Thu, 02 Feb 2023 02:02:24 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: "08e5d619991d11:0"
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2016 13:20:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 1149
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f44095f8ebc7d211f4ee24d88a703128
97263cb2c5d0237c08bee075fb75c8bddefddf2c
1183ec38cb48e7986d42d545c968616fe9f996f73849f1da6c111eb4ccfbb529
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 02:02:26 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash e7828189bd156ca360d2a167ddae6cc6
2ed4c2fc359948c7c3ee65bb54d3b2bff7eb2386
826f5df8635a0a6ee468a30fe465ebaea7fb7f1130a85258aefca4fdd4ed5e09
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:02:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 06 Feb 2023 01:19:53 GMT
ETag: "2ed4c2fc359948c7c3ee65bb54d3b2bff7eb2386"
Last-Modified: Thu, 02 Feb 2023 01:19:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792f583c6b7cb515-OSL
adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 02:02:27 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AHs97-mmyprruzNRx0oxl8lBXaNyTKM3IA0Z7xyMBJH40oepMrv_4SYJMa-iKUy-g8_z_OgnVFM3XLO9_N74X86XvJg6bBq-W9Up6wyAjYggCWcK2FRaQbUYOtk=s0-d
142.250.74.97404 Not Found 1.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-mmyprruzNRx0oxl8lBXaNyTKM3IA0Z7xyMBJH40oepMrv_4SYJMa-iKUy-g8_z_OgnVFM3XLO9_N74X86XvJg6bBq-W9Up6wyAjYggCWcK2FRaQbUYOtk=s0-d
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash ce69f32fbab496137df2e5b83fa9d358
190e91f30f7dd727d1005b7cff82db3ace0d2b17
754bb6efbb170d818442ea03e9bdcab68a31e2069288734b9f395041119725a9
GET /blogger_img_proxy/AHs97-mmyprruzNRx0oxl8lBXaNyTKM3IA0Z7xyMBJH40oepMrv_4SYJMa-iKUy-g8_z_OgnVFM3XLO9_N74X86XvJg6bBq-W9Up6wyAjYggCWcK2FRaQbUYOtk=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 02:02:27 GMT
server: fife
content-length: 1707
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=dusunmekvepaylasmak.blogspot.com&callback=_gfp_s_&client=ca-pub-7309845525285029
216.58.207.226200 OK 251 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=dusunmekvepaylasmak.blogspot.com&callback=_gfp_s_&client=ca-pub-7309845525285029
IP 216.58.207.226:0
File type ASCII text, with very long lines (391), with no line terminators
Hash ba0f0f035566ab9b5b06af83579ce17a
91023c97ae6c134e975bb5279e091515492b99c4
588b8d6cecac75462f9f88ed4a004a0734c8b0b960325f4706ee73b24f412cf5
GET /gampad/cookie.js?domain=dusunmekvepaylasmak.blogspot.com&callback=_gfp_s_&client=ca-pub-7309845525285029 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 02:02:27 GMT
server: cafe
cache-control: private
content-length: 251
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget.boomads.com/images/bumerangWidget/bumerang-yazarkafe-yazarlari-12580-square.gif
83.66.162.128200 OK 6.8 kB URL HTTP/1.1 widget.boomads.com/images/bumerangWidget/bumerang-yazarkafe-yazarlari-12580-square.gif
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type GIF image data, version 89a, 125 x 80\012- data
Hash a0b54b194c22d6cf6dde8262b4e6caa8
7db7699e7e4cb090ed556f78d8692b59eca416d8
a28da5026d7c857976a413a63f4d5df448c8461f4531194e71668ebdbe7bbcc9
GET /images/bumerangWidget/bumerang-yazarkafe-yazarlari-12580-square.gif HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Age: 3
Date: Thu, 02 Feb 2023 02:02:25 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: "6e4be609991d11:0"
Content-Type: image/gif
Last-Modified: Fri, 08 Apr 2016 13:20:09 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 6812
widget.boomads.com/widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d
83.66.162.128200 OK 318 B URL HTTP/1.1 widget.boomads.com/widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 60965bc98dda023d6dbb0de7b7c676bb
59819b0d77a4206626389d78b1862223b150ccdd
2fd9761476a794c7d53342d8845843e3c9cbe393fbc26682e11059fe79a5ef95
GET /widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNetMvc-Version: 4.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=4mjgrz3fj4esgfx4grenplqf; path=/; HttpOnly; SameSite=Lax
BMDSD365TP50BFACTSV=26593=1; expires=Fri, 03-Feb-2023 03:02:25 GMT; path=/
X-Powered-By: ASP.NET
XSrv: BOOM01
Date: Thu, 02 Feb 2023 02:02:25 GMT
Content-Length: 318
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f44095f8ebc7d211f4ee24d88a703128
97263cb2c5d0237c08bee075fb75c8bddefddf2c
1183ec38cb48e7986d42d545c968616fe9f996f73849f1da6c111eb4ccfbb529
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d5aa8840f812da83fc823da528a74c1a
9e7bad3462506164bd4bdb87a761352ef8131ba9
abaa07021a967e89f7786ac14efa3ce48f24e4c032376a36421cca12f5ecaeeb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&go=true
216.58.211.13302 Found 463 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&go=true
IP 216.58.211.13:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (512)
Hash 1c6227c8921c242f3182a167a50510d0
92a14423ce3b47acd82422037f06fd58a6c2d4fb
7e764a2048862615491003be7b4c2507b877efdad3768db248057d4bb23b983a
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dusunmekvepaylasmak.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 02 Feb 2023 02:02:27 GMT
location: https://www.blogger.com/followers.g?blogID=5726965044016880204&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-WLi8zBMryIyZJQrK38leuA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 463
server: GSE
set-cookie: __Host-GAPS=1:7mQY6UWwOtJ3NEceY63c4jaQnCk4Sg:AmUWAss9A2ljZ0ed;Path=/;Expires=Sat, 01-Feb-2025 02:02:27 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
z.moatads.com/addthismoatframe568911941483/moatframe.js
23.38.201.146200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 23.38.201.146:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=34796
date: Thu, 02 Feb 2023 02:02:27 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a456cd9684a2ff020b854f178c06b509
b5a9e34f112cbe6d41b695ce7234cfe83de1356e
75b3ff1ea527598880cd41f65ebc03440b0ed019d53f8de1b4588de04bc4919e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rollercoin.com/static/img/public_img/gen2/w160h600.gif
172.67.72.239301 Moved Permanently 581 B URL HTTP/2 rollercoin.com/static/img/public_img/gen2/w160h600.gif
IP 172.67.72.239:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Hash fd28d78c2293b960dcbb9e1e0e585076
62227a47310daa14d67b46166527b34471113515
2e207aa17faccb1d20da6c8be462aad8b7131f1fe022d8380d166dd58e27e868
GET /static/img/public_img/gen2/w160h600.gif HTTP/1.1
Host: rollercoin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Thu, 02 Feb 2023 02:02:26 GMT
content-type: text/html
location: https://static.rollercoin.com/static/img/ref/gen2/w160h600.gif
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQ0x88vMv0aJQIinaL6HAujZF24JVEWXAxrB2xduL%2FiwGX80mQzfrZkEn4Ryft4xcT3YbmVHW1%2Be6Q%2FuUNr%2Be9PpZBnlpt5axK5Rbmr6r%2FMBL%2B9snegBuiNMTxPaNzTa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792f583a4d770b55-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a456cd9684a2ff020b854f178c06b509
b5a9e34f112cbe6d41b695ce7234cfe83de1356e
75b3ff1ea527598880cd41f65ebc03440b0ed019d53f8de1b4588de04bc4919e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget.boomads.com//content/common?v=WoxxTNod9_hJwcHx2Ncm4DkZ1z_Prr2Qzr2t3AtnP-01
83.66.162.128200 OK 4.5 kB URL HTTP/1.1 widget.boomads.com//content/common?v=WoxxTNod9_hJwcHx2Ncm4DkZ1z_Prr2Qzr2t3AtnP-01
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type ASCII text, with very long lines (19781), with no line terminators
Hash 9addf68a5cc9633f32c20bfe9df6eaaa
b2bcfadf03938190ba76702f6d33c99f5491cf7b
7454bc429d787dd6a335f7d1fb73a058f3ad426761bf19d089fceadd9b048165
GET //content/common?v=WoxxTNod9_hJwcHx2Ncm4DkZ1z_Prr2Qzr2t3AtnP-01 HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.boomads.com/widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1565995
Date: Sat, 14 Jan 2023 23:02:31 GMT
Expires: Sun, 14 Jan 2024 22:04:59 GMT
Cache-Control: public
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
Content-Type: text/css; charset=utf-8
Content-Encoding: gzip
Last-Modified: Sat, 14 Jan 2023 22:04:59 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 4517
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.211.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.211.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 02 Feb 2023 02:02:28 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.211.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 924d2adad5f4420a3d333c6163bf5401
0e82079168ea92ba55ab82bf3ac732f27de23257
7240c15dc71d91de1acdd5fee41a47174248139134e5b95b0cf0fee7c41514eb
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 02 Feb 2023 02:02:28 GMT
server: ESF
cache-control: private
content-length: 30802
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash df4a6d84addba49571d9f6ae44c61a3f
28c8093de27e27645cf6dfd5ae93a62fc77b9be5
cb6623b08b6245ea11bb871729613e453046d427d738a8c6431c5da8347e6e05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/J0Wtb-3apQjiEgHhOVup9kp7pTLa1a3i127gprViyoA.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/J0Wtb-3apQjiEgHhOVup9kp7pTLa1a3i127gprViyoA.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36008)
Hash 8a1e64e80c9189aaa07733ae98ea030b
de788d5e003c05a2b43c8f16557e6a4f27eb00ff
cdfd098bd8fb947a53ebeaf0e8e0bdd0d6a31eb6a7c0e1403331403cc48a5a1e
GET /js/th/J0Wtb-3apQjiEgHhOVup9kp7pTLa1a3i127gprViyoA.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14261
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 10:05:58 GMT
expires: Fri, 26 Jan 2024 10:05:58 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
content-type: text/javascript
age: 575790
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
142.250.74.67200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 11936, version 1.0\012- data
Hash 15d8ede0a816bc7a9838207747c6620c
f6e2e75f1277c66e282553ae6a22661e51f472b8
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11936
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 14:05:20 GMT
expires: Mon, 29 Jan 2024 14:05:20 GMT
cache-control: public, max-age=31536000
age: 302228
last-modified: Mon, 16 Oct 2017 17:33:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
yt3.ggpht.com/vSurgNpZHlWX8uHinTXoYeqnuPJAxY3aYRcwpVzu9IL79wOm5vEW_mnWID6C9DozW2CC0f0aaQ=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 4.6 kB URL HTTP/2 yt3.ggpht.com/vSurgNpZHlWX8uHinTXoYeqnuPJAxY3aYRcwpVzu9IL79wOm5vEW_mnWID6C9DozW2CC0f0aaQ=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 7f0d8c8d9cbb88ed7c0dc10ee1a2b0ae
830e3dfe396cc6bc3a448d0ed13e4f1d25fdef58
0f8e403418f768e45267ca0edb3223d1a3c5e1dec070040b6399c0a89773cbf4
GET /vSurgNpZHlWX8uHinTXoYeqnuPJAxY3aYRcwpVzu9IL79wOm5vEW_mnWID6C9DozW2CC0f0aaQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4552
x-xss-protection: 0
date: Thu, 02 Feb 2023 02:02:28 GMT
expires: Thu, 26 Jan 2023 10:57:51 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash df74d0c5bbc711a484e4508808c3357a
304f6b29d37c4f6ae20a4031ec6b3a879f9928c8
14200bd4d7eff065de2b62f1770c31edb357a95390c619867f00660a88e92ae8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/mOjEYeiPxNc/sddefault.webp
216.58.207.214200 OK 43 kB URL HTTP/2 i.ytimg.com/vi_webp/mOjEYeiPxNc/sddefault.webp
IP 216.58.207.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 54d632dcf2c7931571e806f7815bd341
f5d1afc80ec9d6ebf36d48c916a3d5d15a740536
fc5aeb473a35527660b29b9cddf6ebefe4c57ae1c982a04dedfc1619f1135bef
GET /vi_webp/mOjEYeiPxNc/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 43014
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 02:02:28 GMT
expires: Thu, 02 Feb 2023 04:02:28 GMT
cache-control: public, max-age=7200
etag: "1668598177"
content-type: image/webp
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash df74d0c5bbc711a484e4508808c3357a
304f6b29d37c4f6ae20a4031ec6b3a879f9928c8
14200bd4d7eff065de2b62f1770c31edb357a95390c619867f00660a88e92ae8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 02:02:28 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 02:02:28 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-20442478-1&cid=1819585788.1675303371&jid=1070752910&_u=aEDAAUACQAAAACAAI~&z=1734613980
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-20442478-1&cid=1819585788.1675303371&jid=1070752910&_u=aEDAAUACQAAAACAAI~&z=1734613980
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-20442478-1&cid=1819585788.1675303371&jid=1070752910&_u=aEDAAUACQAAAACAAI~&z=1734613980 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 02:02:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 02:02:29 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.211.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.211.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 02 Feb 2023 02:02:29 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.211.10200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1df9e94e1ec605f65eb0224a5b02aabb
d19289012fac058990eeed154b3ce1a9936389f6
ef7e13d9d52477ba5f5dde500d523fab8e8fb3f96f7cecab3cc5a2af755811e1
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 964
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 02 Feb 2023 02:02:29 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bae868356becb6470806e213f97e8aa6
1a3c7ffdce0f4e9c1f59aa0cd7715f22bade5117
c9930f2471f9a8a87fddfe3989391d65e1c41b3457a3f0fbf2e2357566f81a1b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6036
Cache-Control: max-age=147760
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:30 GMT
Etag: "63daa052-1d7"
Expires: Fri, 03 Feb 2023 19:05:10 GMT
Last-Modified: Wed, 01 Feb 2023 17:24:34 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js
157.240.205.11200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (1957)
Hash b79955c4655151957a2e6e1aee9e11f3
4b55b2180e786f18b41eae0c717ad9afe5e914ed
f294a4ba3b2018230e053550edf5692649e72204508da2a3d761d67d9670ff9d
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 711c049f3c4b5fceabb2748a55fe589a
etag: "84d0b05aa8f4f1451cd1a4e15e9b220d"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 02 Feb 2023 02:20:11 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: t5lVxGVRUZV6Lm4a7p4R8w==
x-fb-debug: dXiiwbQoFOhZqAcIxwYw3VsB0wxPGqZbZDCcScxVJnS87pMBC/pwRMPjNwCZuCEkwsHINwEIcdAsvT+BxY7Fbw==
content-length: 1686
x-fb-trip-id: 1679558926
date: Thu, 02 Feb 2023 02:02:30 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bae868356becb6470806e213f97e8aa6
1a3c7ffdce0f4e9c1f59aa0cd7715f22bade5117
c9930f2471f9a8a87fddfe3989391d65e1c41b3457a3f0fbf2e2357566f81a1b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6036
Cache-Control: max-age=147760
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:30 GMT
Etag: "63daa052-1d7"
Expires: Fri, 03 Feb 2023 19:05:10 GMT
Last-Modified: Wed, 01 Feb 2023 17:24:34 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Thu, 02 Feb 2023 02:02:30 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b204f3abe06417a75a9703b1ed69bb37
f636ae39c412c40c3737e9c3c99a5e2e30a7e861
209edba54e970905fc4efd62b8736ef3f5d5021ccb82ea63e7ebfe0baf3e1896
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20230131/r20110914/client/window_focus_fy2021.js
216.58.207.193200 OK 1.2 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230131/r20110914/client/window_focus_fy2021.js
IP 216.58.207.193:0
File type ASCII text, with very long lines (1054)
Hash 169edf919beed1ee17c8a752ef12132e
b7fbae15ed7789984ee59618845b914aae37bf3e
2bcf9aebfd80a2558d54f39de59542c3df52610616fb2e4380d9f3d976cc13fc
GET /pagead/js/r20230131/r20110914/client/window_focus_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1236
x-xss-protection: 0
date: Wed, 01 Feb 2023 22:16:01 GMT
expires: Wed, 15 Feb 2023 22:16:01 GMT
cache-control: public, max-age=1209600
age: 13589
etag: 15004572836499977866
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230131/r20110914/client/qs_click_protection_fy2021.js
216.58.207.193200 OK 7.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230131/r20110914/client/qs_click_protection_fy2021.js
IP 216.58.207.193:0
File type ASCII text, with very long lines (1605)
Hash aeaebc4fec11dcafa566897f3b2aa937
7b4507c8793c1ce833dccaeb7dbc956c1fd06668
c23b4a16d9468c0018f502492594408fc809fc0fe003aed2f1145ba3dca87bae
GET /pagead/js/r20230131/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7647
x-xss-protection: 0
date: Wed, 01 Feb 2023 22:18:58 GMT
expires: Wed, 15 Feb 2023 22:18:58 GMT
cache-control: public, max-age=1209600
age: 13412
etag: 2161395064574532456
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230131/r20110914/client/load_preloaded_resource_fy2021.js
216.58.207.193200 OK 738 B URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230131/r20110914/client/load_preloaded_resource_fy2021.js
IP 216.58.207.193:0
File type ASCII text, with very long lines (689)
Hash 967ef6a57e8b77199566733e307ed863
2a53e944b3e713cc785dcd64c8a1c114082c7caf
a16bd3409e52b93408e8ca34af1f6c0bf03ad36d44979db141c777ba0f1199e1
GET /pagead/js/r20230131/r20110914/client/load_preloaded_resource_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 738
x-xss-protection: 0
date: Wed, 01 Feb 2023 22:18:58 GMT
expires: Wed, 15 Feb 2023 22:18:58 GMT
cache-control: public, max-age=1209600
age: 13412
etag: 1394486882873449110
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/mysidia/8229fa5a5c3ebd24f3e2eb95db7eba72.js?tag=client_fast_engine_2019
142.250.74.35200 OK 4.2 kB URL HTTP/2 www.gstatic.com/mysidia/8229fa5a5c3ebd24f3e2eb95db7eba72.js?tag=client_fast_engine_2019
IP 142.250.74.35:0
File type ASCII text, with very long lines (2595)
Hash 22b1107093ffdaf82c67748570c23847
23dfc8f212390c65e14e5429f57808ba23519546
cbbc030a379d4135d1a593fe405ab78879df73eef55d3cb03774cc3b3c27ac82
GET /mysidia/8229fa5a5c3ebd24f3e2eb95db7eba72.js?tag=client_fast_engine_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 4209
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 01:07:23 GMT
expires: Wed, 03 May 2023 01:07:23 GMT
cache-control: public, max-age=7776000
last-modified: Wed, 01 Feb 2023 06:12:50 GMT
content-type: text/javascript
age: 3307
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash fd33fb271c10d9a3fe8b114eafaf704e
4eda1f76d4c345b9b5393de39bfdce2c4c76b9fc
2d6345b53f060111aba2d40820d88e3fc7ab9bd76d5298c05fec582381fc4fec
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3320
Cache-Control: max-age=107963
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:30 GMT
Etag: "63da0f79-139"
Expires: Fri, 03 Feb 2023 08:01:53 GMT
Last-Modified: Wed, 01 Feb 2023 07:06:33 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 313
tpc.googlesyndication.com/pagead/js/r20230131/r20110914/abg_lite_fy2021.js
216.58.207.193200 OK 9.0 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230131/r20110914/abg_lite_fy2021.js
IP 216.58.207.193:0
File type ASCII text, with very long lines (1672)
Hash 9aa683d616d8b2d10fe0100d761df816
60f84308b40072edcc24b6fd54c68247786001aa
2e8549a4bc0e1f4a4eda2637f239105e780b2ae2879c9a241b1ffe7130386e0a
GET /pagead/js/r20230131/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 8993
x-xss-protection: 0
date: Wed, 01 Feb 2023 22:18:58 GMT
expires: Wed, 15 Feb 2023 22:18:58 GMT
cache-control: public, max-age=1209600
age: 13412
etag: 12355142264901698679
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/mysidia/bfed04b48628648932a16634cb3b86cf.js?tag=exit_2019
142.250.74.35200 OK 9.7 kB URL HTTP/2 www.gstatic.com/mysidia/bfed04b48628648932a16634cb3b86cf.js?tag=exit_2019
IP 142.250.74.35:0
File type ASCII text, with very long lines (1691)
Hash 4b52e648ba8e65b8cb54bbd0355387e8
2bbd8116b08f23fe677a79f690f7f77deb3d9b52
9c2bf94b5e1123cd196110ef1acd0457c19438a8c4ec38ae3c6aeb4e22b2d5a4
GET /mysidia/bfed04b48628648932a16634cb3b86cf.js?tag=exit_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 9676
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 05:47:41 GMT
expires: Mon, 01 May 2023 05:47:41 GMT
cache-control: public, max-age=7776000
last-modified: Fri, 27 Jan 2023 00:31:18 GMT
content-type: text/javascript
age: 159289
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash fd33fb271c10d9a3fe8b114eafaf704e
4eda1f76d4c345b9b5393de39bfdce2c4c76b9fc
2d6345b53f060111aba2d40820d88e3fc7ab9bd76d5298c05fec582381fc4fec
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3320
Cache-Control: max-age=107963
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:30 GMT
Etag: "63da0f79-139"
Expires: Fri, 03 Feb 2023 08:01:53 GMT
Last-Modified: Wed, 01 Feb 2023 07:06:33 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 313
v1.addthisedge.com/live/boost/ra-58e226eb29c11f6c/_ate.track.config_resp
23.38.200.123200 OK 1.3 kB URL HTTP/2 v1.addthisedge.com/live/boost/ra-58e226eb29c11f6c/_ate.track.config_resp
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (3821), with no line terminators
Hash 4adc016f0378d43b1e4d8a48395311fb
de42f6825c8d2ef4989b84479d9731baa195bbaa
70f1c455a93fbc3c54102023dd47c6bcc3ff290302ac6e517cd87b74e4efc205
GET /live/boost/ra-58e226eb29c11f6c/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 1250
etag: 727245640--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=55, s-maxage=86400
date: Thu, 02 Feb 2023 02:02:30 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
s7.addthis.com/static/custom-messages.5799ddf75a30812a3d49.js
23.38.200.123200 OK 29 kB URL HTTP/2 s7.addthis.com/static/custom-messages.5799ddf75a30812a3d49.js
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (60526)
Hash f4a430f112d94f56cbeddcde217f69b6
01c1580d462c4977c7194746540f813e6b5675ce
f8999cbfee6629cf5f2f77d325a508f30a1adc6f1ab7506c462bf467930f36da
GET /static/custom-messages.5799ddf75a30812a3d49.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-1c9fc"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 28570
date: Thu, 02 Feb 2023 02:02:30 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
23.38.200.123200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 9a77dff666eebb6cf4bbc4c67c7b563b
9e98d7824a7b4e34665c2690d6f52caddad1fe4b
6cdf8e597f3cbe759531153fd926d51aeaebd836a1c9bc1436e079645bfd3ad7
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77672
date: Thu, 02 Feb 2023 02:02:30 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
m.addthis.com/live/red_lojson/300lo.json?si=63db19cba9482912&bkl=0&bl=1&pdt=2893&sid=63db19cba9482912&pub=ra-58e226eb29c11f6c&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=dusunmekvepaylasmak.blogspot.com&fp=search%2Flabel%2F7%2527den%25207%2527ye%2520bedava%2520kampanyas%25C4%25B1n%25C4%25B1%25201%2520Nisan%2527a%2520kadar%2520uzatt%25C4%25B1&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=D%C3%BC%C5%9F%C3%BCnmek%2CHaber%2Cmagazin%2Csosyal%20medya%2Cpayla%C5%9F%C4%B1m%2Cdo%C4%9Fru%20bilgi%2Ckarikat%C3%BCr%2Cg%C3%BCndem%2Ck%C3%BClt%C3%BCr%20sanat%2Csinema%2Ctelevizyon%2Ctiyatro&colc=1675303374261&jsl=1&uvs=63db19cb88fc60ed000&skipb=1&callback=addthis.cbs.jsonp__85201340718995560
23.38.200.123200 OK 89 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=63db19cba9482912&bkl=0&bl=1&pdt=2893&sid=63db19cba9482912&pub=ra-58e226eb29c11f6c&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=dusunmekvepaylasmak.blogspot.com&fp=search%2Flabel%2F7%2527den%25207%2527ye%2520bedava%2520kampanyas%25C4%25B1n%25C4%25B1%25201%2520Nisan%2527a%2520kadar%2520uzatt%25C4%25B1&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=D%C3%BC%C5%9F%C3%BCnmek%2CHaber%2Cmagazin%2Csosyal%20medya%2Cpayla%C5%9F%C4%B1m%2Cdo%C4%9Fru%20bilgi%2Ckarikat%C3%BCr%2Cg%C3%BCndem%2Ck%C3%BClt%C3%BCr%20sanat%2Csinema%2Ctelevizyon%2Ctiyatro&colc=1675303374261&jsl=1&uvs=63db19cb88fc60ed000&skipb=1&callback=addthis.cbs.jsonp__85201340718995560
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 64c6025f39d93953dc5c00a7bf17c95a
2a8dc26d9055463bd9113ea08a39465dae65e546
271e218232802877626f9acaefd1330e04fab319150c635bc1d9966ab9510de7
GET /live/red_lojson/300lo.json?si=63db19cba9482912&bkl=0&bl=1&pdt=2893&sid=63db19cba9482912&pub=ra-58e226eb29c11f6c&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=dusunmekvepaylasmak.blogspot.com&fp=search%2Flabel%2F7%2527den%25207%2527ye%2520bedava%2520kampanyas%25C4%25B1n%25C4%25B1%25201%2520Nisan%2527a%2520kadar%2520uzatt%25C4%25B1&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=D%C3%BC%C5%9F%C3%BCnmek%2CHaber%2Cmagazin%2Csosyal%20medya%2Cpayla%C5%9F%C4%B1m%2Cdo%C4%9Fru%20bilgi%2Ckarikat%C3%BCr%2Cg%C3%BCndem%2Ck%C3%BClt%C3%BCr%20sanat%2Csinema%2Ctelevizyon%2Ctiyatro&colc=1675303374261&jsl=1&uvs=63db19cb88fc60ed000&skipb=1&callback=addthis.cbs.jsonp__85201340718995560 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Thu, 02 Feb 2023 02:02:30 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 34057df66622b763fac26c84b1e33814
096d78a127fbb9dbae567b216c18acb32fdc1721
91bcc8cff97b409a7e83150dbf206d85af01f08f1c8b47372ee2c62a162c7bfb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2493
Cache-Control: max-age=148892
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:31 GMT
Etag: "63dab296-13a"
Expires: Fri, 03 Feb 2023 19:24:03 GMT
Last-Modified: Wed, 01 Feb 2023 18:42:30 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 39f6ca1b7865aaacade6af8dfb840bb9
d85b74a1c96889491927bca16fe4fb1bc05d066a
8362bae667f163b53b51cfdc6cf0a5269a13dd46a8e93b79409d7eb9adbf5dc7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2311
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:31 GMT
Last-Modified: Thu, 02 Feb 2023 01:24:00 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 75f7afd37af1d98d4e2a1369501aa3c3
5f25e040eeda9c29b4ce2666f05d889bd54f07f0
b3c3f088310e8db7b598efb702a7335d5d110d8b0cb5d5a8dc165457a297393a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5229
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:31 GMT
Last-Modified: Thu, 02 Feb 2023 00:35:22 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 313
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kMCRE7OzWdgFtgGdg2ICAgAAAPD5bjfNWhCBELMZ22NITZJjp5Ir8TjkUwASAAAKDkFRVUJBZ1lCQWdFQkFn&wp=Y9sZtAAJr9EKexRNAA4FlGCgUkZo3mENtIwiAg
178.250.2.129200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kMCRE7OzWdgFtgGdg2ICAgAAAPD5bjfNWhCBELMZ22NITZJjp5Ir8TjkUwASAAAKDkFRVUJBZ1lCQWdFQkFn&wp=Y9sZtAAJr9EKexRNAA4FlGCgUkZo3mENtIwiAg
IP 178.250.2.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kMCRE7OzWdgFtgGdg2ICAgAAAPD5bjfNWhCBELMZ22NITZJjp5Ir8TjkUwASAAAKDkFRVUJBZ1lCQWdFQkFn&wp=Y9sZtAAJr9EKexRNAA4FlGCgUkZo3mENtIwiAg HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 224935
date: Thu, 02 Feb 2023 02:02:30 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kKnZE7OzWe0HfJ2DYgICAAAA0-wy0uAhG5EQsxnbY-u06YyNotNp73fiABIAAAoOQVFVQkFnWUJBZ0VCQWc&wp=Y9sZswALFW4DogQQAAzeIuTKyhqiNI7gq9ib1Q
178.250.2.129200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kKnZE7OzWe0HfJ2DYgICAAAA0-wy0uAhG5EQsxnbY-u06YyNotNp73fiABIAAAoOQVFVQkFnWUJBZ0VCQWc&wp=Y9sZswALFW4DogQQAAzeIuTKyhqiNI7gq9ib1Q
IP 178.250.2.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kKnZE7OzWe0HfJ2DYgICAAAA0-wy0uAhG5EQsxnbY-u06YyNotNp73fiABIAAAoOQVFVQkFnWUJBZ0VCQWc&wp=Y9sZswALFW4DogQQAAzeIuTKyhqiNI7gq9ib1Q HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server-processing-duration-in-ticks: 252339
date: Thu, 02 Feb 2023 02:02:30 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 75f7afd37af1d98d4e2a1369501aa3c3
5f25e040eeda9c29b4ce2666f05d889bd54f07f0
b3c3f088310e8db7b598efb702a7335d5d110d8b0cb5d5a8dc165457a297393a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5229
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:31 GMT
Last-Modified: Thu, 02 Feb 2023 00:35:22 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 313
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kM71FLOzWawC2ASdg2ICAgAAALQtmre-JuykELQZ22OU4bPClN3jaU5EXQASAAAKDkFRVUJBZ1lCQWdFQkFn&wp=Y9sZtAAKalUKGFMFAAkkvK710QHj-U-pUb_AjA
178.250.2.129200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kM71FLOzWawC2ASdg2ICAgAAALQtmre-JuykELQZ22OU4bPClN3jaU5EXQASAAAKDkFRVUJBZ1lCQWdFQkFn&wp=Y9sZtAAKalUKGFMFAAkkvK710QHj-U-pUb_AjA
IP 178.250.2.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kM71FLOzWawC2ASdg2ICAgAAALQtmre-JuykELQZ22OU4bPClN3jaU5EXQASAAAKDkFRVUJBZ1lCQWdFQkFn&wp=Y9sZtAAKalUKGFMFAAkkvK710QHj-U-pUb_AjA HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 138780
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F3%2F6353-0_1.jpg%3Fcb%3D9e62ef41a9fe4d67fe9ab2bd7379f0b4&ups=1&v=3&w=800&s=5m7MzmzE_koV3y6azdKg7b5c
178.250.2.135200 OK 20 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F3%2F6353-0_1.jpg%3Fcb%3D9e62ef41a9fe4d67fe9ab2bd7379f0b4&ups=1&v=3&w=800&s=5m7MzmzE_koV3y6azdKg7b5c
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7aa8efe298b4e8bc0f4f0d4be8809b01
28a960bffff9001e026d53ac4312c0b16676abb4
cea7bd898072dc4e981e943673b74addd48214d66caf2696e91dae235923fd6f
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F3%2F6353-0_1.jpg%3Fcb%3D9e62ef41a9fe4d67fe9ab2bd7379f0b4&ups=1&v=3&w=800&s=5m7MzmzE_koV3y6azdKg7b5c HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30438618
expires: Sat, 20 Jan 2024 09:12:49 GMT
date: Thu, 02 Feb 2023 02:02:30 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 19784
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kKnZE7WzWQAAnYNiAgIAAAC_oV1-pfcQ9BC0Gdtj2F3W6UuqvHRpaRAAEgMBCg5BUVVEQlFZQkJRRUJCUQ&wp=Y9sZtAAJ_ZsDogQdAAbvu6RthksV_ieErPsB-g
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kKnZE7WzWQAAnYNiAgIAAAC_oV1-pfcQ9BC0Gdtj2F3W6UuqvHRpaRAAEgMBCg5BUVVEQlFZQkJRRUJCUQ&wp=Y9sZtAAJ_ZsDogQdAAbvu6RthksV_ieErPsB-g
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kKnZE7WzWQAAnYNiAgIAAAC_oV1-pfcQ9BC0Gdtj2F3W6UuqvHRpaRAAEgMBCg5BUVVEQlFZQkJRRUJCUQ&wp=Y9sZtAAJ_ZsDogQdAAbvu6RthksV_ieErPsB-g HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 301922
date: Thu, 02 Feb 2023 02:02:30 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash f8d8478f6fd65ccb723aafc9fa19ac4b
de1c2b7881907cc7c06c816b365da09df429ba7a
e4f4422c14320af3bf6e865e98d42ab5e8f5ef06a41c10f42670ae2d533e534a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3011
Cache-Control: max-age=148381
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:31 GMT
Etag: "63daae91-139"
Expires: Fri, 03 Feb 2023 19:15:32 GMT
Last-Modified: Wed, 01 Feb 2023 18:25:21 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash f8d8478f6fd65ccb723aafc9fa19ac4b
de1c2b7881907cc7c06c816b365da09df429ba7a
e4f4422c14320af3bf6e865e98d42ab5e8f5ef06a41c10f42670ae2d533e534a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3011
Cache-Control: max-age=148381
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:31 GMT
Etag: "63daae91-139"
Expires: Fri, 03 Feb 2023 19:15:32 GMT
Last-Modified: Wed, 01 Feb 2023 18:25:21 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 313
static.criteo.net/flash/icon/close_button.svg
178.250.0.130200 OK 308 B URL HTTP/2 static.criteo.net/flash/icon/close_button.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 1bfe2e290ec4440da74a2e2c249eae2b
0b888a3f9e27d1554f2e21d51e7a1c223d00dbd4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
GET /flash/icon/close_button.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:02:31 GMT
content-type: image/svg+xml
content-length: 308
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
etag: "5e46a5e4-134"
expires: Sun, 28 Jan 2024 02:02:31 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/back_button2.svg
178.250.0.130200 OK 293 B URL HTTP/2 static.criteo.net/flash/icon/back_button2.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash d9f776bdc698e1bc9c6a1977218019cd
5763cfb5ac79adf0fa7f03a82bad04eea2dca243
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
GET /flash/icon/back_button2.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:02:31 GMT
content-type: image/svg+xml
content-length: 293
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
etag: "626a59dc-125"
expires: Sun, 28 Jan 2024 02:02:31 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=l8vsz3UM3anrQMYSIdxrlFUAlpnzgcnItE654LV55_aTLpQRwLKljXZPzTyc8MKtSQkIiYhh2LULJTGf2ee-xN4L7toPfqG4CXiIoQGCM_ZZqlPTWijLKeR7zRIi7qo7aceJlmzlUakKMF-vnk6qPgn5Al2SIWhoCLkvwYCm3XtUIeJ-VFSG4fR6WLZfD4VAxGp9gXjpshlZj3ZDlS9v-Vs5UFyE-p71x58iitDYsRSzJ9ztJnrGcAoCr-bVvwGGXL2MBdGSeg-5EoaZhyn1L7k9vgHeQX2p-MDLjLanEQjDlZ_qCAdwSd2dlw44yKrD_JximyUeZ-wlZwOvSG73pJv0PMNg_ANgAf9DRMX1iA52Sg4XneaExRhOZ5VrmyuSzk_HnIhhqwONLWbW96DZF0D7xltoWM3azROmz7rATXIsm_Fs4Y-eA8pssUJvGyukM9qY-EnMYYuLqJHPxWEnCNsF0dluwc9epBPvI9BhADU4MK2Wvmo3zj7fmNzG8Oag2a1lLhPewABM1LHF4DB4ZVlOAaJ8jGLc3YVgGlyAVyOjWg-6mHkic2mlWtg6h1mu0ryxXg&z=Y9sZtAAJ_ZsDogQdAAbvu6RthksV_ieErPsB-g
178.250.0.160200 OK 30 kB URL HTTP/2 cat.fr.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=l8vsz3UM3anrQMYSIdxrlFUAlpnzgcnItE654LV55_aTLpQRwLKljXZPzTyc8MKtSQkIiYhh2LULJTGf2ee-xN4L7toPfqG4CXiIoQGCM_ZZqlPTWijLKeR7zRIi7qo7aceJlmzlUakKMF-vnk6qPgn5Al2SIWhoCLkvwYCm3XtUIeJ-VFSG4fR6WLZfD4VAxGp9gXjpshlZj3ZDlS9v-Vs5UFyE-p71x58iitDYsRSzJ9ztJnrGcAoCr-bVvwGGXL2MBdGSeg-5EoaZhyn1L7k9vgHeQX2p-MDLjLanEQjDlZ_qCAdwSd2dlw44yKrD_JximyUeZ-wlZwOvSG73pJv0PMNg_ANgAf9DRMX1iA52Sg4XneaExRhOZ5VrmyuSzk_HnIhhqwONLWbW96DZF0D7xltoWM3azROmz7rATXIsm_Fs4Y-eA8pssUJvGyukM9qY-EnMYYuLqJHPxWEnCNsF0dluwc9epBPvI9BhADU4MK2Wvmo3zj7fmNzG8Oag2a1lLhPewABM1LHF4DB4ZVlOAaJ8jGLc3YVgGlyAVyOjWg-6mHkic2mlWtg6h1mu0ryxXg&z=Y9sZtAAJ_ZsDogQdAAbvu6RthksV_ieErPsB-g
IP 178.250.0.160:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 8e428b1bdbfff2ed9ca4a79abeb56c3f
af157d0addea30f373d56e7fbad6de7d9b62f703
81a7f19ec3bbfe0d9cf02c5b67901fc928c2ee9961533a016fc4a63d1310ec4a
GET /delivery/lgn.php?cppv=3&cpp=l8vsz3UM3anrQMYSIdxrlFUAlpnzgcnItE654LV55_aTLpQRwLKljXZPzTyc8MKtSQkIiYhh2LULJTGf2ee-xN4L7toPfqG4CXiIoQGCM_ZZqlPTWijLKeR7zRIi7qo7aceJlmzlUakKMF-vnk6qPgn5Al2SIWhoCLkvwYCm3XtUIeJ-VFSG4fR6WLZfD4VAxGp9gXjpshlZj3ZDlS9v-Vs5UFyE-p71x58iitDYsRSzJ9ztJnrGcAoCr-bVvwGGXL2MBdGSeg-5EoaZhyn1L7k9vgHeQX2p-MDLjLanEQjDlZ_qCAdwSd2dlw44yKrD_JximyUeZ-wlZwOvSG73pJv0PMNg_ANgAf9DRMX1iA52Sg4XneaExRhOZ5VrmyuSzk_HnIhhqwONLWbW96DZF0D7xltoWM3azROmz7rATXIsm_Fs4Y-eA8pssUJvGyukM9qY-EnMYYuLqJHPxWEnCNsF0dluwc9epBPvI9BhADU4MK2Wvmo3zj7fmNzG8Oag2a1lLhPewABM1LHF4DB4ZVlOAaJ8jGLc3YVgGlyAVyOjWg-6mHkic2mlWtg6h1mu0ryxXg&z=Y9sZtAAJ_ZsDogQdAAbvu6RthksV_ieErPsB-g HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:30 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3447832
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8719883811925_a_en_hd_1.jpg%3Ft%3D1648965370%3Fcb%3D2023020114&v=3&w=800&s=8zr5p5KV_Odwms2QAtmkWiQF&b=400
178.250.2.135200 OK 8.4 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8719883811925_a_en_hd_1.jpg%3Ft%3D1648965370%3Fcb%3D2023020114&v=3&w=800&s=8zr5p5KV_Odwms2QAtmkWiQF&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1081b5440aaf9348df58ca18e9a80d99
a61877b6dc5ea581e358def40f2bd912f96b080d
2f3badc0b2355af7e24b758f36c6e7902a3d993b86dcff70ad460d9e560e4838
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8719883811925_a_en_hd_1.jpg%3Ft%3D1648965370%3Fcb%3D2023020114&v=3&w=800&s=8zr5p5KV_Odwms2QAtmkWiQF&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31492173
expires: Thu, 01 Feb 2024 13:52:05 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 8358
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=05JJ5DBk8LEGuWAiOQPSK_37FvJ1ji2jO5e8UWlqbZM1BuDiOSAqpThvEQHxALz-uLoaCKtJwcO9w_iBnixo9rJP7Ii970kcNcWJSZL0_VBe_Fz9sqEGCz_mWBhgptBurQYOa4i97LhylylFYXZHRa_lvqvYOCGdpSDXR_u10MpMkyQ1UwQiASQruuocrnc1sQcT4mfXQ7-7DGQCGudUg-HYCl18lAZ-pPqLp5O2M3rrOgR-jPZFUHrC_29bmIomGZO9B9g4L357r0aHxYZUpfdBPQuN-xzO8BWHw7vrICxfkHvJw5XInr1Te9NpNhALPtJUDzVFSSXm4WySQ3lScN1yc1E0LAkZteWE9_3ZQLWgDQASOPVBxSsTCTTxJNm2N5Vhe8B-VJdoNE9n8uWnL-MNfqrcj8Ob7n-QMSNc3zR95_wF
178.250.0.160200 OK 4.6 kB URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=05JJ5DBk8LEGuWAiOQPSK_37FvJ1ji2jO5e8UWlqbZM1BuDiOSAqpThvEQHxALz-uLoaCKtJwcO9w_iBnixo9rJP7Ii970kcNcWJSZL0_VBe_Fz9sqEGCz_mWBhgptBurQYOa4i97LhylylFYXZHRa_lvqvYOCGdpSDXR_u10MpMkyQ1UwQiASQruuocrnc1sQcT4mfXQ7-7DGQCGudUg-HYCl18lAZ-pPqLp5O2M3rrOgR-jPZFUHrC_29bmIomGZO9B9g4L357r0aHxYZUpfdBPQuN-xzO8BWHw7vrICxfkHvJw5XInr1Te9NpNhALPtJUDzVFSSXm4WySQ3lScN1yc1E0LAkZteWE9_3ZQLWgDQASOPVBxSsTCTTxJNm2N5Vhe8B-VJdoNE9n8uWnL-MNfqrcj8Ob7n-QMSNc3zR95_wF
IP 178.250.0.160:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f86299dd81977110a6707aa5cc3127fe
e75611a523a26eb41ab4b9ddda92c17be2e53286
c3ef1d0f88c8c7f637ff459b3be43aaa6936bab94aea1f7c1eb68c6db5372c21
GET /delivery/lg.php?cppv=3&cpp=05JJ5DBk8LEGuWAiOQPSK_37FvJ1ji2jO5e8UWlqbZM1BuDiOSAqpThvEQHxALz-uLoaCKtJwcO9w_iBnixo9rJP7Ii970kcNcWJSZL0_VBe_Fz9sqEGCz_mWBhgptBurQYOa4i97LhylylFYXZHRa_lvqvYOCGdpSDXR_u10MpMkyQ1UwQiASQruuocrnc1sQcT4mfXQ7-7DGQCGudUg-HYCl18lAZ-pPqLp5O2M3rrOgR-jPZFUHrC_29bmIomGZO9B9g4L357r0aHxYZUpfdBPQuN-xzO8BWHw7vrICxfkHvJw5XInr1Te9NpNhALPtJUDzVFSSXm4WySQ3lScN1yc1E0LAkZteWE9_3ZQLWgDQASOPVBxSsTCTTxJNm2N5Vhe8B-VJdoNE9n8uWnL-MNfqrcj8Ob7n-QMSNc3zR95_wF HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:31 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3261869
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475599807_m_en_hd_1.jpg%3Ft%3D1649388719%3Fcb%3D2023020114&v=3&w=800&s=Pz2ngD1RWNyBzeTAoYb3ENJv&b=400
178.250.2.135200 OK 5.8 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475599807_m_en_hd_1.jpg%3Ft%3D1649388719%3Fcb%3D2023020114&v=3&w=800&s=Pz2ngD1RWNyBzeTAoYb3ENJv&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 261x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b8e8ab8deb54ba025306e2727bea2292
845ced4db0cebb512e94b9b3ae156870ab39bb66
d2223f4bc6934a15860130adf4824b210091895026d73f6f54692941cce66f0f
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475599807_m_en_hd_1.jpg%3Ft%3D1649388719%3Fcb%3D2023020114&v=3&w=800&s=Pz2ngD1RWNyBzeTAoYb3ENJv&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31492155
expires: Thu, 01 Feb 2024 13:51:47 GMT
date: Thu, 02 Feb 2023 02:02:30 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5804
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475702634_a_en_hd_1.jpg%3Ft%3D1650279275%3Fcb%3D2023020114&v=3&w=800&s=MNNxXqNiiG8-WGTk8TEHpOM2&b=400
178.250.2.135200 OK 9.2 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475702634_a_en_hd_1.jpg%3Ft%3D1650279275%3Fcb%3D2023020114&v=3&w=800&s=MNNxXqNiiG8-WGTk8TEHpOM2&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x372, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c1ed220366bf46c1ed1ddbcafd825ff9
c27ba896ddc7de45a4f01019841e7fccd0e48572
28c6a171a155b2ac6fd819bfc365c80963554d9ed9fe85bc2038d001a08be81f
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475702634_a_en_hd_1.jpg%3Ft%3D1650279275%3Fcb%3D2023020114&v=3&w=800&s=MNNxXqNiiG8-WGTk8TEHpOM2&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31492173
expires: Thu, 01 Feb 2024 13:52:05 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9206
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475892496_a_en_hd_1.jpg%3Ft%3D1649215262%3Fcb%3D2023020114&v=3&w=800&s=u6fhfX0tFIiXMVw4B0irz0MQ&b=400
178.250.2.135200 OK 9.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475892496_a_en_hd_1.jpg%3Ft%3D1649215262%3Fcb%3D2023020114&v=3&w=800&s=u6fhfX0tFIiXMVw4B0irz0MQ&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 368x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 66a8ef8e75698d6582e84a56ca6d9afd
5d68bc7509865ca3e60e30e51131dc352591e71a
90183e3a6b6ab0471f0671ecb79c48c2d77f7bd674811e880335eef7d8f711de
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475892496_a_en_hd_1.jpg%3Ft%3D1649215262%3Fcb%3D2023020114&v=3&w=800&s=u6fhfX0tFIiXMVw4B0irz0MQ&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31492283
expires: Thu, 01 Feb 2024 13:53:55 GMT
date: Thu, 02 Feb 2023 02:02:30 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9672
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F5400585122053_m_en_hd_1.jpg%3Ft%3D1649391618%3Fcb%3D2023020114&v=3&w=800&s=yEuNLNyxCFUwb0rhQ1cRqOeY&b=400
178.250.2.135200 OK 16 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F5400585122053_m_en_hd_1.jpg%3Ft%3D1649391618%3Fcb%3D2023020114&v=3&w=800&s=yEuNLNyxCFUwb0rhQ1cRqOeY&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash aab7d08099a68d73031c0cdf1bc0acaa
5afed2de34b0095a728f41693241311af6709d39
ec5276a94a86cf2a44f82b17c1f77b406b24bda95f5f2645d3cacee08b386aa1
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F5400585122053_m_en_hd_1.jpg%3Ft%3D1649391618%3Fcb%3D2023020114&v=3&w=800&s=yEuNLNyxCFUwb0rhQ1cRqOeY&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31492383
expires: Thu, 01 Feb 2024 13:55:35 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 16346
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475905578_a_en_hd_1.jpg%3Ft%3D1649226649%3Fcb%3D2023020114&v=3&w=800&s=Lji40Z1TpVgr8Jh-VJnTmK9Q&b=400
178.250.2.135200 OK 3.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475905578_a_en_hd_1.jpg%3Ft%3D1649226649%3Fcb%3D2023020114&v=3&w=800&s=Lji40Z1TpVgr8Jh-VJnTmK9Q&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 285x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 686c339d7768bc6e9c6849cdd469a495
da6f238e1a8fdfca4aa16d56781a4877bf9c170a
f3a1b9a6c795709a18f6d751ae4d08d2546d594ec00de647559a86e5243cb138
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475905578_a_en_hd_1.jpg%3Ft%3D1649226649%3Fcb%3D2023020114&v=3&w=800&s=Lji40Z1TpVgr8Jh-VJnTmK9Q&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31492332
expires: Thu, 01 Feb 2024 13:54:43 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 3684
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/animejs/animejs.js
178.250.0.130200 OK 16 kB URL HTTP/2 static.criteo.net/animejs/animejs.js
IP 178.250.0.130:0
Hash c4f276d0d535ce4e289fa88d36eb6d24
082933529bd312f56304902b99f5dc40e682f4a5
a9d2d7484ed4ef2e1b837d617da1cbf1d1c0241bb0f3e67beca739aee53da04d
GET /animejs/animejs.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:02:31 GMT
content-type: text/javascript
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
etag: W/"5c9a64eb-3181"
expires: Sun, 28 Jan 2024 02:02:31 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475960942_a_en_hd_1.jpg%3Ft%3D1649226701%3Fcb%3D2023020114&v=3&w=800&s=iG_NFMCJj23WJhWIgB08gaH9&b=400
178.250.2.135200 OK 8.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475960942_a_en_hd_1.jpg%3Ft%3D1649226701%3Fcb%3D2023020114&v=3&w=800&s=iG_NFMCJj23WJhWIgB08gaH9&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x391, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 215bbbb69e9246d81e3d00d52fa47b74
33adb748bb693cded9b3a4b6ead3b9c9ad723ad9
ca5df2fc850a3053f89fbbb184129662e558ac88840c17deb53ab384aa1a2f23
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475960942_a_en_hd_1.jpg%3Ft%3D1649226701%3Fcb%3D2023020114&v=3&w=800&s=iG_NFMCJj23WJhWIgB08gaH9&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31492173
expires: Thu, 01 Feb 2024 13:52:05 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 8940
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475798279_m_en_hd_1.jpg%3Ft%3D1662436065%3Fcb%3D2023020114&v=3&w=800&s=KMIyr9YW96NmJAjqRebSVj4s&b=400
178.250.2.135200 OK 14 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475798279_m_en_hd_1.jpg%3Ft%3D1662436065%3Fcb%3D2023020114&v=3&w=800&s=KMIyr9YW96NmJAjqRebSVj4s&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 47e5d78cc1342e04db31b9723af9b449
9e05e562b172d53aa0896ad6cc84ef3a24d69297
b51b1d668099e71e14be955f13827a8205f56446b274ccf34f73715fe82e2902
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475798279_m_en_hd_1.jpg%3Ft%3D1662436065%3Fcb%3D2023020114&v=3&w=800&s=KMIyr9YW96NmJAjqRebSVj4s&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31492141
expires: Thu, 01 Feb 2024 13:51:33 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 13712
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy_small.svg
178.250.0.130200 OK 14 kB URL HTTP/2 static.criteo.net/flash/icon/privacy_small.svg
IP 178.250.0.130:0
Hash 03cdfe90cd0fcd9041e5a7e061471c3c
e0f636928749c2e685e0cef5255e1fec1325fb1f
6e34892bb9b7f4cd4455a10d3769cf96afe0fbe3afaefaa7b3d53538f2f1ad0e
GET /flash/icon/privacy_small.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:02:31 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
etag: W/"5e42ba84-6aa"
expires: Sun, 28 Jan 2024 02:02:31 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=360&m=0&partner=28905&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F28905%2F211115%2Fb06c69b831ed410991b3a26cec796d5d_vidaxl.png&v=3&w=196&s=LLhbZiLMQfn0AVCqrHqAmT26
178.250.2.135200 OK 15 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=360&m=0&partner=28905&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F28905%2F211115%2Fb06c69b831ed410991b3a26cec796d5d_vidaxl.png&v=3&w=196&s=LLhbZiLMQfn0AVCqrHqAmT26
IP 178.250.2.135:0
File type PNG image data, 196 x 157, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ca57be72a70ecd49abc7d0eabe55ad3
11084dcfd67eb5b6682daeb50d9272d67ea17329
459c33ea9afd9143c3a03fabdd06c1a06bdda996a67f1a2626ff5bbdd65b7261
GET /img/img?h=360&m=0&partner=28905&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F28905%2F211115%2Fb06c69b831ed410991b3a26cec796d5d_vidaxl.png&v=3&w=196&s=LLhbZiLMQfn0AVCqrHqAmT26 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30240559
expires: Thu, 18 Jan 2024 02:11:51 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 15316
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y9sZswALFW4DogQQAAzeIuTKyhqiNI7gq9ib1Q&u=%7CGfhFngqHdW7PgBd%2BuHYBfqgeFFmDzZTxDRoqHKUD%2FiM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUAuabbKvlotkQOlWSrUssLamN-vaIHCLtCT-UwxVXNeXhJ4Th5YabpWQ4RMEwEdOQlA-0Uli1zHlcZ5CeISqNiJhw9K6VJ6X7HPOqpP0hFN1CMEB_RJ0JFMHdkjOj85PinGWDivkZzbzu6snw5D_EUSpEVffx79PdhQrnKMQzC7rxk7X80VfeLc9fW_NnfvtNrDzc8m1-H7QuSS4061Dg0eblrAVyi81N0oxwdMF60wG8lV8igO9wRBAHF112RCiWQi1LXwbDwdkhtluweVORg-e00r2Ut9iBqWxoWMKJM0dIcrLf8Se-zpbj8wgbj_UbYuKcGx1RW13djzl8lWcQW-08nAZoB2LCZLRHfkSvVy2f1VWGGL6fKt1HFdSCPE_au8x_O9Hv6FwtZeB4Ll2mP-8w1RmUERuCTIaYu_RleK--L_BXp130qD1MgQTGJ4ioTj9ZhNvDLeInPpgB92r_0vLDksjDNiD5rwUuMXL47RIZdyuBbMM-HUe9G2XybHZCQpCQPJrrGSN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbBxusxnbY-6qLJCIiM0PoryzkA3JntKxXPWdmPdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTczMDk4NDU1MjUyODUwMjnIAQmpAo78Z0SZa7I-qAMBqgTLAk_QjDY6ghgc3rwGX3reTv--LobgskMVeOYhP2QNgW0GXTnHfd1idqQcYTh2ZheFXDqICO4fGju89hsI0oxOqWU_98Z0Prli7DXcs0Wdgcjoq07th2OQV4JI982XF3OybP1qS3urece2nz9BJgRpIra4FnJEYoEFeM4UkNbzANBUU_kdXKtVSUc-LyUggkYCYWIdZeV4MjH1cwjSeMSt2S6hjF9_YwCWYnUrvlYY9R7OS3pSIN90Ht8F7FUVFaQc6qZLVlghIOMYcyC-LWm4RbKmKW8k4_kMYpSrKIY6T5lDnHGNnfzUK2ap4BMFxXVaAj1jz_kkJWo5DbG__seYsTrlzOQiLg_BoIoRnbBoZgxt5bHnAqKWxjvsmVy6lNt3OluLnGVVaZKBFYM1aRgo9b3onH4GWhDldMypGmIpQSKjy3ePAFJTENU6FZOABvrv4u2Tr7XwUaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2of72H18U9ejV-I6u_Ffn-i0kTzg%26client%3Dca-pub-7309845525285029%26adurl%3D
178.250.0.138200 OK 66 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y9sZswALFW4DogQQAAzeIuTKyhqiNI7gq9ib1Q&u=%7CGfhFngqHdW7PgBd%2BuHYBfqgeFFmDzZTxDRoqHKUD%2FiM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUAuabbKvlotkQOlWSrUssLamN-vaIHCLtCT-UwxVXNeXhJ4Th5YabpWQ4RMEwEdOQlA-0Uli1zHlcZ5CeISqNiJhw9K6VJ6X7HPOqpP0hFN1CMEB_RJ0JFMHdkjOj85PinGWDivkZzbzu6snw5D_EUSpEVffx79PdhQrnKMQzC7rxk7X80VfeLc9fW_NnfvtNrDzc8m1-H7QuSS4061Dg0eblrAVyi81N0oxwdMF60wG8lV8igO9wRBAHF112RCiWQi1LXwbDwdkhtluweVORg-e00r2Ut9iBqWxoWMKJM0dIcrLf8Se-zpbj8wgbj_UbYuKcGx1RW13djzl8lWcQW-08nAZoB2LCZLRHfkSvVy2f1VWGGL6fKt1HFdSCPE_au8x_O9Hv6FwtZeB4Ll2mP-8w1RmUERuCTIaYu_RleK--L_BXp130qD1MgQTGJ4ioTj9ZhNvDLeInPpgB92r_0vLDksjDNiD5rwUuMXL47RIZdyuBbMM-HUe9G2XybHZCQpCQPJrrGSN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbBxusxnbY-6qLJCIiM0PoryzkA3JntKxXPWdmPdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTczMDk4NDU1MjUyODUwMjnIAQmpAo78Z0SZa7I-qAMBqgTLAk_QjDY6ghgc3rwGX3reTv--LobgskMVeOYhP2QNgW0GXTnHfd1idqQcYTh2ZheFXDqICO4fGju89hsI0oxOqWU_98Z0Prli7DXcs0Wdgcjoq07th2OQV4JI982XF3OybP1qS3urece2nz9BJgRpIra4FnJEYoEFeM4UkNbzANBUU_kdXKtVSUc-LyUggkYCYWIdZeV4MjH1cwjSeMSt2S6hjF9_YwCWYnUrvlYY9R7OS3pSIN90Ht8F7FUVFaQc6qZLVlghIOMYcyC-LWm4RbKmKW8k4_kMYpSrKIY6T5lDnHGNnfzUK2ap4BMFxXVaAj1jz_kkJWo5DbG__seYsTrlzOQiLg_BoIoRnbBoZgxt5bHnAqKWxjvsmVy6lNt3OluLnGVVaZKBFYM1aRgo9b3onH4GWhDldMypGmIpQSKjy3ePAFJTENU6FZOABvrv4u2Tr7XwUaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2of72H18U9ejV-I6u_Ffn-i0kTzg%26client%3Dca-pub-7309845525285029%26adurl%3D
IP 178.250.0.138:0
Hash 9a1feab812fe34ee76e14e491978a25a
a0804e02c6ee525fccf45b33371e9a89156ebdf7
d1b3ecbb14a90973a1cb9167488f1a1d68c6fb4a0e2d4f17839dca6008ea0bb0
GET /delivery/r/afr.php?z=Y9sZswALFW4DogQQAAzeIuTKyhqiNI7gq9ib1Q&u=%7CGfhFngqHdW7PgBd%2BuHYBfqgeFFmDzZTxDRoqHKUD%2FiM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUAuabbKvlotkQOlWSrUssLamN-vaIHCLtCT-UwxVXNeXhJ4Th5YabpWQ4RMEwEdOQlA-0Uli1zHlcZ5CeISqNiJhw9K6VJ6X7HPOqpP0hFN1CMEB_RJ0JFMHdkjOj85PinGWDivkZzbzu6snw5D_EUSpEVffx79PdhQrnKMQzC7rxk7X80VfeLc9fW_NnfvtNrDzc8m1-H7QuSS4061Dg0eblrAVyi81N0oxwdMF60wG8lV8igO9wRBAHF112RCiWQi1LXwbDwdkhtluweVORg-e00r2Ut9iBqWxoWMKJM0dIcrLf8Se-zpbj8wgbj_UbYuKcGx1RW13djzl8lWcQW-08nAZoB2LCZLRHfkSvVy2f1VWGGL6fKt1HFdSCPE_au8x_O9Hv6FwtZeB4Ll2mP-8w1RmUERuCTIaYu_RleK--L_BXp130qD1MgQTGJ4ioTj9ZhNvDLeInPpgB92r_0vLDksjDNiD5rwUuMXL47RIZdyuBbMM-HUe9G2XybHZCQpCQPJrrGSN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbBxusxnbY-6qLJCIiM0PoryzkA3JntKxXPWdmPdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTczMDk4NDU1MjUyODUwMjnIAQmpAo78Z0SZa7I-qAMBqgTLAk_QjDY6ghgc3rwGX3reTv--LobgskMVeOYhP2QNgW0GXTnHfd1idqQcYTh2ZheFXDqICO4fGju89hsI0oxOqWU_98Z0Prli7DXcs0Wdgcjoq07th2OQV4JI982XF3OybP1qS3urece2nz9BJgRpIra4FnJEYoEFeM4UkNbzANBUU_kdXKtVSUc-LyUggkYCYWIdZeV4MjH1cwjSeMSt2S6hjF9_YwCWYnUrvlYY9R7OS3pSIN90Ht8F7FUVFaQc6qZLVlghIOMYcyC-LWm4RbKmKW8k4_kMYpSrKIY6T5lDnHGNnfzUK2ap4BMFxXVaAj1jz_kkJWo5DbG__seYsTrlzOQiLg_BoIoRnbBoZgxt5bHnAqKWxjvsmVy6lNt3OluLnGVVaZKBFYM1aRgo9b3onH4GWhDldMypGmIpQSKjy3ePAFJTENU6FZOABvrv4u2Tr7XwUaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2of72H18U9ejV-I6u_Ffn-i0kTzg%26client%3Dca-pub-7309845525285029%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:30 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ZTemJtQWZFCNgP2HLQ1ViS-BPm_6EIoKtuBBxYAkbJumLUaOj5XnTElYNqkKO5SqU6R0_LYD-j-NVR70CKpuLEoyRihFJ67GuoBNL8it1L-0AuWDiH8ANOyApbgsqX3Anbc09xPHzLZnBeoccewHoHu3jG4ayTHxY-EZT_DgwVLjvnszt1YL_1N0ZSKzAtENuspWw7Uyj-4exgoILsF-GNQWDqqxQUbrIHeIpJWGBGlWgo4Y3BOzEwfruSHA2utFExEetQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 119327449
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=104&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=596&s=ETAzHr6NcpRpZ3_Jkej0-XXl
178.250.2.135200 OK 3.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=104&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=596&s=ETAzHr6NcpRpZ3_Jkej0-XXl
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 277x104, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d7a5c76aec6cbaff3effe7fba832f7b4
ab3046d70078b235d53e535f3be76e2e404ebc8b
1204eb619e2c0b5c191c701da71af8261cb4de1c90efca0f92280ab46a66cc66
GET /img/img?h=104&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=596&s=ETAzHr6NcpRpZ3_Jkej0-XXl HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31033230
expires: Sat, 27 Jan 2024 06:23:02 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 2972
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsvea%2F1300x1700%2Fsve10244_cgrey_v901.jpg&v=3&w=400&s=EXDWfrVLjwla653OTAlKHmXI&b=400
178.250.2.135200 OK 6.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsvea%2F1300x1700%2Fsve10244_cgrey_v901.jpg&v=3&w=400&s=EXDWfrVLjwla653OTAlKHmXI&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 253x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4107b3cce321d0de575e2d09ee500141
ea63bcbed38763856b3c80f6921b2e34648cc2e6
0d5fe42912025a3f0d1d9b825a59bf43a0067e6ccba06d997e75cd7b86e83347
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsvea%2F1300x1700%2Fsve10244_cgrey_v901.jpg&v=3&w=400&s=EXDWfrVLjwla653OTAlKHmXI&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31418525
expires: Wed, 31 Jan 2024 17:24:37 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6652
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F38fa9246a8044b9d84346a654df0b3f8_1200x1200_no.png&v=3&w=1200&s=0nrlAVgY0MZUBvNy2SzYbkMm
178.250.2.135200 OK 128 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F38fa9246a8044b9d84346a654df0b3f8_1200x1200_no.png&v=3&w=1200&s=0nrlAVgY0MZUBvNy2SzYbkMm
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 128 kB (128318 bytes)
Hash 9ff2ed9e224d6b96a54afe736c4b0b07
ef6420bcdc5c7b89e892768d26b6156f20896019
3f643c2f2356cf933397bab72e5df5cdec174c7af924d8352390677e56cfbf68
GET /img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F38fa9246a8044b9d84346a654df0b3f8_1200x1200_no.png&v=3&w=1200&s=0nrlAVgY0MZUBvNy2SzYbkMm HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=28359113
expires: Wed, 27 Dec 2023 07:34:25 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 128318
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftamaris%2F1300x1700%2Ftam112549829_cantelopeuni_v309.jpg&v=3&w=400&s=gpVQdr807YDssiJabmfbxiNl&b=400
178.250.2.135200 OK 4.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftamaris%2F1300x1700%2Ftam112549829_cantelopeuni_v309.jpg&v=3&w=400&s=gpVQdr807YDssiJabmfbxiNl&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 288x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0f672fd89e95e6d08cc28c446bbd83a2
cae1db46cbc74a5045b02e2d13fa32ed434758e3
eca7ed9381a4aab8526a3565063b4d33601ea32bdc80b1c5e0dca61503a91301
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftamaris%2F1300x1700%2Ftam112549829_cantelopeuni_v309.jpg&v=3&w=400&s=gpVQdr807YDssiJabmfbxiNl&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30223200
expires: Wed, 17 Jan 2024 21:22:32 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4510
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fea7%2F1300x1700%2Fea7pne1z8npb07_cnightblue_v1578.jpg&v=3&w=400&s=mGcaCeKXQYmph0rSsQjAUf3F&b=400
178.250.2.135200 OK 8.6 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fea7%2F1300x1700%2Fea7pne1z8npb07_cnightblue_v1578.jpg&v=3&w=400&s=mGcaCeKXQYmph0rSsQjAUf3F&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 316x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f2681874b9c2c56f84d7a55a47a9addb
0aa28284733d54b7d900884f95d3d7ae74e7254a
2bade8c4cddb0e86739e1d1fc034af6493c5f9bf1b15e8a3c2d0ef13b13a8212
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fea7%2F1300x1700%2Fea7pne1z8npb07_cnightblue_v1578.jpg&v=3&w=400&s=mGcaCeKXQYmph0rSsQjAUf3F&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30079923
expires: Tue, 16 Jan 2024 05:34:35 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 8554
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fdyrbergkern%2F1300x1700%2Fdyr334519_cshinygoldgrey.jpg&v=3&w=400&s=oX7DS8m6GuMk3Zzf0Q_Ezgl_&b=400
178.250.2.135200 OK 13 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fdyrbergkern%2F1300x1700%2Fdyr334519_cshinygoldgrey.jpg&v=3&w=400&s=oX7DS8m6GuMk3Zzf0Q_Ezgl_&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x244, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d230b406243a7974c7e1a6cea640de6c
f544d20deeccc9bb313a52269f26f5f7acb0781b
3edb3ccb198662aa7bcff311172f18e65521717c11ffc65c9f845d962db0ae72
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fdyrbergkern%2F1300x1700%2Fdyr334519_cshinygoldgrey.jpg&v=3&w=400&s=oX7DS8m6GuMk3Zzf0Q_Ezgl_&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=28849364
expires: Mon, 01 Jan 2024 23:45:15 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 12966
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fyas%2F1300x1700%2Fyas26028495_cultramarine_v221650artyaop.jpg&v=3&w=400&s=SuWjbmrI_RG24Ce9fFjliEkk&b=400
178.250.2.135200 OK 21 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fyas%2F1300x1700%2Fyas26028495_cultramarine_v221650artyaop.jpg&v=3&w=400&s=SuWjbmrI_RG24Ce9fFjliEkk&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 206x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fdc6ca6eef4cb0bfb89b6818de836f2e
605ec9685e37905cbe53718e50ae2fe00e539402
c86b113833ed0dd901f01431867fbb9fa8c340514faab103e232a0728e978cb8
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fyas%2F1300x1700%2Fyas26028495_cultramarine_v221650artyaop.jpg&v=3&w=400&s=SuWjbmrI_RG24Ce9fFjliEkk&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=28972868
expires: Wed, 03 Jan 2024 10:03:40 GMT
date: Thu, 02 Feb 2023 02:02:30 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 20906
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fecco%2F1300x1700%2Fec207083_cblack_v01001.jpg&v=3&w=400&s=245CQ9W0kIX6F-sXz9FpInoa&b=400
178.250.2.135200 OK 10 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fecco%2F1300x1700%2Fec207083_cblack_v01001.jpg&v=3&w=400&s=245CQ9W0kIX6F-sXz9FpInoa&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x336, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a038be7d3e6d4838b4a63bd8daa28a1e
81f01b450467dfc5a96a6077358e42787edcb977
d9e7a945587d1dc06c2ed3c5734385cc6bf6d8e8de37b21da2530a03c2a76128
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fecco%2F1300x1700%2Fec207083_cblack_v01001.jpg&v=3&w=400&s=245CQ9W0kIX6F-sXz9FpInoa&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29564053
expires: Wed, 10 Jan 2024 06:16:45 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10502
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/adchoices_en.svg
178.250.0.130200 OK 7.7 kB URL HTTP/2 static.criteo.net/flash/icon/adchoices_en.svg
IP 178.250.0.130:0
Hash 6d6294270011ac439bfa8c173aa38d60
86ac95f0c669d666a3c9adb8e98de42ea1886c69
a88f73b89e6a5c1be7b491a3818e2a5e4b4ea7ffca7300f4a8f11c80db934b22
GET /flash/icon/adchoices_en.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:02:31 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
etag: W/"5e42b9ee-759"
expires: Sun, 28 Jan 2024 02:02:31 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmads-norgaard%2F1300x1700%2Fmad201456_cskyaopblack.jpg&v=3&w=400&s=bPHcV-eD78CRvNh8fuUC6Re6&b=400
178.250.2.135200 OK 20 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmads-norgaard%2F1300x1700%2Fmad201456_cskyaopblack.jpg&v=3&w=400&s=bPHcV-eD78CRvNh8fuUC6Re6&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 203x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1349751418f3c30273c4374a3bd7d68b
efb51574ecf1dd1006b05b6dddb3cff12ed4b133
ed45691e00233436f36ade14da1564aabcd84b0408f2021a1f494d8f27026b6d
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmads-norgaard%2F1300x1700%2Fmad201456_cskyaopblack.jpg&v=3&w=400&s=bPHcV-eD78CRvNh8fuUC6Re6&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31250446
expires: Mon, 29 Jan 2024 18:43:18 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 19470
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf1741394803_cblack.jpg&v=3&w=400&s=b5OAUjF40XdzcSX2tResorh-&b=400
178.250.2.135200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf1741394803_cblack.jpg&v=3&w=400&s=b5OAUjF40XdzcSX2tResorh-&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x351, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 77ad2ab29464a85a38895f7ecf0a58f6
9aab0bcfb9bbe84772a6c654532a450d0edc067a
8ea266295c05e575875733f6a71b7f59e1fbfba330cbbe98a18805a4a129099f
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf1741394803_cblack.jpg&v=3&w=400&s=b5OAUjF40XdzcSX2tResorh-&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29806099
expires: Sat, 13 Jan 2024 01:30:51 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10886
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=YP2_K993wCs3txwqPiSRw8TATw5_PCYrFQB1nqJZ1sfMGdMe1WamedhyEpLQnF_-Qc36gtT3HvTOjEw1TF08UPpdx-SlB1VHAawGGCfDj6x1xLIUW9rI1x0JVP8_KRfNSaxgdF-xU6UspHPd-959jnmur5Rza6UaJ959VagnHqIngxRT7Vsz8WrQa7z-Y_LBJu7xURoecuYKOh56tRbmICoaP7FeR0yK5wolmC7k81xU-onMxarCgaNaBDdU9iPJFggjpq3WOpXQcq0fUc0PFEfiD5DAPXR86QCp-f-s678oPBPalnwsVbFuPh3G2s9vH7l65u9LldKZkkTu8F8k8xfWdIATWLztCh5qC1gKnwThvsDPRAoeyHClXVuIpzOCXmZQyufQLAmd1O2YFYQCIaGQuPgGAiaVa-nXZRDuotTbGHjN
178.250.0.160200 OK 24 kB URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=YP2_K993wCs3txwqPiSRw8TATw5_PCYrFQB1nqJZ1sfMGdMe1WamedhyEpLQnF_-Qc36gtT3HvTOjEw1TF08UPpdx-SlB1VHAawGGCfDj6x1xLIUW9rI1x0JVP8_KRfNSaxgdF-xU6UspHPd-959jnmur5Rza6UaJ959VagnHqIngxRT7Vsz8WrQa7z-Y_LBJu7xURoecuYKOh56tRbmICoaP7FeR0yK5wolmC7k81xU-onMxarCgaNaBDdU9iPJFggjpq3WOpXQcq0fUc0PFEfiD5DAPXR86QCp-f-s678oPBPalnwsVbFuPh3G2s9vH7l65u9LldKZkkTu8F8k8xfWdIATWLztCh5qC1gKnwThvsDPRAoeyHClXVuIpzOCXmZQyufQLAmd1O2YFYQCIaGQuPgGAiaVa-nXZRDuotTbGHjN
IP 178.250.0.160:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ac7cb9ff48aff519dcc9cf376f9f4f29
5a1373c578896706c1d3a4da80165596edc0d0a4
7e997edc62d9b6d4117953f2182f216a34c8b859dba53e2be1fa0ce2b038208d
GET /delivery/lg.php?cppv=3&cpp=YP2_K993wCs3txwqPiSRw8TATw5_PCYrFQB1nqJZ1sfMGdMe1WamedhyEpLQnF_-Qc36gtT3HvTOjEw1TF08UPpdx-SlB1VHAawGGCfDj6x1xLIUW9rI1x0JVP8_KRfNSaxgdF-xU6UspHPd-959jnmur5Rza6UaJ959VagnHqIngxRT7Vsz8WrQa7z-Y_LBJu7xURoecuYKOh56tRbmICoaP7FeR0yK5wolmC7k81xU-onMxarCgaNaBDdU9iPJFggjpq3WOpXQcq0fUc0PFEfiD5DAPXR86QCp-f-s678oPBPalnwsVbFuPh3G2s9vH7l65u9LldKZkkTu8F8k8xfWdIATWLztCh5qC1gKnwThvsDPRAoeyHClXVuIpzOCXmZQyufQLAmd1O2YFYQCIaGQuPgGAiaVa-nXZRDuotTbGHjN HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:31 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3044586
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsvea%2F1300x1700%2Fsve10926_cblack_v900.jpg&v=3&w=400&s=QIYQhC2e-T1cOq6pQvVbPEap&b=400
178.250.2.135200 OK 6.2 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsvea%2F1300x1700%2Fsve10926_cblack_v900.jpg&v=3&w=400&s=QIYQhC2e-T1cOq6pQvVbPEap&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 259x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5feb603b148fd3bac55f1006ac3db2fe
0124be6cb567c06216cacfd10b49a0f8f3cad587
eb9b7f95797c74a0bb1e012c34fb8718d7961fec4cce7d48d6fdc9c1af5ee02e
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsvea%2F1300x1700%2Fsve10926_cblack_v900.jpg&v=3&w=400&s=QIYQhC2e-T1cOq6pQvVbPEap&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29140128
expires: Fri, 05 Jan 2024 08:31:20 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6202
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flollys-laundry%2F1300x1700%2Flol224092066_clightblue_v22.jpg&v=3&w=400&s=LMFPysFtyPGKqZGNMh-JOkaa&b=400
178.250.2.135200 OK 12 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flollys-laundry%2F1300x1700%2Flol224092066_clightblue_v22.jpg&v=3&w=400&s=LMFPysFtyPGKqZGNMh-JOkaa&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 332x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c181b81e9bd07abc88096e10d9b6797b
d5d6e0d26efd6a3f224ed393f5c7310faa169b58
39e0fdabd313b9e4375b1a92810d1de5d1f18d9cbb6503532642976020b393a8
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flollys-laundry%2F1300x1700%2Flol224092066_clightblue_v22.jpg&v=3&w=400&s=LMFPysFtyPGKqZGNMh-JOkaa&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29319685
expires: Sun, 07 Jan 2024 10:23:57 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 11566
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flove-lolita%2F1300x1700%2Fllad2069_cblackvelvet_vnovaraint.jpg&v=3&w=400&s=yTsyvNDnRafH2tgEDz0eWmXB&b=400
178.250.2.135200 OK 5.4 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flove-lolita%2F1300x1700%2Fllad2069_cblackvelvet_vnovaraint.jpg&v=3&w=400&s=yTsyvNDnRafH2tgEDz0eWmXB&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 253x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 22db8493d5af73c6eddc986b4de4ddbb
dad5039c2dc32ed9f2b65928a6c73ae45bd8e280
46435a4f920c49837e60a98f763a82fb1d6fb3209b941f4dba9be11fe9f56bde
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flove-lolita%2F1300x1700%2Fllad2069_cblackvelvet_vnovaraint.jpg&v=3&w=400&s=yTsyvNDnRafH2tgEDz0eWmXB&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30245069
expires: Thu, 18 Jan 2024 03:27:01 GMT
date: Thu, 02 Feb 2023 02:02:30 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5374
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fea7%2F1300x1700%2Fea7pn29z8npb02_cscarab_v1860.jpg&v=3&w=400&s=8g2l6B1f_BVLkId5fVsUYzW_&b=400
178.250.2.135200 OK 18 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fea7%2F1300x1700%2Fea7pn29z8npb02_cscarab_v1860.jpg&v=3&w=400&s=8g2l6B1f_BVLkId5fVsUYzW_&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 329x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1be08f3dc180eeb2ef32b72041c3d7c3
a28f023d105169838d0733fb1c30990dd72f26f3
4ec3a6a2248b238944f6e2671890743aac6d519aa01116fac2e4697322628881
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fea7%2F1300x1700%2Fea7pn29z8npb02_cscarab_v1860.jpg&v=3&w=400&s=8g2l6B1f_BVLkId5fVsUYzW_&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30885688
expires: Thu, 25 Jan 2024 13:24:00 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 18078
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Froyal-republiq%2F1300x1700%2Frrq250186119211_cbrown.jpg&v=3&w=400&s=aoH9gbLxX5y_hDJridYnM3hE&b=400
178.250.2.135200 OK 7.3 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Froyal-republiq%2F1300x1700%2Frrq250186119211_cbrown.jpg&v=3&w=400&s=aoH9gbLxX5y_hDJridYnM3hE&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x372, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0eeda7e6493484cfb7f70b2967c08177
35b93c5f4f4652bd480397742e1d7edf02399d31
b1b70f74f765bdeacace86455a42be94b01ab5957f2fbaea09fbba672defef41
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Froyal-republiq%2F1300x1700%2Frrq250186119211_cbrown.jpg&v=3&w=400&s=aoH9gbLxX5y_hDJridYnM3hE&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30519474
expires: Sun, 21 Jan 2024 07:40:26 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7318
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fecooking%2F1300x1700%2Fcoo61230_cnocolor.jpg&v=3&w=400&s=JJNIbNqlHTb87x77aEw-HJ0c&b=400
178.250.2.135200 OK 7.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fecooking%2F1300x1700%2Fcoo61230_cnocolor.jpg&v=3&w=400&s=JJNIbNqlHTb87x77aEw-HJ0c&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 178x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 092e566f45e071d887988f0413a434f7
c6bbfff738a191cace24d939ad95f46992d4909d
568d215e55338fda033683ac25f09ecef44ab95e597c8981bd0d694b75da9259
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fecooking%2F1300x1700%2Fcoo61230_cnocolor.jpg&v=3&w=400&s=JJNIbNqlHTb87x77aEw-HJ0c&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31514966
expires: Thu, 01 Feb 2024 20:11:58 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7694
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmaison-margiela%2F1300x1700%2Fmmald579300_cnocolour.jpg&v=3&w=400&s=rCBMyv9pJ53O5_Oep71nTyfX&b=400
178.250.2.135200 OK 9.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmaison-margiela%2F1300x1700%2Fmmald579300_cnocolour.jpg&v=3&w=400&s=rCBMyv9pJ53O5_Oep71nTyfX&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 177x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3134237ec9a9649077cbff4bbcb91341
a6e555b646d636b60b5c4ec70159aef619b92f58
b4cc4c93aebff105b1aea1ce8243c52738ac4c2d7608b6ccee96467f1290ed8a
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmaison-margiela%2F1300x1700%2Fmmald579300_cnocolour.jpg&v=3&w=400&s=rCBMyv9pJ53O5_Oep71nTyfX&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30540150
expires: Sun, 21 Jan 2024 13:25:02 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9708
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl2002022_cmarine_v410.jpg&v=3&w=400&s=bAt7i4ed2x0rhAAxU-wxdiee&b=400
178.250.2.135200 OK 3.3 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl2002022_cmarine_v410.jpg&v=3&w=400&s=bAt7i4ed2x0rhAAxU-wxdiee&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 326x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b02fc1b2c20317ca8bcbe15225816834
45d70373c62ee6f59d1dceee80f8654ebb8627c5
131d8a444e80aac6827c88e1098fb4e15ef1bfa9b8e272b190448fc5f1dd0095
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl2002022_cmarine_v410.jpg&v=3&w=400&s=bAt7i4ed2x0rhAAxU-wxdiee&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29199160
expires: Sat, 06 Jan 2024 00:55:12 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 3266
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftimberland%2F1300x1700%2Ftimc8658a_cblack.jpg&v=3&w=400&s=Y9D1Fo3fkn9iumtcKuBlHq4X&b=400
178.250.2.135200 OK 8.4 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftimberland%2F1300x1700%2Ftimc8658a_cblack.jpg&v=3&w=400&s=Y9D1Fo3fkn9iumtcKuBlHq4X&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 396x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 17f3dfd5cecdb6da0f4c84d5d7e69e02
218c56d0d92d26586bc1b38c35440e55c318caf8
11b28807abcfaee9b325f8fcc19892b44d7439d641e6abcd15ef51e846b2ec21
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftimberland%2F1300x1700%2Ftimc8658a_cblack.jpg&v=3&w=400&s=Y9D1Fo3fkn9iumtcKuBlHq4X&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31036534
expires: Sat, 27 Jan 2024 07:18:06 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 8378
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsuperdry%2F1300x1700%2Fsdw5011411a_cshakerbeige.jpg&v=3&w=400&s=rCGTf6vMGbu9xEgIsnvx48U4&b=400
178.250.2.135200 OK 7.4 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsuperdry%2F1300x1700%2Fsdw5011411a_cshakerbeige.jpg&v=3&w=400&s=rCGTf6vMGbu9xEgIsnvx48U4&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 204x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0ec7515086fc5d1e0cbec460d7f13f57
ef8102cd3b4840e02fb2f7a735692d16f89ce93a
dda1a79c5c7147ba623956d8bc2d02b9e1dc60c1583b99f2dda74f11b15af569
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsuperdry%2F1300x1700%2Fsdw5011411a_cshakerbeige.jpg&v=3&w=400&s=rCGTf6vMGbu9xEgIsnvx48U4&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29308223
expires: Sun, 07 Jan 2024 07:12:55 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7368
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F1%2F21886020-0_1.jpg%3Fcb%3D45c8c536b6591bfc9ce09dfdce5a0f22&v=3&w=800&s=1A0MIn0Kz0r-ixw2Jws2rUi9&b=400
178.250.2.135200 OK 7.1 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F1%2F21886020-0_1.jpg%3Fcb%3D45c8c536b6591bfc9ce09dfdce5a0f22&v=3&w=800&s=1A0MIn0Kz0r-ixw2Jws2rUi9&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 286x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 54cacfa33c8ceaa943fb766aecef0d05
5d7ac9c37a1e20928660363e5b8aab357de9b000
41ceec71f7ebaea69836a1ce22dce0c27650bea84143a8cf2685971cd13527b1
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F1%2F21886020-0_1.jpg%3Fcb%3D45c8c536b6591bfc9ce09dfdce5a0f22&v=3&w=800&s=1A0MIn0Kz0r-ixw2Jws2rUi9&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30438618
expires: Sat, 20 Jan 2024 09:12:50 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7134
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy.svg
178.250.0.130200 OK 2.2 kB URL HTTP/2 static.criteo.net/flash/icon/privacy.svg
IP 178.250.0.130:0
Hash bbe1585f7ecc31cfe03e8b7cfff5d81e
fba8badf771546eeca28169e4d89b4e2d0e43eaa
3d67e4fe70cb032cd8f36b5e18a462250510c47b527c0fbd6cfd14a33cabb74b
GET /flash/icon/privacy.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:02:31 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
etag: W/"5e4d1491-646"
expires: Sun, 28 Jan 2024 02:02:31 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F4%2F847191-0_2.jpg%3Fcb%3D5e17ab43346eaea1dc743c63890367ed&v=3&w=800&s=E6qIkh-ImIfwHJYi4W3zfDqo&b=400
178.250.2.135200 OK 10 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F4%2F847191-0_2.jpg%3Fcb%3D5e17ab43346eaea1dc743c63890367ed&v=3&w=800&s=E6qIkh-ImIfwHJYi4W3zfDqo&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x333, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c5b4715a9d1e4acb0731dcb0d3f769af
96c5cd041d2a1d2e5fa6724485b59f508212f7cc
7321820f961282c597519e32076a3dfaefa1a994c8710f61d221f17c91410491
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F4%2F847191-0_2.jpg%3Fcb%3D5e17ab43346eaea1dc743c63890367ed&v=3&w=800&s=E6qIkh-ImIfwHJYi4W3zfDqo&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30438628
expires: Sat, 20 Jan 2024 09:13:00 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10082
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F3%2F6353-0_1.jpg%3Fcb%3D9e62ef41a9fe4d67fe9ab2bd7379f0b4&v=3&w=800&s=nUS9ddDnR8Vo18chtfRa2XLt&b=400
178.250.2.135200 OK 6.6 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F3%2F6353-0_1.jpg%3Fcb%3D9e62ef41a9fe4d67fe9ab2bd7379f0b4&v=3&w=800&s=nUS9ddDnR8Vo18chtfRa2XLt&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 06ae262a2aa445904a20058747ea0822
d21523eae0cfa9d1d2543813f8065f8609082a7c
f174662e28f2feebd8ccb7bcd80e91be29e5a206726a04eb5923afb3e554a522
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F3%2F6353-0_1.jpg%3Fcb%3D9e62ef41a9fe4d67fe9ab2bd7379f0b4&v=3&w=800&s=nUS9ddDnR8Vo18chtfRa2XLt&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30438617
expires: Sat, 20 Jan 2024 09:12:49 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6586
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F7%2F8745306-0.jpg%3Fcb%3D16a3435f560acf8f64365ada01c7a763&v=3&w=800&s=qJfLy8pkadE7DlNEsJ0pVBD0&b=400
178.250.2.135200 OK 7.4 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F7%2F8745306-0.jpg%3Fcb%3D16a3435f560acf8f64365ada01c7a763&v=3&w=800&s=qJfLy8pkadE7DlNEsJ0pVBD0&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 216x234, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f81092c6bc9f827bbb7d4a255b0300ee
21017063803692f95720f5b5c20ae59184505abf
51f8e02e34db8b5eabb9b6b7962003d5a13e5caf1a499d4cebc7955fa75c4534
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F7%2F8745306-0.jpg%3Fcb%3D16a3435f560acf8f64365ada01c7a763&v=3&w=800&s=qJfLy8pkadE7DlNEsJ0pVBD0&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30438723
expires: Sat, 20 Jan 2024 09:14:35 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7406
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F3%2F531975-0.jpg%3Fcb%3D751819d782964baaeaec129cb0883903&v=3&w=800&s=qvbTPGK8GPK_n4C-pFeVkGlG&b=400
178.250.2.135200 OK 8.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F3%2F531975-0.jpg%3Fcb%3D751819d782964baaeaec129cb0883903&v=3&w=800&s=qvbTPGK8GPK_n4C-pFeVkGlG&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 391x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 18cd8a1a5460305e97d7ef88656bcf2b
408fafa44b58215ff33f072b399c388a21951adc
a672e6fec124bf00a334e8a6b631c3f1a92b8e3511f3694d0ababe60109bff4e
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F3%2F531975-0.jpg%3Fcb%3D751819d782964baaeaec129cb0883903&v=3&w=800&s=qvbTPGK8GPK_n4C-pFeVkGlG&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30438616
expires: Sat, 20 Jan 2024 09:12:48 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 8650
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F5%2F15005-1.jpg%3Fcb%3Dc2a426ea4f9181c7f1e48238702ca0ed&v=3&w=800&s=G0NiusOVpgGc5Z7XEdCBWdYs&b=400
178.250.2.135200 OK 9.2 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F5%2F15005-1.jpg%3Fcb%3Dc2a426ea4f9181c7f1e48238702ca0ed&v=3&w=800&s=G0NiusOVpgGc5Z7XEdCBWdYs&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x290, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 81afd5cad70342e7622f32f933fae995
e427ff92ad5f85b712f46d5dd305a630c5741d32
960a15880c444fd90c89c9ada8fc7162fa2a0d50015664b04f7262cbacc64d32
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F5%2F15005-1.jpg%3Fcb%3Dc2a426ea4f9181c7f1e48238702ca0ed&v=3&w=800&s=G0NiusOVpgGc5Z7XEdCBWdYs&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30438617
expires: Sat, 20 Jan 2024 09:12:49 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9190
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F4%2F14c320070-0.jpg%3Fcb%3Dcf7a3d1c3b26ed7aa834706e881e43ad&v=3&w=800&s=FeTNHoOZYuJfuodrt-tGPD_G&b=400
178.250.2.135200 OK 20 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F4%2F14c320070-0.jpg%3Fcb%3Dcf7a3d1c3b26ed7aa834706e881e43ad&v=3&w=800&s=FeTNHoOZYuJfuodrt-tGPD_G&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x383, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 861a990418fc92ed358c47612de26559
e164bfc2272e61574d13e2bd70cae7ac3d44ff85
633726d1fa31781d2919f53a4fa0b1677fba12f584b745812a6317e4be611b66
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F4%2F14c320070-0.jpg%3Fcb%3Dcf7a3d1c3b26ed7aa834706e881e43ad&v=3&w=800&s=FeTNHoOZYuJfuodrt-tGPD_G&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30438618
expires: Sat, 20 Jan 2024 09:12:50 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 20170
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F3%2F234269-0.jpg%3Fcb%3D451edc24049f5cbfd48bdbe57fc34270&v=3&w=800&s=VrtlK6B0qJcFAr8UDIwKt5Yh&b=400
178.250.2.135200 OK 1.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F3%2F234269-0.jpg%3Fcb%3D451edc24049f5cbfd48bdbe57fc34270&v=3&w=800&s=VrtlK6B0qJcFAr8UDIwKt5Yh&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 160x184, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9e2cf243a29cc66b7885389d89a25d15
91248bbfac4434109f4c6e998632157d05586510
a41f5800fa2d7677d7789bdb3300c3e8d6331286041a561fcbe1027cc70c9a59
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F3%2F234269-0.jpg%3Fcb%3D451edc24049f5cbfd48bdbe57fc34270&v=3&w=800&s=VrtlK6B0qJcFAr8UDIwKt5Yh&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30438625
expires: Sat, 20 Jan 2024 09:12:57 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 1532
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F3%2F234266-0.jpg%3Fcb%3D8a11c73548d5abcd57d5197795affdc5&v=3&w=800&s=2Lec45hetAV9wbTUZM3FckWC&b=400
178.250.2.135200 OK 1.8 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F3%2F234266-0.jpg%3Fcb%3D8a11c73548d5abcd57d5197795affdc5&v=3&w=800&s=2Lec45hetAV9wbTUZM3FckWC&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 170x245, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1f4e79b4b510f985fa7e75c4e84c1373
29d19e7b9f6f7d0c84352289b77084b514635fc5
08af30feada2fe8cb1ee7825b274776e91bb44103779fbd104eb614413e34c0f
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F3%2F234266-0.jpg%3Fcb%3D8a11c73548d5abcd57d5197795affdc5&v=3&w=800&s=2Lec45hetAV9wbTUZM3FckWC&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31129805
expires: Sun, 28 Jan 2024 09:12:37 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 1774
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F3%2F3301812706-0.jpg%3Fcb%3De65bd646b481334f5d8b8509a82fc623&v=3&w=800&s=155yGYoEmVQwxXUDFkl1VmPz&b=400
178.250.2.135200 OK 7.4 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F3%2F3301812706-0.jpg%3Fcb%3De65bd646b481334f5d8b8509a82fc623&v=3&w=800&s=155yGYoEmVQwxXUDFkl1VmPz&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 276x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d3371853ba6fcb95ca892305e00351f0
87e57ff8b89e01f4e36db4e079b45ab0da35b1ac
018773e1cdec54229c3b356b0e3b1bf931f7bc40fc81b43adedf7c1535100ff4
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F3%2F3301812706-0.jpg%3Fcb%3De65bd646b481334f5d8b8509a82fc623&v=3&w=800&s=155yGYoEmVQwxXUDFkl1VmPz&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30760268
expires: Wed, 24 Jan 2024 02:33:40 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7420
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F5%2F15003-0_1.jpg%3Fcb%3D7fc2761aebbe1643e4d93e4a31484cc8&v=3&w=800&s=hObnQWEqwCiMU1BTYwG5u9F9&b=400
178.250.2.135200 OK 10 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F5%2F15003-0_1.jpg%3Fcb%3D7fc2761aebbe1643e4d93e4a31484cc8&v=3&w=800&s=hObnQWEqwCiMU1BTYwG5u9F9&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x387, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0d63bdaf9264ce65603de0282fbc4e00
9b055432335e40cd7126e9cdcdb95bed8a53c7f2
580660717b633e3d43a1176d5eb5937dd1f8cf17a60388643dce047ca338241b
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F5%2F15003-0_1.jpg%3Fcb%3D7fc2761aebbe1643e4d93e4a31484cc8&v=3&w=800&s=hObnQWEqwCiMU1BTYwG5u9F9&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30438616
expires: Sat, 20 Jan 2024 09:12:48 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10186
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F3%2F832022-0.jpg%3Fcb%3Ddb4de21ae99fc848fe845f6d198f4701&v=3&w=800&s=O4cEOxzWW5LMkR4ebxmNSU2j&b=400
178.250.2.135200 OK 15 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F3%2F832022-0.jpg%3Fcb%3Ddb4de21ae99fc848fe845f6d198f4701&v=3&w=800&s=O4cEOxzWW5LMkR4ebxmNSU2j&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 298x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 048cb0c56b499aee37ddae6f1a021929
e76edb1d463843a72115cb704753b8fd133dc418
30a7597bb533f8d4c8f0ccf77d300b2029b43d6f4d98c306f44b9a5cbec4bdee
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F3%2F832022-0.jpg%3Fcb%3Ddb4de21ae99fc848fe845f6d198f4701&v=3&w=800&s=O4cEOxzWW5LMkR4ebxmNSU2j&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30754679
expires: Wed, 24 Jan 2024 01:00:31 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 14554
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139200-2.jpg%3Fcb%3D72681fb4bd2e49c58fcf92f1c0bac50c&v=3&w=800&s=__jgE6TvBTKSB2zQc7JdJUNa&b=400
178.250.2.135200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139200-2.jpg%3Fcb%3D72681fb4bd2e49c58fcf92f1c0bac50c&v=3&w=800&s=__jgE6TvBTKSB2zQc7JdJUNa&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x358, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b4a8b65dd45b5caaf05d7af1a012c211
2d76450cb9247fc5eb904e3d6db3c051c26226ae
bdeedcf8ba166914065e069ca9514b3020cfe22d1239cb8ec86495c301108540
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139200-2.jpg%3Fcb%3D72681fb4bd2e49c58fcf92f1c0bac50c&v=3&w=800&s=__jgE6TvBTKSB2zQc7JdJUNa&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30438615
expires: Sat, 20 Jan 2024 09:12:48 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10926
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F0%2F302596-0.jpg%3Fcb%3Dc03dcfda314a438c601904c062019f5e&v=3&w=800&s=yiolGpeDJC5L9liJFdiItr5-&b=400
178.250.2.135200 OK 5.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F0%2F302596-0.jpg%3Fcb%3Dc03dcfda314a438c601904c062019f5e&v=3&w=800&s=yiolGpeDJC5L9liJFdiItr5-&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 250x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 69b6062e1ad8d792def8485a19220de4
6a4b489b4ae07debd14b41ae0f69cbf868b0ae56
20667470653b35863db46cf369bf5f920c1d92e3134b631d975dedbeaf7f25be
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F0%2F302596-0.jpg%3Fcb%3Dc03dcfda314a438c601904c062019f5e&v=3&w=800&s=yiolGpeDJC5L9liJFdiItr5-&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31376799
expires: Wed, 31 Jan 2024 05:49:11 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5878
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F1%2F21864210-0.jpg%3Fcb%3D007d5e3c235a8b0253e0b7a2b8a91028&v=3&w=800&s=ceu5_rMX2WsClMqQGMNlSsRC&b=400
178.250.2.135200 OK 5.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F1%2F21864210-0.jpg%3Fcb%3D007d5e3c235a8b0253e0b7a2b8a91028&v=3&w=800&s=ceu5_rMX2WsClMqQGMNlSsRC&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 255x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0efd8b5e7fdd024109e09dfbb3044ab7
81b9aaa6b414e86b3a57625f9a3ef1a0cc9bff89
fb471f24bdd2443cc8fca4b1cde0c9234767620433215c8401e9c17cdeb03c8b
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F1%2F21864210-0.jpg%3Fcb%3D007d5e3c235a8b0253e0b7a2b8a91028&v=3&w=800&s=ceu5_rMX2WsClMqQGMNlSsRC&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30438628
expires: Sat, 20 Jan 2024 09:13:00 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5932
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F7%2F67187-0.jpg%3Fcb%3De1c77b208ff89e03a042c0a33272b2f9&v=3&w=800&s=n8sOOUSlBdCBIjllMFL5IprS&b=400
178.250.2.135200 OK 6.1 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F7%2F67187-0.jpg%3Fcb%3De1c77b208ff89e03a042c0a33272b2f9&v=3&w=800&s=n8sOOUSlBdCBIjllMFL5IprS&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 232x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c0196b116edf7d2928e2894651067f74
b414322ffd0103f76f22ace0b236283add879881
a0457b45bdf51c091f3125db9392013b0c3851eac85de0d258fc11ea43cceff8
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F7%2F67187-0.jpg%3Fcb%3De1c77b208ff89e03a042c0a33272b2f9&v=3&w=800&s=n8sOOUSlBdCBIjllMFL5IprS&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30438639
expires: Sat, 20 Jan 2024 09:13:11 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6082
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139300-0_1.jpg%3Fcb%3Ddb44b1040409844e7811e4e512795a8a&v=3&w=800&s=poVilhFmrLD_xS65QVkn_Lar&b=400
178.250.2.135200 OK 4.8 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139300-0_1.jpg%3Fcb%3Ddb44b1040409844e7811e4e512795a8a&v=3&w=800&s=poVilhFmrLD_xS65QVkn_Lar&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x270, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0bbeed0d30c19b5ea43d60cbe7d7c77b
a5caf3336dda32c303683c030d3311183fad8b75
b9f9db0c090cce1861088be7bbc5919da4de33a3ae653ff09dec92c395814a1b
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139300-0_1.jpg%3Fcb%3Ddb44b1040409844e7811e4e512795a8a&v=3&w=800&s=poVilhFmrLD_xS65QVkn_Lar&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30438618
expires: Sat, 20 Jan 2024 09:12:50 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4796
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F1%2F2191184-0_1.jpg%3Fcb%3D0b4dd83cd65ce9ed61ab57ec2a271119&v=3&w=800&s=7ihCy3WCbFgOsiDW5npJZmOE&b=400
178.250.2.135200 OK 19 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F1%2F2191184-0_1.jpg%3Fcb%3D0b4dd83cd65ce9ed61ab57ec2a271119&v=3&w=800&s=7ihCy3WCbFgOsiDW5npJZmOE&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 396x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2cd48a36e16adfc7fb3460d6bece6ced
3c25185af323417a0f15f780d0f9da36fa1b98c9
70b298c278f34770887044834a6c67eceeb9bfc8f51a56c5e198719e5b788f7c
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F1%2F2191184-0_1.jpg%3Fcb%3D0b4dd83cd65ce9ed61ab57ec2a271119&v=3&w=800&s=7ihCy3WCbFgOsiDW5npJZmOE&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30438808
expires: Sat, 20 Jan 2024 09:16:00 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 19424
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F0%2F30032095842-0_1.jpg%3Fcb%3Dcfabc3b41162a82703dc0e272efc4d72&v=3&w=800&s=LlEMZd2GwU0fXrHetdRFChyF&b=400
178.250.2.135200 OK 20 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F0%2F30032095842-0_1.jpg%3Fcb%3Dcfabc3b41162a82703dc0e272efc4d72&v=3&w=800&s=LlEMZd2GwU0fXrHetdRFChyF&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x368, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 214cc5f912f671846a03fb03fab0642f
65110020f7ffa9499a16d3ae08b750a66d9ffa17
11f57ff1794f3349c519bc03c48a703528eee62833252179f79fd92822856778
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F0%2F30032095842-0_1.jpg%3Fcb%3Dcfabc3b41162a82703dc0e272efc4d72&v=3&w=800&s=LlEMZd2GwU0fXrHetdRFChyF&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30438630
expires: Sat, 20 Jan 2024 09:13:02 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 20398
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F0%2F302761-0.jpg%3Fcb%3D3d8a0c2b5495bbd7c2606484841b2749&v=3&w=800&s=AWZgbeMmEO3NDfuKNCu3Vpf1&b=400
178.250.2.135200 OK 8.1 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F0%2F302761-0.jpg%3Fcb%3D3d8a0c2b5495bbd7c2606484841b2749&v=3&w=800&s=AWZgbeMmEO3NDfuKNCu3Vpf1&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 326x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7adca9904273b2842199cee2f7de917f
178899835a9b87e4165d570a53e1de449b2b37f8
c674c2b4b1e7ba9b8d2d78f225b845e74edaca479640f3384f2addef7e757ea1
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F0%2F302761-0.jpg%3Fcb%3D3d8a0c2b5495bbd7c2606484841b2749&v=3&w=800&s=AWZgbeMmEO3NDfuKNCu3Vpf1&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30892710
expires: Thu, 25 Jan 2024 15:21:02 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 8142
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F6%2F86300-0.jpg%3Fcb%3De0ce9c687b549ab55d415e7841940377&v=3&w=800&s=7wqa4AOOIy29M8jFwPLJpneT&b=400
178.250.2.135200 OK 12 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F6%2F86300-0.jpg%3Fcb%3De0ce9c687b549ab55d415e7841940377&v=3&w=800&s=7wqa4AOOIy29M8jFwPLJpneT&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x377, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 324dcbfe9095f2f8f50cd427e3688501
4bb0302f180293393572e07c6f3831e6c5d2c7fa
3f7ee165858d535cbbcdf11899c6aa966c85d81404e2f0e64fd282ba34f4b570
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F6%2F86300-0.jpg%3Fcb%3De0ce9c687b549ab55d415e7841940377&v=3&w=800&s=7wqa4AOOIy29M8jFwPLJpneT&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30584324
expires: Mon, 22 Jan 2024 01:41:16 GMT
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 11570
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2
178.250.0.130200 OK 17 kB URL HTTP/2 static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2
IP 178.250.0.130:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /design/googlefont/opensans/opensans-400-latin.woff2 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://static.criteo.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:02:32 GMT
content-type: text/plain; charset=UTF-8
content-length: 16740
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
etag: "6391f077-4164"
expires: Sun, 28 Jan 2024 02:02:32 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/googlefont/opensans/opensans-700-latin.woff2
178.250.0.130200 OK 16 kB URL HTTP/2 static.criteo.net/design/googlefont/opensans/opensans-700-latin.woff2
IP 178.250.0.130:0
File type Web Open Font Format (Version 2), TrueType, length 16372, version 1.0\012- data
Hash e45478d4d6f15dafda1f25d9e0fb5fa1
52cb490cd0ee4442ede034085cda9652b206f91c
d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72
GET /design/googlefont/opensans/opensans-700-latin.woff2 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://static.criteo.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:02:32 GMT
content-type: text/plain; charset=UTF-8
content-length: 16372
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
etag: "6391f079-3ff4"
expires: Sun, 28 Jan 2024 02:02:32 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=a2mfeNQWZFCNgP2Hc-UTtAVJui0-150WkTU4BHEUHpDHnKmSG5g43KqtQpQzNzPD_egwUNbBH28cld9YpXglZwttOXifZtHR12goA-dHqWwwZmaQEEyLupEjI6kJFP8QvbpVfpXw1IP6TGS0wTp6F09Sfd3M5OTAW28EHj7bdTJPq11SxWk3R4KlToV9xN5DS-x_8Chlbgb0QUx5qAPu-hpkBEZO8flAUyiwd-VHJnAyX1JPhsAqZ9ctBUFoKpSy5limi5ZX-O4aunWO&sds=2&rev=84569&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=a2mfeNQWZFCNgP2Hc-UTtAVJui0-150WkTU4BHEUHpDHnKmSG5g43KqtQpQzNzPD_egwUNbBH28cld9YpXglZwttOXifZtHR12goA-dHqWwwZmaQEEyLupEjI6kJFP8QvbpVfpXw1IP6TGS0wTp6F09Sfd3M5OTAW28EHj7bdTJPq11SxWk3R4KlToV9xN5DS-x_8Chlbgb0QUx5qAPu-hpkBEZO8flAUyiwd-VHJnAyX1JPhsAqZ9ctBUFoKpSy5limi5ZX-O4aunWO&sds=2&rev=84569&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=a2mfeNQWZFCNgP2Hc-UTtAVJui0-150WkTU4BHEUHpDHnKmSG5g43KqtQpQzNzPD_egwUNbBH28cld9YpXglZwttOXifZtHR12goA-dHqWwwZmaQEEyLupEjI6kJFP8QvbpVfpXw1IP6TGS0wTp6F09Sfd3M5OTAW28EHj7bdTJPq11SxWk3R4KlToV9xN5DS-x_8Chlbgb0QUx5qAPu-hpkBEZO8flAUyiwd-VHJnAyX1JPhsAqZ9ctBUFoKpSy5limi5ZX-O4aunWO&sds=2&rev=84569&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 36
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:32 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=Qm75pNQWZFCNgP2HAMGomFf-xAE4mH_UZ1iWoHVSZsP2YCuuRaaHPAWe4icSGRdv53F3ugDpLsZHJvqt9S6hDdkGKvSlzTgk_e7dxKgPpyWmy6Knftz95d4I8vUhZQsnseuH7yoLd2ilz0N9Ndb_onUPxUcW4uYlvPqsz2dLPwwkeaKXUxqB4M8-d4zwwWj-KgWVw2mDYKj5O1VTR3K_1FlqWOmHwN7Y70-NQYLMMpCzmzBzEgBkzX4Xds90ZErqFfx4KefK4_OV1H9d&sds=2&rev=84569&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=Qm75pNQWZFCNgP2HAMGomFf-xAE4mH_UZ1iWoHVSZsP2YCuuRaaHPAWe4icSGRdv53F3ugDpLsZHJvqt9S6hDdkGKvSlzTgk_e7dxKgPpyWmy6Knftz95d4I8vUhZQsnseuH7yoLd2ilz0N9Ndb_onUPxUcW4uYlvPqsz2dLPwwkeaKXUxqB4M8-d4zwwWj-KgWVw2mDYKj5O1VTR3K_1FlqWOmHwN7Y70-NQYLMMpCzmzBzEgBkzX4Xds90ZErqFfx4KefK4_OV1H9d&sds=2&rev=84569&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=Qm75pNQWZFCNgP2HAMGomFf-xAE4mH_UZ1iWoHVSZsP2YCuuRaaHPAWe4icSGRdv53F3ugDpLsZHJvqt9S6hDdkGKvSlzTgk_e7dxKgPpyWmy6Knftz95d4I8vUhZQsnseuH7yoLd2ilz0N9Ndb_onUPxUcW4uYlvPqsz2dLPwwkeaKXUxqB4M8-d4zwwWj-KgWVw2mDYKj5O1VTR3K_1FlqWOmHwN7Y70-NQYLMMpCzmzBzEgBkzX4Xds90ZErqFfx4KefK4_OV1H9d&sds=2&rev=84569&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 36
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:31 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y9sZtAAJr9EKexRNAA4FlGCgUkZo3mENtIwiAg&u=%7C0oES1MQzJcOmiE%2FC35BAaR6rX%2F9eOo2%2Bvk8y%2Bof7vTU%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiB7qASTXc9cdFetchOmr2L3wN8kwkVaRw5Lo5Yh1ekSl1GZdUHCA9Qddh5DDwlXwyWAqoHeHuSV75XjURhEOZbIr7GoBl3oVpDqZuQEJqjzf4tIDrqa8yQGB_SBgU-oqGW3PxFvEt94ctIN4r-DERzWCwqmEXAG29X9fs8VMZO_FUVNqOphvv3rO0ODicPiZSvTGF5y_4hlwctYp9Z9W8YZefHsel6oNkvKNCwaXjGYdNYNdnQYxgVMODZ2UM__G1IcL3q3aVcaX0uH4hxdzJhLLHIuZPtfLyo2LrpIXv7GTfVr88WKzXSrjSIcnCqQmURp0AbV_OLXMlGM-bBYmmPpv7nN4Lu1nNNhu8M5bGI74RgQ8umURgVS_vvKfbiXzvEsoBLHxzsultFBl98JMazAhJkHIQjfkmK3Mt0PhAiKyO8xIy5_wx5KuyljT8QkvRBiIOIqa2QXp37_C6hiveJHxZ9b_rhQbj6MIxJIO1DoSl6iRsxerFZQsGoGaP83VcwXC1GOTwf1YA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfI_QtBnbY9HfJs2o7AOUi7jgBMme0rFcxbKY93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCmlc-C7Vusj6oAwGqBMoCT9A1ELSUZmax2xkv5whXFvgRTRnAXvJSEfv3aFE8a1B69oVOGZgeFNqE5TRMoHibTJh67pqr9MAdlrzZVC6zkUscbC-OnRbuCQqfQ3q4cG2U-D-xEg6L1OYmWYY67p7cXln1aPqwiyIIgL3K7dPs--tnloMwsI8E_myYSiiJUU1Ts_la-CUUYaKi_mLdcKLUfHpTUhLMfEGtOZoXtSx13D6PnPUQhfxLHkVKHNKFD4d9YdfqDwUzWgttompY1miENniYPPsHPSPIZng1nnj_chb_UYHx0JYmunp43wE1ergj0Ryn23v35CqRB5y3G6x2hNo61V62IIRW6pZ0ZJI-5nilcUj5Lg9o-7ZUjhZDwp4yVzv38WPf5wN0GXZoi-GnoL5cZZGT2Gn9zm5Ycx1q8m-g56RrB94IUVSRz41O7kT_7PbxztjjWmn0gAbR4tTP0Jzk2tMBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3dnG_BPK_AoDCK0KvVeUHu4WIZ8w%26client%3Dca-pub-7309845525285029%26adurl%3D
178.250.0.138200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y9sZtAAJr9EKexRNAA4FlGCgUkZo3mENtIwiAg&u=%7C0oES1MQzJcOmiE%2FC35BAaR6rX%2F9eOo2%2Bvk8y%2Bof7vTU%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiB7qASTXc9cdFetchOmr2L3wN8kwkVaRw5Lo5Yh1ekSl1GZdUHCA9Qddh5DDwlXwyWAqoHeHuSV75XjURhEOZbIr7GoBl3oVpDqZuQEJqjzf4tIDrqa8yQGB_SBgU-oqGW3PxFvEt94ctIN4r-DERzWCwqmEXAG29X9fs8VMZO_FUVNqOphvv3rO0ODicPiZSvTGF5y_4hlwctYp9Z9W8YZefHsel6oNkvKNCwaXjGYdNYNdnQYxgVMODZ2UM__G1IcL3q3aVcaX0uH4hxdzJhLLHIuZPtfLyo2LrpIXv7GTfVr88WKzXSrjSIcnCqQmURp0AbV_OLXMlGM-bBYmmPpv7nN4Lu1nNNhu8M5bGI74RgQ8umURgVS_vvKfbiXzvEsoBLHxzsultFBl98JMazAhJkHIQjfkmK3Mt0PhAiKyO8xIy5_wx5KuyljT8QkvRBiIOIqa2QXp37_C6hiveJHxZ9b_rhQbj6MIxJIO1DoSl6iRsxerFZQsGoGaP83VcwXC1GOTwf1YA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfI_QtBnbY9HfJs2o7AOUi7jgBMme0rFcxbKY93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCmlc-C7Vusj6oAwGqBMoCT9A1ELSUZmax2xkv5whXFvgRTRnAXvJSEfv3aFE8a1B69oVOGZgeFNqE5TRMoHibTJh67pqr9MAdlrzZVC6zkUscbC-OnRbuCQqfQ3q4cG2U-D-xEg6L1OYmWYY67p7cXln1aPqwiyIIgL3K7dPs--tnloMwsI8E_myYSiiJUU1Ts_la-CUUYaKi_mLdcKLUfHpTUhLMfEGtOZoXtSx13D6PnPUQhfxLHkVKHNKFD4d9YdfqDwUzWgttompY1miENniYPPsHPSPIZng1nnj_chb_UYHx0JYmunp43wE1ergj0Ryn23v35CqRB5y3G6x2hNo61V62IIRW6pZ0ZJI-5nilcUj5Lg9o-7ZUjhZDwp4yVzv38WPf5wN0GXZoi-GnoL5cZZGT2Gn9zm5Ycx1q8m-g56RrB94IUVSRz41O7kT_7PbxztjjWmn0gAbR4tTP0Jzk2tMBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3dnG_BPK_AoDCK0KvVeUHu4WIZ8w%26client%3Dca-pub-7309845525285029%26adurl%3D
IP 178.250.0.138:0
GET /delivery/r/afr.php?z=Y9sZtAAJr9EKexRNAA4FlGCgUkZo3mENtIwiAg&u=%7C0oES1MQzJcOmiE%2FC35BAaR6rX%2F9eOo2%2Bvk8y%2Bof7vTU%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiB7qASTXc9cdFetchOmr2L3wN8kwkVaRw5Lo5Yh1ekSl1GZdUHCA9Qddh5DDwlXwyWAqoHeHuSV75XjURhEOZbIr7GoBl3oVpDqZuQEJqjzf4tIDrqa8yQGB_SBgU-oqGW3PxFvEt94ctIN4r-DERzWCwqmEXAG29X9fs8VMZO_FUVNqOphvv3rO0ODicPiZSvTGF5y_4hlwctYp9Z9W8YZefHsel6oNkvKNCwaXjGYdNYNdnQYxgVMODZ2UM__G1IcL3q3aVcaX0uH4hxdzJhLLHIuZPtfLyo2LrpIXv7GTfVr88WKzXSrjSIcnCqQmURp0AbV_OLXMlGM-bBYmmPpv7nN4Lu1nNNhu8M5bGI74RgQ8umURgVS_vvKfbiXzvEsoBLHxzsultFBl98JMazAhJkHIQjfkmK3Mt0PhAiKyO8xIy5_wx5KuyljT8QkvRBiIOIqa2QXp37_C6hiveJHxZ9b_rhQbj6MIxJIO1DoSl6iRsxerFZQsGoGaP83VcwXC1GOTwf1YA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfI_QtBnbY9HfJs2o7AOUi7jgBMme0rFcxbKY93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCmlc-C7Vusj6oAwGqBMoCT9A1ELSUZmax2xkv5whXFvgRTRnAXvJSEfv3aFE8a1B69oVOGZgeFNqE5TRMoHibTJh67pqr9MAdlrzZVC6zkUscbC-OnRbuCQqfQ3q4cG2U-D-xEg6L1OYmWYY67p7cXln1aPqwiyIIgL3K7dPs--tnloMwsI8E_myYSiiJUU1Ts_la-CUUYaKi_mLdcKLUfHpTUhLMfEGtOZoXtSx13D6PnPUQhfxLHkVKHNKFD4d9YdfqDwUzWgttompY1miENniYPPsHPSPIZng1nnj_chb_UYHx0JYmunp43wE1ergj0Ryn23v35CqRB5y3G6x2hNo61V62IIRW6pZ0ZJI-5nilcUj5Lg9o-7ZUjhZDwp4yVzv38WPf5wN0GXZoi-GnoL5cZZGT2Gn9zm5Ycx1q8m-g56RrB94IUVSRz41O7kT_7PbxztjjWmn0gAbR4tTP0Jzk2tMBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3dnG_BPK_AoDCK0KvVeUHu4WIZ8w%26client%3Dca-pub-7309845525285029%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:30 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=a2mfeNQWZFCNgP2Hc-UTtAVJui0-150WkTU4BHEUHpDHnKmSG5g43KqtQpQzNzPD_egwUNbBH28cld9YpXglZwttOXifZtHR12goA-dHqWwwZmaQEEyLupEjI6kJFP8QvbpVfpXw1IP6TGS0wTp6F09Sfd3M5OTAW28EHj7bdTJPq11SxWk3R4KlToV9xN5DS-x_8Chlbgb0QUx5qAPu-hpkBEZO8flAUyiwd-VHJnAyX1JPhsAqZ9ctBUFoKpSy5limi5ZX-O4aunWO"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 92869686
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
188.114.99.234200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
IP 188.114.99.234:0
GET /font-awesome/4.6.1/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:26 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
cdn-edgestorageid: 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-03 22:46:19
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: b43941af4bb8e32ed6d04a6a37617f28
cdn-cache: HIT
cf-cache-status: HIT
age: 1202093
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792f58394ef9b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.78200 OK 0 B URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.78:0
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 02 Feb 2023 01:45:20 GMT
expires: Thu, 02 Feb 2023 03:45:20 GMT
cache-control: public, max-age=7200
age: 1026
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.criteo.net/design/googlefont/opensans/opensans-400.css
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/design/googlefont/opensans/opensans-400.css
IP 178.250.0.130:0
GET /design/googlefont/opensans/opensans-400.css HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:02:31 GMT
content-type: text/css
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
etag: W/"6391f077-9fe"
expires: Sun, 28 Jan 2024 02:02:31 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=beR3L3xNsy-yKT2QHB61fxqL7WgfQFmH4QCt4pCCMLAyV7RYMZmmtOcd8C9WqraCxOQkOcZO7n47JCmlQTHQKhuKfnf4ol7fUJcrz9ZEXh_jT0-dDUphMZHWNHjJeiE4u1_UxnjqVJDlYblk20HnOG2gRGfXMW7dfePCkgynVC7V6Qofs3rJMOHEbr3MVhw8Huvs-4fBuh7lvYY-xURGWokRmw1kIRfecbq-ASBNfyd8G0cFp4FTUKpSk6ggQhUiJl8NohT6HcJ7cCf0ut8aaZidtEYT-mxEcb_Z0DL7tqP2hqzHcg5fcwv59-0MgSEIKTIHJMv2XBMDkmw8UfHxsjm4wFVGALh5l7PxfcvH6L6zx5WQxYYwIIieNkuibNHLxk6qeO8u8KMSbWXEjkMJb_YY563QnYPB1nLTtUXNfGG3Hl1-HeHtvCGCnIHdp7ot03Lc1Q
178.250.0.160200 OK 0 B URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=beR3L3xNsy-yKT2QHB61fxqL7WgfQFmH4QCt4pCCMLAyV7RYMZmmtOcd8C9WqraCxOQkOcZO7n47JCmlQTHQKhuKfnf4ol7fUJcrz9ZEXh_jT0-dDUphMZHWNHjJeiE4u1_UxnjqVJDlYblk20HnOG2gRGfXMW7dfePCkgynVC7V6Qofs3rJMOHEbr3MVhw8Huvs-4fBuh7lvYY-xURGWokRmw1kIRfecbq-ASBNfyd8G0cFp4FTUKpSk6ggQhUiJl8NohT6HcJ7cCf0ut8aaZidtEYT-mxEcb_Z0DL7tqP2hqzHcg5fcwv59-0MgSEIKTIHJMv2XBMDkmw8UfHxsjm4wFVGALh5l7PxfcvH6L6zx5WQxYYwIIieNkuibNHLxk6qeO8u8KMSbWXEjkMJb_YY563QnYPB1nLTtUXNfGG3Hl1-HeHtvCGCnIHdp7ot03Lc1Q
IP 178.250.0.160:0
GET /delivery/lg.php?cppv=3&cpp=beR3L3xNsy-yKT2QHB61fxqL7WgfQFmH4QCt4pCCMLAyV7RYMZmmtOcd8C9WqraCxOQkOcZO7n47JCmlQTHQKhuKfnf4ol7fUJcrz9ZEXh_jT0-dDUphMZHWNHjJeiE4u1_UxnjqVJDlYblk20HnOG2gRGfXMW7dfePCkgynVC7V6Qofs3rJMOHEbr3MVhw8Huvs-4fBuh7lvYY-xURGWokRmw1kIRfecbq-ASBNfyd8G0cFp4FTUKpSk6ggQhUiJl8NohT6HcJ7cCf0ut8aaZidtEYT-mxEcb_Z0DL7tqP2hqzHcg5fcwv59-0MgSEIKTIHJMv2XBMDkmw8UfHxsjm4wFVGALh5l7PxfcvH6L6zx5WQxYYwIIieNkuibNHLxk6qeO8u8KMSbWXEjkMJb_YY563QnYPB1nLTtUXNfGG3Hl1-HeHtvCGCnIHdp7ot03Lc1Q HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:31 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3386679
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
3.bp.blogspot.com/-FmB8ZZHFKdE/Wb_oD3m_tRI/AAAAAAAAkVc/UjbME4XLWkI2mF68AjTVEtsgur8kLL_eQCLcBGAs/w72-h72-p-k-no-nu/dort_buyuk_melek.JPG
142.250.74.161200 OK 0 B URL HTTP/2 3.bp.blogspot.com/-FmB8ZZHFKdE/Wb_oD3m_tRI/AAAAAAAAkVc/UjbME4XLWkI2mF68AjTVEtsgur8kLL_eQCLcBGAs/w72-h72-p-k-no-nu/dort_buyuk_melek.JPG
IP 142.250.74.161:0
GET /-FmB8ZZHFKdE/Wb_oD3m_tRI/AAAAAAAAkVc/UjbME4XLWkI2mF68AjTVEtsgur8kLL_eQCLcBGAs/w72-h72-p-k-no-nu/dort_buyuk_melek.JPG HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v9158"
expires: Fri, 03 Feb 2023 02:02:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="dort_buyuk_melek.JPG"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 02:02:26 GMT
server: fife
content-length: 5409
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y9sZtAAKalUKGFMFAAkkvK710QHj-U-pUb_AjA&u=%7C0oES1MQzJcO70uNWmhenI826wLZceawgscu%2FT2OtjnU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XSt65XcMk17Pbb-FfKVtSwgwm2Eqm_pcNSbyg94CuefjXQJHyISTbo0aBzWyGO6CYWUKY_XcY5IQmNiURgpsQkY2WgaJj_KnkodZbOenkvjJPGYwQGU2818baaYVe0XB-CP0YWbD7BFOpG4Qe7SazdRLaWw9BOQx0JGvbyb5MW_e5L-MhqwwYIiZYc6szrCkKKgR15kBSv7Z0QE0aOumfGf-gHxvxgYBTFniOKfApdzozv-Xc6_RlZ38lqHenU4v9G6MFBxlpRN5PyfgX9R6gcpTi6W6c7DxqXn4WzCgCwEKIuA8_GORZzDHeuE7cNWB16ZhwPVvpBVWJX4EMfbIUAk_IThb41cP3xLL7rcqwLGfoDCW636U2vWO0SLB2z-eiBKNAtxCf-_1qMik20r4WkOoK74Adkyuxy_QegPsan38CS6m8gFmgp56rWnefG-TZo-S_pbvQo_231IhB4QYOTOgM0FsjCjnoUr8M6WkKT6tu05719uhAhENWOU12gWTCMERc8OR2EsX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvTeVtBnbY9XUKYWmYbzJpNgByZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi03MzA5ODQ1NTI1Mjg1MDI5yAEJqQKaVz4LtW6yPqgDAaoE0AJP0LgEy6607Mc8HUwHkZPTfhhwPBr_bFoFHXUO95jBu2I9qC4oHaUyluSlFmbh_T8ZwoifpNa6qSwRqKw1ZrjKxKeIsQLPeh7SLaboFgNd3fyNqU9UaiGVairy3eghGVwwJz5w3_U-aoPbb9jYqsFO1ZE6TYSw7-hFL_LLb0zeHMJMp02MXcWOt3Y3d0rZojcmBdW1LT9ROOqCnBl7JKzGR2YuIfcD4Cd6WcYS9SRrC3N7trSQBsW_0N4n4YXsQ4A491WQA-GsU177nfcEL5CGGaDvpl9O9O2uUcUJxC5HdlVa6Fxj_NrmmDoKNGCrdZZa-8eV0n-uo80gZbwEiQtIS8R2ZyySo0YEXXEpR-Np9NNl8KJh6wbE-A2jldZjP_4jsJFYmbDP3VTWWaYYWJdhe9xvDyL6jqXDTxIzhxadETDB5-9ewRVJKsZVVoCvpxSABt2t4pzGm42riwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OI_gXXX9FnF_X3qrWb54lQVAMTQ%26client%3Dca-pub-7309845525285029%26adurl%3D
178.250.0.138200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y9sZtAAKalUKGFMFAAkkvK710QHj-U-pUb_AjA&u=%7C0oES1MQzJcO70uNWmhenI826wLZceawgscu%2FT2OtjnU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XSt65XcMk17Pbb-FfKVtSwgwm2Eqm_pcNSbyg94CuefjXQJHyISTbo0aBzWyGO6CYWUKY_XcY5IQmNiURgpsQkY2WgaJj_KnkodZbOenkvjJPGYwQGU2818baaYVe0XB-CP0YWbD7BFOpG4Qe7SazdRLaWw9BOQx0JGvbyb5MW_e5L-MhqwwYIiZYc6szrCkKKgR15kBSv7Z0QE0aOumfGf-gHxvxgYBTFniOKfApdzozv-Xc6_RlZ38lqHenU4v9G6MFBxlpRN5PyfgX9R6gcpTi6W6c7DxqXn4WzCgCwEKIuA8_GORZzDHeuE7cNWB16ZhwPVvpBVWJX4EMfbIUAk_IThb41cP3xLL7rcqwLGfoDCW636U2vWO0SLB2z-eiBKNAtxCf-_1qMik20r4WkOoK74Adkyuxy_QegPsan38CS6m8gFmgp56rWnefG-TZo-S_pbvQo_231IhB4QYOTOgM0FsjCjnoUr8M6WkKT6tu05719uhAhENWOU12gWTCMERc8OR2EsX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvTeVtBnbY9XUKYWmYbzJpNgByZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi03MzA5ODQ1NTI1Mjg1MDI5yAEJqQKaVz4LtW6yPqgDAaoE0AJP0LgEy6607Mc8HUwHkZPTfhhwPBr_bFoFHXUO95jBu2I9qC4oHaUyluSlFmbh_T8ZwoifpNa6qSwRqKw1ZrjKxKeIsQLPeh7SLaboFgNd3fyNqU9UaiGVairy3eghGVwwJz5w3_U-aoPbb9jYqsFO1ZE6TYSw7-hFL_LLb0zeHMJMp02MXcWOt3Y3d0rZojcmBdW1LT9ROOqCnBl7JKzGR2YuIfcD4Cd6WcYS9SRrC3N7trSQBsW_0N4n4YXsQ4A491WQA-GsU177nfcEL5CGGaDvpl9O9O2uUcUJxC5HdlVa6Fxj_NrmmDoKNGCrdZZa-8eV0n-uo80gZbwEiQtIS8R2ZyySo0YEXXEpR-Np9NNl8KJh6wbE-A2jldZjP_4jsJFYmbDP3VTWWaYYWJdhe9xvDyL6jqXDTxIzhxadETDB5-9ewRVJKsZVVoCvpxSABt2t4pzGm42riwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OI_gXXX9FnF_X3qrWb54lQVAMTQ%26client%3Dca-pub-7309845525285029%26adurl%3D
IP 178.250.0.138:0
GET /delivery/r/afr.php?z=Y9sZtAAKalUKGFMFAAkkvK710QHj-U-pUb_AjA&u=%7C0oES1MQzJcO70uNWmhenI826wLZceawgscu%2FT2OtjnU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XSt65XcMk17Pbb-FfKVtSwgwm2Eqm_pcNSbyg94CuefjXQJHyISTbo0aBzWyGO6CYWUKY_XcY5IQmNiURgpsQkY2WgaJj_KnkodZbOenkvjJPGYwQGU2818baaYVe0XB-CP0YWbD7BFOpG4Qe7SazdRLaWw9BOQx0JGvbyb5MW_e5L-MhqwwYIiZYc6szrCkKKgR15kBSv7Z0QE0aOumfGf-gHxvxgYBTFniOKfApdzozv-Xc6_RlZ38lqHenU4v9G6MFBxlpRN5PyfgX9R6gcpTi6W6c7DxqXn4WzCgCwEKIuA8_GORZzDHeuE7cNWB16ZhwPVvpBVWJX4EMfbIUAk_IThb41cP3xLL7rcqwLGfoDCW636U2vWO0SLB2z-eiBKNAtxCf-_1qMik20r4WkOoK74Adkyuxy_QegPsan38CS6m8gFmgp56rWnefG-TZo-S_pbvQo_231IhB4QYOTOgM0FsjCjnoUr8M6WkKT6tu05719uhAhENWOU12gWTCMERc8OR2EsX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvTeVtBnbY9XUKYWmYbzJpNgByZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi03MzA5ODQ1NTI1Mjg1MDI5yAEJqQKaVz4LtW6yPqgDAaoE0AJP0LgEy6607Mc8HUwHkZPTfhhwPBr_bFoFHXUO95jBu2I9qC4oHaUyluSlFmbh_T8ZwoifpNa6qSwRqKw1ZrjKxKeIsQLPeh7SLaboFgNd3fyNqU9UaiGVairy3eghGVwwJz5w3_U-aoPbb9jYqsFO1ZE6TYSw7-hFL_LLb0zeHMJMp02MXcWOt3Y3d0rZojcmBdW1LT9ROOqCnBl7JKzGR2YuIfcD4Cd6WcYS9SRrC3N7trSQBsW_0N4n4YXsQ4A491WQA-GsU177nfcEL5CGGaDvpl9O9O2uUcUJxC5HdlVa6Fxj_NrmmDoKNGCrdZZa-8eV0n-uo80gZbwEiQtIS8R2ZyySo0YEXXEpR-Np9NNl8KJh6wbE-A2jldZjP_4jsJFYmbDP3VTWWaYYWJdhe9xvDyL6jqXDTxIzhxadETDB5-9ewRVJKsZVVoCvpxSABt2t4pzGm42riwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OI_gXXX9FnF_X3qrWb54lQVAMTQ%26client%3Dca-pub-7309845525285029%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:30 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Qm75pNQWZFCNgP2HAMGomFf-xAE4mH_UZ1iWoHVSZsP2YCuuRaaHPAWe4icSGRdv53F3ugDpLsZHJvqt9S6hDdkGKvSlzTgk_e7dxKgPpyWmy6Knftz95d4I8vUhZQsnseuH7yoLd2ilz0N9Ndb_onUPxUcW4uYlvPqsz2dLPwwkeaKXUxqB4M8-d4zwwWj-KgWVw2mDYKj5O1VTR3K_1FlqWOmHwN7Y70-NQYLMMpCzmzBzEgBkzX4Xds90ZErqFfx4KefK4_OV1H9d"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 127632471
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2